diff options
| author | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-03-25 08:59:29 -0300 |
|---|---|---|
| committer | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-03-25 08:59:29 -0300 |
| commit | 152ab4d0c036889d5d983cef0f612c2dcf211e7b (patch) | |
| tree | 2120aa2834d2b0218a8bede4629aaac4acfbd5ec /usr/local | |
| parent | 54bdff758f68e2e1b1ebd42b8b0b629b68ed1a3d (diff) | |
| parent | d93ee937f2305f06148d972be92224a2a52ba9e5 (diff) | |
| download | pfsense-152ab4d0c036889d5d983cef0f612c2dcf211e7b.zip pfsense-152ab4d0c036889d5d983cef0f612c2dcf211e7b.tar.gz | |
Merge remote-tracking branch 'mainline/master' into inc
Conflicts:
etc/inc/interfaces.inc
etc/inc/priv.defs.inc
etc/inc/shaper.inc
etc/inc/system.inc
Diffstat (limited to 'usr/local')
| -rwxr-xr-x | usr/local/www/carp_status.php | 2 | ||||
| -rwxr-xr-x | usr/local/www/diag_logs_ipsec.php | 18 | ||||
| -rwxr-xr-x | usr/local/www/firewall_aliases_edit.php | 2 | ||||
| -rw-r--r-- | usr/local/www/firewall_shaper_vinterface.php | 2 | ||||
| -rwxr-xr-x | usr/local/www/interfaces.php | 39 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal.php | 2 | ||||
| -rwxr-xr-x | usr/local/www/status_interfaces.php | 15 | ||||
| -rw-r--r-- | usr/local/www/status_rrd_graph_img.php | 24 | ||||
| -rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 23 | ||||
| -rwxr-xr-x | usr/local/www/vpn_pptp.php | 2 |
10 files changed, 116 insertions, 13 deletions
diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php index 187736b..12b8be9 100755 --- a/usr/local/www/carp_status.php +++ b/usr/local/www/carp_status.php @@ -68,7 +68,7 @@ if($_POST['disablecarp'] <> "") { } } } - $savemsg = sprintf(gettext("%s IPs have been disabled."), $carp_counter); + $savemsg = sprintf(gettext("%s IPs have been disabled. Please note that disabling does not survive a reboot."), $carp_counter); } else { $savemsg = gettext("CARP has been enabled."); mwexec("/sbin/sysctl net.inet.carp.allow=1"); diff --git a/usr/local/www/diag_logs_ipsec.php b/usr/local/www/diag_logs_ipsec.php index 560cd1a..87e1e50 100755 --- a/usr/local/www/diag_logs_ipsec.php +++ b/usr/local/www/diag_logs_ipsec.php @@ -56,16 +56,30 @@ if(is_array($config['ipsec']['phase1'])) $gateway = ipsec_get_phase1_dst($ph1ent); if(!is_ipaddr($gateway)) continue; - $search[] = "/(racoon: )([A-Z:].*?)({$gateway}\[[0-9].+\]|{$gateway})(.*)/i"; + $search[] = "/(racoon: )(INFO[:].*?)({$gateway}\[[0-9].+\]|{$gateway})(.*)/i"; + $search[] = "/(racoon: )(\[{$gateway}\]|{$gateway})(.*)/i"; + $replace[] = "$1<strong>[{$ph1ent['descr']}]</strong>: $2$3$4"; $replace[] = "$1<strong>[{$ph1ent['descr']}]</strong>: $2$3$4"; } /* collect all our own ip addresses */ exec("/sbin/ifconfig | /usr/bin/awk '/inet / {print $2}'", $ip_address_list); foreach($ip_address_list as $address) { - $search[] = "/(racoon: )([A-Z:].*?)({$address}\[[0-9].+\])(.*isakmp.*)/i"; + $search[] = "/(racoon: )(INFO[:].*?)({$address}\[[0-9].+\])/i"; + $search[] = "/(racoon: )(\[{$address}\]|{$address})(.*)/i"; + $replace[] = "$1<strong>[Self]</strong>: $2$3$4"; $replace[] = "$1<strong>[Self]</strong>: $2$3$4"; } +$search[] = "/(time up waiting for phase1)/i"; +$search[] = "/(failed to pre-process ph1 packet)/i"; +$search[] = "/(failed to pre-process ph2 packet)/i"; +$search[] = "/(no proposal chosen)/i"; +$replace[] = "$1 <strong>[Remote Side not responding]</strong>"; +$replace[] = "$1 <strong>[Check Phase 1 settings, lifetime, algorithm]</strong>"; +$replace[] = "$1 <strong>[Check Phase 2 settings, networks]</strong>"; +$replace[] = "$1 <strong>[Check Phase 2 settings, algorithm]</strong>"; + + $nentries = $config['syslog']['nentries']; if (!