diff options
author | Renato Botelho <renato@netgate.com> | 2017-04-20 16:22:46 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2017-04-20 16:22:46 -0300 |
commit | 91dd40af345322d7f6786c16b5ffdda79e0092f1 (patch) | |
tree | 254bbb9666de3a3bab823235b7fca06ec57b63e2 /src | |
parent | d900c7f6196e90ccd429a7a132f78550d26fc654 (diff) | |
parent | a8bee7cc68362fda875aaa6d50c64c5867175f21 (diff) | |
download | pfsense-91dd40af345322d7f6786c16b5ffdda79e0092f1.zip pfsense-91dd40af345322d7f6786c16b5ffdda79e0092f1.tar.gz |
Merge pull request #3700 from phil-davis/ifgwadd
Diffstat (limited to 'src')
-rw-r--r-- | src/etc/inc/gwlb.inc | 475 | ||||
-rwxr-xr-x | src/usr/local/www/interfaces.php | 232 | ||||
-rw-r--r-- | src/usr/local/www/system_gateways.php | 7 | ||||
-rw-r--r-- | src/usr/local/www/system_gateways_edit.php | 445 |
4 files changed, 584 insertions, 575 deletions
diff --git a/src/etc/inc/gwlb.inc b/src/etc/inc/gwlb.inc index cba07b4..1e927f5 100644 --- a/src/etc/inc/gwlb.inc +++ b/src/etc/inc/gwlb.inc @@ -521,8 +521,13 @@ function return_gateways_status_text($byname = false, $brief = false) { return $output; } -/* Return all configured gateways on the system */ -function return_gateways_array($disabled = false, $localhost = false, $inactive = false) { +/* Return all configured gateways on the system + $disabled = true - include gateways that are disabled + $localhost = true - include "Null" entries for localhost IP addresses + $inactive = true - include gateways on inactive interfaces + $integer_index = true - index the returned array by integers 0,1,2,... instead of by GW name +*/ +function return_gateways_array($disabled = false, $localhost = false, $inactive = false, $integer_index = false) { global $config, $g; $gateways_arr = array(); @@ -864,6 +869,11 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive $gateways_arr['Null4'] = $gwlo4; $gateways_arr['Null6'] = $gwlo6; } + + if ($integer_index) { + $gateways_arr = array_values($gateways_arr); + } + return($gateways_arr); } @@ -1323,4 +1333,465 @@ function gateway_is_gwgroup_member($name) { return $members; } +/* + Check the proposed gateway settings to see if they are valid. + $gateway_settings - the proposed array of proposed gateway settings + $id - the index of the gateway proposed to be modified (otherwise "" if adding a new gateway) + $parent_ip - the IP (v4 or v6) address about to be set on the corresponding interface (if any) + $parent_sn - the subnet about to be set on the corresponding interface (if any) + (Note: the above 2 parameters allow gateway parameters to be validated concurrently with saving + an interface, before the new interface parameters are actually saved in the config.) + Return completed $input_errors array if there is any problem. + Otherwise return an empty $input_errors array +*/ +function validate_gateway($gateway_settings, $id = "", $parent_ip = "", $parent_sn = "") { + global $config; + + $a_gateways = return_gateways_array(true, false, true, true); + $input_errors = array(); + + /* input validation */ + $reqdfields = explode(" ", "name interface"); + $reqdfieldsn = array(gettext("Name"), gettext("Interface")); + + do_input_validation($gateway_settings, $reqdfields, $reqdfieldsn, $input_errors); + + if (!isset($gateway_settings['name'])) { + $input_errors[] = "A valid gateway name must be specified."; + } + if (!is_validaliasname($gateway_settings['name'])) { + $input_errors[] = invalidaliasnamemsg($gateway_settings['name'], gettext("gateway")); + } else if (isset($gateway_settings['disabled'])) { + // We have a valid gateway name that the user wants to mark as disabled. + // Check if the gateway name is used in any gateway group. + if (is_array($config['gateways']['gateway_group'])) { + foreach ($config['gateways']['gateway_group'] as $group) { + foreach ($group['item'] as $item) { + $items = explode("|", $item); + if ($items[0] == $gateway_settings['name']) { + $input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use on Gateway Group "%2$s"'), $gateway_settings['name'], $group['name']); + } + } + } + } + + // Check if the gateway name is used in any enabled Static Route. + if (is_array($config['staticroutes']['route'])) { + foreach ($config['staticroutes']['route'] as $route) { + if ($route['gateway'] == $gateway_settings['name']) { + if (!isset($route['disabled'])) { + // There is a static route that uses this gateway and is enabled (not disabled). + $input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use on Static Route "%2$s"'), $gateway_settings['name'], $route['network']); + } + } + } + } + } + /* skip system gateways which have been automatically added */ + if (($gateway_settings['gateway'] && (!is_ipaddr($gateway_settings['gateway'])) && ($gateway_settings['attribute'] !== "system")) && ($gateway_settings['gateway'] != "dynamic")) { + $input_errors[] = gettext("A valid gateway IP address must be specified."); + } + + if ($gateway_settings['gateway'] && is_ipaddr($gateway_settings['gateway'])) { + if (is_ipaddrv4($gateway_settings['gateway'])) { + if ($parent_ip == '') { + $parent_ip = get_interface_ip($gateway_settings['interface']); + $parent_sn = get_interface_subnet($gateway_settings['interface']); + } + if (empty($parent_ip) || empty($parent_sn)) { + $input_errors[] = gettext("Cannot add IPv4 Gateway Address because no IPv4 address could be found on the interface."); + } elseif (!isset($gateway_settings["nonlocalgateway"])) { + $subnets = array(gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn); + $vips = link_interface_to_vips($gateway_settings['interface']); + if (is_array($vips)) { + foreach ($vips as $vip) { + if (!is_ipaddrv4($vip['subnet'])) { + continue; + } + $subnets[] = gen_subnet($vip['subnet'], $vip['subnet_bits']) . "/" . $vip['subnet_bits']; + } + } + + $found = false; + foreach ($subnets as $subnet) { + if (ip_in_subnet($gateway_settings['gateway'], $subnet)) { + $found = true; + break; + } + } + + if ($found === false) { + $input_errors[] = sprintf(gettext("The gateway address %s does not lie within one of the chosen interface's subnets."), $gateway_settings['gateway']); + } + } + } else if (is_ipaddrv6($gateway_settings['gateway'])) { + /* do not do a subnet match on a link local address, it's valid */ + if (!is_linklocal($gateway_settings['gateway'])) { + if ($parent_ip == '') { + $parent_ip = get_interface_ipv6($gateway_settings['interface']); + $parent_sn = get_interface_subnetv6($gateway_settings['interface']); + } + if (empty($parent_ip) || empty($parent_sn)) { + $input_errors[] = gettext("Cannot add IPv6 Gateway Address because no IPv6 address could be found on the interface."); + } elseif (!isset($gateway_settings["nonlocalgateway"])) { + $subnets = array(gen_subnetv6($parent_ip, $parent_sn) . "/" . $parent_sn); + $vips = link_interface_to_vips($gateway_settings['interface']); + if (is_array($vips)) { + foreach ($vips as $vip) { + if (!is_ipaddrv6($vip['subnet'])) { + continue; + } + $subnets[] = gen_subnetv6($vip['subnet'], $vip['subnet_bits']) . "/" . $vip['subnet_bits']; + } + } + + $found = false; + foreach ($subnets as $subnet) { + if (ip_in_subnet($gateway_settings['gateway'], $subnet)) { + $found = true; + break; + } + } + + if ($found === false) { + $input_errors[] = sprintf(gettext("The gateway address %s does not lie within one of the chosen interface's subnets."), $gateway_settings['gateway']); + } + } + } + } + + if (!empty($config['interfaces'][$gateway_settings['interface']]['ipaddr'])) { + if (is_ipaddr($config['interfaces'][$gateway_settings['interface']]['ipaddr']) && (empty($gateway_settings['gateway']) || $gateway_settings['gateway'] == "dynamic")) { + $input_errors[] = gettext("Dynamic gateway values cannot be specified for interfaces with a static IPv4 configuration."); + } + } + if (!empty($config['interfaces'][$gateway_settings['interface']]['ipaddrv6'])) { + if (is_ipaddr($config['interfaces'][$gateway_settings['interface']]['ipaddrv6']) && (empty($gateway_settings['gateway']) || $gateway_settings['gateway'] == "dynamic")) { + $input_errors[] = gettext("Dynamic gateway values cannot be specified for interfaces with a static IPv6 configuration."); + } + } + } + if (($gateway_settings['monitor'] != "") && ($gateway_settings['monitor'] != "dynamic")) { + validateipaddr($gateway_settings['monitor'], IPV4V6, "Monitor IP", $input_errors, false); + } + if (isset($gateway_settings['data_payload']) && is_numeric($gateway_settings['data_payload']) && $gateway_settings['data_payload'] < 0) { + $input_errors[] = gettext("A valid data payload must be specified."); + } + /* only allow correct IPv4 and IPv6 gateway addresses */ + if (($gateway_settings['gateway'] <> "") && is_ipaddr($gateway_settings['gateway']) && $gateway_settings['gateway'] != "dynamic") { + if (is_ipaddrv6($gateway_settings['gateway']) && ($gateway_settings['ipprotocol'] == "inet")) { + $input_errors[] = sprintf(gettext("The IPv6 gateway address '%s' can not be used as a IPv4 gateway."), $gateway_settings['gateway']); + } + if (is_ipaddrv4($gateway_settings['gateway']) && ($gateway_settings['ipprotocol'] == "inet6")) { + $input_errors[] = sprintf(gettext("The IPv4 gateway address '%s' can not be used as a IPv6 gateway."), $gateway_settings['gateway']); + } + } + /* only allow correct IPv4 and IPv6 monitor addresses */ + if (($gateway_settings['monitor'] <> "") && is_ipaddr($gateway_settings['monitor']) && $gateway_settings['monitor'] != "dynamic") { + if (is_ipaddrv6($gateway_settings['monitor']) && ($gateway_settings['ipprotocol'] == "inet")) { + $input_errors[] = sprintf(gettext("The IPv6 monitor address '%s' can not be used on a IPv4 gateway."), $gateway_settings['monitor']); + } + if (is_ipaddrv4($gateway_settings['monitor']) && ($gateway_settings['ipprotocol'] == "inet6")) { + $input_errors[] = sprintf(gettext("The IPv4 monitor address '%s' can not be used on a IPv6 gateway."), $gateway_settings['monitor']); + } + } + + if (isset($gateway_settings['name'])) { + /* check for overlaps */ + foreach ($a_gateways as $gateway) { + if (isset($id) && ($a_gateways[$id]) && ($a_gateways[$id] === $gateway)) { + if ($gateway['name'] != $gateway_settings['name']) { + $input_errors[] = gettext("Changing name on a gateway is not allowed."); + } + continue; + } + if ($gateway_settings['name'] <> "") { + if (($gateway['name'] <> "") && ($gateway_settings['name'] == $gateway['name']) && ($gateway['attribute'] !== "system")) { + $input_errors[] = sprintf(gettext('The gateway name "%s" already exists.'), $gateway_settings['name']); + break; + } + } + if (is_ipaddr($gateway_settings['gateway'])) { + if (($gateway['gateway'] <> "") && ($gateway_settings['gateway'] == $gateway['gateway']) && ($gateway['attribute'] !== "system")) { + $input_errors[] = sprintf(gettext('The gateway IP address "%s" already exists.'), $gateway_settings['gateway']); + break; + } + } + if (is_ipaddr($gateway_settings['monitor'])) { + if (($gateway['monitor'] <> "") && ($gateway_settings['monitor'] == $gateway['monitor']) && ($gateway['attribute'] !== "system")) { + $input_errors[] = sprintf(gettext('The monitor IP address "%s" is already in use. A different monitor IP must be chosen.'), $gateway_settings['monitor']); + break; + } + } + } + } + + /* input validation of dpinger advanced parameters */ + + $dpinger_default = return_dpinger_defaults(); + $latencylow = $dpinger_default['latencylow']; + if ($gateway_settings['latencylow']) { + if (!is_numeric($gateway_settings['latencylow'])) { + $input_errors[] = gettext("The low latency threshold needs to be a numeric value."); + } else if ($gateway_settings['latencylow'] < 1) { + $input_errors[] = gettext("The low latency threshold needs to be positive."); + } else { + $latencylow = $gateway_settings['latencylow']; + } + } + + $latencyhigh = $dpinger_default['latencyhigh']; + if ($gateway_settings['latencyhigh']) { + if (!is_numeric($gateway_settings['latencyhigh'])) { + $input_errors[] = gettext("The high latency threshold needs to be a numeric value."); + } else if ($gateway_settings['latencyhigh'] < 1) { + $input_errors[] = gettext("The high latency threshold needs to be positive."); + } else { + $latencyhigh = $gateway_settings['latencyhigh']; + } + } + + $losslow = $dpinger_default['losslow']; + if ($gateway_settings['losslow']) { + if (!is_numeric($gateway_settings['losslow'])) { + $input_errors[] = gettext("The low Packet Loss threshold needs to be a numeric value."); + } else if ($gateway_settings['losslow'] < 1) { + $input_errors[] = gettext("The low Packet Loss threshold needs to be positive."); + } else if ($gateway_settings['losslow'] >= 100) { + $input_errors[] = gettext("The low Packet Loss threshold needs to be less than 100."); + } else { + $losslow = $gateway_settings['losslow']; + } + } + + $losshigh = $dpinger_default['losshigh']; + if ($gateway_settings['losshigh']) { + if (!is_numeric($gateway_settings['losshigh'])) { + $input_errors[] = gettext("The high Packet Loss threshold