diff options
| author | Seth Mos <seth.mos@dds.nl> | 2011-04-28 11:33:48 +0200 |
|---|---|---|
| committer | Seth Mos <seth.mos@dds.nl> | 2011-04-28 11:33:48 +0200 |
| commit | fcdc894353c77f527c209bbb966c71b7ea20dd13 (patch) | |
| tree | 9a92684249810a9f00b659ef877a1f641fa99134 /usr/local | |
| parent | 753bd64dffb8352ea273c1bf1f00aa099ec38634 (diff) | |
| parent | 1dfb77950b9cc50158292b4590f22bd186ab6448 (diff) | |
| download | pfsense-fcdc894353c77f527c209bbb966c71b7ea20dd13.zip pfsense-fcdc894353c77f527c209bbb966c71b7ea20dd13.tar.gz | |
Merge remote branch 'upstream/master'
Conflicts:
etc/inc/pfsense-utils.inc
Diffstat (limited to 'usr/local')
| -rw-r--r-- | usr/local/www/diag_packet_capture.php | 169 | ||||
| -rwxr-xr-x | usr/local/www/head.inc | 4 | ||||
| -rw-r--r-- | usr/local/www/javascript/filter_log.js | 4 | ||||
| -rw-r--r-- | usr/local/www/services_captiveportal_vouchers.php | 9 | ||||
| -rwxr-xr-x | usr/local/www/status_graph.php | 12 | ||||
| -rw-r--r-- | usr/local/www/system_advanced_misc.php | 59 | ||||
| -rw-r--r-- | usr/local/www/system_advanced_sysctl.php | 2 | ||||
| -rw-r--r-- | usr/local/www/system_camanager.php | 2 | ||||
| -rw-r--r-- | usr/local/www/system_certmanager.php | 2 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager.php | 1 | ||||
| -rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 7 |
11 files changed, 177 insertions, 94 deletions
diff --git a/usr/local/www/diag_packet_capture.php b/usr/local/www/diag_packet_capture.php index 684011c..2ffba1d 100644 --- a/usr/local/www/diag_packet_capture.php +++ b/usr/local/www/diag_packet_capture.php @@ -23,7 +23,7 @@ POSSIBILITY OF SUCH DAMAGE. */ -/* +/* pfSense_BUILDER_BINARIES: /bin/ps /usr/bin/grep /usr/sbin/tcpdump pfSense_MODULE: routing */ @@ -52,7 +52,8 @@ if ($_POST) { $packetlength = $_POST['snaplen']; $port = $_POST['port']; $detail = $_POST['detail']; - + $fam = $_POST['fam']; + conf_mount_rw(); if ($_POST['dnsquery']) { @@ -65,10 +66,10 @@ if ($_POST) { if ($_POST['startbtn'] != "" ) { $action = gettext("Start"); - - //delete previous packet capture if it exists - if (file_exists($fp.$fn)) - unlink ($fp.$fn); + + //delete previous packet capture if it exists + if (file_exists($fp.$fn)) + unlink ($fp.$fn); } elseif ($_POST['stopbtn']!= "") { $action = gettext("Stop"); @@ -88,7 +89,7 @@ if ($_POST) { //download file $fs = filesize($fp.$fn); header("Content-Type: application/octet-stream"); - header("Content-Disposition: attachment; filename=$fn"); + header("Content-Disposition: attachment; filename=$fn"); header("Content-Length: $fs"); readfile($fp.$fn); } @@ -100,22 +101,22 @@ include("head.inc"); ?> <body link="#000000" vlink="#0000CC" alink="#0000CC"> <?php -include("fbegin.inc"); +include("fbegin.inc"); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> + <tr> + <td> <form action="diag_packet_capture.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Packet capture");?></td> - </tr> - <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> - <td width="83%" class="vtable"> + </tr> + <tr> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> + <td width="83%" class="vtable"> <select name="interface"> -<?php +<?php $interfaces = get_configured_interface_with_descr(); if (isset($config['ipsec']['enable'])) $interfaces['ipsec'] = "IPsec"; @@ -129,48 +130,59 @@ include("fbegin.inc"); } } foreach ($interfaces as $iface => $ifacename): ?> - <option value="<?=$iface;?>" <?php if ($selectedif == $iface) echo "selected"; ?>> - <?php echo $ifacename;?> - </option> - <?php endforeach;?> - </select> + <option value="<?=$iface;?>" <?php if ($selectedif == $iface) echo "selected"; ?>> + <?php echo $ifacename;?> + </option> + <?php endforeach;?> + </select> <br/><?=gettext("Select the interface on which to capture traffic.");?> - </td> + </td> + </tr> + <tr> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Address Family");?></td> + <td width="83%" class="vtable"> + <select name="fam"> + <option value="">Any</option> + <option value="ip" <?php if ($fam == "ip") echo "selected"; ?