$nentries) $nentries = 50; diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index 33d124e..ce730e1 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -46,7 +46,7 @@ // Keywords not allowed in names -$reserved_keywords = array("pass", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec"); +$reserved_keywords = array("all", "pass", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec"); require("guiconfig.inc"); require_once("functions.inc"); diff --git a/usr/local/www/firewall_shaper_vinterface.php b/usr/local/www/firewall_shaper_vinterface.php index 5222771..fae5429 100644 --- a/usr/local/www/firewall_shaper_vinterface.php +++ b/usr/local/www/firewall_shaper_vinterface.php @@ -72,7 +72,7 @@ if ($_POST) { if ($_POST['name']) $qname = htmlspecialchars(trim($_POST['name'])); else if ($_POST['newname']) - $qname = htmlspecialchars(trim($_POST['name'])); + $qname = htmlspecialchars(trim($_POST['newname'])); if ($_POST['pipe']) $pipe = htmlspecialchars(trim($_POST['pipe'])); else diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index d1fa6f7..2469631 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -159,7 +159,7 @@ if ($wancfg['if'] == $a_ppps[$pppid]['if']) { } }// End force pppoe reset at specific time }// End if type == pppoe - else if ($a_ppps[$pppid]['type'] == "pptp"){ + else if ($a_ppps[$pppid]['type'] == "pptp" || $a_ppps[$pppid]['type'] == "l2tp"){ $pconfig['pptp_username'] = $a_ppps[$pppid]['username']; $pconfig['pptp_password'] = base64_decode($a_ppps[$pppid]['password']); $pconfig['pptp_local'] = explode(",",$a_ppps[$pppid]['localip']); @@ -175,6 +175,7 @@ if ($wancfg['if'] == $a_ppps[$pppid]['if']) { $pconfig['dhcphostname'] = $wancfg['dhcphostname']; $pconfig['alias-address'] = $wancfg['alias-address']; $pconfig['alias-subnet'] = $wancfg['alias-subnet']; +$pconfig['dhcp_plus'] = isset($wancfg['dhcp_plus']); $pconfig['descr'] = remove_bad_chars($wancfg['descr']); $pconfig['enable'] = isset($wancfg['enable']); @@ -196,6 +197,7 @@ switch($wancfg['ipaddr']) { break; case "pppoe": case "pptp": + case "l2tp": case "ppp": $pconfig['type'] = $wancfg['ipaddr']; break; @@ -415,6 +417,16 @@ if ($_POST['apply']) { } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); break; + case "l2tp": + if ($_POST['pptp_dialondemand']) { + $reqdfields = explode(" ", "pptp_username pptp_password pptp_remote pptp_dialondemand pptp_idletimeout"); + $reqdfieldsn = array(gettext("L2TP username"),gettext("L2TP password"),gettext("L2TP remote IP address"),gettext("Dial on demand"),gettext("Idle timeout value")); + } else { + $reqdfields = explode(" ", "pptp_username pptp_password pptp_remote"); + $reqdfieldsn = array(gettext("L2TP username"),gettext("L2TP password"),gettext("L2TP remote IP address")); + } + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + break; } /* normalize MAC addresses - lowercase and convert Windows-ized hyphenated MACs to colon delimited */ @@ -454,7 +466,7 @@ if ($_POST['apply']) { $input_errors[] = gettext("A valid PPTP local IP address must be specified."); if (($_POST['pptp_subnet'] && !is_numeric($_POST['pptp_subnet']))) $input_errors[] = gettext("A valid PPTP subnet bit count must be specified."); - if (($_POST['pptp_remote'] && !is_ipaddr($_POST['pptp_remote']))) + if (($_POST['pptp_remote'] && !is_ipaddr($_POST['pptp_remote']) && !is_hostname($_POST['gateway'][$iface]))) $input_errors[] = gettext("A valid PPTP remote IP address must be specified."); if (($_POST['pptp_idletimeout'] != "") && !is_numericint($_POST['pptp_idletimeout'])) $input_errors[] = gettext("The idle timeout value must be an integer."); @@ -588,6 +600,7 @@ if ($_POST['apply']) { $wancfg['dhcphostname'] = $_POST['dhcphostname']; $wancfg['alias-address'] = $_POST['alias-address']; $wancfg['alias-subnet'] = $_POST['alias-subnet']; + $wancfg['dhcp_plus'] = $_POST['dhcp_plus'] == "yes" ? true : false; if($gateway_item) { $a_gateways[] = $gateway_item; } @@ -648,6 +661,7 @@ if ($_POST['apply']) { break; case "pptp": + case "l2tp": $a_ppps[$pppid]['ptpid'] = $_POST['ptpid']; $a_ppps[$pppid]['type'] = $_POST['type']; $a_ppps[$pppid]['if'] = $_POST['type'].