MFC UPNP support6

3 files changed, 383 insertions, 0 deletions

diff --git a/usr/local/pkg/miniupnpd.inc b/usr/local/pkg/miniupnpd.inc
new file mode 100644
index 0000000..fa5160c
--- /dev/null
+++ b/usr/local/pkg/miniupnpd.inc
@@ -0,0 +1,168 @@
+<?php
+	require_once("config.inc");
+	require_once("functions.inc");
+
+	/* Miniupnp */
+
+	function upnp_notice ($msg) { syslog(LOG_NOTICE, "miniupnpd: $msg"); return; }
+	function upnp_warn ($msg) { syslog(LOG_WARNING, "miniupnpd: $msg"); return; }
+	
+	function upnp_config ($name) {
+		global $config;
+		if($config['installedpackages']['miniupnpd']['config'][0]["{$name}"])
+			return $config['installedpackages']['miniupnpd']['config'][0]["{$name}"];
+		else
+			return NULL;
+	}
+
+	function upnp_validate_ip($ip) {
+		if(!eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $ip))
+			return FALSE;   
+		foreach(explode(".", $ip) as $sub)
+			if($sub<0 || $sub>256) 
+				return FALSE;
+		return TRUE;
+	}
+	
+	function before_form_miniupnpd($pkg) {
+		global $config;
+		
+		/* if shaper connection speed defined hide fields */
+		if($config['ezshaper']['step2']['download'] && $config['ezshaper']['step2']['upload']) {
+			$i=0;
+			foreach ($pkg['fields']['field'] as $field) {
+				if ($field['fieldname'] == 'download' || $field['fieldname'] == 'upload')
+					unset($pkg['fields']['field'][$i]);
+				$i++;
+			}
+		}
+	}
+
+	function validate_form_miniupnpd($post, $input_errors) {
+		if($post['iface_array'])
+			foreach($post['iface_array'] as $iface)
+				if($iface == "wan")
+					$input_errors[] = 'It is a security risk to specify WAN in the \'Interface\' field';
+		if($post['overridewanip'] && !upnp_validate_ip($post['overridewanip']))
+			$input_errors[] = 'You must specify a valid ip address in the \'Override WAN address\' field';
+		if(($post['download'] && !$post['upload']) || ($post['upload'] && !$post['download']))
+			$input_errors[] = 'You must fill in both \'Maximum Download Speed\' and \'Maximum Upload Speed\' fields';
+		if($post['download'] && $post['download']<=0)
+			$input_errors[] = 'You must specify a value greater than 0 in the \'Maximum Download Speed\' field';
+		if($post['upload'] && $post['upload']<=0)
+			$input_errors[] = 'You must specify a value greater than 0 in the \'Maximum Upload Speed\' field';
+	}
+
+	function sync_package_miniupnpd() {
+		global $config;
+		global $input_errors;
+		$ifaces_final = "";		
+		$wanif = get_real_wan_interface();
+
+		upnp_notice("Syncing package");
+
+		conf_mount_rw();
+		config_lock();	
+
+		/* since config is written before this file invoked we don't need to read post data */			
+		if(upnp_config("iface_array"))
+			$iface_array = explode(",",upnp_config("iface_array"));		
+
+		if($iface_array) {		
+			foreach($iface_array as $iface) {
+				$if = convert_friendly_interface_to_real_interface_name($iface);
+				/* above function returns iface if fail */
+				if($if!=$iface) {
+					$addr = find_interface_ip($if);
+					/* non enabled interfaces are displayed in list on miniupnpd settings page */
+					/* check that the interface has an ip address before adding parameters */
+					if($addr) {
+						upnp_notice("Active on {$iface} interface");
+			    		$ifaces_final .= " -a {$addr}";
+					} else {
+						upnp_warn("Interface {$iface} has no ip address");
+					}
+				} else {
+					upnp_warn("Could not resolve real interface {$iface}");
+				}
+			}
+
+			if($ifaces_final) {
+				$overridewanip = upnp_config("overridewanip");
+				$logpackets = upnp_config("logpackets");
+				$sysuptime = upnp_config("sysuptime");
+				
+				/* if shaper connection speed defined use those values */
+				if($config['ezshaper']['step2']['download'] && $config['ezshaper']['step2']['upload']) {
+					$download = $config['ezshaper']['step2']['download']*1000;
+					$upload = $config['ezshaper']['step2']['upload']*1000;
+				} else {
+					$download = upnp_config("download")*1000;
+					$upload = upnp_config("upload")*1000;
+				}	
+					
+				/* valid paramters lets create rc file and start miniupnpd */