>>IPv4 Only</option> + <option value="ip6" <?php if ($fam == "ip6") echo "selected"; ?>>IPv6 Only</option> + </select> + <br/><?=gettext("Select the type of traffic to be captured, either Any, IPv4 only or IPv6 only.");?> + </td> </tr> - <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Host Address");?></td> - <td width="83%" class="vtable"> - <input name="host" type="text" class="formfld host" id="host" size="20" value="<?=htmlspecialchars($host);?>"> - <br/><?=gettext("This value is either the Source or Destination IP address. The packet capture will look for this address in either field.");?> - <br/><?=gettext("This value can be a domain name or IP address.");?> + <tr> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Host Address");?></td> + <td width="83%" class="vtable"> + <input name="host" type="text" class="formfld host" id="host" size="20" value="<?=htmlspecialchars($host);?>"> + <br/><?=gettext("This value is either the Source or Destination IP address or subnet in CIDR notation. The packet capture will look for this address in either field.");?> + <br/><?=gettext("This value can be a domain name or IP address, or subnet in CIDR notation.");?> <br/><?=gettext("If you leave this field blank, all packets on the specified interface will be captured.");?> </td> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Port");?></td> - <td width="83%" class="vtable"> - <input name="port" type="text" class="formfld unknown" id="port" size="5" value="<?=$port;?>"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Port");?></td> + <td width="83%" class="vtable"> + <input name="port" type="text" class="formfld unknown" id="port" size="5" value="<?=$port;?>"> <br/><?=gettext("The port can be either the source or destination port. The packet capture will look for this port in either field.");?> <br/><?=gettext("Leave blank if you do not want to filter by port.");?> </td> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Packet Length");?></td> - <td width="83%" class="vtable"> - <input name="snaplen" type="text" class="formfld unknown" id="snaplen" size="5" value="<?=$snaplen;?>"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Packet Length");?></td> + <td width="83%" class="vtable"> + <input name="snaplen" type="text" class="formfld unknown" id="snaplen" size="5" value="<?=$snaplen;?>"> <br/><?=gettext("The Packet length is the number of bytes of each packet that will be captured. Default value is 0, which will capture the entire frame regardless of its size.");?> </td> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Count");?></td> - <td width="83%" class="vtable"> - <input name="count" type="text" class="formfld unknown" id="count" size="5" value="<?=$count;?>"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Count");?></td> + <td width="83%" class="vtable"> + <input name="count" type="text" class="formfld unknown" id="count" size="5" value="<?=$count;?>"> <br/><?=gettext("This is the number of packets the packet capture will grab. Default value is 100.") . "<br/>" . gettext("Enter 0 (zero) for no count limit.");?> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Level of Detail");?></td> - <td width="83%" class="vtable"> - <select name="detail" type="text" class="formselect" id="detail" size="1"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Level of Detail");?></td> + <td width="83%" class="vtable"> + <select name="detail" type="text" class="formselect" id="detail" size="1"> <option value="-q" <?php if ($detail == "-q") echo "selected"; ?>><?=gettext("Normal");?></option> <option value="-v" <?php if ($detail == "-v") echo "selected"; ?>><?=gettext("Medium");?></option> <option value="-vv" <?php if ($detail == "-vv") echo "selected"; ?>><?=gettext("High");?></option> @@ -181,37 +193,37 @@ include("fbegin.inc"); gettext("This option does not affect the level of detail when downloading the packet capture.");?> </tr> <tr> - <td width="17%" valign="top" class="vncellreq"><?=gettext("Reverse DNS Lookup");?></td> - <td width="83%" class="vtable"> + <td width="17%" valign="top" class="vncellreq"><?=gettext("Reverse DNS Lookup");?