needs to be a numeric value."); + } else if ($gateway_settings['losshigh'] < 1) { + $input_errors[] = gettext("The high Packet Loss threshold needs to be positive."); + } else if ($gateway_settings['losshigh'] > 100) { + $input_errors[] = gettext("The high Packet Loss threshold needs to be 100 or less."); + } else { + $losshigh = $gateway_settings['losshigh']; + } + } + + $time_period = $dpinger_default['time_period']; + if ($gateway_settings['time_period']) { + if (!is_numeric($gateway_settings['time_period'])) { + $input_errors[] = gettext("The time period over which results are averaged needs to be a numeric value."); + } else if ($gateway_settings['time_period'] < 1) { + $input_errors[] = gettext("The time period over which results are averaged needs to be positive."); + } else { + $time_period = $gateway_settings['time_period']; + } + } + + $interval = $dpinger_default['interval']; + if ($gateway_settings['interval']) { + if (!is_numeric($gateway_settings['interval'])) { + $input_errors[] = gettext("The probe interval needs to be a numeric value."); + } else if ($gateway_settings['interval'] < 1) { + $input_errors[] = gettext("The probe interval needs to be positive."); + } else { + $interval = $gateway_settings['interval']; + } + } + + $loss_interval = $dpinger_default['loss_interval']; + if ($gateway_settings['loss_interval']) { + if (!is_numeric($gateway_settings['loss_interval'])) { + $input_errors[] = gettext("The loss interval needs to be a numeric value."); + } else if ($gateway_settings['loss_interval'] < 1) { + $input_errors[] = gettext("The loss interval setting needs to be positive."); + } else { + $loss_interval = $gateway_settings['loss_interval']; + } + } + + $alert_interval = $dpinger_default['alert_interval']; + if ($gateway_settings['alert_interval']) { + if (!is_numeric($gateway_settings['alert_interval'])) { + $input_errors[] = gettext("The alert interval needs to be a numeric value."); + } else if ($gateway_settings['alert_interval'] < 1) { + $input_errors[] = gettext("The alert interval setting needs to be positive."); + } else { + $alert_interval = $gateway_settings['alert_interval']; + } + } + + if ($latencylow >= $latencyhigh) { + $input_errors[] = gettext( + "The high latency threshold needs to be greater than the low latency threshold"); + } + + if ($losslow >= $losshigh) { + $input_errors[] = gettext( + "The high packet loss threshold needs to be higher than the low packet loss threshold"); + } + + // If the loss interval is less than latencyhigh, then high latency could never be recorded + // because those high latency packets would be considered as lost. So do not allow that. + if ($latencyhigh > $loss_interval) { + $input_errors[] = gettext("The loss interval needs to be greater than or equal to the high latency threshold."); + } + + // Ensure that the time period is greater than 2 times the probe interval plus the loss interval. + if (($interval * 2 + $loss_interval) >= $time_period) { + $input_errors[] = gettext("The time period needs to be greater than twice the probe interval plus the loss interval."); + } + + // There is no point recalculating the average latency and loss more often than the probe interval. + // So the alert interval needs to be >= probe interval. + if ($interval > $alert_interval) { + $input_errors[] = gettext("The alert interval needs to be greater than or equal to the probe interval."); + } + + return $input_errors; +} + +// Save gateway settings. +// $gateway_settings - the array of gateway setting parameters +// $realid - the index of the gateway to be modified (otherwise "" if adding a new gateway) + +// This function is responsible to: +// Setup the gateway parameter structure from the gateway settings input parameter +// Save the structure into the config +// Remove any run-time settings from gateway parameters that are changed (e.g. remove routes to addresses that are changing) + +// A subsequent "apply" step will implement the added/changed gateway. + +function save_gateway($gateway_settings, $realid = "") { + global $config; + + $a_gateway_item = &$config['gateways']['gateway_item']; + $reloadif = ""; + $gateway = array(); + + if (empty($gateway_settings['interface'])) { + $gateway['interface'] = $gateway_settings['friendlyiface']; + } else { + $gateway['interface'] = $gateway_settings['interface']; + } + if (is_ipaddr($gateway_settings['gateway'])) { + $gateway['gateway'] = $gateway_settings['gateway']; + } else { + $gateway['gateway'] = "dynamic"; + } + $gateway['name'] = $gateway_settings['name']; + $gateway['weight'] = $gateway_settings['weight']; + $gateway['ipprotocol'] = $gateway_settings['ipprotocol']; + if ($gateway_settings['interval']) { + $gateway['interval'] = $gateway_settings['interval']; + } + + if ($gateway_settings['time_period']) { + $gateway['time_period'] = $gateway_settings['time_period']; + } + if ($gateway_settings['alert_interval']) { + $gateway['alert_interval'] = $gateway_settings['alert_interval']; + } + + $gateway['descr'] = $gateway_settings['descr']; + if ($gateway_settings['monitor_disable'] == "yes") { + $gateway['monitor_disable'] = true; + } + if ($gateway_settings['action_disable'] == "yes") { + $gateway['action_disable'] = true; + } + if ($gateway_settings['nonlocalgateway'] == "yes") { + $gateway['nonlocalgateway'] = true; + } + if ($gateway_settings['force_down'] == "yes") { + $gateway['force_down'] = true; + } + if (is_ipaddr($gateway_settings['monitor'])) { + $gateway['monitor'] = $gateway_settings['monitor']; + } + if (isset($gateway_settings['data_payload']) && $gateway_settings['data_payload'] > 0) { + $gateway['data_payload'] = $gateway_settings['data_payload']; + } + + /* NOTE: If gateway ip is changed need to cleanup the old static interface route */ + if ($gateway_settings['monitor'] != "dynamic" && !empty($a_gateway_item[$realid]) && is_ipaddr($a_gateway_item[$realid]['gateway']) && + $gateway['gateway'] != $a_gateway_item[$realid]['gateway'] && + isset($a_gateway_item[$realid]["nonlocalgateway"])) { + $realif = get_real_interface($a_gateway_item[$realid]['interface']); + $inet = (!is_ipaddrv4($a_gateway_item[$realid]['gateway']) ? "-inet6" : "-inet"); + $cmd = "/sbin/route delete $inet " . escapeshellarg($a_gateway_item[$realid]['gateway']) . " -iface " . escapeshellarg($realif); + mwexec($cmd); + } + + /* NOTE: If monitor ip is changed need to cleanup the old static route */ + if ($gateway_settings['monitor'] != "dynamic" && !empty($a_gateway_item[$realid]) && is_ipaddr($a_gateway_item[$realid]['monitor']) && + $gateway_settings['monitor'] != $a_gateway_item[$realid]['monitor'] && $gateway['gateway'] != $a_gateway_item[$realid]['monitor']) { + if (is_ipaddrv4($a_gateway_item[$realid]['monitor'])) { + mwexec("/sbin/route delete " . escapeshellarg($a_gateway_item[$realid]['monitor'])); + } else { + mwexec("/sbin/route delete -inet6 " . escapeshellarg($a_gateway_item[$realid]['monitor'])); + } + } + + if ($gateway_settings['defaultgw'] == "yes" || $gateway_settings['defaultgw'] == "on") { + $i = 0; + /* remove the default gateway bits for all gateways with the same address family */ + foreach ($a_gateway_item as $gw) { + if ($gateway['ipprotocol'] == $gw['ipprotocol']) { + unset($config['gateways']['gateway_item'][$i]['defaultgw']); + if ($gw['interface'] != $gateway_settings['interface'] && $gw['defaultgw']) { + $reloadif = $gw['interface']; + } + } + $i++; + } + $gateway['defaultgw'] = true; + } + + if ($gateway_settings['latencylow']) { + $gateway['latencylow'] = $gateway_settings['latencylow']; + } + if ($gateway_settings['latencyhigh']) { + $gateway['latencyhigh'] = $gateway_settings['latencyhigh']; + } + if ($gateway_settings['losslow']) { + $gateway['losslow'] = $gateway_settings['losslow']; + } + if ($gateway_settings['losshigh']) { + $gateway['losshigh'] = $gateway_settings['losshigh']; + } + if ($gateway_settings['loss_interval']) { + $gateway['loss_interval'] = $gateway_settings['loss_interval']; + } + + if (isset($gateway_settings['disabled'])) { + $gateway['disabled'] = true; + /* Check if the gateway was enabled but changed to disabled. */ + if ((isset($realid) && $a_gateway_item[$realid]) && ($a_gateway_item[$realid]['disabled'] == false)) { + /* If the disabled gateway was the default route, remove the default route */ + if (is_ipaddr($gateway['gateway']) && + isset($gateway['defaultgw'])) { + $inet = (!is_ipaddrv4($gateway['gateway']) ? '-inet6' : '-inet'); + mwexec("/sbin/route delete {$inet} default"); + } + } + } else { + unset($gateway['disabled']); + } + + /* when saving the manual gateway we use the attribute which has the corresponding id */ + if (isset($realid) && $a_gateway_item[$realid]) { + $a_gateway_item[$realid] = $gateway; + } else { + $a_gateway_item[] = $gateway; + } + + mark_subsystem_dirty('staticroutes'); + + write_config(); + + if (!empty($reloadif)) { + send_event("interface reconfigure {$reloadif}"); + } +} ?> diff --git a/src/usr/local/www/interfaces.php b/src/usr/local/www/interfaces.php index 080444b..7d8cc8f 100755 --- a/src/usr/local/www/interfaces.php +++ b/src/usr/local/www/interfaces.php @@ -767,20 +767,29 @@ if ($_POST['apply']) { if ($_POST['dhcprejectfrom'] && !validate_ipv4_list($_POST['dhcprejectfrom'])) { $input_errors[] = gettext("An invalid IP address was detected in the 'Reject leases from' field."); } - if (($_POST['gateway'] != "none") || ($_POST['gatewayv6'] != "none")) { + + // Only check the IPv4 gateway already exists if it is not "none" and it is not a gateway that the user is adding + if (($_POST['gateway'] != "none") && (!$_POST['gatewayip4'] || ($_POST['gateway'] != $_POST['gatewayname4']))) { $match = false; foreach ($a_gateways as $gateway) { if (in_array($_POST['gateway'], $gateway)) { $match = true; } } + if (!$match) { + $input_errors[] = gettext("A valid IPv4 gateway must be specified."); + } + } + // Only check the IPv6 gateway already exists if it is not "none" and it is not a gateway that the user is adding + if (($_POST['gatewayv6'] != "none") && (!$_POST['gatewayip6'] || ($_POST['gatewayv6'] != $_POST['gatewayname6']))) { + $match = false; foreach ($a_gateways as $gateway) { if (in_array($_POST['gatewayv6'], $gateway)) { $match = true; } } if (!$match) { - $input_errors[] = gettext("A valid gateway must be specified."); + $input_errors[] = gettext("A valid IPv6 gateway must be specified."); } } if (($_POST['provider'] && !is_domain($_POST['provider']))) { @@ -972,6 +981,36 @@ if ($_POST['apply']) { $input_errors[] = gettext("PTPP Password and confirmed password must match!"); } + if ($_POST['gatewayip4']) { + // The user wants to add an IPv4 gateway - validate the settings + $gateway_settings4 = array(); + + $gateway_settings4['name'] = $_POST['gatewayname4']; + $gateway_settings4['interface'] = $_POST['if']; + $gateway_settings4['gateway'] = $_POST['gatewayip4']; + $gateway_settings4['descr'] = $_POST['gatewaydescr4']; + $gateway_settings4['defaultgw'] = $_POST['defaultgw4']; + $gw_input_errors = validate_gateway($gateway_settings4, '', $_POST['ipaddr'], $_POST['subnet']); + foreach ($gw_input_errors as $input_error_text) { + $input_errors[] = $input_error_text; + } + } + + if ($_POST['gatewayip6']) { + // The user wants to add an IPv6 gateway - validate the settings + $gateway_settings6 = array(); + + $gateway_settings6['name'] = $_POST['gatewayname6']; + $gateway_settings6['interface'] = $_POST['if']; + $gateway_settings6['gateway'] = $_POST['gatewayip6']; + $gateway_settings6['descr'] = $_POST['gatewaydescr6']; + $gateway_settings6['defaultgw'] = $_POST['defaultgw6']; + $gw_input_errors = validate_gateway($gateway_settings6, '', $_POST['ipaddrv6'], $_POST['subnetv6']); + foreach ($gw_input_errors as $input_error_text) { + $input_errors[] = $input_error_text; + } + } + if (!$input_errors) { // These 3 fields can be a list of multiple data items when used for MLPPP. // The UI in this code only processes the first of the list, so save the data here then we can preserve any other entries. @@ -1430,6 +1469,14 @@ if ($_POST['apply']) { write_config(); + if ($_POST['gatewayip4']) { + save_gateway($gateway_settings4); + } + + if ($_POST['gatewayip6']) { + save_gateway($gateway_settings6); + } + if (file_exists("{$g['tmp_path']}/.interfaces.apply")) { $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.interfaces.apply")); } else { @@ -1660,6 +1707,8 @@ $types6 = array("none" => gettext("None"), "staticv6" => gettext("Static IPv6"), $ip = $_SERVER['REMOTE_ADDR']; $mymac = `/usr/sbin/arp -an | grep '('{$ip}')' | head -n 1 | cut -d" " -f4`; $mymac = str_replace("\n", "", $mymac); +$defgatewayname4 = $wancfg['descr'] . "GW"; +$defgatewayname6 = $wancfg['descr'] . "GWv6"; function build_mediaopts_list() { global $mediaopts_list; @@ -1822,11 +1871,11 @@ $group->add(new Form_Select( )); $group->add(new Form_Button( - 'addgw', + 'addgw4', 'Add a new gateway', null, 'fa-plus' -))->setAttribute('type','button')->addClass('btn-success')->setAttribute('data-target', '#newgateway')->setAttribute('data-toggle', 'modal'); +))->setAttribute('type','button')->addClass('btn-success')->setAttribute('data-target', '#newgateway4')->setAttribute('data-toggle', 'modal'); $group->setHelp('If this interface is an Internet connection, select an existing Gateway from the list or add a new one using the "Add" button.