Merge remote branch 'mainline/master' into 1_diag

8 files changed, 143 insertions, 9 deletions

diff --git a/usr/local/www/status_gateways.php b/usr/local/www/status_gateways.php
index 6d6c43d..72e14b2 100755
--- a/usr/local/www/status_gateways.php
+++ b/usr/local/www/status_gateways.php
@@ -118,7 +118,7 @@ include("head.inc");
                         ?>
 			</table>
                   </td>
-		  <td class="listbg"> <?=$a_gateway[$gateway['name']]['descr']; ?></td>
+		  <td class="listbg"> <?=$a_gateways[$gateway['name']]['descr']; ?></td>
                 </tr>
 		<?php } ?>
               </table>
diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php
index bfa5061..840d6bf 100644
--- a/usr/local/www/system_advanced_admin.php
+++ b/usr/local/www/system_advanced_admin.php
@@ -132,7 +132,7 @@ if ($_POST) {
 		else
 			unset($config['system']['enablesshd']);
 
-		$sshd_keyonly = $config['system']['sshdkeyonly'];
+		$sshd_keyonly = isset($config['system']['sshdkeyonly']);
 		if ($_POST['sshdkeyonly'])
 			$config['system']['sshdkeyonly'] = true;
 		else
@@ -157,7 +157,7 @@ if ($_POST) {
 			if ($port)
 				$url = "{$prot}://{$host}:{$port}/system_advanced_admin.php";
 			else
-				$url = "{$prot}://{$host}/system.php";
+				$url = "{$prot}://{$host}/system_advanced_admin.php";
 		}
 
 		write_config();
diff --git a/usr/local/www/system_advanced_network.php b/usr/local/www/system_advanced_network.php
index d744a47..6c67e30 100644
--- a/usr/local/www/system_advanced_network.php
+++ b/usr/local/www/system_advanced_network.php
@@ -54,6 +54,8 @@ $pconfig['ipv6allow'] = isset($config['system']['ipv6allow']);
 $pconfig['polling_enable'] = isset($config['system']['polling']);
 $pconfig['sharednet'] = $config['system']['sharednet'];
 $pconfig['disablechecksumoffloading'] = isset($config['system']['disablechecksumoffloading']);
+$pconfig['disablesegmentationoffloading'] = isset($config['system']['disablesegmentationoffloading']);
+$pconfig['disablelargereceiveoffloading'] = isset($config['system']['disablelargereceiveoffloading']);
 $pconfig['flowtable'] = false;
 $pconfig['flowtable'] = isset($config['system']['flowtable']);
 
@@ -111,12 +113,24 @@ if ($_POST) {
 
 		if($_POST['disablechecksumoffloading'] == "yes") {
 			$config['system']['disablechecksumoffloading'] = $_POST['disablechecksumoffloading'];
-                        setup_microcode();
 		} else {
 			unset($config['system']['disablechecksumoffloading']);
-                        setup_microcode();
 		}
 
+		if($_POST['disablesegmentationoffloading'] == "yes") {
+			$config['system']['disablesegmentationoffloading'] = $_POST['disablesegmentationoffloading'];
+		} else {
+			unset($config['system']['disablesegmentationoffloading']);
+		}
+
+		if($_POST['disablelargereceiveoffloading'] == "yes") {
+			$config['system']['disablelargereceiveoffloading'] = $_POST['disablelargereceiveoffloading'];
+		} else {
+			unset($config['system']['disablelargereceiveoffloading']);
+		}
+
+		setup_microcode();
+
 		// Write out configuration (config.xml)
 		write_config();
 