></td> + <td width="83%" class="vtable"> <input name="dnsquery" type="checkbox"<?php if($_POST['dnsquery']) echo " CHECKED"; ?>> <br/><?=gettext("This check box will cause the packet capture to perform a reverse DNS lookup associated with all IP addresses.");?> <br/><b><?=gettext("Note");?>: </b><?=gettext("This option can cause delays for large packet captures.");?> </td> </tr> <tr> - <td width="17%" valign="top"> </td> - <td width="83%"> + <td width="17%" valign="top"> </td> + <td width="83%"> <?php - /* check to see if packet capture tcpdump is already running */ + /* check to see if packet capture tcpdump is already running */ $processcheck = (trim(shell_exec("/bin/ps axw -O pid= | /usr/bin/grep tcpdump | /usr/bin/grep {$fn} | /usr/bin/egrep -v '(pflog|grep)'"))); - + if ($processcheck != "") $processisrunning = true; - else + else $processisrunning = false; if (($action == gettext("Stop") or $action == "") and $processisrunning != true) echo "<input type=\"submit\" name=\"startbtn\" value=\"" . gettext("Start") . "\"> "; - else { - echo "<input type=\"submit\" name=\"stopbtn\" value=\"" . gettext("Stop") . "\"> "; - } + else { + echo "<input type=\"submit\" name=\"stopbtn\" value=\"" . gettext("Stop") . "\"> "; + } if (file_exists($fp.$fn) and $processisrunning != true) { echo "<input type=\"submit\" name=\"downloadbtn\" value=\"" . gettext("Download Capture") . "\">"; echo " (" . gettext("The packet capture file was last updated:") . " " . date("F jS, Y g:i:s a.", filemtime($fp.$fn)) . ")"; } ?> - </td> + </td> </tr> <tr> <td valign="top" colspan="2"> @@ -219,36 +231,37 @@ include("fbegin.inc"); echo "<font face='terminal' size='2'>"; if ($processisrunning == true) echo("<strong>" . gettext("Packet Capture is running.") . "</strong><br/>"); - - if ($do_tcpdump) { - - if ($port != "") { - $searchport = "and port ".$port; - if($host <> "") - $searchport = "and port ".$port; - else - $searchport = "port ".$port; - } else { - $searchport = ""; - } - - if ($host != "") { - $searchhost = "host " . $host; + + if ($do_tcpdump) { + $matches = array(); + + if (($fam == "ip6") || ($fam == "ip")) + $matches[] = $fam; + + if ($port != "") + $matches[] = "port ".$port; + + if ($host != "") { + if (is_ipaddr($host)) + $matches[] = "host " . $host; + elseif (is_subnet($host)) + $matches[] = "net " . $host; + } + + if ($count != "0" ) { + $searchcount = "-c " . $count; } else { - $searchhost = ""; - } - if ($count != "0" ) { - $searchcount = "-c " . $count; - } else { - $searchcount = ""; - } + $searchcount = ""; + } $selectedif = convert_friendly_interface_to_real_interface_name($selectedif); - + if ($action == gettext("Start")) { + $matchstr = implode($matches, " and "); echo("<strong>" . gettext("Packet Capture is running.") . "</strong><br/>"); - mwexec_bg ("/usr/sbin/tcpdump -i $selectedif $searchcount -s $packetlength -w $fp$fn $searchhost $searchport"); - } else { + mwexec_bg ("/usr/sbin/tcpdump -i $selectedif $searchcount -s $packetlength -w $fp$fn $matchstr"); + // echo "/usr/sbin/tcpdump -i $selectedif $searchcount -s $packetlength -w $fp$fn $matchstr"; + } else { //action = stop echo("<strong>" . gettext("Packet Capture stopped.") . "<br/><br/>" . gettext("Packets Captured:") . "</strong><br/>"); ?> @@ -273,6 +286,6 @@ include("fbegin.inc"); </tr> </table> -<?php -include("fend.inc"); +<?php +include("fend.inc"); ?> diff --git a/usr/local/www/head.inc b/usr/local/www/head.inc index a24be9e..b76374b 100755 --- a/usr/local/www/head.inc +++ b/usr/local/www/head.inc @@ -7,7 +7,9 @@ * if user has selected a custom template, use it. * otherwise default to pfsense tempalte */ -if($config['theme'] <> "" && (is_dir($g["www_path"].'/themes/'.$config['theme']))) +if (($g["disablethemeselection"] === true) && !empty($g["default_theme"]) && (is_dir($g["www_path"].'/themes/'.$g["default_theme"]))) + $g['theme'] = $g["default_theme"]; +elseif($config['theme'] <> "" && (is_dir($g["www_path"].'/themes/'.$config['theme']))) $g['theme'] = $config['theme']; else $g['theme'] = "pfsense"; diff --git a/usr/local/www/javascript/filter_log.js b/usr/local/www/javascript/filter_log.js index d8cffd4..04a4d11 100644 --- a/usr/local/www/javascript/filter_log.js +++ b/usr/local/www/javascript/filter_log.js @@ -117,4 +117,6 @@ function toggle_pause() { } } /* start local AJAX engine */ -timer = setInterval('fetch_new_rules()', updateDelay); +if (typeof updateDelay != 'undefined') { + timer = setInterval('fetch_new_rules()', updateDelay); +}