%1$s' . 'On local area network interfaces the upstream gateway should be "none". ' . @@ -1875,27 +1924,28 @@ $modal->addInput(new Form_Checkbox( 'defaultgw6', 'Default', 'Default gateway', - ($if == "wan" || $if == "WAN") + isset($gateway_settings6['defaultgw']) ? $gateway_settings6['defaultgw'] : ($if == "wan" || $if == "WAN") )); $modal->addInput(new Form_Input( - 'name6', + 'gatewayname6', 'Gateway name', 'text', - $wancfg['descr'] . "GWv6" + ($gateway_settings6['name'] == "") ? $defgatewayname6 : $gateway_settings6['name'] )); $modal->addInput(new Form_IpAddress( 'gatewayip6', 'Gateway IPv6', - null, + $gateway_settings6['gateway'], 'V6' )); $modal->addInput(new Form_Input( 'gatewaydescr6', 'Description', - 'text' + 'text', + $gateway_settings6['descr'] )); $btnaddgw6 = new Form_Button( @@ -3193,56 +3243,57 @@ $form->addGlobal(new Form_Input( // Add new gateway modal pop-up -$modal = new Modal('New Gateway', 'newgateway', 'large'); +$modal = new Modal('New IPv4 Gateway', 'newgateway4', 'large'); $modal->addInput(new Form_Checkbox( - 'defaultgw', + 'defaultgw4', 'Default', 'Default gateway', - ($if == "wan" || $if == "WAN") + isset($gateway_settings4['defaultgw']) ? $gateway_settings4['defaultgw'] : ($if == "wan" || $if == "WAN") )); $modal->addInput(new Form_Input( - 'name', + 'gatewayname4', 'Gateway name', 'text', - $wancfg['descr'] . "GW" + ($gateway_settings4['name'] == "") ? $defgatewayname4 : $gateway_settings4['name'] )); $modal->addInput(new Form_IpAddress( - 'gatewayip', + 'gatewayip4', 'Gateway IPv4', - null, + $gateway_settings4['gateway'], 'V4' )); $modal->addInput(new Form_Input( - 'gatewaydescr', + 'gatewaydescr4', 'Description', - 'text' + 'text', + $gateway_settings4['descr'] )); -$btnaddgw = new Form_Button( - 'add', +$btnaddgw4 = new Form_Button( + 'add4', 'Add', null, 'fa-plus' ); -$btnaddgw->setAttribute('type','button')->addClass('btn-success'); +$btnaddgw4->setAttribute('type','button')->addClass('btn-success'); -$btncnxgw = new Form_Button( - 'cnx', +$btncnxgw4 = new Form_Button( + 'cnx4', 'Cancel', null, 'fa-undo' ); -$btncnxgw->setAttribute('type','button')->addClass('btn-warning'); +$btncnxgw4->setAttribute('type','button')->addClass('btn-warning'); $modal->addInput(new Form_StaticText( null, - $btnaddgw . $btncnxgw + $btnaddgw4 . $btncnxgw4 )); $form->add($modal); @@ -3364,53 +3415,17 @@ events.push(function() { $('#track6-prefix-id-range').html(track6_prefix_ids); } - // Create the new gateway from the data entered in the modal pop-up - function hide_add_gatewaysave() { - var iface = $('#if').val(); - name = $('#name').val(); - var descr = $('#gatewaydescr').val(); - gatewayip = $('#gatewayip').val(); - - var defaultgw = ''; - if ($('#defaultgw').is(':checked')) { - defaultgw = '&defaultgw=on'; - } - - var url = "system_gateways_edit.php"; - var pars = 'isAjax=true&save=true&ipprotocol=inet' + defaultgw + '&interface=' + escape(iface) + '&name=' + escape(name) + '&descr=' + escape(descr) + '&gateway=' + escape(gatewayip); - $.ajax( - url, - { - type: 'post', - data: pars, - error: report_failure, - complete: save_callback - }); - } - - function save_callback(response) { - if (response) { - var gwtext = escape(name) + " - " + gatewayip; - addOption($('#gateway'), gwtext, name); - } else { - report_failure(); - } - - $("#newgateway").modal('hide'); + function addOption_v4() { + var gwtext_v4 = escape($("#gatewayname4").val()) + " - " + $("#gatewayip4").val(); + addSelectboxOption($('#gateway'), gwtext_v4, $("#gatewayname4").val()); } - function report_failure(request, textStatus, errorThrown) { - contenttype = ";"+request.getResponseHeader("Content-Type")+";"; - if (textStatus === "error" && contenttype.indexOf(";text/plain;") !== -1) { - alert(request.responseText); - } else { - alert("The IPv4 gateway could not be created."); - } - - $("#newgateway").modal('hide'); + function addOption_v6() { + var gwtext_v6 = escape($("#gatewayname6").val()) + " - " + $("#gatewayip6").val(); + addSelectboxOption($('#gatewayv6'), gwtext_v6, $("#gatewayname6").val()); } - function addOption(selectbox, text, value) { + function addSelectboxOption(selectbox, text, value) { var optn = document.createElement("OPTION"); optn.text = text; optn.value = value; @@ -3418,59 +3433,6 @@ events.push(function() { selectbox.prop('selectedIndex', selectbox.children().length - 1); } - function hide_add_gatewaysave_v6() { - - var iface = $('#if').val(); - name = $('#name6').val(); - var descr = $('#gatewaydescr6').val(); - gatewayip = $('#gatewayip6').val(); - var defaultgw = ''; - if ($('#defaultgw6').is(':checked')) { - defaultgw = '&defaultgw=on'; - } - var url_v6 = "system_gateways_edit.php"; - var pars_v6 = 'isAjax=true&save=true&ipprotocol=inet6' + defaultgw + '&interface=' + escape(iface) + '&name=' + escape(name) + '&descr=' + escape(descr) + '&gateway=' + escape(gatewayip); - $.ajax( - url_v6, - { - type: 'post', - data: pars_v6, - error: report_failure_v6, - success: save_callback_v6 - }); - } - - - function addOption_v6(selectbox, text, value) { - var optn = document.createElement("OPTION"); - optn.text = text; - optn.value = value; - selectbox.append(optn); - selectbox.prop('selectedIndex', selectbox.children().length - 1); - } - - function report_failure_v6(request, textStatus, errorThrown) { - if (textStatus === "error" && request.getResponseHeader("Content-Type") === "text/plain") { - alert(request.responseText); - } else { - alert("The IPv6 gateway could not be created."); - } - - $("#newgateway6").modal('hide'); - } - - function save_callback_v6(response_v6) { - if (response_v6) { - - var gwtext_v6 = escape(name) + " - " + gatewayip; - addOption_v6($('#gatewayv6'), gwtext_v6, name); - } else { - report_failure_v6(); - } - - $("#newgateway6").modal('hide'); - } - function country_list() { $('#country').children().remove(); $('#provider_list').children().remove(); @@ -3645,6 +3607,14 @@ events.push(function() { // Set preset from value setPresets(sv); + // If the user wants to add a gateway, then add that to the gateway selection + if ($("#gatewayip4").val() != '') { + addOption_v4(); + } + if ($("#gatewayip6").val() != '') { + addOption_v6(); + } + // ---------- Click checkbox handlers --------------------------------------------------------- $('#type').on('change', function() { @@ -3663,19 +3633,29 @@ events.push(function() { show_reset_settings(this.value); }); - $("#add").click(function() { - hide_add_gatewaysave(); + $("#add4").click(function() { + addOption_v4(); + $("#newgateway4").modal('hide'); }); - $("#cnx").click(function() { - $("#newgateway").modal('hide'); + $("#cnx4").click(function() { + $("#gatewayname4").val('<?