@@ -234,7 +248,23 @@ function enable_change(enable_over) {
 									<strong><?=gettext("Disable hardware checksum offload"); ?></strong><br>
 									<?=gettext("Checking this option will disable hardware checksum offloading. Checksum offloading is broken in some hardware, particularly some Realtek cards. Rarely, drivers may have problems with checksum offloading and some specific NICs."); ?>
 								</td>
-							</tr>		
+							</tr>
+							<tr>
+								<td width="22%" valign="top" class="vncell"><?=gettext("Hardware TCP Segmentation Offloading"); ?></td>
+								<td width="78%" class="vtable">
+									<input name="disablesegmentationoffloading" type="checkbox" id="disablesegmentationoffloading" value="yes" <?php if (isset($config['system']['disablesegmentationoffloading'])) echo "checked"; ?> />
+									<strong><?=gettext("Disable hardware TCP segmentation offload"); ?></strong><br>
+									<?=gettext("Checking this option will disable hardware TCP segmentation offloading (TSO, TSO4, TSO6). This offloading is broken in some hardware drivers, and may impact performance with some specific NICs."); ?>
+								</td>
+							</tr>
+							<tr>
+								<td width="22%" valign="top" class="vncell"><?=gettext("Hardware Large Receive Offloading"); ?></td>
+								<td width="78%" class="vtable">
+									<input name="disablelargereceiveoffloading" type="checkbox" id="disablelargereceiveoffloading" value="yes" <?php if (isset($config['system']['disablelargereceiveoffloading'])) echo "checked"; ?> />
+									<strong><?=gettext("Disable hardware large receive offload"); ?></strong><br>
+									<?=gettext("Checking this option will disable hardware large receive offloading (LRO). This offloading is broken in some hardware drivers, and may impact performance with some specific NICs.."); ?>
+								</td>
+							</tr>
 							<tr>
 								<td width="22%" valign="top" class="vncell"><?=gettext("ARP Handling"); ?></td>
 								<td width="78%" class="vtable">
diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php
index 700ba41..98d1e81 100755
--- a/usr/local/www/system_gateways_edit.php
+++ b/usr/local/www/system_gateways_edit.php
@@ -375,7 +375,7 @@ function show_advanced_gateway() {
 			?>
 			<input name="monitor" type="text" id="monitor" value="<?php echo $monitor; ?>" />
 			<strong><?=gettext("Alternative monitor IP"); ?></strong> <br />
-			<?gettext("Enter an alternative address here to be used to monitor the link. This is used for the " .
+			<?=gettext("Enter an alternative address here to be used to monitor the link. This is used for the " .
 			"quality RRD graphs as well as the load balancer entries. Use this if the gateway does not respond " .
 			"to ICMP echo requests (pings)"); ?>.</strong>
 			<br />
diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php
index 058046a..f89d834 100644
--- a/usr/local/www/system_usermanager.php
+++ b/usr/local/www/system_usermanager.php
@@ -207,15 +207,30 @@ if (isAllowedPage("system_usermanager")) {
 		if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
 			$input_errors[] = gettext("The passwords do not match.");
 
+		if (isset($id) && $a_user[$id])
+			$oldusername = $a_user[$id]['name'];
+		else
+			$oldusername = "";
 		/* make sure this user name is unique */
-		if (!$input_errors && !(isset($id) && $a_user[$id])) {
+		if (!$input_errors) {
 			foreach ($a_user as $userent) {
-				if ($userent['name'] == $_POST['usernamefld']) {
+				if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
 					$input_errors[] = gettext("Another entry with the same username already exists.");
 					break;
 				}
 			}
 		}
+		/* also make sure it is not reserved */
+		if (!$input_errors) {
+			$system_users = explode("\n", file_get_contents("/etc/passwd"));
+			foreach ($system_users as $s_user) {
+				$ent = explode(":", $s_user);
+				if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
+					$input_errors[] = gettext("That username is reserved by the system.");
+					break;
+				}
+			}
+		}
 
