diff options
| author | Seth Mos <seth.mos@dds.nl> | 2011-03-02 10:39:58 +0100 |
|---|---|---|
| committer | Seth Mos <seth.mos@dds.nl> | 2011-03-02 10:39:58 +0100 |
| commit | e269b621b47367e8b3d76b5d6d6e3a2e1de5741d (patch) | |
| tree | f041c9668c4fc7f45fd1830f8c568b56fb59a9f2 /usr/local | |
| parent | 2936a57e2e9c378edafe2ab936b8b3ad90cf83fe (diff) | |
| parent | bb3c656263dee78437ec6b3ae67fc7b194d96c7e (diff) | |
| download | pfsense-e269b621b47367e8b3d76b5d6d6e3a2e1de5741d.zip pfsense-e269b621b47367e8b3d76b5d6d6e3a2e1de5741d.tar.gz | |
Merge remote branch 'upstream/master'
Diffstat (limited to 'usr/local')
| -rw-r--r-- | usr/local/pkg/miniupnpd.inc | 77 | ||||
| -rwxr-xr-x | usr/local/www/head.inc | 2 | ||||
| -rw-r--r-- | usr/local/www/interfaces_bridge_edit.php | 2 | ||||
| -rw-r--r-- | usr/local/www/interfaces_gif_edit.php | 2 | ||||
| -rw-r--r-- | usr/local/www/interfaces_gre_edit.php | 2 | ||||
| -rw-r--r-- | usr/local/www/interfaces_lagg_edit.php | 2 | ||||
| -rwxr-xr-x | usr/local/www/interfaces_vlan_edit.php | 2 | ||||
| -rw-r--r-- | usr/local/www/interfaces_wireless_edit.php | 2 | ||||
| -rw-r--r-- | usr/local/www/system_advanced_admin.php | 19 | ||||
| -rw-r--r-- | usr/local/www/system_advanced_firewall.php | 22 |
10 files changed, 63 insertions, 69 deletions
diff --git a/usr/local/pkg/miniupnpd.inc b/usr/local/pkg/miniupnpd.inc index 2da8c93..f52214b 100644 --- a/usr/local/pkg/miniupnpd.inc +++ b/usr/local/pkg/miniupnpd.inc @@ -1,24 +1,25 @@ <?php + require_once("util.inc"); require_once("config.inc"); require_once("functions.inc"); require_once("shaper.inc"); /* MiniUPnPd */ - function upnp_notice ($msg) { syslog(LOG_NOTICE, "miniupnpd: {$msg}"); } - function upnp_warn ($msg) { syslog(LOG_WARNING, "miniupnpd: {$msg}"); } + function upnp_notice ($msg) { log_error("miniupnpd: {$msg}"); } + function upnp_warn ($msg) { log_error("miniupnpd: {$msg}"); } function upnp_running () { - if((int)exec('pgrep miniupnpd | wc -l') > 0) + if((int)exec('/bin/pgrep -a miniupnpd | /usr/bin/wc -l') > 0) return true; return false; - } + } function upnp_write_config($file, $text) { $handle = fopen($file, 'w'); if(!$handle) { upnp_warn("Could not open {$file} for writing."); - exit; + return; } fwrite($handle, $text); fclose($handle); @@ -26,7 +27,7 @@ function upnp_uuid() { /* md5 hash of wan mac */ - $uuid = md5(exec('arp -an -i '.get_real_interface().' | /usr/bin/cut -d " " -f4')); + $uuid = md5(get_interface_mac(get_real_interface("wan"))); /* put uuid in correct format 8-4-4-4-12 */ return substr($uuid,0,8).'-'.substr($uuid,9,4).'-'.substr($uuid,13,4).'-'.substr($uuid,17,4).'-'.substr($uuid,21,12); } @@ -42,7 +43,8 @@ } function upnp_validate_ip($ip, $check_cdir) { - /* validate cdir */ + /* validate cidr */ + $ip_array = array(); if($check_cdir) { $ip_array = explode('/', $ip); if(count($ip_array) == 2) { @@ -55,11 +57,8 @@ $ip_array[] = $ip; /* validate ip */ - if(!eregi('^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$', $ip_array[0])) + if (!is_ipaddr($ip_array[0])) return false; - foreach(explode('.', $ip_array[0]) as $sub) - if($sub < 0 || $sub > 256) - return false; return true; } @@ -73,15 +72,6 @@ function before_form_miniupnpd($pkg) { global $config; - /* if shaper connection speed defined hide fields */ - if($config['ezshaper']['step2']['download'] && $config['ezshaper']['step2']['upload']) { - $i=0; - foreach ($pkg['fields']['field'] as $field) { - if ($field['fieldname'] == 'download' || $field['fieldname'] == 'upload') - unset($pkg['fields']['field'][$i]); - $i++; - } - } } function