diff options
author | Phil Davis <phil.davis@inf.org> | 2015-05-11 12:28:57 +0545 |
---|---|---|
committer | Phil Davis <phil.davis@inf.org> | 2015-05-11 12:28:57 +0545 |
commit | 760b1df9eefbf8c154aeb58065cc4a43288e1bc5 (patch) | |
tree | 8ac8ae977e2f93ce56a2eb7dd3ef88c070296bd6 /usr/local/www/firewall_virtual_ip.php | |
parent | d0c28e66a81bb06183b09514c6d1aa87e9c4deb0 (diff) | |
download | pfsense-760b1df9eefbf8c154aeb58065cc4a43288e1bc5.zip pfsense-760b1df9eefbf8c154aeb58065cc4a43288e1bc5.tar.gz |
Code style Firewall VIP
Diffstat (limited to 'usr/local/www/firewall_virtual_ip.php')
-rw-r--r-- | usr/local/www/firewall_virtual_ip.php | 298 |
1 files changed, 163 insertions, 135 deletions
diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index 0fe725f..200e9ac 100644 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -65,32 +65,34 @@ if ($_POST) { if ($_POST['apply']) { $check_carp = false; if (file_exists("{$g['tmp_path']}/.firewall_virtual_ip.apply")) { - $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply")); + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply")); foreach ($toapplylist as $vid => $ovip) { - if (!empty($ovip)) + if (!empty($ovip)) { interface_vip_bring_down($ovip); + } if ($a_vip[$vid]) { - switch ($a_vip[$vid]['mode']) { - case "ipalias": - interface_ipalias_configure($a_vip[$vid]); - break; - case "proxyarp": - interface_proxyarp_configure($a_vip[$vid]['interface']); - break; - case "carp": - $check_carp = true; - interface_carp_configure($a_vip[$vid]); - break; - default: - break; + switch ($a_vip[$vid]['mode']) { + case "ipalias": + interface_ipalias_configure($a_vip[$vid]); + break; + case "proxyarp": + interface_proxyarp_configure($a_vip[$vid]['interface']); + break; + case "carp": + $check_carp = true; + interface_carp_configure($a_vip[$vid]); + break; + default: + break; } - } - } + } + } @unlink("{$g['tmp_path']}/.firewall_virtual_ip.apply"); } /* Before changing check #4633 */ - if ($check_carp === true && !get_carp_status()) - set_single_sysctl("net.inet.carp.allow", "1"); + if ($check_carp === true && !get_carp_status()) { + set_single_sysctl("net.inet.carp.allow", "1"); + } $retval = 0; $retval |= filter_configure(); @@ -149,22 +151,27 @@ if ($_GET['act'] == "del") { $subnet .= "/" . $a_vip[$_GET['id']]['subnet_bits']; $if_subnet .= "/" . $if_subnet_bits; - if (is_array($config['gateways']['gateway_item'])) + if (is_array($config['gateways']['gateway_item'])) { foreach($config['gateways']['gateway_item'] as $gateway) { - if ($a_vip[$_GET['id']]['interface'] != $gateway['interface']) + if ($a_vip[$_GET['id']]['interface'] != $gateway['interface']) { continue; - if ($is_ipv6 && $gateway['ipprotocol'] == 'inet') + } + if ($is_ipv6 && $gateway['ipprotocol'] == 'inet') { continue; - if (!$is_ipv6 && $gateway['ipprotocol'] == 'inet6') + } + if (!$is_ipv6 && $gateway['ipprotocol'] == 'inet6') { continue; - if (ip_in_subnet($gateway['gateway'], $if_subnet)) + } + if (ip_in_subnet($gateway['gateway'], $if_subnet)) { continue; + } if (ip_in_subnet($gateway['gateway'], $subnet)) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one Gateway."); break; } } + } if ($a_vip[$_GET['id']]['mode'] == "ipalias") { $subnet = gen_subnet($a_vip[$_GET['id']]['subnet'], $a_vip[$_GET['id']]['subnet_bits']) . "/" . $a_vip[$_GET['id']]['subnet_bits']; @@ -172,34 +179,41 @@ if ($_GET['act'] == "del") { $found_carp = false; $found_other_alias = false; - if ($subnet == $if_subnet) + if ($subnet == $if_subnet) { $found_if = true; - + } + $vipiface = $a_vip[$_GET['id']]['interface']; foreach ($a_vip as $vip_id => $vip) { - if ($vip_id == $_GET['id']) + if ($vip_id == $_GET['id']) { continue; + } - if ($vip['interface'] == $vipiface && ip_in_subnet($vip['subnet'], $subnet)) - if ($vip['mode'] == "carp") + if ($vip['interface'] == $vipiface && ip_in_subnet($vip['subnet'], $subnet)) { + if ($vip['mode'] == "carp") { $found_carp = true; - else if ($vip['mode'] == "ipalias") + } else if ($vip['mode'] == "ipalias") { $found_other_alias = true; + } + } } - if ($found_carp === true && $found_other_alias === false && $found_if === false) + if ($found_carp === true && $found_other_alias === false && $found_if === false) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by a CARP IP with the description") . " {$vip['descr']}."; + } } else if ($a_vip[$_GET['id']]['mode'] == "carp") { $vipiface = "{$a_vip[$_GET['id']]['interface']}_vip{$a_vip[$_GET['id']]['vhid']}"; foreach ($a_vip as $vip) { - if ($vipiface == $vip['interface'] && $vip['mode'] == "ipalias") + if ($vipiface == $vip['interface'] && $vip['mode'] == "ipalias") { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by an IP alias entry with the description") . " {$vip['descr']}."; + } } } - + if (!