diff options
author | Phil Davis <phil.davis@inf.org> | 2015-05-11 12:28:57 +0545 |
---|---|---|
committer | Phil Davis <phil.davis@inf.org> | 2015-05-11 12:28:57 +0545 |
commit | 760b1df9eefbf8c154aeb58065cc4a43288e1bc5 (patch) | |
tree | 8ac8ae977e2f93ce56a2eb7dd3ef88c070296bd6 /usr/local/www | |
parent | d0c28e66a81bb06183b09514c6d1aa87e9c4deb0 (diff) | |
download | pfsense-760b1df9eefbf8c154aeb58065cc4a43288e1bc5.zip pfsense-760b1df9eefbf8c154aeb58065cc4a43288e1bc5.tar.gz |
Code style Firewall VIP
Diffstat (limited to 'usr/local/www')
-rw-r--r-- | usr/local/www/firewall_virtual_ip.php | 298 | ||||
-rw-r--r-- | usr/local/www/firewall_virtual_ip_edit.php | 607 |
2 files changed, 484 insertions, 421 deletions
diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index 0fe725f..200e9ac 100644 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -65,32 +65,34 @@ if ($_POST) { if ($_POST['apply']) { $check_carp = false; if (file_exists("{$g['tmp_path']}/.firewall_virtual_ip.apply")) { - $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply")); + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply")); foreach ($toapplylist as $vid => $ovip) { - if (!empty($ovip)) + if (!empty($ovip)) { interface_vip_bring_down($ovip); + } if ($a_vip[$vid]) { - switch ($a_vip[$vid]['mode']) { - case "ipalias": - interface_ipalias_configure($a_vip[$vid]); - break; - case "proxyarp": - interface_proxyarp_configure($a_vip[$vid]['interface']); - break; - case "carp": - $check_carp = true; - interface_carp_configure($a_vip[$vid]); - break; - default: - break; + switch ($a_vip[$vid]['mode']) { + case "ipalias": + interface_ipalias_configure($a_vip[$vid]); + break; + case "proxyarp": + interface_proxyarp_configure($a_vip[$vid]['interface']); + break; + case "carp": + $check_carp = true; + interface_carp_configure($a_vip[$vid]); + break; + default: + break; } - } - } + } + } @unlink("{$g['tmp_path']}/.firewall_virtual_ip.apply"); } /* Before changing check #4633 */ - if ($check_carp === true && !get_carp_status()) - set_single_sysctl("net.inet.carp.allow", "1"); + if ($check_carp === true && !get_carp_status()) { + set_single_sysctl("net.inet.carp.allow", "1"); + } $retval = 0; $retval |= filter_configure(); @@ -149,22 +151,27 @@ if ($_GET['act'] == "del") { $subnet .= "/" . $a_vip[$_GET['id']]['subnet_bits']; $if_subnet .= "/" . $if_subnet_bits; - if (is_array($config['gateways']['gateway_item'])) + if (is_array($config['gateways']['gateway_item'])) { foreach($config['gateways']['gateway_item'] as $gateway) { - if ($a_vip[$_GET['id']]['interface'] != $gateway['interface']) + if ($a_vip[$_GET['id']]['interface'] != $gateway['interface']) { continue; - if ($is_ipv6 && $gateway['ipprotocol'] == 'inet') + } + if ($is_ipv6 && $gateway['ipprotocol'] == 'inet') { continue; - if (!$is_ipv6 && $gateway['ipprotocol'] == 'inet6') + } + if (!$is_ipv6 && $gateway['ipprotocol'] == 'inet6') { continue; - if (ip_in_subnet($gateway['gateway'], $if_subnet)) + } + if (ip_in_subnet($gateway['gateway'], $if_subnet)) { continue; + } if (ip_in_subnet($gateway['gateway'], $subnet)) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one Gateway."); break; } } + } if ($a_vip[$_GET['id']]['mode'] == "ipalias") { $subnet = gen_subnet($a_vip[$_GET['id']]['subnet'], $a_vip[$_GET['id']]['subnet_bits']) . "/" . $a_vip[$_GET['id']]['subnet_bits']; @@ -172,34 +179,41 @@ if ($_GET['act'] == "del") { $found_carp = false; $found_other_alias = false; - if ($subnet == $if_subnet) + if ($subnet == $if_subnet) { $found_if = true; - + } + $vipiface = $a_vip[$_GET['id']]['interface']; foreach ($a_vip as $vip_id => $vip) { - if ($vip_id == $_GET['id']) + if ($vip_id == $_GET['id']) { continue; + } - if ($vip['interface'] == $vipiface && ip_in_subnet($vip['subnet'], $subnet)) - if ($vip['mode'] == "carp") + if ($vip['interface'] == $vipiface && ip_in_subnet($vip['subnet'], $subnet)) { + if ($vip['mode'] == "carp") { $found_carp = true; - else if ($vip['mode'] == "ipalias") + } else if ($vip['mode'] == "ipalias") { $found_other_alias = true; + } + } } - if ($found_carp === true && $found_other_alias === false && $found_if === false) + if ($found_carp === true && $found_other_alias === false && $found_if === false) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by a CARP IP with the description") . " {$vip['descr']}."; + } } else if ($a_vip[$_GET['id']]['mode'] == "carp") { $vipiface = "{$a_vip[$_GET['id']]['interface']}_vip{$a_vip[$_GET['id']]['vhid']}"; foreach ($a_vip as $vip) { - if ($vipiface == $vip['interface'] && $vip['mode'] == "ipalias") + if ($vipiface == $vip['interface'] && $vip['mode'] == "ipalias") { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by an IP alias entry with the description") . " {$vip['descr']}."; + } } } - + if (!