summaryrefslogtreecommitdiffstats
path: root/usr/local
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-06-01 19:51:18 +0000
committerErmal <eri@pfsense.org>2012-06-01 19:51:18 +0000
commit85a236e9dd5db87197ed6855995da609bf310bff (patch)
tree7ef1016f01b61c6a76c4d47f6bd28c1acc1bc964 /usr/local
parent730b614846c740a1f8d501ca48bcc20198aeff84 (diff)
downloadpfsense-85a236e9dd5db87197ed6855995da609bf310bff.zip
pfsense-85a236e9dd5db87197ed6855995da609bf310bff.tar.gz
Fixes #2428. Reference limiters in rules by name to avoid issues. Also put upgrade code for existing configs. The same fix is necessary for 2.0.x though not sure how this should be committed there.
Diffstat (limited to 'usr/local')
-rwxr-xr-xusr/local/www/firewall_rules_edit.php26
-rw-r--r--usr/local/www/firewall_shaper_vinterface.php174
2 files changed, 105 insertions, 95 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index 13f4287..cfae019 100755
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -190,6 +190,13 @@ $if = $pconfig['interface'];
if (isset($_GET['dup']))
unset($id);
+read_altq_config(); /* XXX: */
+$qlist =& get_unique_queue_list();
+read_dummynet_config(); /* XXX: */
+$dnqlist =& get_unique_dnqueue_list();
+read_layer7_config();
+$l7clist =& get_l7_unique_list();
+
if ($_POST) {
unset($input_errors);
@@ -441,9 +448,9 @@ if ($_POST) {
$input_errors[] = gettext("You must select a queue for the In direction before selecting one for Out too.");
else if ($_POST['pdnpipe'] == $_POST['dnpipe'])
$input_errors[] = gettext("In and Out Queue cannot be the same.");
- else if ($pdnpipe[0] == "?" && $dnpipe[0] <> "?")
+ else if ($dnqlist[$_POST['pdnpipe']][0] == "?" && $dnqlist[$_POST['dnpipe']][0] <> "?")
$input_errors[] = gettext("You cannot select one queue and one virtual interface for IN and Out. both must be from the same type.");
- else if ($dnpipe[0] == "?" && $pdnpipe[0] <> "?")
+ else if ($dnqlist[$_POST['dnpipe']][0] == "?" && $dnqlist[$_POST['pdnpipe']][0] <> "?")
$input_errors[] = gettext("You cannot select one queue and one virtual interface for IN and Out. both must be from the same type.");
}
if( !empty($_POST['ruleid']) && !ctype_digit($_POST['ruleid']))
@@ -650,13 +657,6 @@ if ($_POST) {
}
}
-read_altq_config(); /* XXX: */
-$qlist =& get_unique_queue_list();
-read_dummynet_config(); /* XXX: */
-$dnqlist =& get_unique_dnqueue_list();
-read_layer7_config();
-$l7clist =& get_l7_unique_list();
-
$pgtitle = array(gettext("Firewall"),gettext("Rules"),gettext("Edit"));
$statusurl = "status_filter_reload.php";
$logurl = "diag_logs_filter.php";
@@ -1423,8 +1423,8 @@ $i--): ?>
foreach ($dnqlist as $dnq => $dnqkey) {
if($dnq == "")
continue;
- echo "<option value=\"$dnqkey\"";
- if ($dnqkey == $pconfig['dnpipe']) {
+ echo "<option value=\"$dnq\"";
+ if ($dnq == $pconfig['dnpipe']) {
$dnqselected = 1;
echo " SELECTED";
}
@@ -1441,8 +1441,8 @@ $i--): ?>
foreach ($dnqlist as $dnq => $dnqkey) {
if($dnq == "")
continue;
- echo "<option value=\"$dnqkey\"";
- if ($dnqkey == $pconfig['pdnpipe']) {
+ echo "<option value=\"$dnq\"";
+ if ($dnq == $pconfig['pdnpipe']) {
$dnqselected = 1;
echo " SELECTED";
}
diff --git a/usr/local/www/firewall_shaper_vinterface.php b/usr/local/www/firewall_shaper_vinterface.php