validate_form_miniupnpd($post, $input_errors) { @@ -138,49 +128,38 @@ $ifaces_active = ''; /* since config is written before this file invoked we don't need to read post data */ - if($upnp_config['enable'] && $upnp_config['iface_array']) + if($upnp_config['enable'] && !empty($upnp_config['iface_array'])) { $iface_array = explode(',', $upnp_config['iface_array']); - if($iface_array) { foreach($iface_array as $iface) { $if = convert_friendly_interface_to_real_interface_name($iface); /* above function returns iface if fail */ if($if!=$iface) { $addr = find_interface_ip($if); - /* non enabled interfaces are displayed in list on miniupnpd settings page */ /* check that the interface has an ip address before adding parameters */ - if($addr) { + if (is_ipaddr($addr)) { $config_text .= "listening_ip={$addr}\n"; if(!$ifaces_active) { $webgui_ip = $addr; $ifaces_active = $iface; - } else { + } else $ifaces_active .= ", {$iface}"; - } - } else { + } else upnp_warn("Interface {$iface} has no ip address, ignoring"); - } - } else { + } else upnp_warn("Could not resolve real interface for {$iface}"); - } } - if($ifaces_active) { + if (!empty($ifaces_active)) { /* override wan ip address, common for carp, etc */ if($upnp_config['overridewanip']) $config_text .= "ext_ip={$upnp_config['overridewanip']}\n"; - /* if shaper connection speed defined use those values */ - if($config['ezshaper']['step2']['download'] && $config['ezshaper']['step2']['upload']) { - $download = $config['ezshaper']['step2']['download']*1000; - $upload = $config['ezshaper']['step2']['upload']*1000; - } else { - $download = $upnp_config['download']*1000; - $upload = $upnp_config['upload']*1000; - } + $download = $upnp_config['download']*1000; + $upload = $upnp_config['upload']*1000; /* set upload and download bitrates */ - if($download && $upload) { + if(!empty($download) && !empty($upload)) { $config_text .= "bitrate_down={$download}\n"; $config_text .= "bitrate_up={$upload}\n"; } @@ -194,9 +173,9 @@ $config_text .= "system_uptime=yes\n"; /* set webgui url */ - if($config['system']['webgui']['protocol']) { + if(!empty($config['system']['webgui']['protocol'])) { $config_text .= "presentation_url={$config['system']['webgui']['protocol']}://{$webgui_ip}"; - if($config['system']['webgui']['port']) + if(!empty($config['system']['webgui']['port'])) $config_text .= ":{$config['system']['webgui']['port']}"; $config_text .= "/\n"; } @@ -206,7 +185,7 @@ $config_text .= "serial=".strtoupper(substr(upnp_uuid(),0,8))."\n"; /* set model number */ - $config_text .= "model_number=".exec("/bin/cat /etc/version")."\n"; + $config_text .= "model_number=".file_get_contents("/etc/version")."\n"; /* upnp access restrictions */ for($i=1; $i<=4; $i++) { @@ -238,25 +217,23 @@ upnp_action('start'); } /* or restart miniupnpd if settings were changed */ - elseif($_POST['iface_array']) { + else { upnp_notice("Restarting service on interface: {$ifaces_active}"); upnp_action('restart'); } } - } - - if(!$iface_array || !$ifaces_active) { - /* no parameters user does not want miniupnpd running */ + } else { + /* user does not want miniupnpd running */ /* lets stop the service and remove the rc file */ - if(file_exists($config_file)) { + if (file_exists($config_file)) { if(!