$_POST['ptpid']; @@ -888,7 +902,7 @@ $statusurl = "status_interfaces.php"; $closehead = false; include("head.inc"); -$types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" => gettext("DHCP"), "ppp" => gettext("PPP"), "pppoe" => gettext("PPPoE"), "pptp" => gettext("PPTP") /* , "carpdev-dhcp" => "CarpDev"*/); +$types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" => gettext("DHCP"), "ppp" => gettext("PPP"), "pppoe" => gettext("PPPoE"), "pptp" => gettext("PPTP"), "l2tp" => gettext("L2TP") /* , "carpdev-dhcp" => "CarpDev"*/); ?> @@ -921,12 +935,15 @@ $types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" $('none','static','dhcp','pptp', 'ppp').invoke('hide'); break; } + case "l2tp": case "pptp": { $('none','static','dhcp','pppoe', 'ppp').invoke('hide'); + $('pptp').show(); break; } } - $(t).show(); + if (t != "l2tp" && t != "pptp") + $(t).show(); } function show_allcfg(obj) { @@ -1250,6 +1267,17 @@ $types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("DHCP client configuration"); ?></td> </tr> + <!-- Uncomment to expose DHCP+ in GUI + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Enable DHCP+"); ?></td> + <td width="78%" class="vtable"> + <input name="dhcp_plus" type="checkbox" value="yes" <?php if ($pconfig['dhcp_plus'] == true) echo "checked"; ?> > + <strong><?=gettext("Enable DHCP+L2TP or DHCP+PPTP."); ?></strong> + <br/> + <?=gettext("Status changes on this interface will trigger reconfiguration (if necessary) of the associated PPTP/L2TP link."); ?> + </td> + </tr> + --> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Hostname"); ?></td> <td width="78%" class="vtable"> @@ -1279,6 +1307,7 @@ $types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" "DHCP client."); ?> </td> </tr> + </table> </td> </tr> @@ -1489,7 +1518,7 @@ $types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" <td colspan="2" style="padding:0px;"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("PPTP configuration"); ?></td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("PPTP/L2TP configuration"); ?></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Username"); ?></td> diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index faaeb37..24595da 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -614,7 +614,7 @@ value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td> } ?> </select><br/> - <?=gettext("Choose the ip to use for calling station attribute."); ?> + <?=gettext("Choose the IP to use for calling station attribute."); ?> </td> </tr> diff --git a/usr/local/www/status_interfaces.php b/usr/local/www/status_interfaces.php index d6fdced..266d36b 100755 --- a/usr/local/www/status_interfaces.php +++ b/usr/local/www/status_interfaces.php @@ -132,6 +132,21 @@ include("head.inc"); </a> </td> </tr> + <?php endif; if ($ifinfo['l2tplink']): ?> + <tr> + <td width="22%" class="vncellt"><?=gettext("L2TP"); ?></td> + <td width="78%" class="listr"> + <?=htmlspecialchars($ifinfo['l2tplink']);?> + <?php if ($ifinfo['l2tplink'] == "up"): ?> + <a href="status_interfaces.php?action=Disconnect&if=<?php echo $ifdescr; ?>"> + <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Disconnect");?>" class="formbtns"> + <?php else: ?> + <a href="status_interfaces.php?action=Connect&if=<?php echo $ifdescr; ?>"> + <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Connect");?>" class="formbtns"> + <?php endif; ?> + </a> + </td> + </tr> <?php endif; if ($ifinfo['ppplink']): ?> <tr> <td width="22%" class="vncellt"><?=gettext("PPP"); ?></td> diff --git a/usr/local/www/status_rrd_graph_img.php b/usr/local/www/status_rrd_graph_img.php index 8af6e7d..2094a87 100644 --- a/usr/local/www/status_rrd_graph_img.php +++ b/usr/local/www/status_rrd_graph_img.php @@ -545,7 +545,7 @@ elseif((strstr($curdatabase, "-packets.rrd")) && (file_exists("$rrddbpath$curdat $graphcmd .= "GPRINT:\"$curif-in_pps_block:LAST:%7.2lf %S pps\" "; $graphcmd .= "GPRINT:\"$curif-pps_in_t_block:AVERAGE:%7.2lf %s pkts\" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"out-pass\t\" "; + $graphcmd .= "COMMENT:\"out-block\t\" "; $graphcmd .