diff options
author | Renato Botelho <garga@FreeBSD.org> | 2013-07-08 12:38:27 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2013-07-08 12:38:37 -0300 |
commit | dd042c5159fb61ccb1a9b3867b18263685703b7b (patch) | |
tree | 070118ecc373e61437cadd6d52a738ab3c03e1ed /usr/local/www | |
parent | ff6c98526e026b634f3d1c89163bf850bdd7a2ba (diff) | |
download | pfsense-dd042c5159fb61ccb1a9b3867b18263685703b7b.zip pfsense-dd042c5159fb61ccb1a9b3867b18263685703b7b.tar.gz |
Implement URL Table aliases for ports instead of IP addresses
Diffstat (limited to 'usr/local/www')
-rwxr-xr-x | usr/local/www/firewall_aliases_edit.php | 34 | ||||
-rwxr-xr-x | usr/local/www/firewall_nat_edit.php | 2 | ||||
-rwxr-xr-x | usr/local/www/firewall_nat_out_edit.php | 2 | ||||
-rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 2 | ||||
-rwxr-xr-x | usr/local/www/guiconfig.inc | 13 | ||||
-rwxr-xr-x | usr/local/www/load_balancer_pool_edit.php | 2 | ||||
-rwxr-xr-x | usr/local/www/load_balancer_virtual_server_edit.php | 2 |
7 files changed, 44 insertions, 13 deletions
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index daec627..1b0a194 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -106,7 +106,7 @@ if (isset($id) && $a_aliases[$id]) { if($ifdesc == $pconfig['descr']) $input_errors[] = sprintf(gettext("Sorry, an interface is already named %s."), $pconfig['descr']); - if($a_aliases[$id]['type'] == "urltable") { + if(preg_match("/urltable/i", $a_aliases[$id]['type'])) { $pconfig['address'] = $a_aliases[$id]['url']; $pconfig['updatefreq'] = $a_aliases[$id]['updatefreq']; } @@ -165,7 +165,7 @@ if ($_POST) { $final_address_details = array(); $alias['name'] = $_POST['name']; - if ($_POST['type'] == "urltable") { + if (preg_match("/urltable/i", $_POST['type'])) { $address = ""; $isfirst = 0; @@ -269,7 +269,7 @@ if ($_POST) { if (!alias_same_type($_POST["address{$x}"], $_POST['type'])) // But alias type network can include alias type urltable. Feature#1603. if (!($_POST['type'] == 'network' && - alias_get_type($_POST["address{$x}"]) == 'urltable')) + preg_match("/urltable/i", alias_get_type($_POST["address{$x}"])))) $wrongaliases .= " " . $_POST["address{$x}"]; } else if ($_POST['type'] == "port") { if (!is_port($_POST["address{$x}"])) @@ -464,6 +464,14 @@ function typesel_change() { eval(comd); } break; + case 6: /* urltable_ports */ + var cmd; + newrows = totalrows; + for(i=0; i<newrows; i++) { + comd = 'document.iform.address_subnet' + i + '.disabled = 0;'; + eval(comd); + } + break; } } @@ -486,7 +494,8 @@ $ports_str = gettext("Port(s)"); $port_str = gettext("Port"); $url_str = gettext("URL (IPs)"); $url_ports_str = gettext("URL (Ports)"); -$urltable_str = gettext("URL Table"); +$urltable_str = gettext("URL Table (IPs)"); +$urltable_ports_str = gettext("URL Table (Ports)"); $update_freq_str = gettext("Update Freq."); $networks_help = gettext("Networks are specified in CIDR format. Select the CIDR mask that pertains to each entry. /32 specifies a single IPv4 host, /128 specifies a single IPv6 host, /24 specifies 255.255.255.0, /64 specifies a normal IPv6 network, etc. Hostnames (FQDNs) may also be specified, using a /32 mask for IPv4 or /128 for IPv6. You may also enter an IP range such as 192.168.1.1-192.168.1.254 and a list of CIDR networks will be derived to fill the range."); @@ -495,6 +504,7 @@ $ports_help = gettext("Enter as many ports as you wish. Port ranges can be expr $url_help = sprintf(gettext("Enter as many URLs as you wish. After saving %s will download the URL and import the items into the alias. Use only with small sets of IP addresses (less than 3000)."), $g['product_name']); $url_ports_help = sprintf(gettext("Enter as many