$input_errors) { - if (!session_id()) + if (!session_id()) { session_start(); + } $user = getUserEntry($_SESSION['Username']); if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) { header("Location: firewall_virtual_ip.php"); @@ -216,15 +230,17 @@ if ($_GET['act'] == "del") { interface_vip_bring_down($a_vip[$_GET['id']]); unset($a_vip[$_GET['id']]); } - if (count($config['virtualip']['vip']) == 0) + if (count($config['virtualip']['vip']) == 0) { unset($config['virtualip']['vip']); + } write_config(); header("Location: firewall_virtual_ip.php"); exit; } } -} else if ($_GET['changes'] == "mods" && is_numericint($_GET['id'])) +} else if ($_GET['changes'] == "mods" && is_numericint($_GET['id'])) { $id = $_GET['id']; +} $pgtitle = array(gettext("Firewall"),gettext("Virtual IP Addresses")); include("head.inc"); @@ -233,113 +249,125 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <form action="firewall_virtual_ip.php" method="post"> -<?php - if ($input_errors) +<?php + if ($input_errors) { print_input_errors($input_errors); - else - if ($savemsg) - print_info_box($savemsg); - else - if (is_subsystem_dirty('vip')) + } else if ($savemsg) { + print_info_box($savemsg); + } else if (is_subsystem_dirty('vip')) { print_info_box_np(gettext("The VIP configuration has been changed.")."<br />".gettext("You must apply the changes in order for them to take effect.")); + } ?> <br /> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="virtual ip"> - <tr><td class="tabnavtbl"> - <?php - /* active tabs */ - $tab_array = array(); - $tab_array[] = array(gettext("Virtual IPs"), true, "firewall_virtual_ip.php"); - $tab_array[] = array(gettext("CARP Settings"), false, "system_hasync.php"); - display_top_tabs($tab_array); - ?> - </td></tr> - <tr> - <td><input type="hidden" id="id" name="id" value="<?php echo htmlspecialchars($id); ?>" /></td> - </tr> - <tr> - <td> - <div id="mainarea"> - <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area"> - <tr> - <td width="30%" class="listhdrr"><?=gettext("Virtual IP address");?></td> - <td width="10%" class="listhdrr"><?=gettext("Interface");?></td> - <td width="10%" class="listhdrr"><?=gettext("Type");?></td> - <td width="40%" class="listhdr"><?=gettext("Description");?></td> - <td width="10%" class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="edit"> - <tr> - <td width="17"></td> - <td valign="middle"><a href="firewall_virtual_ip_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="edit" /></a></td> - </tr> - </table> - </td> - </tr> - <?php - $interfaces = get_configured_interface_with_descr(false, true); - $carplist = get_configured_carp_interface_list(); - foreach ($carplist as $cif => $carpip) - $interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")"; - $interfaces['lo0'] = "Localhost"; - ?> - <?php $i = 0; foreach ($a_vip as $vipent): ?> - <?php if($vipent['subnet'] <> "" or $vipent['range'] <> "" or - $vipent['subnet_bits'] <> "" or (isset($vipent['range']['from']) && $vipent['range']['from'] <> "")): ?> - <tr> - <td class="listlr" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <?php if (($vipent['type'] == "single") || ($vipent['type'] == "network")) - if($vipent['subnet_bits']) + <tr><td class="tabnavtbl"> + <?php + /* active tabs */ + $tab_array = array(); + $tab_array[] = array(gettext("Virtual IPs"), true, "firewall_virtual_ip.php"); + $tab_array[] = array(gettext("CARP Settings"), false, "system_hasync.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td><input type="hidden" id="id" name="id" value="<?php echo htmlspecialchars($id); ?>" /></td> + </tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area"> + <tr> + <td width="30%" class="listhdrr"><?=gettext("Virtual IP address");?></td> + <td width="10%" class="listhdrr"><?=gettext("Interface");?></td> + <td width="10%" class="listhdrr"><?=gettext("Type");?></td> + <td width="40%" class="listhdr"><?=gettext("Description");?></td> + <td width="10%" class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="edit"> + <tr> + <td width="17"></td> + <td valign="middle"><a href="firewall_virtual_ip_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="edit" /></a></td> + </tr> + </table> + </td> + </tr> + <?php + $interfaces = get_configured_interface_with_descr(false, true); + $carplist = get_configured_carp_interface_list(); + foreach ($carplist as $cif => $carpip) { + $interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")"; + } + $interfaces['lo0'] = "Localhost"; + $i = 0; + foreach ($a_vip as $vipent): + if($vipent['subnet'] <> "" or $vipent['range'] <> "" or $vipent['subnet_bits'] <> "" or (isset($vipent['range']['from']) && $vipent['range']['from'] <> "")): + ?> + <tr> + <td class="listlr" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> + <?php + if (($vipent['type'] == "single") || ($vipent['type'] == "network")) { + if($vipent['subnet_bits']) { echo "{$vipent['subnet']}/{$vipent['subnet_bits']}"; - if ($vipent['type'] == "range") + } + } + if ($vipent['type'] == "range") { echo "{$vipent['range']['from']}-{$vipent['range']['to']}"; + } + if($vipent['mode'] == "carp") { + echo " (vhid {$vipent['vhid']})"; + } + ?> + </td> + <td class="listr" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($interfaces[$vipent['interface']]);?