\ No newline at end of file diff --git a/usr/local/www/services_captiveportal_vouchers.php b/usr/local/www/services_captiveportal_vouchers.php index d6ffc55..203906a 100644 --- a/usr/local/www/services_captiveportal_vouchers.php +++ b/usr/local/www/services_captiveportal_vouchers.php @@ -167,7 +167,7 @@ if ($_POST) { $pconfig = $_POST; /* input validation */ - if ($_POST['enable']) { + if ($_POST['enable'] == "yes") { if (!$_POST['vouchersyncusername']) { $reqdfields = explode(" ", "charset rollbits ticketbits checksumbits publickey magic saveinterval"); $reqdfieldsn = array(gettext("charset"),gettext("rollbits"),gettext("ticketbits"),gettext("checksumbits"),gettext("publickey"),gettext("magic"),gettext("saveinterval")); @@ -202,8 +202,11 @@ if ($_POST) { } if (!$input_errors) { - $config['voucher']['enable'] = $_POST['enable'] ? true : false; - if (!$_POST['vouchersyncusername']) { + if ($_POST['enable'] == "yes") + $config['voucher']['enable'] = true; + else + unset($config['voucher']['enable']); + if (empty($_POST['vouchersyncusername'])) { $config['voucher']['charset'] = $_POST['charset']; $config['voucher']['rollbits'] = $_POST['rollbits']; $config['voucher']['ticketbits'] = $_POST['ticketbits']; diff --git a/usr/local/www/status_graph.php b/usr/local/www/status_graph.php index 6c00da4..8d65a34 100755 --- a/usr/local/www/status_graph.php +++ b/usr/local/www/status_graph.php @@ -56,7 +56,17 @@ else // Get configured interface list $ifdescrs = get_configured_interface_with_descr(); -$ifdescrs["enc0"] = "IPSEC"; +if (isset($config['ipsec']['enable'])) + $ifdescrs['enc0'] = "IPsec"; +foreach (array('server', 'client') as $mode) { + if (is_array($config['openvpn']["openvpn-{$mode}"])) { + foreach ($config['openvpn']["openvpn-{$mode}"] as $id => $setting) { + if (!isset($setting['disable'])) { + $ifdescrs['ovpn' . substr($mode, 0, 1) . $setting['vpnid']] = gettext("OpenVPN") . " ".$mode.": ".htmlspecialchars($setting['description']); + } + } + } +} if ($_GET['if']) { $curif = $_GET['if']; diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php index 590a955..51857ab 100644 --- a/usr/local/www/system_advanced_misc.php +++ b/usr/local/www/system_advanced_misc.php @@ -50,6 +50,10 @@ require_once("shaper.inc"); require_once("ipsec.inc"); require_once("vpn.inc"); +$pconfig['proxyurl'] = $config['system']['proxyurl']; +$pconfig['proxyport'] = $config['system']['proxyport']; +$pconfig['proxyuser'] = $config['system']['proxyuser']; +$pconfig['proxypass'] = $config['system']['proxypass']; $pconfig['harddiskstandby'] = $config['system']['harddiskstandby']; $pconfig['lb_use_sticky'] = isset($config['system']['lb_use_sticky']); $pconfig['preferoldsa_enable'] = isset($config['ipsec']['preferoldsa']); @@ -77,6 +81,26 @@ if ($_POST) { } else unset($config['system']['harddiskstandby']); + if($_POST['proxyurl'] <> "") + $config['system']['proxyurl'] = $_POST['proxyurl']; + else + unset($config['system']['proxyurl']); + + if($_POST['proxyport'] <> "") + $config['system']['proxyport'] = $_POST['proxyport']; + else + unset($config['system']['proxyport']); + + if($_POST['proxyuser'] <> "") + $config['system']['proxyuser'] = $_POST['proxyuser']; + else + unset($config['system']['proxyuser']); + + if($_POST['proxypass'] <> "") + $config['system']['proxypass'] = $_POST['proxypass']; + else + unset($config['system']['proxypass']); + if($_POST['lb_use_sticky'] == "yes") $config['system']['lb_use_sticky'] = true; else @@ -195,6 +219,41 @@ function maxmss_checked(obj) { <br/> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Proxy support"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Proxy URL"); ?