+			
+				$stop = <<<EOD
+if [ `pgrep miniupnpd | wc -l` != 0  ]; then
+		/usr/bin/killall miniupnpd
+		while [ `pgrep miniupnpd | wc -l` != 0 ]; do
+			sleep 1
+		done	
+	fi
+	# Clear existing rules and rdr entries
+	if [ `pfctl -aminiupnpd -sr | wc -l` != 0  ]; then
+		/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null
+	fi
+	if [ `pfctl -aminiupnpd -sn | wc -l` != 0  ]; then
+		/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null
+	fi
+EOD;
+			
+				$start = $stop."\n\t/usr/local/sbin/miniupnpd -p 2869 -i {$wanif}{$ifaces_final}";
+
+				/* define maximum downstream and upstream bitrates */
+				if($download && $upload)
+					$start .= " -B {$download} {$upload}";
+
+				/* override wan ip address, common for carp, etc */
+				if($overridewanip)
+					$start .= " -o {$overridewanip}";
+				
+				/* enable logging of packets handled by miniupnpd rules */
+				if($logpackets)
+					$start .= " -L";
+
+				/* enable system uptime instead of miniupnpd uptime */
+				if($sysuptime)
+					$start .= " -U";				
+				
+				write_rcfile(array(
+					    "file" => "miniupnpd.sh",
+					    "start" => $start,
+					    "stop" => $stop
+				    )
+				);
+
+				/* if not ONE instance running lets start */
+				/* or if $_POST data as user is changing settings */
+				if((int)exec("pgrep miniupnpd | wc -l") != 1 || $_POST['iface_array']) {
+					upnp_notice("Starting service");
+					start_service("miniupnpd");
+				} 	
+			} 
+		}
+
+		if(!$iface_array || !$ifaces_final) {
+			/* no parameters user does not want miniupnpd running */
+			/* lets stop the service and remove the rc file */
+		
+			stop_service("miniupnpd");
+			upnp_warn("No interfaces stopping service");
+			exec("rm -f /usr/local/etc/rc.d/miniupnpd*");
+		}
+		
+		config_unlock();
+		conf_mount_ro();
+	}
+?>
diff --git a/usr/local/pkg/miniupnpd.xml b/usr/local/pkg/miniupnpd.xml
new file mode 100644
index 0000000..fbe61f6
--- /dev/null
+++ b/usr/local/pkg/miniupnpd.xml
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<packagegui>
+	<title>Services: Miniupnpd</title>
+	<name>miniupnpd</name>
+	<version>20061129</version>
+	<savetext>Change</savetext>
+	<include_file>/usr/local/pkg/miniupnpd.inc</include_file>
+	<aftersaveredirect>status_upnp.php</aftersaveredirect>
+	<menu>
+		<name>Miniupnpd</name>
+		<tooltiptext>Set miniupnpd settings such as interfaces to listen on.</tooltiptext>
+		<section>Services</section>
+		<url>/status_upnp.php</url>
+	</menu>
+	<additional_files_needed>
+		<item>http://www.pfsense.org/packages/config/miniupnpd/miniupnpd.inc</item>
+	    <prefix>/usr/local/pkg/</prefix>
+	    <chmod>0755</chmod>
+	</additional_files_needed>
+	<additional_files_needed>
+		<item>http://www.pfsense.org/packages/config/miniupnpd/status_upnp.php</item>
+	    <prefix>/usr/local/www/</prefix>
+	    <chmod>0755</chmod>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/sbin/</prefix>
+		<chmod>0755</chmod>
+		<item>http://www.pfsense.com/packages/config/miniupnpd/sbin/miniupnpd</item>
+	</additional_files_needed>
+	<service>
+		<name>miniupnpd</name>
+		<rcfile>miniupnpd.sh</rcfile>
+		<executable>miniupnpd</executable>
+	</service>
+	<tabs>
+		<tab>
+			<text>UPNP Status</text>
+			<url>status_upnp.php</url>
+		</tab>
+		<tab>
+			<text>miniupnpd Settings</text>
+			<url>/pkg_edit.php?xml=miniupnpd.xml&amp;id=0</url>
+			<active/>
+		</tab>
+	</tabs>
+	<fields>
+		<field>
+			<fielddescr>Interface (generally LAN)</fielddescr>
+			<fieldname>iface_array</fieldname>
+			<value>lan</value>
+			<multiple>true</multiple>
+			<size>3</size>
+			<type>interfaces_selection</type>
+		</field>
+		<field>
+			<fielddescr>Maximum Download Speed (Kbits/second)</fielddescr>
+			<fieldname>download</fieldname>
+			<type>input</type>
+		</field>	
+		<field>
+			<fielddescr>Maximum Upload Speed (Kbits/second)</fielddescr>
+			<fieldname>upload</fieldname>
+			<type>input</type>
+		</field>	
+		<field>
+			<fielddescr>Override WAN address</fielddescr>
+			<fieldname>overridewanip</fieldname>