> + </td> + <td class="listr" align="center" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> + <?php if($vipent['mode'] == "proxyarp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_parp.gif' title='Proxy ARP' alt='proxy arp' />"; elseif($vipent['mode'] == "carp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_carp.gif' title='CARP' alt='carp' />"; elseif($vipent['mode'] == "other") echo "<img src='./themes/".$g['theme']."/images/icons/icon_other.gif' title='Other' alt='other' />"; elseif($vipent['mode'] == "ipalias") echo "<img src='./themes/".$g['theme']."/images/icons/icon_ifalias.gif' title='IP Alias' alt='ip alias' />";?> + </td> + <td class="listbg" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($vipent['descr']);?> + </td> + <td class="list nowrap"> + <table border="0" cellspacing="0" cellpadding="1" summary="icons"> + <tr> + <td valign="middle"><a href="firewall_virtual_ip_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" alt="edit" /></a></td> + <td valign="middle"><a href="firewall_virtual_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext('Do you really want to delete this entry?');?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" /></a></td> + </tr> + </table> + </td> + </tr> + <?php + endif; + $i++; + endforeach; ?> - <?php if($vipent['mode'] == "carp") echo " (vhid {$vipent['vhid']})"; ?> - </td> - <td class="listr" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($interfaces[$vipent['interface']]);?> - </td> - <td class="listr" align="center" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <?php if($vipent['mode'] == "proxyarp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_parp.gif' title='Proxy ARP' alt='proxy arp' />"; elseif($vipent['mode'] == "carp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_carp.gif' title='CARP' alt='carp' />"; elseif($vipent['mode'] == "other") echo "<img src='./themes/".$g['theme']."/images/icons/icon_other.gif' title='Other' alt='other' />"; elseif($vipent['mode'] == "ipalias") echo "<img src='./themes/".$g['theme']."/images/icons/icon_ifalias.gif' title='IP Alias' alt='ip alias' />";?> - </td> - <td class="listbg" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($vipent['descr']);?> - </td> - <td class="list nowrap"> - <table border="0" cellspacing="0" cellpadding="1" summary="icons"> - <tr> - <td valign="middle"><a href="firewall_virtual_ip_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" alt="edit" /></a></td> - <td valign="middle"><a href="firewall_virtual_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext('Do you really want to delete this entry?');?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" /></a></td> - </tr> - </table> - </td> - </tr> - <?php endif; ?> - <?php $i++; endforeach; ?> - <tfoot> - <tr> - <td class="list" colspan="4"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="edit"> - <tr> - <td width="17"></td> - <td valign="middle"><a href="firewall_virtual_ip_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="edit" /></a></td> - </tr> - </table> - </td> - </tr> - <tr> - <td colspan="5"> - <p><span class="vexpl"><span class="red"><strong><?=gettext("Note:");?><br /> - </strong></span><?=gettext("The virtual IP addresses defined on this page may be used in");?><a href="firewall_nat.php"> <?=gettext("NAT"); ?> </a><?=gettext("mappings.");?><br /> - <?=gettext("You can check the status of your CARP Virtual IPs and interfaces ");?><a href="carp_status.php"><?=gettext("here");?></a>.</span></p> - </td> - </tr> - </tfoot> - </table> - </div><!-- div:mainarea --> - </td></tr> - </table> - </form> + <tfoot> + <tr> + <td class="list" colspan="4"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="edit"> + <tr> + <td width="17"></td> + <td valign="middle"><a href="firewall_virtual_ip_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="edit" /></a></td> + </tr> + </table> + </td> + </tr> + <tr> + <td colspan="5"> + <p> + <span class="vexpl"><span class="red"><strong><?=gettext("Note:");?><br /></strong></span> + <?=gettext("The virtual IP addresses defined on this page may be used in");?><a href="firewall_nat.php"> <?=gettext("NAT"); ?> </a><?=gettext("mappings.");?><br /> + <?=gettext("You can check the status of your CARP Virtual IPs and interfaces ");?><a href="carp_status.php"><?=gettext("here");?></a>.</span> + </p> + </td> + </tr> + </tfoot> + </table> + </div><!-- div:mainarea --> + </td> + </tr> +</table> +</form> <?php include("fend.inc"); ?> </body> </html> diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index 56374c2..174f6ee 100644 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -2,42 +2,42 @@ /* $Id$ */ /* - firewall_virtual_ip_edit.php - part of pfSense (https://www.pfsense.org/) - - Copyright (C) 2013-2015 Electric Sheep Fencing, LP - - Copyright (C) 2005 Bill Marquette <bill.marquette@gmail.com>. - All rights reserved. - - Includes code from m0n0wall which is: - Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - Includes code from pfSense which is: - Copyright (C) 2004-2005 Scott Ullrich <geekgod@pfsense.com>. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + firewall_virtual_ip_edit.php + part of pfSense (https://www.pfsense.org/) + + Copyright (C) 2013-2015 Electric Sheep Fencing, LP + + Copyright (C) 2005 Bill Marquette <bill.marquette@gmail.com>. + All rights reserved. + + Includes code from m0n0wall which is: + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Includes code from pfSense which is: + Copyright (C) 2004-2005 Scott Ullrich <geekgod@pfsense.com>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ /* pfSense_BUILDER_BINARIES: /sbin/ifconfig @@ -58,14 +58,16 @@ require("shaper.inc"); $referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/firewall_virtual_ip.php'); if (!is_array($config['virtualip']['vip'])) { - $config['virtualip']['vip'] = array(); + $config['virtualip']['vip'] = array(); } $a_vip = &$config['virtualip']['vip']; -if (is_numericint($_GET['id'])) +if (is_numericint($_GET['id'])) { $id = $_GET['id']; -if (isset($_POST['id']) && is_numericint($_POST['id'])) +} +if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; +} function return_first_two_octets($ip) { $ip_split = explode(".", $ip); @@ -75,9 +77,10 @@ function return_first_two_octets($ip) { function find_last_used_vhid() { global $config, $g; $vhid = 0; - foreach($config['virtualip']['vip'] as $vip) { - if($vip['vhid'] > $vhid) + foreach ($config['virtualip']['vip'] as $vip) { + if ($vip['vhid'] > $vhid) { $vhid = $vip['vhid']; + } } return $vhid; } @@ -113,33 +116,38 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - if ($_POST['subnet']) + if ($_POST['subnet']) { $_POST['subnet'] = trim($_POST['subnet']); + } if ($_POST['subnet']) { - if (!is_ipaddr($_POST['subnet'])) + if (!is_ipaddr($_POST['subnet'])) { $input_errors[] = gettext("A valid IP address must be specified."); - else { + } else { if (isset($id) && isset($a_vip[$id])) { $ignore_if = $a_vip[$id]['interface']; $ignore_mode = $a_vip[$id]['mode']; - if (isset($a_vip[$id]['vhid'])) + if (isset($a_vip[$id]['vhid'])) { $ignore_vhid = $a_vip[$id]['vhid']; + } } else { $ignore_if = $_POST['interface']; $ignore_mode = $_POST['mode']; } - if (!isset($ignore_vhid)) + if (!isset($ignore_vhid)) { $ignore_vhid = $_POST['vhid']; + } - if ($ignore_mode == 'carp') + if ($ignore_mode == 'carp') { $ignore_if .= "_vip{$ignore_vhid}"; - else + } else { $ignore_if .= "_virtualip{$id}"; + } - if (is_ipaddr_configured($_POST['subnet'], $ignore_if)) + if (is_ipaddr_configured($_POST['subnet'], $ignore_if)) { $input_errors[] = gettext("This IP address is being used by another interface or VIP."); + } unset($ignore_if, $ignore_mode); } @@ -147,8 +155,9 @@ if ($_POST) { $natiflist = get_configured_interface_with_descr(); foreach ($natiflist as $natif => $natdescr) { - if ($_POST['interface'] == $natif && (empty($config['interfaces'][$natif]['ipaddr']) && empty($config['interfaces'][$natif]['ipaddrv6']))) + if ($_POST['interface'] == $natif && (empty($config['interfaces'][$natif]['ipaddr']) && empty($config['interfaces'][$natif]['ipaddrv6']))) { $input_errors[] = gettext("The interface chosen for the VIP has no IPv4 or IPv6 address configured so it cannot be used as a parent for the VIP."); + } } /* ipalias and carp should not use network or broadcast address */ @@ -156,62 +165,67 @@ if ($_POST) { if (is_ipaddrv4($_POST['subnet']) && $_POST['subnet_bits'] != "32") { $network_addr = gen_subnet($_POST['subnet'], $_POST['subnet_bits']); $broadcast_addr = gen_subnet_max($_POST['subnet'], $_POST['subnet_bits']); - } else if (is_ipaddrv6($_POST['subnet']) && $_POST['subnet_bits'] != "128" ) { + } else if (is_ipaddrv6($_POST['subnet']) && $_POST['subnet_bits'] != "128") { $network_addr = gen_subnetv6($_POST['subnet'], $_POST['subnet_bits']); $broadcast_addr = gen_subnetv6_max($_POST['subnet'], $_POST['subnet_bits']); } - if (isset($network_addr) && $_POST['subnet'] == $network_addr) + if (isset($network_addr) && $_POST['subnet'] == $network_addr) { $input_errors[] = gettext("You cannot use the network address for this VIP"); - else if (isset($broadcast_addr) && $_POST['subnet'] == $broadcast_addr) + } else if (isset($broadcast_addr) && $_POST['subnet'] == $broadcast_addr) { $input_errors[] = gettext("You cannot use the broadcast address for this VIP"); + } } /* make sure new ip is within the subnet of a valid ip * on one of our interfaces (wan, lan optX) */ switch ($_POST['mode']) { - case 'carp': - /* verify against reusage of vhids */ - $idtracker = 0; - foreach($config['virtualip']['vip'] as $vip) { - if($vip['vhid'] == $_POST['vhid'] && $vip['interface'] == $_POST['interface'] && $idtracker <> $id) - $input_errors[] = sprintf(gettext("VHID %s is already in use on interface %s. Pick a unique number on this interface."),$_POST['vhid'], convert_friendly_interface_to_friendly_descr($_POST['interface'])); - $idtracker++; - } - if (empty($_POST['password'])) - $input_errors[] = gettext("You must specify a CARP password that is shared between the two VHID members."); - - if ($_POST['interface'] == 'lo0') - $input_errors[] = gettext("For this type of vip localhost is not allowed."); - else if (strpos($_POST['interface'], '_vip')) - $input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs."); - break; - case 'ipalias': - if (strstr($_POST['interface'], "_vip")) { - if (is_ipaddrv4($_POST['subnet'])) { - $parent_ip = get_interface_ip($_POST['interface']); - $parent_sn = get_interface_subnet($_POST['interface']); - $subnet = gen_subnet($parent_ip, $parent_sn); - } else if (is_ipaddrv6($_POST['subnet'])) { - $parent_ip = get_interface_ipv6($_POST['interface']); - $parent_sn = get_interface_subnetv6($_POST['interface']); - $subnet = gen_subnetv6($parent_ip, $parent_sn); + case 'carp': + /* verify against reusage of vhids */ + $idtracker = 0; + foreach ($config['virtualip']['vip'] as $vip) { + if ($vip['vhid'] == $_POST['vhid'] && $vip['interface'] == $_POST['interface'] && $idtracker <> $id) { + $input_errors[] = sprintf(gettext("VHID %s is already in use on interface %s. Pick a unique number on this interface."),$_POST['vhid'], convert_friendly_interface_to_friendly_descr($_POST['interface'])); + } + $idtracker++; } - if (isset($parent_ip) && !ip_in_subnet($_POST['subnet'], "{$subnet}/{$parent_sn}") && - !ip_in_interface_alias_subnet(link_carp_interface_to_parent($_POST['interface']), $_POST['subnet'])) { - $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; - $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); + if (empty($_POST['password'])) { + $input_errors[] = gettext("You must specify a CARP password that is shared between the two VHID members."); } - unset($parent_ip, $parent_sn, $subnet); - } - break; - default: - if ($_POST['interface'] == 'lo0') - $input_errors[] = gettext("For this type of vip localhost is not allowed."); - else if (strpos($_POST['interface'], '_vip')) - $input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs."); - break; + + if ($_POST['interface'] == 'lo0') { + $input_errors[] = gettext("For this type of vip localhost is not allowed."); + } else if (strpos($_POST['interface'], '_vip')) { + $input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs."); + } + break; + case 'ipalias': + if (strstr($_POST['interface'], "_vip")) { + if (is_ipaddrv4($_POST['subnet'])) { + $parent_ip = get_interface_ip($_POST['interface']); + $parent_sn = get_interface_subnet($_POST['interface']); + $subnet = gen_subnet($parent_ip, $parent_sn); + } else if (is_ipaddrv6($_POST['subnet'])) { + $parent_ip = get_interface_ipv6($_POST['interface']); + $parent_sn = get_interface_subnetv6($_POST['interface']); + $subnet = gen_subnetv6($parent_ip, $parent_sn); + } + if (isset($parent_ip) && !ip_in_subnet($_POST['subnet'], "{$subnet}/{$parent_sn}") && + !ip_in_interface_alias_subnet(link_carp_interface_to_parent($_POST['interface']), $_POST['subnet'])) { + $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; + $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); + } + unset($parent_ip, $parent_sn, $subnet); + } + break; + default: + if ($_POST['interface'] == 'lo0') { + $input_errors[] = gettext("For this type of vip localhost is not allowed."); + } else if (strpos($_POST['interface'], '_vip')) { + $input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs."); + } + break; } if (!$input_errors) { @@ -241,10 +255,11 @@ if ($_POST) { /* Common fields */ $vipent['descr'] = $_POST['descr']; - if (isset($_POST['type'])) + if (isset($_POST['type'])) { $vipent['type'] = $_POST['type']; - else + } else { $vipent['type'] = "single"; + } if ($vipent['type'] == "single" || $vipent['type'] == "network") { if (!isset($_POST['subnet_bits'])) { @@ -255,19 +270,22 @@ if ($_POST) { $vipent['subnet'] = $_POST['subnet']; } - if (!isset($id)) + if (!isset($id)) { $id = count($a_vip); - if (file_exists("{$g['tmp_path']}/.firewall_virtual_ip.apply")) + } + if (file_exists("{$g['tmp_path']}/.firewall_virtual_ip.apply")) { $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply")); - else + } else { $toapplylist = array(); + } $toapplylist[$id] = $a_vip[$id]; if (!empty($a_vip[$id])) { /* modify all virtual IP rules with this address */ for ($i = 0; isset($config['nat']['rule'][$i]); $i++) { - if ($config['nat']['rule'][$i]['destination']['address'] == $a_vip[$id]['subnet']) + if ($config['nat']['rule'][$i]['destination']['address'] == $a_vip[$id]['subnet']) { $config['nat']['rule'][$i]['destination']['address'] = $vipent['subnet']; + } } } $a_vip[$id] = $vipent; @@ -291,38 +309,40 @@ include("head.inc"); <?php include("fbegin.inc"); ?> <script type="text/javascript"> //<![CDATA[ -function get_radio_value(obj) -{ - for (i = 0; i < obj.length; i++) { - if (obj[i].checked) - return obj[i].value; - } - return null; +function get_radio_value(obj) { + for (i = 0; i < obj.length; i++) { + if (obj[i].checked) { + return obj[i].value; + } + } + return null; } -function set_note(noteMessage){ +function set_note(noteMessage) { var note = document.getElementById("typenote"); - if (note.firstChild != null) + if (note.firstChild != null) { note.removeChild(note.firstChild); - if (noteMessage) + } + if (noteMessage) { note.appendChild(noteMessage); + } } function enable_change() { var carpnote = document.createTextNode("<?=gettext("This must be the network's subnet mask. It does not specify a CIDR range.");?>"); var proxyarpnote = document.createTextNode("<?=gettext("This is a CIDR block of proxy ARP addresses.");?>"); var ipaliasnote = document.createTextNode("<?