></td> + <td width="78%" class="vtable"> + <input name="proxyurl" id="proxyurl" value="<?php if ($pconfig['proxyurl'] <> "") echo $pconfig['proxyurl']; ?>" class="formfld unknown"> + <br /> + <?=gettext("Proxy url for allowing {$g['product']} to use this proxy to connect outside."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Proxy Port"); ?></td> + <td width="78%" class="vtable"> + <input name="proxyport" id="proxyport" value="<?php if ($pconfig['proxyport'] <> "") echo $pconfig['proxyport']; ?>" class="formfld unknown"> + <br /> + <?=gettext("Proxy url for allowing {$g['product']} to use this proxy port to connect outside. Default is 8080 for http protocol or ssl for 443."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Proxy Username"); ?></td> + <td width="78%" class="vtable"> + <input name="proxyuser" id="proxyuser" value="<?php if ($pconfig['proxyuser'] <> "") echo $pconfig['proxyuser']; ?>" class="formfld unknown"> + <br /> + <?=gettext("Proxy username for allowing {$g['product']} to use this proxy to connect outside"); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Proxy URL"); ?></td> + <td width="78%" class="vtable"> + <input type="password" name="proxypass" id="proxypass" value="<?php if ($pconfig['proxypass'] <> "") echo $pconfig['proxypass']; ?>" class="formfld unknown"> + <br /> + <?=gettext("Proxy password for allowing {$g['product']} to use this proxy to connect outside"); ?> + </td> + </tr> + <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Load Balancing"); ?></td> </tr> <tr> diff --git a/usr/local/www/system_advanced_sysctl.php b/usr/local/www/system_advanced_sysctl.php index d2b796f..469fd96 100644 --- a/usr/local/www/system_advanced_sysctl.php +++ b/usr/local/www/system_advanced_sysctl.php @@ -122,8 +122,6 @@ if ($_POST) { } } -include("head.inc"); - $pgtitle = array(gettext("System"),gettext("Advanced: System Tunables")); include("head.inc"); diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index 3bf1165..7fccb7e 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -153,6 +153,8 @@ if ($_POST) { gettext("Certificate data")); if ($_POST['cert'] && (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))) $input_errors[] = gettext("This certificate does not appear to be valid."); + if ($_POST['key'] && strstr($_POST['key'], "ENCRYPTED")) + $input_errors[] = gettext("Encrypted private keys are not yet supported."); } if ($pconfig['method'] == "internal") { $reqdfields = explode(" ", diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 0113461..9ef6d64 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -770,7 +770,7 @@ function internalca_change() { <td width="78%" class="vtable"> <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['cert']);?></textarea> <br> - <?=gettext("Paste the certificate received from your cerificate authority here.");?></td> + <?=gettext("Paste the certificate received from your certificate authority here.");?></td> </td> </tr> <tr> diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 6b1a81b..cdc4078 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -87,6 +87,7 @@ if (isAllowedPage("system_usermanager")) { $privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name']; unset($a_user[$id]['priv'][$_GET['privid']]); + local_user_set($a_user[$id]); write_config(); $_GET['act'] = "edit"; $savemsg = gettext("Privilege")." {$privdeleted} ". diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index ad58f36..cfe51cf 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -201,13 +201,6 @@ if ($_POST) { else $tls_mode = false; - if (!empty($pconfig['authmode'])) { - foreach ($pconfig['authmode'] as $pauthmode) { - if ($pauthmode != "Local Database" && $pconfig['mode'] == "server_tls_user") - $input_errors[] = gettext("Only 'Local authentication database' is allowed with") . " " . $openvpn_server_modes[$pconfig['mode']]; - } - } - if (empty($pconfig['authmode']) && (($pconfig['mode'] == "server_user") || ($pconfig['mode'] == "server_tls_user"))) $input_errors[] = gettext("You must select a Backend for Authentication if the server mode requires User Auth."); |