index b325a30..ded2d04 100644
--- a/usr/local/www/firewall_shaper_vinterface.php
+++ b/usr/local/www/firewall_shaper_vinterface.php
@@ -95,56 +95,56 @@ $output_form = "";
if ($_GET) {
switch ($action) {
case "delete":
- if ($queue) {
- if (is_array($config['filter']['rule'])) {
- foreach ($config['filter']['rule'] as $rule) {
- if ($rule['dnpipe'] == $queue->GetNumber() || $rule['pdnpipe'] == $queue->GetNumber())
- $input_errors[] = gettext("This pipe/queue is referenced in filter rules, please remove references from there before deleteing.");
- }
- }
- if (!$input_errors) {
- $queue->delete_queue();
- write_config();
- mark_subsystem_dirty('shaper');
- header("Location: firewall_shaper_vinterface.php");
- exit;
+ if ($queue) {
+ if (is_array($config['filter']['rule'])) {
+ foreach ($config['filter']['rule'] as $rule) {
+ if ($rule['dnpipe'] == $queue->GetName() || $rule['pdnpipe'] == $queue->GetName())
+ $input_errors[] = gettext("This pipe/queue is referenced in filter rules, please remove references from there before deleteing.");
}
- $output_form .= $queue->build_form();
- } else {
- $input_errors[] = sprintf(gettext("No queue with name %s was found!"),$qname);
- $output_form .= "<p class=\"pgtitle\">" . $dn_default_shaper_msg."</p>";
- $dontshow = true;
}
+ if (!$input_errors) {
+ $queue->delete_queue();
+ write_config();
+ mark_subsystem_dirty('shaper');
+ header("Location: firewall_shaper_vinterface.php");
+ exit;
+ }
+ $output_form .= $queue->build_form();
+ } else {
+ $input_errors[] = sprintf(gettext("No queue with name %s was found!"),$qname);
+ $output_form .= "<p class=\"pgtitle\">" . $dn_default_shaper_msg."</p>";
+ $dontshow = true;
+ }
break;
case "resetall":
- foreach ($dummynet_pipe_list as $dn)
- $dn->delete_queue();
- unset($dummynet_pipe_list);
- $dummynet_pipe_list = array();
- unset($config['dnshaper']['queue']);
- unset($queue);
- unset($pipe);
- $can_add = false;
- $can_enable = false;
- $dontshow = true;
- foreach ($config['filter']['rule'] as $key => $rule) {
- if (isset($rule['dnpipe']))
- unset($config['filter']['rule'][$key]['dnpipe']);
- if (isset($rule['pdnpipe']))
- unset($config['filter']['rule'][$key]['pdnpipe']);
- }
- write_config();
-
- $retval = 0;
- $retval = filter_configure();
- $savemsg = get_std_save_message($retval);
+ foreach ($dummynet_pipe_list as $dn)
+ $dn->delete_queue();
+ unset($dummynet_pipe_list);
+ $dummynet_pipe_list = array();
+ unset($config['dnshaper']['queue']);
+ unset($queue);
+ unset($pipe);
+ $can_add = false;
+ $can_enable = false;
+ $dontshow = true;
+ foreach ($config['filter']['rule'] as $key => $rule) {
+ if (isset($rule['dnpipe']))
+ unset($config['filter']['rule'][$key]['dnpipe']);
+ if (isset($rule['pdnpipe']))
+ unset($config['filter']['rule'][$key]['pdnpipe']);
+ }
+ write_config();
+
+ $retval = 0;
+ $retval = filter_configure();
+ $savemsg = get_std_save_message($retval);
- if (stristr($retval, "error") <> true)
- $savemsg = get_std_save_message($retval);
- else
- $savemsg = $retval;
-
- $output_form = $dn_default_shaper_message;
+ if (stristr($retval, "error") <> true)
+ $savemsg = get_std_save_message($retval);
+ else
+ $savemsg = $retval;
+
+ $output_form = $dn_default_shaper_message;