=gettext("This must be the network's subnet mask. It does not specify a CIDR range.");?>"); - + $mode = get_radio_value(document.iform.mode); - + document.iform.password.disabled = $mode != "carp"; document.iform.vhid.disabled = $mode != "carp"; document.iform.advskew.disabled = $mode != "carp"; document.iform.advbase.disabled = $mode != "carp"; document.iform.type.disabled = $mode in {"carp":1,"ipalias":1}; - - if ($mode in {"carp":1,"ipalias":1}) + + if ($mode in {"carp":1,"ipalias":1}) { document.iform.type.selectedIndex = 0;// single-adress - switch($mode) - { + } + switch ($mode) { case "carp" : set_note(carpnote); break; case "ipalias" : set_note(ipaliasnote); break; case "proxyarp": set_note(proxyarpnote); break; @@ -333,194 +353,209 @@ function enable_change() { function typesel_change() { switch (document.iform.type.selectedIndex) { - case 0: // single - document.iform.subnet.disabled = 0; - document.iform.subnet_bits.disabled = (get_radio_value(document.iform.mode) == "proxyarp") || (get_radio_value(document.iform.mode) == "other"); - document.iform.noexpand.disabled = 1; - jQuery('#noexpandrow').css('display','none'); - break; - case 1: // network - document.iform.subnet.disabled = 0; - document.iform.subnet_bits.disabled = 0; - document.iform.noexpand.disabled = 0; - jQuery('#noexpandrow').css('display',''); - //document.iform.range_from.disabled = 1; - //document.iform.range_to.disabled = 1; - break; - case 2: // range - document.iform.subnet.disabled = 1; - document.iform.subnet_bits.disabled = 1; - document.iform.noexpand.disabled = 1; - jQuery('#noexpandrow').css('display','none'); - //document.iform.range_from.disabled = 0; - //document.iform.range_to.disabled = 0; - break; - case 3: // IP alias - document.iform.subnet.disabled = 1; - document.iform.subnet_bits.disabled = 0; - document.iform.noexpand.disabled = 1; - jQuery('#noexpandrow').css('display','none'); - //document.iform.range_from.disabled = 0; - //document.iform.range_to.disabled = 0; - break; + case 0: // single + document.iform.subnet.disabled = 0; + document.iform.subnet_bits.disabled = (get_radio_value(document.iform.mode) == "proxyarp") || (get_radio_value(document.iform.mode) == "other"); + document.iform.noexpand.disabled = 1; + jQuery('#noexpandrow').css('display','none'); + break; + case 1: // network + document.iform.subnet.disabled = 0; + document.iform.subnet_bits.disabled = 0; + document.iform.noexpand.disabled = 0; + jQuery('#noexpandrow').css('display',''); + //document.iform.range_from.disabled = 1; + //document.iform.range_to.disabled = 1; + break; + case 2: // range + document.iform.subnet.disabled = 1; + document.iform.subnet_bits.disabled = 1; + document.iform.noexpand.disabled = 1; + jQuery('#noexpandrow').css('display','none'); + //document.iform.range_from.disabled = 0; + //document.iform.range_to.disabled = 0; + break; + case 3: // IP alias + document.iform.subnet.disabled = 1; + document.iform.subnet_bits.disabled = 0; + document.iform.noexpand.disabled = 1; + jQuery('#noexpandrow').css('display','none'); + //document.iform.range_from.disabled = 0; + //document.iform.range_to.disabled = 0; + break; } } //]]> </script> <?php if ($input_errors) print_input_errors($input_errors); ?> - <form action="firewall_virtual_ip_edit.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="virtual IP edit"> - <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Virtual IP");?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Type");?></td> - <td width="78%" class="vtable"> - <input name="mode" type="radio" onclick="enable_change()" value="ipalias" - <?php if ($pconfig['mode'] == "ipalias") echo "checked=\"checked\"";?> /> <?=gettext("IP Alias");?> - <input name="mode" type="radio" onclick="enable_change()" value="carp" - <?php if ($pconfig['mode'] == "carp") echo "checked=\"checked\"";?> /> <?=gettext("CARP"); ?> - <input name="mode" type="radio" onclick="enable_change()" value="proxyarp" - <?php if ($pconfig['mode'] == "proxyarp") echo "checked=\"checked\"";?> /> <?=gettext("Proxy ARP"); ?> - <input name="mode" type="radio" onclick="enable_change()" value="other" - <?php if ($pconfig['mode'] == "other") echo "checked=\"checked\"";?> /> <?=gettext("Other");?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> - <td width="78%" class="vtable"> - <select name="interface" class="formselect"> - <?php +<form action="firewall_virtual_ip_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="virtual IP edit"> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Virtual IP");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Type");?></td> + <td width="78%" class="vtable"> + <input name="mode" type="radio" onclick="enable_change()" value="ipalias" + <?php if ($pconfig['mode'] == "ipalias") echo "checked=\"checked\"";?> /> <?=gettext("IP Alias");?> + <input name="mode" type="radio" onclick="enable_change()" value="carp" + <?php if ($pconfig['mode'] == "carp") echo "checked=\"checked\"";?> /> <?=gettext("CARP"); ?> + <input name="mode" type="radio" onclick="enable_change()" value="proxyarp" + <?php if ($pconfig['mode'] == "proxyarp") echo "checked=\"checked\"";?