URLs as you wish. After saving %s will download the URL and import the items into the alias. Use only with small sets of Ports (less than 3000)."), $g['product_name']); $urltable_help = sprintf(gettext("Enter a single URL containing a large number of IPs and/or Subnets. After saving %s will download the URL and create a table file containing these addresses. This will work with large numbers of addresses (30,000+) or small numbers."), $g['product_name']); +$urltable_ports_help = sprintf(gettext("Enter a single URL containing a list of Port numbers and/or Port ranges. After saving %s will download the URL."), $g['product_name']); $openvpn_str = gettext("Username"); $openvpn_user_str = gettext("OpenVPN Users"); @@ -561,6 +571,19 @@ function update_box_type() { document.getElementById ("threecolumn").style.display = 'none'; document.getElementById ("itemhelp").firstChild.data = "{$urltable_help}"; document.getElementById ("addrowbutton").style.display = 'none'; + } else if(selected == '{$urltable_ports_str}') { + if ((typeof(totalrows) == "undefined") || (totalrows < 1)) { + addRowTo('maintable', 'formfldalias'); + typesel_change(); + add_alias_control(this); + } + document.getElementById ("addressnetworkport").firstChild.data = "{$url_str}"; + document.getElementById ("onecolumn").firstChild.data = "{$url_str}"; + document.getElementById ("twocolumn").firstChild.data = "{$update_freq_str}"; + document.getElementById ("threecolumn").firstChild.data = ""; + document.getElementById ("threecolumn").style.display = 'none'; + document.getElementById ("itemhelp").firstChild.data = "{$urltable_ports_help}"; + document.getElementById ("addrowbutton").style.display = 'none'; } } //]]> @@ -655,7 +678,8 @@ if (empty($tab)) { <!--<option value="openvpn" <?php if ($pconfig['type'] == "openvpn") echo "selected=\"selected\""; ?>><?=gettext("OpenVPN Users"); ?></option> --> <option value="url" <?php if ($pconfig['type'] == "url") echo "selected=\"selected\""; ?>><?=gettext("URL (IPs)");?></option> <option value="url_ports" <?php if ($pconfig['type'] == "url_ports") echo "selected=\"selected\""; ?>><?=gettext("URL (Ports)");?></option> - <option value="urltable" <?php if ($pconfig['type'] == "urltable") echo "selected=\"selected\""; ?>><?=gettext("URL Table"); ?></option> + <option value="urltable" <?php if ($pconfig['type'] == "urltable") echo "selected=\"selected\""; ?>><?=gettext("URL Table (IPs)"); ?></option> + <option value="urltable_ports" <?php if ($pconfig['type'] == "urltable_ports") echo "selected=\"selected\""; ?>><?=gettext("URL Table (Ports)"); ?></option> </select> </td> </tr> diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index 26e4a35..a9399f8 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -912,7 +912,7 @@ $has_updated_time = (isset($a_nat[$id]['updated']) && is_array($a_nat[$id]['upda <script type="text/javascript"> //<![CDATA[ var addressarray = <?= json_encode(get_alias_list(array("host", "network", "openvpn", "urltable"))) ?>; - var customarray = <?= json_encode(get_alias_list(array("port", "url_ports"))) ?>; + var customarray = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>; var oTextbox1 = new AutoSuggestControl(document.getElementById("localip"), new StateSuggestions(addressarray)); var oTextbox2 = new AutoSuggestControl(document.getElementById("src"), new StateSuggestions(addressarray)); diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index d375deb..46139c9 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -720,7 +720,7 @@ $has_updated_time = (isset($a_out[$id]['updated']) && is_array($a_out[$id]['upda poolopts_change(); var addressarray = <?= json_encode(get_alias_list(array("host", "network", "openvpn", "urltable"))) ?