$input_errors) { - if (!session_id()) + if (!session_id()) { session_start(); + } $user = getUserEntry($_SESSION['Username']); if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) { header("Location: firewall_virtual_ip.php"); @@ -216,15 +230,17 @@ if ($_GET['act'] == "del") { interface_vip_bring_down($a_vip[$_GET['id']]); unset($a_vip[$_GET['id']]); } - if (count($config['virtualip']['vip']) == 0) + if (count($config['virtualip']['vip']) == 0) { unset($config['virtualip']['vip']); + } write_config(); header("Location: firewall_virtual_ip.php"); exit; } } -} else if ($_GET['changes'] == "mods" && is_numericint($_GET['id'])) +} else if ($_GET['changes'] == "mods" && is_numericint($_GET['id'])) { $id = $_GET['id']; +} $pgtitle = array(gettext("Firewall"),gettext("Virtual IP Addresses")); include("head.inc"); @@ -233,113 +249,125 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <form action="firewall_virtual_ip.php" method="post"> -<?php - if ($input_errors) +<?php + if ($input_errors) { print_input_errors($input_errors); - else - if ($savemsg) - print_info_box($savemsg); - else - if (is_subsystem_dirty('vip')) + } else if ($savemsg) { + print_info_box($savemsg); + } else if (is_subsystem_dirty('vip')) { print_info_box_np(gettext("The VIP configuration has been changed.")."<br />".gettext("You must apply the changes in order for them to take effect.")); + } ?> <br /> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="virtual ip"> - <tr><td class="tabnavtbl"> - <?php - /* active tabs */ - $tab_array = array(); - $tab_array[] = array(gettext("Virtual IPs"), true, "firewall_virtual_ip.php"); - $tab_array[] = array(gettext("CARP Settings"), false, "system_hasync.php"); - display_top_tabs($tab_array); - ?> - </td></tr> - <tr> - <td><input type="hidden" id="id" name="id" value="<?php echo htmlspecialchars($id); ?>" /></td> - </tr> - <tr> - <td> - <div id="mainarea"> - <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area"> - <tr> - <td width="30%" class="listhdrr"><?=gettext("Virtual IP address");?></td> - <td width="10%" class="listhdrr"><?=gettext("Interface");?></td> - <td width="10%" class="listhdrr"><?=gettext("Type");?></td> - <td width="40%" class="listhdr"><?=gettext("Description");?></td> - <td width="10%" class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="edit"> - <tr> - <td width="17"></td> - <td valign="middle"><a href="firewall_virtual_ip_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="edit" /></a></td> - </tr> - </table> - </td> - </tr> - <?php - $interfaces = get_configured_interface_with_descr(false, true); - $carplist = get_configured_carp_interface_list(); - foreach ($carplist as $cif => $carpip) - $interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")"; - $interfaces['lo0'] = "Localhost"; - ?> - <?php $i = 0; foreach ($a_vip as $vipent): ?> - <?php if($vipent['subnet'] <> "" or $vipent['range'] <> "" or - $vipent['subnet_bits'] <> "" or (isset($vipent['range']['from']) && $vipent['range']['from'] <> "")): ?> - <tr> - <td class="listlr" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <?php if (($vipent['type'] == "single") || ($vipent['type'] == "network")) - if($vipent['subnet_bits']) + <tr><td class="tabnavtbl"> + <?php + /* active tabs */ + $tab_array = array(); + $tab_array[] = array(gettext("Virtual IPs"), true, "firewall_virtual_ip.php"); + $tab_array[] = array(gettext("CARP Settings"), false, "system_hasync.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td><input type="hidden" id="id" name="id" value="<?php echo htmlspecialchars($id); ?>" /></td> + </tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area"> + <tr> + <td width="30%" class="listhdrr"><?=gettext("Virtual IP address");?></td> + <td width="10%" class="listhdrr"><?=gettext("Interface");?></td> + <td width="10%" class="listhdrr"><?=gettext("Type");?></td> + <td width="40%" class="listhdr"><?=gettext("Description");?></td> + <td width="10%" class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="edit"> + <tr> + <td width="17"></td> + <td valign="middle"><a href="firewall_virtual_ip_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="edit" /></a></td> + </tr> + </table> + </td> + </tr> + <?php + $interfaces = get_configured_interface_with_descr(false, true); + $carplist = get_configured_carp_interface_list(); + foreach ($carplist as $cif => $carpip) { + $interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")"; + } + $interfaces['lo0'] = "Localhost"; + $i = 0; + foreach ($a_vip as $vipent): + if($vipent['subnet'] <> "" or $vipent['range'] <> "" or $vipent['subnet_bits'] <> "" or (isset($vipent['range']['from']) && $vipent['range']['from'] <> "")): + ?> + <tr> + <td class="listlr" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> + <?php + if (($vipent['type'] == "single") || ($vipent['type'] == "network")) { + if($vipent['subnet_bits']) { echo "{$vipent['subnet']}/{$vipent['subnet_bits']}"; - if ($vipent['type'] == "range") + } + } + if ($vipent['type'] == "range") { echo "{$vipent['range']['from']}-{$vipent['range']['to']}"; + } + if($vipent['mode'] == "carp") { + echo " (vhid {$vipent['vhid']})"; + } + ?