$upnp_config['enable']) upnp_notice('Stopping service: miniupnpd disabled'); else upnp_notice('Stopping service: no interfaces selected'); upnp_action('stop'); - unlink($config_file); + @unlink($config_file); } } } diff --git a/usr/local/www/head.inc b/usr/local/www/head.inc index e4a7a95..97c7111 100755 --- a/usr/local/www/head.inc +++ b/usr/local/www/head.inc @@ -62,7 +62,7 @@ $pagetitle = gentitle( $pgtitle ); * Coded by: Erik Kristensen */ - $dir = trim(basename($_SERVER["SCRIPT_FILENAME"]), '.php'); + $dir = trim(basename($_SERVER["SCRIPT_FILENAME"], '.php')); $path = "{$g['www_path']}/javascript/" . $dir . "/"; if (is_dir($path)) { if ($dh = opendir($path)) { diff --git a/usr/local/www/interfaces_bridge_edit.php b/usr/local/www/interfaces_bridge_edit.php index ec48bc9..91085a8 100644 --- a/usr/local/www/interfaces_bridge_edit.php +++ b/usr/local/www/interfaces_bridge_edit.php @@ -223,7 +223,7 @@ if ($_POST) { } } -$pgtitle = array(gettext("Firewall"),gettext("Bridge"),gettext("Edit")); +$pgtitle = array(gettext("Interfaces"),gettext("Bridge"),gettext("Edit")); include("head.inc"); ?> diff --git a/usr/local/www/interfaces_gif_edit.php b/usr/local/www/interfaces_gif_edit.php index 958b5c0..21496fe 100644 --- a/usr/local/www/interfaces_gif_edit.php +++ b/usr/local/www/interfaces_gif_edit.php @@ -121,7 +121,7 @@ if ($_POST) { } } -$pgtitle = array(gettext("Firewall"),gettext("GIF"),gettext("Edit")); +$pgtitle = array(gettext("Interfaces"),gettext("GIF"),gettext("Edit")); include("head.inc"); ?> diff --git a/usr/local/www/interfaces_gre_edit.php b/usr/local/www/interfaces_gre_edit.php index ca95369..08cd350 100644 --- a/usr/local/www/interfaces_gre_edit.php +++ b/usr/local/www/interfaces_gre_edit.php @@ -124,7 +124,7 @@ if ($_POST) { } } -$pgtitle = array(gettext("Firewall"),gettext("GRE"),gettext("Edit")); +$pgtitle = array(gettext("Interfaces"),gettext("GRE"),gettext("Edit")); include("head.inc"); ?> diff --git a/usr/local/www/interfaces_lagg_edit.php b/usr/local/www/interfaces_lagg_edit.php index 09dbf51..dc886e3 100644 --- a/usr/local/www/interfaces_lagg_edit.php +++ b/usr/local/www/interfaces_lagg_edit.php @@ -115,7 +115,7 @@ if ($_POST) { } } -$pgtitle = array(gettext("Firewall"),gettext("LAGG"),gettext("Edit")); +$pgtitle = array(gettext("Interfaces"),gettext("LAGG"),gettext("Edit")); include("head.inc"); ?> diff --git a/usr/local/www/interfaces_vlan_edit.php b/usr/local/www/interfaces_vlan_edit.php index ea43508..145fe0a 100755 --- a/usr/local/www/interfaces_vlan_edit.php +++ b/usr/local/www/interfaces_vlan_edit.php @@ -128,7 +128,7 @@ if ($_POST) { } } -$pgtitle = array(gettext("Firewall"),gettext("VLAN"),gettext("Edit")); +$pgtitle = array(gettext("Interfaces"),gettext("VLAN"),gettext("Edit")); include("head.inc"); ?> diff --git a/usr/local/www/interfaces_wireless_edit.php b/usr/local/www/interfaces_wireless_edit.php index 686345d..ae56add 100644 --- a/usr/local/www/interfaces_wireless_edit.php +++ b/usr/local/www/interfaces_wireless_edit.php @@ -142,7 +142,7 @@ if ($_POST) { } } -$pgtitle = array(gettext("Firewall"),gettext("Wireless"),gettext("Edit")); +$pgtitle = array(gettext("Interfaces"),gettext("Wireless"),gettext("Edit")); include("head.inc"); ?> diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index 7b4b8e3..e23ceb0 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -62,6 +62,7 @@ $pconfig['enableserial'] = $config['system']['enableserial']; $pconfig['enablesshd'] = $config['system']['enablesshd']; $pconfig['sshport'] = $config['system']['ssh']['port']; $pconfig['sshdkeyonly'] = isset($config['system']['ssh']['sshdkeyonly']); +$pconfig['quietlogin'] = isset($config['system']['webgui']['quietlogin']); $a_cert =& $config['cert']; @@ -117,6 +118,11 @@ if ($_POST) { unset($config['system']['webgui']['disablehttpredirect']); $restart_webgui = true; } + if ($_POST['quietlogin'] == "yes") { + $config['system']['webgui']['quietlogin'] = true; + } else { + unset($config['system']['webgui']['quietlogin']); + } if($_POST['disableconsolemenu'] == "yes") { $config['system']['disableconsolemenu'] = true; @@ -315,13 +321,24 @@ function prot_change() { <input name="disablehttpredirect" type="checkbox" id="disablehttpredirect" value="yes" <?php if ($pconfig['disablehttpredirect']) echo "checked"; ?