=$defgatewayname4;?>'); + $("#gatewayip4").val(''); + $("#gatewaydescr4").val(''); + $("#defaultgw4").prop("checked", false); + $("#newgateway4").modal('hide'); }); $("#add6").click(function() { - hide_add_gatewaysave_v6(); + addOption_v6(); + $("#newgateway6").modal('hide'); }); $("#cnx6").click(function() { + $("#gatewayname6").val('<?=$defgatewayname6;?>'); + $("#gatewayip6").val(''); + $("#gatewaydescr6").val(''); + $("#defaultgw6").prop("checked", false); $("#newgateway6").modal('hide'); }); diff --git a/src/usr/local/www/system_gateways.php b/src/usr/local/www/system_gateways.php index 62b350a..b697e56 100644 --- a/src/usr/local/www/system_gateways.php +++ b/src/usr/local/www/system_gateways.php @@ -32,12 +32,7 @@ require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); -$a_gateways = return_gateways_array(true, false, true); -$a_gateways_arr = array(); -foreach ($a_gateways as $gw) { - $a_gateways_arr[] = $gw; -} -$a_gateways = $a_gateways_arr; +$a_gateways = return_gateways_array(true, false, true, true); if (!is_array($config['gateways']['gateway_item'])) { $config['gateways']['gateway_item'] = array(); diff --git a/src/usr/local/www/system_gateways_edit.php b/src/usr/local/www/system_gateways_edit.php index c44100d..8ba3b06 100644 --- a/src/usr/local/www/system_gateways_edit.php +++ b/src/usr/local/www/system_gateways_edit.php @@ -35,12 +35,7 @@ if (isset($_POST['referer'])) { $referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/system_gateways.php'); } -$a_gateways = return_gateways_array(true, false, true); -$a_gateways_arr = array(); -foreach ($a_gateways as $gw) { - $a_gateways_arr[] = $gw; -} -$a_gateways = $a_gateways_arr; +$a_gateways = return_gateways_array(true, false, true, true); if (!is_array($config['gateways']['gateway_item'])) { $config['gateways']['gateway_item'] = array(); @@ -99,445 +94,13 @@ if (isset($id) && $a_gateways[$id]) { if ($_POST['save']) { - unset($input_errors); - - /* input validation */ - $reqdfields = explode(" ", "name interface"); - $reqdfieldsn = array(gettext("Name"), gettext("Interface")); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - - if (!isset($_POST['name'])) { - $input_errors[] = "A valid gateway name must be specified."; - } - if (!is_validaliasname($_POST['name'])) { - $input_errors[] = invalidaliasnamemsg($_POST['name'], gettext("gateway")); - } else if (isset($_POST['disabled'])) { - // We have a valid gateway name that the user wants to mark as disabled. - // Check if the gateway name is used in any gateway group. - if (is_array($config['gateways']['gateway_group'])) { - foreach ($config['gateways']['gateway_group'] as $group) { - foreach ($group['item'] as $item) { - $items = explode("|", $item); - if ($items[0] == $_POST['name']) { - $input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use on Gateway Group "%2$s"'), $_POST['name'], $group['name']); - } - } - } - } - - // Check if the gateway name is used in any enabled Static Route. - if (is_array($config['staticroutes']['route'])) { - foreach ($config['staticroutes']['route'] as $route) { - if ($route['gateway'] == $_POST['name']) { - if (!isset($route['disabled'])) { - // There is a static route that uses this gateway and is enabled (not disabled). - $input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use on Static Route "%2$s"'), $_POST['name'], $route['network']); - } - } - } - } - } - /* skip system gateways which have been automatically added */ - if (($_POST['gateway'] && (!is_ipaddr($_POST['gateway'])) && ($_POST['attribute'] !== "system")) && ($_POST['gateway'] != "dynamic")) { - $input_errors[] = gettext("A valid gateway IP address must be specified."); - } - - if ($_POST['gateway'] && (is_ipaddr($_POST['gateway'])) && !$_REQUEST['isAjax']) { - if (is_ipaddrv4($_POST['gateway'])) { - $parent_ip = get_interface_ip($_POST['interface']); - $parent_sn = get_interface_subnet($_POST['interface']); - if (empty($parent_ip) || empty($parent_sn)) { - $input_errors[] = gettext("Cannot add IPv4 Gateway Address because no IPv4 address could be found on the interface."); - } elseif (!isset($_POST["nonlocalgateway"])) { - $subnets = array(gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn); - $vips = link_interface_to_vips($_POST['interface']); - if (is_array($vips)) { - foreach ($vips as $vip) { - if (!is_ipaddrv4($vip['subnet'])) { - continue; - } - $subnets[] = gen_subnet($vip['subnet'], $vip['subnet_bits']) . "/" . $vip['subnet_bits']; - } - } - - $found = false; - foreach ($subnets as $subnet) { - if (ip_in_subnet($_POST['gateway'], $subnet)) { - $found = true; - break; - } - } - - if ($found === false) { - $input_errors[] = sprintf(gettext("The gateway address %s does not lie within one of the chosen interface's subnets."), $_POST['gateway']); - } - } - } else if (is_ipaddrv6($_POST['gateway'])) { - /* do not do a subnet match on a link local address, it's valid */ - if (!is_linklocal($_POST['gateway'])) { - $parent_ip = get_interface_ipv6($_POST['interface']); - $parent_sn = get_interface_subnetv6($_POST['interface']); - if (empty($parent_ip) || empty($parent_sn)) { - $input_errors[] = gettext("Cannot add IPv6 Gateway Address because no IPv6 address could be found on the interface."); - } elseif (!isset($_POST["nonlocalgateway"])) { - $subnets = array(gen_subnetv6($parent_ip, $parent_sn) . "/" . $parent_sn); - $vips = link_interface_to_vips($_POST['interface']); - if (is_array($vips)) { - foreach ($vips as $vip) { - if (!is_ipaddrv6($vip['subnet'])) { - continue; - } - $subnets[] = gen_subnetv6($vip['subnet'], $vip['subnet_bits']) . "/" . $vip['subnet_bits']; - } - } - - $found = false; - foreach ($subnets as $subnet) { - if (ip_in_subnet($_POST['gateway'], $subnet)) { - $found = true; - break; - } - } - - if ($found === false) { - $input_errors[] = sprintf(gettext("The gateway address %s does not lie within one of the chosen interface's subnets."), $_POST['gateway']); - } - } - } - } - - if (!empty($config['interfaces'][$_POST['interface']]['ipaddr'])) { - if (is_ipaddr($config['interfaces'][$_POST['interface']]['ipaddr']) && (empty($_POST['gateway']) || $_POST['gateway'] == "dynamic")) { - $input_errors[] = gettext("Dynamic gateway values cannot be specified for interfaces with a static IPv4 configuration."); - } - } - if (!empty($config['interfaces'][$_POST['interface']]['ipaddrv6'])) { - if (is_ipaddr($config['interfaces'][$_POST['interface']]['ipaddrv6']) && (empty($_POST['gateway']) || $_POST['gateway'] == "dynamic")) { - $input_errors[] = gettext("Dynamic gateway values cannot be specified for interfaces with a static IPv6 configuration."); - } - } - } - if (($_POST['monitor'] != "") && ($_POST['monitor'] != "dynamic")) { - validateipaddr($_POST['monitor'], IPV4V6, "Monitor IP", $input_errors, false); - } - if (isset($_POST['data_payload']) && is_numeric($_POST['data_payload']) && $_POST['data_payload'] < 0) { - $input_errors[] = gettext("A valid data payload must be specified."); - } - /* only allow correct IPv4 and IPv6 gateway addresses */ - if (($_POST['gateway'] <> "") && is_ipaddr($_POST['gateway']) && $_POST['gateway'] != "dynamic") { - if (is_ipaddrv6($_POST['gateway']) && ($_POST['ipprotocol'] == "inet")) { - $input_errors[] = sprintf(gettext("The IPv6 gateway address '%s' can not be used as a IPv4 gateway."), $_POST['gateway']); - } - if (is_ipaddrv4($_POST['gateway']) && ($_POST['ipprotocol'] == "inet6")) { - $input_errors[] = sprintf(gettext("The IPv4 gateway address '%s' can not be used as a IPv6 gateway."), $_POST['gateway']); - } - } - /* only allow correct IPv4 and IPv6 monitor addresses */ - if (($_POST['monitor'] <> "") && is_ipaddr($_POST['monitor']) && $_POST['monitor'] != "dynamic") { - if (is_ipaddrv6($_POST['monitor']) && ($_POST['ipprotocol'] == "inet")) { - $input_errors[] = sprintf(gettext("The IPv6 monitor address '%s' can not be used on a IPv4 gateway."), $_POST['monitor']); - } - if (is_ipaddrv4($_POST['monitor']) && ($_POST['ipprotocol'] == "inet6")) { - $input_errors[] = sprintf(gettext("The IPv4 monitor address '%s' can not be used on a IPv6 gateway."), $_POST['monitor']); - } - } - - if (isset($_POST['name'])) { - /* check for overlaps */ - foreach ($a_gateways as $gateway) { - if (isset($id) && ($a_gateways[$id]) && ($a_gateways[$id] === $gateway)) { - if ($gateway['name'] != $_POST['name']) { - $input_errors[] = gettext("Changing name on a gateway is not allowed."); - } - continue; - } - if ($_POST['name'] <> "") { - if (($gateway['name'] <> "") && ($_POST['name'] == $gateway['name']) && ($gateway['attribute'] !== "system")) { - $input_errors[] = sprintf(gettext('The gateway name "%s" already exists.'), $_POST['name']); - break; - } - } - if (is_ipaddr($_POST['gateway'])) { - if (($gateway['gateway'] <> "") && ($_POST['gateway'] == $gateway['gateway']) && ($gateway['attribute'] !== "system")) { - $input_errors[] = sprintf(gettext('The gateway IP address "%s" already exists.'), $_POST['gateway']); - break; - } - } - if (is_ipaddr($_POST['monitor'])) { - if (($gateway['monitor'] <> "") && ($_POST['monitor'] == $gateway['monitor']) && ($gateway['attribute'] !== "system")) { - $input_errors[] = sprintf(gettext('The monitor IP address "%s" is already in use. A different monitor IP must be chosen.'), $_POST['monitor']); - break; - } - } - } - } - - /* input validation of dpinger advanced parameters */ - - $latencylow = $dpinger_default['latencylow']; - if ($_POST['latencylow']) { - if (!is_numeric($_POST['latencylow'])) { - $input_errors[] = gettext("The low latency threshold needs to be a numeric value."); - } else if ($_POST['latencylow'] < 1) { - $input_errors[] = gettext("The low latency threshold needs to be positive."); - } else { - $latencylow = $_POST['latencylow']; - } - } - - $latencyhigh = $dpinger_default['latencyhigh']; - if ($_POST['latencyhigh']) { - if (!is_numeric($_POST['latencyhigh'])) { - $input_errors[] = gettext("The high latency threshold needs to be a numeric value."); - } else if ($_POST['latencyhigh'] < 1) { - $input_errors[] = gettext("The high latency threshold needs to be positive."); - } else { - $latencyhigh = $_POST['latencyhigh']; - } - } - - $losslow = $dpinger_default['losslow']; - if ($_POST['losslow']) { - if (!is_numeric($_POST['losslow'])) { - $input_errors[] = gettext("The low Packet Loss threshold needs to be a numeric value."); - } else if ($_POST['losslow'] < 1) { - $input_errors[] = gettext("The low Packet Loss threshold needs to be positive."); - } else if ($_POST['losslow'] >= 100) { - $input_errors[] = gettext("The low Packet Loss threshold needs to be less than 100."); - } else { - $losslow = $_POST['losslow']; - } - } - - $losshigh = $dpinger_default['losshigh']; - if ($_POST['losshigh']) { - if (!is_numeric($_POST['losshigh'])) { - $input_errors[] = gettext("The high Packet Loss threshold needs to be a numeric value."); - } else if ($_POST['losshigh'] < 1) { - $input_errors[] = gettext("The high Packet Loss threshold needs to be positive."); - } else if ($_POST['losshigh'] > 100) { - $input_errors[] = gettext("The high Packet Loss threshold needs to be 100 or less."); - } else { - $losshigh = $_POST['losshigh']; - } - } - - $time_period = $dpinger_default['time_period']; - if ($_POST['time_period']) { - if (!is_numeric($_POST['time_period'])) { - $input_errors[] = gettext("The time period over which results are averaged needs to be a numeric value."); - } else if ($_POST['time_period'] < 1) { - $input_errors[] = gettext("The time period over which results are averaged needs to be positive."); - } else { - $time_period = $_POST['time_period']; - } - } - - $interval = $dpinger_default['interval']; - if ($_POST['interval']) { - if (!is_numeric($_POST['interval'])) { - $input_errors[] = gettext("The probe interval needs to be a numeric value."); - } else if ($_POST['interval'] < 1) { - $input_errors[] = gettext("The probe interval needs to be positive."); - } else { - $interval = $_POST['interval']; - } - } - - $loss_interval = $dpinger_default['loss_interval']; - if ($_POST['loss_interval']) { - if (!is_numeric($_POST['loss_interval'])) { - $input_errors[] = gettext("The loss interval needs to be a numeric value."); - } else if ($_POST['loss_interval'] < 1) { - $input_errors[] = gettext("The loss interval setting needs to be positive."); - } else { - $loss_interval = $_POST['loss_interval']; - } - } - - $alert_interval = $dpinger_default['alert_interval']; - if ($_POST['alert_interval']) { - if (!is_numeric($_POST['alert_interval'])) { - $input_errors[] = gettext("The alert interval needs to be a numeric value."); - } else if ($_POST['alert_interval'] < 1) { - $input_errors[] = gettext("The alert interval setting needs to be positive."); - } else { - $alert_interval = $_POST['alert_interval']; - } - } - - if ($latencylow >= $latencyhigh) { - $input_errors[] = gettext( - "The high latency threshold needs to be greater than the low latency threshold"); - } - - if ($losslow >= $losshigh) { - $input_errors[] = gettext( - "The high packet loss threshold needs to be higher than the low packet loss threshold"); - } - - // If the loss interval is less than latencyhigh, then high latency could never be recorded - // because those high latency packets would be considered as lost. So do not allow that. - if ($latencyhigh > $loss_interval) { - $input_errors[] = gettext("The loss interval needs to be greater than or equal to the high latency threshold."); - } - - // Ensure that the time period is greater than 2 times the probe interval plus the loss interval. - if (($interval * 2 + $loss_interval) >= $time_period) { - $input_errors[] = gettext("The time period needs to be greater than twice the probe interval plus the loss interval."); - } - - // There is no point recalculating the average latency and loss more often than the probe interval. - // So the alert interval needs to be >= probe interval. - if ($interval > $alert_interval) { - $input_errors[] = gettext("The alert interval needs to be greater than or equal to the probe interval."); - } - - if (!$input_errors) { - $reloadif = ""; - $gateway = array(); - - if (empty($_POST['interface'])) { - $gateway['interface'] = $pconfig['friendlyiface']; - } else { - $gateway['interface'] = $_POST['interface']; - } - if (is_ipaddr($_POST['gateway'])) { - $gateway['gateway'] = $_POST['gateway']; - } else { - $gateway['gateway'] = "dynamic"; - } - $gateway['name'] = $_POST['name']; - $gateway['weight'] = $_POST['weight']; - $gateway['ipprotocol'] = $_POST['ipprotocol']; - if ($_POST['interval']) { - $gateway['interval'] = $_POST['interval']; - } - - if ($_POST['time_period']) { - $gateway['time_period'] = $_POST['time_period']; - } - if ($_POST['alert_interval']) { - $gateway['alert_interval'] = $_POST['alert_interval']; - } - - $gateway['descr'] = $_POST['descr']; - if ($_POST['monitor_disable'] == "yes") { - $gateway['monitor_disable'] = true; - } - if ($_POST['action_disable'] == "yes") { - $gateway['action_disable'] = true; - } - if ($_POST['nonlocalgateway'] == "yes") { - $gateway['nonlocalgateway'] = true; - } - if ($_POST['force_down'] == "yes") { - $gateway['force_down'] = true; - } - if (is_ipaddr($_POST['monitor'])) { - $gateway['monitor'] = $_POST['monitor']; - } - if (isset($_POST['data_payload']) && $_POST['data_payload'] > 0) { - $gateway['data_payload'] = $_POST['data_payload']; - } - - /* NOTE: If gateway ip is changed need to cleanup the old static interface route */ - if ($_POST['monitor'] != "dynamic" && !empty($a_gateway_item[$realid]) && is_ipaddr($a_gateway_item[$realid]['gateway']) && - $gateway['gateway'] != $a_gateway_item[$realid]['gateway'] && - isset($a_gateway_item[$realid]["nonlocalgateway"])) { - $realif = get_real_interface($a_gateway_item[$realid]['interface']); - $inet = (!is_ipaddrv4($a_gateway_item[$realid]['gateway']) ? "-inet6" : "-inet"); - $cmd = "/sbin/route delete $inet " . escapeshellarg($a_gateway_item[$realid]['gateway']) . " -iface " . escapeshellarg($realif); - mwexec($cmd); - } - - /* NOTE: If monitor ip is changed need to cleanup the old static route */ - if ($_POST['monitor'] != "dynamic" && !empty($a_gateway_item[$realid]) && is_ipaddr($a_gateway_item[$realid]['monitor']) && - $_POST['monitor'] != $a_gateway_item[$realid]['monitor'] && $gateway['gateway'] != $a_gateway_item[$realid]['monitor']) { - if (is_ipaddrv4($a_gateway_item[$realid]['monitor'])) { - mwexec("/sbin/route delete " . escapeshellarg($a_gateway_item[$realid]['monitor'])); - } else { - mwexec("/sbin/route delete -inet6 " . escapeshellarg($a_gateway_item[$realid]['monitor'])); - } - } - - if ($_POST['defaultgw'] == "yes" || $_POST['defaultgw'] == "on") { - $i = 0; - /* remove the default gateway bits for all gateways with the same address family */ - foreach ($a_gateway_item as $gw) { - if ($gateway['ipprotocol'] == $gw['ipprotocol']) { - unset($config['gateways']['gateway_item'][$i]['defaultgw']); - if ($gw['interface'] != $_POST['interface'] && $gw['defaultgw']) { - $reloadif = $gw['interface']; - } - } - $i++; - } - $gateway['defaultgw'] = true; - } - - if ($_POST['latencylow']) { - $gateway['latencylow'] = $_POST['latencylow']; - } - if ($_POST['latencyhigh']) { - $gateway['latencyhigh'] = $_POST['latencyhigh']; - } - if ($_POST['losslow']) { - $gateway['losslow'] = $_POST['losslow']; - } - if ($_POST['losshigh']) { - $gateway['losshigh'] = $_POST['losshigh']; - } - if ($_POST['loss_interval']) { - $gateway['loss_interval'] = $_POST['loss_interval']; - } - - if (isset($_POST['disabled'])) { - $gateway['disabled'] = true; - /* Check if the gateway was enabled but changed to disabled. */ - if ((isset($realid) && $a_gateway_item[$realid]) && ($pconfig['disabled'] == false)) { - /* If the disabled gateway was the default route, remove the default route */ - if (is_ipaddr($gateway['gateway']) && - isset($gateway['defaultgw'])) { - $inet = (!is_ipaddrv4($gateway['gateway']) ? '-inet6' : '-inet'); - mwexec("/sbin/route delete {$inet} default"); - } - } - } else { - unset($gateway['disabled']); - } - - /* when saving the manual gateway we use the attribute which has the corresponding id */ - if (isset($realid) && $a_gateway_item[$realid]) { - $a_gateway_item[$realid] = $gateway; - } else { - $a_gateway_item[] = $gateway; - } - - mark_subsystem_dirty('staticroutes'); - - write_config(); - - if ($_REQUEST['isAjax']) { - echo $_POST['name']; - exit; - } else if (!empty($reloadif)) { - send_event("interface reconfigure {$reloadif}"); - } + $input_errors = validate_gateway($_POST, $id); + if (count($input_errors) == 0) { + save_gateway($_POST, $realid); header("Location: system_gateways.php"); exit; } else { - if ($_REQUEST['isAjax']) { - header("HTTP/1.0 500 Internal Server Error"); - header("Content-type: text/plain"); - foreach ($input_errors as $error) { - echo("$error\n"); - } - exit; - } - $pconfig = $_POST; if (empty($_POST['friendlyiface'])) { $pconfig['friendlyiface'] = $_POST['interface']; |