> /> <?=gettext("Proxy ARP"); ?> + <input name="mode" type="radio" onclick="enable_change()" value="other" + <?php if ($pconfig['mode'] == "other") echo "checked=\"checked\"";?> /> <?=gettext("Other");?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> + <td width="78%" class="vtable"> + <select name="interface" class="formselect"> + <?php $interfaces = get_configured_interface_with_descr(false, true); $carplist = get_configured_carp_interface_list(); - foreach ($carplist as $cif => $carpip) + foreach ($carplist as $cif => $carpip) { $interfaces[$cif] = $carpip . ' (' . get_vip_descr($carpip) . ')'; + } $interfaces['lo0'] = 'Localhost'; foreach ($interfaces as $iface => $ifacename): ?> <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected=\"selected\""; ?>> - <?=htmlspecialchars($ifacename);?> + <?=htmlspecialchars($ifacename);?> </option> - <?php endforeach; ?> - </select> - </td> - </tr> - <tr> - <td valign="top" class="vncellreq"><?=gettext("IP Address(es)");?></td> - <td class="vtable"> - <table border="0" cellspacing="0" cellpadding="0" summary="ip addresses"> - <tr> - <td><?=gettext("Type:");?> </td> - <td><select name="type" class="formselect" onchange="typesel_change()"> - <option value="single" <?php if ((!$pconfig['range'] && $pconfig['subnet_bits'] == 32) || (!isset($pconfig['subnet']))) echo "selected=\"selected\""; ?>> - <?=gettext("Single address");?></option> - <option value="network" <?php if (!$pconfig['range'] && $pconfig['subnet_bits'] != 32 && isset($pconfig['subnet'])) echo "selected=\"selected\""; ?>> - <?=gettext("Network");?></option> - <!-- XXX: Billm, don't let anyone choose this until NAT configuration screens are ready for it <option value="range" <?php if ($pconfig['range']) echo "selected=\"selected\""; ?>> - Range</option> --> - </select></td> - </tr> - <tr> - <td><?=gettext("Address:");?> </td> - <td><input name="subnet" type="text" class="formfld unknown ipv4v6" id="subnet" size="28" value="<?=htmlspecialchars($pconfig['subnet']);?>" /> - /<select name="subnet_bits" class="formselect ipv4v6" id="select"> - <?php for ($i = 128; $i >= 1; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['subnet_bits']) echo "selected=\"selected\""; ?>> - <?=$i;?> - </option> - <?php endfor; ?> - </select> <i id="typenote"></i> - </td> - </tr> - <tr id="noexpandrow"> - <td><?=gettext("Expansion:");?> </td> - <td><input name="noexpand" type="checkbox" class="formfld unknown" id="noexpand" <?php echo (isset($pconfig['noexpand'])) ? "checked=\"checked\"" : "" ; ?> /> - Disable expansion of this entry into IPs on NAT lists (e.g. 192.168.1.0/24 expands to 256 entries.) - </td> - </tr> - <?php - /* - <tr> - <td>Range: </td> - <td><input name="range_from" type="text" class="formfld unknown" id="range_from" size="28" value="<?=htmlspecialchars($pconfig['range']['from']);?>" /> + <?php + endforeach; + ?> + </select> + </td> + </tr> + <tr> + <td valign="top" class="vncellreq"><?=gettext("IP Address(es)");?></td> + <td class="vtable"> + <table border="0" cellspacing="0" cellpadding="0" summary="ip addresses"> + <tr> + <td><?=gettext("Type:");?> </td> + <td> + <select name="type" class="formselect" onchange="typesel_change()"> + <option value="single" <?php if ((!$pconfig['range'] && $pconfig['subnet_bits'] == 32) || (!isset($pconfig['subnet']))) echo "selected=\"selected\""; ?>> + <?=gettext("Single address");?> + </option> + <option value="network" <?php if (!$pconfig['range'] && $pconfig['subnet_bits'] != 32 && isset($pconfig['subnet'])) echo "selected=\"selected\""; ?>> + <?=gettext("Network");?> + </option> + <!-- XXX: Billm, don't let anyone choose this until NAT configuration screens are ready for it <option value="range" <?php if ($pconfig['range']) echo "selected=\"selected\""; ?>> + Range</option> --> + </select> + </td> + </tr> + <tr> + <td><?=gettext("Address:");?> </td> + <td> + <input name="subnet" type="text" class="formfld unknown ipv4v6" id="subnet" size="28" value="<?=htmlspecialchars($pconfig['subnet']);?>" /> + / + <select name="subnet_bits" class="formselect ipv4v6" id="select"> + <?php for ($i = 128; $i >= 1; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['subnet_bits']) echo "selected=\"selected\""; ?>> + <?=$i;?> + </option> + <?php endfor; ?> + </select> + <i id="typenote"></i> + </td> + </tr> + <tr id="noexpandrow"> + <td><?=gettext("Expansion:");?> </td> + <td> + <input name="noexpand" type="checkbox" class="formfld unknown" id="noexpand" <?php echo (isset($pconfig['noexpand'])) ? "checked=\"checked\"" : "" ; ?> /> + Disable expansion of this entry into IPs on NAT lists (e.g. 192.168.1.0/24 expands to 256 entries.) + </td> + </tr> + <?php + /* + <tr> + <td>Range: </td> + <td><input name="range_from" type="text" class="formfld unknown" id="range_from" size="28" value="<?=htmlspecialchars($pconfig['range']['from']);?>" /> - - <input name="range_to" type="text" class="formfld unknown" id="range_to" size="28" value="<?=htmlspecialchars($pconfig['range']['to']);?>" /> - </td> - </tr> - */ - ?