>; - var customarray = <?= json_encode(get_alias_list(array("port", "url_ports"))) ?>; + var customarray = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>; var oTextbox1 = new AutoSuggestControl(document.getElementById("source"), new StateSuggestions(addressarray)); var oTextbox2 = new AutoSuggestControl(document.getElementById("sourceport"), new StateSuggestions(customarray)); diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index d2d3333..25b3e9d 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -1629,7 +1629,7 @@ $has_updated_time = (isset($a_filter[$id]['updated']) && is_array($a_filter[$id] <?php endif; ?> var addressarray = <?= json_encode(get_alias_list(array("host", "network", "openvpn", "urltable"))) ?>; - var customarray = <?= json_encode(get_alias_list(array("port", "url_ports"))) ?>; + var customarray = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>; var oTextbox1 = new AutoSuggestControl(document.getElementById("src"), new StateSuggestions(addressarray)); var oTextbox2 = new AutoSuggestControl(document.getElementById("srcbeginport_cust"), new StateSuggestions(customarray)); diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 0da6d1e..f88572b 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -1030,9 +1030,16 @@ function alias_info_popup($alias_id){ $alias_name=$config['aliases']['alias'][$alias_id]; $alias_objects_with_details = "<table width=\"100%\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" summary=\"alias info popup\">"; if ($alias_name['url']) { - exec("/sbin/pfctl -t {$alias_name['name']} -T show | wc -l", $total_entries); - $counter=preg_replace("/\D/","",$total_entries[0]); - exec("/sbin/pfctl -t {$alias_name['name']} -T show | head -10002", $alias_addresses); + // TODO: Change it when pf supports tables with ports + if ($alias_name['type'] == "urltable") { + exec("/sbin/pfctl -t {$alias_name['name']} -T show | wc -l", $total_entries); + $counter=preg_replace("/\D/","",$total_entries[0]); + exec("/sbin/pfctl -t {$alias_name['name']} -T show | head -10002", $alias_addresses); + } else { + $urlfn = alias_expand_urltable($alias_name['name']); + $alias_addresses = explode("\n", file_get_contents($urlfn)); + $counter = count($alias_addresses); + } $alias_objects_with_details .= "<tr><td colspan=\"3\" $close_title class=\"vncell\">{$alias_name['url']}</td></tr>"; $x=0; foreach ($alias_addresses as $alias_ports_address ) { diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index 5164de1..3eced6b 100755 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -215,7 +215,7 @@ function clearcombo(){ </div> <script type="text/javascript"> //<![CDATA[ - var addressarray = <?= json_encode(get_alias_list(array("port", "url_ports"))) ?>; + var addressarray = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>; var oTextbox1 = new AutoSuggestControl(document.getElementById("port"), new StateSuggestions(addressarray)); //]]> </script> diff --git a/usr/local/www/load_balancer_virtual_server_edit.php b/usr/local/www/load_balancer_virtual_server_edit.php index 3cdc9b5..4b68b6e 100755 --- a/usr/local/www/load_balancer_virtual_server_edit.php +++ b/usr/local/www/load_balancer_virtual_server_edit.php @@ -186,7 +186,7 @@ include("head.inc"); <br><?=gettext("You may also specify a port alias listed in Firewall -> Aliases here."); ?> <script type="text/javascript"> //<![CDATA[ - var port_aliases = <?= json_encode(get_alias_list(array("port", "url_ports"))) ?>; + var port_aliases = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>; var oTextbox2 = new AutoSuggestControl(document.getElementById("port"), new StateSuggestions(port_aliases)); //]]> </script> |