break;
case "add":
@@ -159,11 +159,11 @@ if ($_GET) {
} else
$input_errors[] = gettext("Could not create new queue/discipline!");
- if ($q) {
- $output_form .= $q->build_form();
- unset($q);
- $newqueue = true;
- }
+ if ($q) {
+ $output_form .= $q->build_form();
+ unset($q);
+ $newqueue = true;
+ }
break;
case "show":
if ($queue)
@@ -173,21 +173,23 @@ if ($_GET) {
break;
case "enable":
if ($queue) {
- $queue->SetEnabled("on");
- $output_form .= $queue->build_form();
- write_config();
- mark_subsystem_dirty('shaper');
+ $queue->SetEnabled("on");
+ $output_form .= $queue->build_form();
+ $queue->wconfig();
+ write_config();
+ mark_subsystem_dirty('shaper');
} else
- $input_errors[] = gettext("Queue not found!");
+ $input_errors[] = gettext("Queue not found!");
break;
case "disable":
if ($queue) {
- $queue->SetEnabled("");
- $output_form .= $queue->build_form();
- write_config();
- mark_subsystem_dirty('shaper');
+ $queue->SetEnabled("");
+ $output_form .= $queue->build_form();
+ $queue->wconfig();
+ write_config();
+ mark_subsystem_dirty('shaper');
} else
- $input_errors[] = gettext("Queue not found!");
+ $input_errors[] = gettext("Queue not found!");
break;
default:
$output_form .= "<p class=\"pgtitle\">" . $dn_default_shaper_msg."</p>";
@@ -198,25 +200,33 @@ if ($_GET) {
unset($input_errors);
if ($addnewpipe) {
- $dnpipe =& new dnpipe_class();
-
- $dnpipe->ReadConfig($_POST);
- $dnpipe->validate_input($_POST, &$input_errors);
- if (!$input_errors) {
- unset($tmppath);
- $tmppath[] = $dnpipe->GetQname();
- $dnpipe->SetLink(&$tmppath);
- $dnpipe->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
- $can_enable = true;
- $can_add = true;
+ if (!empty($dummynet_pipe_list[$qname]))
+ $input_errors[] = gettext("You cannot name a child queue with the same name as a parent limiter");
+ else {
+ $dnpipe =& new dnpipe_class();
+
+ $dnpipe->ReadConfig($_POST);
+ $dnpipe->validate_input($_POST, &$input_errors);
+ if (!$input_errors) {
+ $number = dnpipe_find_nextnumber();
+ $dnpipe->SetNumber($number);
+ unset($tmppath);
+ $tmppath[] = $dnpipe->GetQname();
+ $dnpipe->SetLink(&$tmppath);
+ $dnpipe->wconfig();
+ write_config();
+ mark_subsystem_dirty('shaper');
+ $can_enable = true;
+ $can_add = true;
+ }
+
+ read_dummynet_config();
+ $output_form .= $dnpipe->build_form();
}
- read_dummynet_config();
- $output_form .= $dnpipe->build_form();
-
} else if ($parentqueue) { /* Add a new queue */
- if ($dnpipe) {
+ if (!empty($dummynet_pipe_list[$qname]))
+ $input_errors[] = gettext("You cannot name a child queue with the same name as a parent limiter");
+ else if ($dnpipe) {
$tmppath =& $dnpipe->GetLink();
array_push($tmppath, $qname);
$tmp =& $dnpipe->add_queue($pipe, $_POST, $tmppath, &$input_errors);
@@ -262,11 +272,11 @@ if ($_GET) {
} else if ($queue) {
$queue->validate_input($_POST, &$input_errors);
if (!$input_errors) {
- $queue->update_dn_data($_POST);
- $queue->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
- $dontshow = false;
+ $queue->update_dn_data($_POST);
+ $queue->wconfig();
+ write_config();
+ mark_subsystem_dirty('shaper');
+ $dontshow = false;
}
read_dummynet_config();
$output_form .= $queue->build_form();
OpenPOWER on IntegriCloud