> /> <strong><?=gettext("Disable webConfigurator redirect rule"); ?></strong> <br/> - <?php gettext("When this is unchecked, access to the webConfigurator " . + <?php echo gettext("When this is unchecked, access to the webConfigurator " . "is always permitted even on port 80, regardless of the listening port configured." . "Check this box to disable this automatically added redirect rule. "); ?> </td> </tr> <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("WebGUI login messages"); ?></td> + <td width="78%" class="vtable"> + <input name="quietlogin" type="checkbox" id="quietlogin" value="yes" <?php if ($pconfig['quietlogin']) echo "checked"; ?> /> + <strong><?=gettext("Disable webConfigurator successful logins"); ?></strong> + <br/> + <?php echo gettext("When this is checked, successful logins to the webConfigurator " . + "will not be logged."); + ?> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Anti-lockout"); ?></td> <td width="78%" class="vtable"> <?php diff --git a/usr/local/www/system_advanced_firewall.php b/usr/local/www/system_advanced_firewall.php index 34bf11d..8165922 100644 --- a/usr/local/www/system_advanced_firewall.php +++ b/usr/local/www/system_advanced_firewall.php @@ -331,6 +331,17 @@ function update_description(itemnum) { </td> </tr> <tr> + <td width="22%" valign="top" class="vncell">Disable reply-to</td> + <td width="78%" class="vtable"> + <input name="disablereplyto" type="checkbox" id="disablereplyto" value="yes" <?php if ($pconfig['disablereplyto']) echo "checked"; ?> /> + <strong><?=gettext("Disable reply-to on WAN rules");?></strong> + <br /> + <?=gettext("With Multi-WAN you generally want to ensure traffic leaves the same interface it arrives on, hence reply-to is added automatically by default. " . + "When using bridging, you must disable this behavior if the WAN gateway IP is different from the gateway IP of the hosts behind the bridged interface.");?> + <br /> + </td> + </tr> + <tr> <td colspan="2" class="list" height="12"> </td> </tr> <?php if(count($config['interfaces']) > 1): ?> @@ -367,17 +378,6 @@ function update_description(itemnum) { <?=gettext("Currently only applies to 1:1 NAT rules. Required for full functionality of NAT Reflection for 1:1 NAT.");?> </td> </tr> - <tr> - <td width="22%" valign="top" class="vncell">Disable reply-to</td> - <td width="78%" class="vtable"> - <input name="disablereplyto" type="checkbox" id="disablereplyto" value="yes" <?php if ($pconfig['disablereplyto']) echo "checked"; ?> /> - <strong><?=gettext("Disable reply-to on WAN rules");?></strong> - <br /> - <?=gettext("With Multi-WAN you generally want to ensure traffic leaves the same interface it arrives on, hence reply-to is added automatically by default." . - "When using bridging, you must disable this behavior if the WAN gateway IP is different from the gateway IP of the hosts behind the bridged interface.");?> - <br /> - </td> - </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("TFTP Proxy");?></td> <td width="78%" class="vtable"> |