> - </table> - </td> - </tr> - <tr valign="top"> - <td width="22%" class="vncellreq"><?=gettext("Virtual IP Password");?></td> - <td class="vtable"><input type='password' name='password' value="<?=htmlspecialchars($pconfig['password']);?>" /> - <br /><?=gettext("Enter the VHID group password.");?> - </td> - </tr> - <tr valign="top"> - <td width="22%" class="vncellreq"><?=gettext("VHID Group");?></td> - <td class="vtable"><select id='vhid' name='vhid'> - <?php for ($i = 1; $i <= 255; $i++): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['vhid']) echo "selected=\"selected\""; ?>> - <?=$i;?> - </option> - <?php endfor; ?> - </select> - <br /><?=gettext("Enter the VHID group that the machines will share");?> - </td> - </tr> - <tr valign="top"> - <td width="22%" class="vncellreq"><?=gettext("Advertising Frequency");?></td> - <td class="vtable"> - Base: <select id='advbase' name='advbase'> - <?php for ($i = 1; $i <= 254; $i++): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['advbase']) echo "selected=\"selected\""; ?>> - <?=$i;?> - </option> - <?php endfor; ?> - </select> - Skew: <select id='advskew' name='advskew'> - <?php for ($i = 0; $i <= 254; $i++): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['advskew']) echo "selected=\"selected\""; ?>> - <?=$i;?> - </option> - <?php endfor; ?> - </select> + <input name="range_to" type="text" class="formfld unknown" id="range_to" size="28" value="<?=htmlspecialchars($pconfig['range']['to']);?>" /> + </td> + </tr> + */ +?> + </table> + </td> + </tr> + <tr valign="top"> + <td width="22%" class="vncellreq"><?=gettext("Virtual IP Password");?></td> + <td class="vtable"><input type='password' name='password' value="<?=htmlspecialchars($pconfig['password']);?>" /> + <br /><?=gettext("Enter the VHID group password.");?> + </td> + </tr> + <tr valign="top"> + <td width="22%" class="vncellreq"><?=gettext("VHID Group");?></td> + <td class="vtable"> + <select id='vhid' name='vhid'> + <?php for ($i = 1; $i <= 255; $i++): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['vhid']) echo "selected=\"selected\""; ?>> + <?=$i;?> + </option> + <?php endfor; ?> + </select> + <br /><?=gettext("Enter the VHID group that the machines will share");?> + </td> + </tr> + <tr valign="top"> + <td width="22%" class="vncellreq"><?=gettext("Advertising Frequency");?></td> + <td class="vtable"> + Base: + <select id='advbase' name='advbase'> + <?php for ($i = 1; $i <= 254; $i++): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['advbase']) echo "selected=\"selected\""; ?>> + <?=$i;?> + </option> + <?php endfor; ?> + </select> + Skew: + <select id='advskew' name='advskew'> + <?php for ($i = 0; $i <= 254; $i++): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['advskew']) echo "selected=\"selected\""; ?>> + <?=$i;?> + </option> + <?php endfor; ?> + </select> <br /><br /> <?=gettext("The frequency that this machine will advertise. 0 means usually master. Otherwise the lowest combination of both values in the cluster determines the master.");?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> - <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> - <br /> <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed).");?></span></td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> - <input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=$referer;?>'" /> - <?php if (isset($id) && $a_vip[$id]): ?> - <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> - <?php endif; ?> - <input name="uniqid" type="hidden" value="<?=$pconfig['uniqid'];?>" /> - </td> - </tr> - <tr> - <td colspan="4"> - <span class="vexpl"> - <span class="red"> - <b><?=gettext("Note:");?><br /></b> - </span> - <?=gettext("Proxy ARP and Other type Virtual IPs cannot be bound to by anything running on the firewall, such as IPsec, OpenVPN, etc. Use a CARP or IP Alias type address for these cases.");?> - <br /><br /> <?=gettext("For more information on CARP and the above values, visit the OpenBSD ");?><a href='http://www.openbsd.org/faq/pf/carp.html'> <?=gettext("CARP FAQ"); ?></a>. - </span> - </td> - </tr> - - </table> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> + <br /> + <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed).");?></span> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> + <input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=$referer;?>'" /> + <?php if (isset($id) && $a_vip[$id]): ?> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> + <?php endif; ?> + <input name="uniqid" type="hidden" value="<?=$pconfig['uniqid'];?>" /> + </td> + </tr> + <tr> + <td colspan="4"> + <span class="vexpl"> + <span class="red"> + <b><?=gettext("Note:");?><br /></b> + </span> + <?=gettext("Proxy ARP and Other type Virtual IPs cannot be bound to by anything running on the firewall, such as IPsec, OpenVPN, etc. Use a CARP or IP Alias type address for these cases.");?> + <br /><br /> <?=gettext("For more information on CARP and the above values, visit the OpenBSD ");?><a href='http://www.openbsd.org/faq/pf/carp.html'> <?=gettext("CARP FAQ"); ?></a>. + </span> + </td> + </tr> + </table> </form> <script type="text/javascript"> //<![CDATA[ |