+			<type>input</type>
+		</field>
+		<field>
+			<fielddescr>Log packets handled by miniupnpd rules?</fielddescr>
+			<fieldname>logpackets</fieldname>
+			<type>checkbox</type>
+		</field>	
+		<field>
+			<fielddescr>Use system uptime instead of miniupnpd uptime?</fielddescr>
+			<fieldname>sysuptime</fieldname>
+			<type>checkbox</type>
+		</field>	
+	</fields>
+	<custom_php_command_before_form>
+		before_form_miniupnpd(&amp;$pkg);
+	</custom_php_command_before_form>
+	<custom_php_validation_command>
+		validate_form_miniupnpd($_POST, &amp;$input_errors);
+	</custom_php_validation_command>
+	<custom_php_resync_config_command>
+		sync_package_miniupnpd();
+	</custom_php_resync_config_command>    
+	<custom_php_install_command>
+		sync_package_miniupnpd();
+	</custom_php_install_command>
+	<custom_php_deinstall_command>
+		exec("rm -f /usr/local/etc/rc.d/miniupnpd*");
+	</custom_php_deinstall_command>
+</packagegui>
diff --git a/usr/local/www/status_upnp.php b/usr/local/www/status_upnp.php
new file mode 100644
index 0000000..d1928ee
--- /dev/null
+++ b/usr/local/www/status_upnp.php
@@ -0,0 +1,119 @@
+<?php
+/* $Id$ */
+/*
+	status_upnp.php
+	part of pfSense (http://www.pfsense.com/)
+
+	Copyright (C) 2006 Seth Mos <seth.mos@xs4all.nl>.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+/* Defaults to this page but if no settings are present, redirect to setup page */
+if(!$config['installedpackages']['miniupnpd']['config'][0]['iface_array'])
+	Header("Location: /pkg_edit.php?xml=miniupnpd.xml&id=0");
+
+if ($_POST) {
+	if ($_POST['clear'] == "Clear") {
+		mwexec("/bin/sh /usr/local/etc/rc.d/miniupnpd.sh restart");
+		$savemsg = "Rules have been cleared and the daemon restarted";
+	}
+}
+
+$rdr_entries = array();
+exec("/sbin/pfctl -aminiupnpd -sn", $rdr_entries, $pf_ret);
+
+$now = time();
+$year = date("Y");
+
+$pgtitle = "Status: UPnP Status";
+include("head.inc");
+/* put your custom HTML head content here        */
+/* using some of the $pfSenseHead function calls */
+//$pfSenseHead->addMeta("<meta http-equiv=\"refresh\" content=\"120;url={$_SERVER['SCRIPT_NAME']}\" />");
+//echo $pfSenseHead->getHTML();
+
+?>
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></font></p>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+
+<div id="mainlevel">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<?php
+	$tab_array = array();
+	$tab_array[] = array(gettext("UPNP Status "), true, "/status_upnp.php");
+	$tab_array[] = array(gettext("miniupnpd Settings "), false, "/pkg_edit.php?xml=miniupnpd.xml&id=0");
+	display_top_tabs($tab_array);
+?>
+</table>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+   <tr>
+     <td class="tabcont" >
+      <form action="status_upnp.php" method="post">
+      <b><input type="submit" name="clear" id="clear" value="Clear" /></b>
+    </form>
+    </td>
+   </tr>
+   <tr>
+    <td class="tabcont" >
+      <table width="100%" border="0" cellpadding="0" cellspacing="0">
+	<tr>
+          <td width="10%" class="listhdrr"><?=gettext("Port")?></td>
+          <td width="10%" class="listhdrr"><?=gettext("Protocol")?></td>
+          <td width="20%" class="listhdrr"><?=gettext("Internal IP")?></td>
+          <td width="60%" class="listhdr"><?=gettext("Description")?></td>
+		</tr>
+		<?php $i = 0; foreach ($rdr_entries as $rdr_entry) {
+			if (preg_match("/rdr on (.*) inet proto (.*) from any to any port = (.*) label \"(.*)\" -> (.*) port (.*)/", $rdr_entry, $matches))
+			$rdr_proto = $matches[2];
+			$rdr_port = $matches[3];
+			$rdr_ip = $matches[5];
+			$rdr_label =$matches[4];
+		?>
+        <tr>
+          <td class="listlr">
+		<?php print $rdr_port;?>
+          </td>
+          <td class="listlr">
+		<?php print $rdr_proto;?>
+          </td>
+          <td class="listlr">
+		<?php print $rdr_ip;?>
+          </td>
+          <td class="listlr">
+		<?php print $rdr_label;?>
+          </td>
+        </tr>
+        <?php $i++; }?>
+      </table>
+     </td>
+    </tr>
+</table>
+</div>
+<?php include("fend.inc"); ?>
+</body>
+</html>