> + </td> + <td class="listr" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($interfaces[$vipent['interface']]);?> + </td> + <td class="listr" align="center" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> + <?php if($vipent['mode'] == "proxyarp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_parp.gif' title='Proxy ARP' alt='proxy arp' />"; elseif($vipent['mode'] == "carp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_carp.gif' title='CARP' alt='carp' />"; elseif($vipent['mode'] == "other") echo "<img src='./themes/".$g['theme']."/images/icons/icon_other.gif' title='Other' alt='other' />"; elseif($vipent['mode'] == "ipalias") echo "<img src='./themes/".$g['theme']."/images/icons/icon_ifalias.gif' title='IP Alias' alt='ip alias' />";?> + </td> + <td class="listbg" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($vipent['descr']);?> + </td> + <td class="list nowrap"> + <table border="0" cellspacing="0" cellpadding="1" summary="icons"> + <tr> + <td valign="middle"><a href="firewall_virtual_ip_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" alt="edit" /></a></td> + <td valign="middle"><a href="firewall_virtual_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext('Do you really want to delete this entry?');?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" /></a></td> + </tr> + </table> + </td> + </tr> + <?php + endif; + $i++; + endforeach; ?> - <?php if($vipent['mode'] == "carp") echo " (vhid {$vipent['vhid']})"; ?> - </td> - <td class="listr" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($interfaces[$vipent['interface']]);?> - </td> - <td class="listr" align="center" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <?php if($vipent['mode'] == "proxyarp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_parp.gif' title='Proxy ARP' alt='proxy arp' />"; elseif($vipent['mode'] == "carp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_carp.gif' title='CARP' alt='carp' />"; elseif($vipent['mode'] == "other") echo "<img src='./themes/".$g['theme']."/images/icons/icon_other.gif' title='Other' alt='other' />"; elseif($vipent['mode'] == "ipalias") echo "<img src='./themes/".$g['theme']."/images/icons/icon_ifalias.gif' title='IP Alias' alt='ip alias' />";?> - </td> - <td class="listbg" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($vipent['descr']);?> - </td> - <td class="list nowrap"> - <table border="0" cellspacing="0" cellpadding="1" summary="icons"> - <tr> - <td valign="middle"><a href="firewall_virtual_ip_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" alt="edit" /></a></td> - <td valign="middle"><a href="firewall_virtual_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext('Do you really want to delete this entry?');?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" /></a></td> - </tr> - </table> - </td> - </tr> - <?php endif; ?> - <?php $i++; endforeach; ?> - <tfoot> - <tr> - <td class="list" colspan="4"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="edit"> - <tr> - <td width="17"></td> - <td valign="middle"><a href="firewall_virtual_ip_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="edit" /></a></td> - </tr> - </table> - </td> - </tr> - <tr> - <td colspan="5"> - <p><span class="vexpl"><span class="red"><strong><?=gettext("Note:");?><br /> - </strong></span><?=gettext("The virtual IP addresses defined on this page may be used in");?><a href="firewall_nat.php"> <?=gettext("NAT"); ?> </a><?=gettext("mappings.");?><br /> - <?=gettext("You can check the status of your CARP Virtual IPs and interfaces ");?><a href="carp_status.php"><?=gettext("here");?></a>.</span></p> - </td> - </tr> - </tfoot> - </table> - </div><!-- div:mainarea --> - </td></tr> - </table> - </form> + <tfoot> + <tr> + <td class="list" colspan="4"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="edit"> + <tr> + <td width="17"></td> + <td valign="middle"><a href="firewall_virtual_ip_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="edit" /></a></td> + </tr> + </table> + </td> + </tr> + <tr> + <td colspan="5"> + <p> + <span class="vexpl"><span class="red"><strong><?=gettext("Note:");?><br /></strong></span> + <?=gettext("The virtual IP addresses defined on this page may be used in");?><a href="firewall_nat.php"> <?=gettext("NAT"); ?> </a><?=gettext("mappings.");?><br /> + <?=gettext("You can check the status of your CARP Virtual IPs and interfaces ");?><a href="carp_status.php"><?=gettext("here");?></a>.</span> + </p> + </td> + </tr> + </tfoot> + </table> + </div><!-- div:mainarea --> + </td> + </tr> +</table> +</form> <?php include("fend.inc"); ?> </body> </html> |