= "GPRINT:\"$curif-out_pps_block:MAX:%7.2lf %s pps\" "; $graphcmd .= "GPRINT:\"$curif-out_pps_block:AVERAGE:%7.2lf %S pps\" "; $graphcmd .= "GPRINT:\"$curif-out_pps_block:LAST:%7.2lf %S pps\" "; @@ -960,6 +960,28 @@ elseif((strstr($curdatabase, "-concurrent.rrd")) && (file_exists("$rrddbpath$cur $graphcmd .= "COMMENT:\"\\n\" "; $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; } +elseif((strstr($curdatabase, "-totalusers.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { + /* define graphcmd for online Captive Portal users stats */ + $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png "; + $graphcmd .= "--start $start --end $end "; + $graphcmd .= "--vertical-label \"Total Captive Portal Users\" "; + $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; + $graphcmd .= "--base=1000 "; + $graphcmd .= "--lower-limit=0 "; + $graphcmd .= "--slope-mode "; + $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--height 200 --width 620 "; + $graphcmd .= "DEF:\"$curif-totalusers=$rrddbpath$curdatabase:totalusers:AVERAGE\" "; + $graphcmd .= "AREA:\"$curif-totalusers#{$colorcaptiveportalusers[0]}:$curif-totalusers\" "; + $graphcmd .= "COMMENT:\"\\n\" "; + $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; + $graphcmd .= "COMMENT:\"Users Online\t\" "; + $graphcmd .= "GPRINT:\"$curif-totalusers:LAST:%8.0lf \" "; + $graphcmd .= "GPRINT:\"$curif-totalusers:AVERAGE:%8.0lf \" "; + $graphcmd .= "GPRINT:\"$curif-totalusers:MAX:%8.0lf \" "; + $graphcmd .= "COMMENT:\"\\n\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; +} else { $data = false; log_error(sprintf(gettext("Sorry we do not have data to graph for %s"),$curdatabase)); diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 0f751e7..ef82716 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -91,6 +91,7 @@ if($_GET['act']=="new"){ $pconfig['tlsauth_enable'] = "yes"; $pconfig['autotls_enable'] = "yes"; $pconfig['dh_length'] = 1024; + $pconfig['device_mode'] = "tun"; $pconfig['interface'] = "wan"; $pconfig['local_port'] = openvpn_port_next('UDP'); $pconfig['pool_enable'] = "yes"; @@ -104,6 +105,7 @@ if($_GET['act']=="edit"){ $pconfig['mode'] = $a_server[$id]['mode']; $pconfig['protocol'] = $a_server[$id]['protocol']; $pconfig['authmode'] = $a_server[$id]['authmode']; + $pconfig['device_mode'] = $a_server[$id]['device_mode']; $pconfig['interface'] = $a_server[$id]['interface']; if (!empty($a_server[$id]['ipaddr'])) { $pconfig['interface'] = $pconfig['interface'] . '|' . $a_server[$id]['ipaddr']; @@ -304,6 +306,7 @@ if ($_POST) { if (!empty($pconfig['authmode'])) $server['authmode'] = implode(",", $pconfig['authmode']); $server['protocol'] = $pconfig['protocol']; + $server['device_mode'] = $pconfig['device_mode']; list($server['interface'], $server['ipaddr']) = explode ("|",$pconfig['interface']); $server['local_port'] = $pconfig['local_port']; $server['description'] = $pconfig['description']; @@ -663,6 +666,26 @@ if ($savemsg) </td> </tr> <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Device Mode"); ?></td> + <td width="78%" class="vtable"> + <select name="device_mode" class="formselect"> + <?php + foreach ($openvpn_dev_mode as $device): + $selected = ""; + if (! empty($pconfig['device_mode'])) { + if ($pconfig['device_mode'] == $device) + $selected = "selected"; + } else { + if ($device == "tun") + $selected = "selected"; + } + ?> + <option value="<?=$device;?>" <?=$selected;?>><?=$device;?></option> + <?php endforeach; ?> + </select> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td> <td width="78%" class="vtable"> <select name="interface" class="formselect"> diff --git a/usr/local/www/vpn_pptp.php b/usr/local/www/vpn_pptp.php index 84f4020..5be5e6e 100755 --- a/usr/local/www/vpn_pptp.php +++ b/usr/local/www/vpn_pptp.php @@ -342,7 +342,7 @@ function enable_change(enable_over) { } ?> </select> - <br><?=gettext("Hint: 10 is TEN pptp clients"); ?> + <br><?=gettext("Hint: 10 is ten PPTP clients"); ?> </td> </tr> <tr> |