 		/*
 		 * Check for a valid expirationdate if one is set at all (valid means,
diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php
index a59e83d..5ba3ff8 100755
--- a/usr/local/www/wizard.php
+++ b/usr/local/www/wizard.php
@@ -697,6 +697,8 @@ function showchange() {
 				echo "<td class=\"vtable\">";
 			echo "<select class='formselect' name='{$name}'>\n";
 			foreach ($timezonelist as $tz) {
+				if(strstr($tz, "GMT"))
+					continue;
 				$SELECTED = "";
 				if ($value == $tz) $SELECTED = " SELECTED";
 				echo "<option value='" . htmlspecialchars($tz) . "' {$SELECTED}>";
diff --git a/usr/local/www/wizards/setup_wizard.xml b/usr/local/www/wizards/setup_wizard.xml
index 64ffef1..d0ef4b3 100644
--- a/usr/local/www/wizards/setup_wizard.xml
+++ b/usr/local/www/wizards/setup_wizard.xml
@@ -59,6 +59,8 @@
 			<type>input</type>
 			<bindstofield>system->hostname</bindstofield>
 			<description>EXAMPLE: myserver</description>
+			<validate>^[a-z0-9.|-]+$</validate>
+			<message>Invalid Hostname</message>
 		</field>
 		<field>
 			<name>Domain</name>
@@ -75,12 +77,16 @@
 			<!-- we must unset the fields because this is an array. -->
 			<unsetfield>yes</unsetfield>
 			<arraynum>0</arraynum>
+			<validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate>
+			<message>Primary DNS Server field is invalid</message>
 		</field>
 		<field>
 			<name>Secondary DNS Server</name>
 			<type>input</type>
 			<bindstofield>system->dnsserver</bindstofield>
 			<arraynum>1</arraynum>
+			<validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate>
+			<message>Secondary DNS Server field is invalid</message>
 		</field>
 		<field>
 			<name>Override DNS</name>
@@ -93,6 +99,26 @@
 			<type>submit</type>
 		</field>
 	</fields>
+	<stepsubmitphpaction>
+		<![CDATA[
+		if(empty($_POST['hostname']) || !is_hostname($_POST['hostname'])) {
+			print_info_box_np("Hostname is invalid. Please press back in your browser window and correct.");
+			die;
+		}
+		if(empty($_POST['domain']) || !is_domain($_POST['domain'])) {
+			print_info_box_np("Domain is invalid. Please press back in your browser window and correct.");
+			die;
+		}
+		if(!empty($_POST['primarydnsserver']) && !is_ipaddr($_POST['primarydnsserver'])) {
+			print_info_box_np("Primary DNS server is invalid. Please press back in your browser window and correct.");
+			die;
+		}
+		if(!empty($_POST['secondarydnsserver']) && !is_ipaddr($_POST['secondarydnsserver'])) {
+			print_info_box_np("Second DNS server is invalid. Please press back in your browser window and correct.");
+			die;
+		}
+		]]>
+	</stepsubmitphpaction>
 </step>
 <step>
 	<id>3</id>
@@ -104,6 +130,8 @@
 			<description>Enter the hostname (FQDN) of the time server.</description>
 			<type>input</type>
 			<bindstofield>system->timeservers</bindstofield>
+			<validate>^[a-z0-9.|-]+$</validate>
+			<message>Invalid Time Server Field</message>
 		</field>
 		<field>
 			<name>Timezone</name>
@@ -115,6 +143,14 @@
 			<type>submit</type>
 		</field>
 	</fields>
+	<stepsubmitphpaction>
+		<![CDATA[
+		if(!empty($_POST['timeserverhostname']) && !(is_hostname($_POST['timeserverhostname']) || is_ipaddr($_POST['timeserverhostname']))) {
+			print_info_box_np("Invalid Time Server. Please press back in your browser window and correct.");
+			die;
+		}
+		]]>
+	</stepsubmitphpaction>
 </step>
 <step>
 	<id>4</id>
@@ -180,6 +216,8 @@
 			<bindstofield>interfaces->wan->spoofmac</bindstofield>
 			<type>input</type>
 			<description> This field can be used to modify ("spoof") the MAC address of the WAN interface (may be required with some cable connections). Enter a MAC address in the following format: xx:xx:xx:xx:xx:xx or leave blank.</description>
+			<validate>^([0-9a-f]{2}([:-]||$)){6}$</validate>
+			<message>MAC Address field is invalid</message>
 		</field>
 		<field>
 			<donotdisable>true</donotdisable>
@@ -198,6 +236,8 @@
 			<type>input</type>
 			<typehint> / </typehint>
 			<combinefieldsbegin>true</combinefieldsbegin>
+			<validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate>
+			<message>IP Address field is invalid</message>
 		</field>
 		<field>
 			<combinefieldsend>true</combinefieldsend>
@@ -211,6 +251,8 @@
 			<name>Gateway</name>
 			<bindstofield>interfaces->wan->gateway</bindstofield>
 			<type>input</type>
+			<validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate>
+			<message>Gateway IP Address field is invalid</message>
 		</field>
 		<field>
 			<name>DHCP client configuration</name>
@@ -272,6 +314,8 @@
 			<type>input</type>
 			<typehint> / </typehint>
 			<bindstofield>pptp->local</bindstofield>
+			<validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate>
+			<message>PPTP Local IP Address field is invalid</message>
 		</field>
 		<field>
 			<combinefieldsend>true</combinefieldsend>
@@ -285,6 +329,8 @@
 			<name>PPTP Remote IP Address</name>
 			<bindstofield>pptp->remote</bindstofield>
 			<type>input</type>
+			<validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate>
+			<message>PPTP Remote IP Address field is invalid</message>
 		</field>
 		<field>
 			<name>PPTP Dial on demand</name>
@@ -328,6 +374,34 @@
 			<type>submit</type>
 		</field>
 	</fields>
+	<stepsubmitphpaction>
+		<![CDATA[
+		if(!empty($_POST['mtu']) && ($_POST['mtu'] < 576)) {
+			print_info_box_np("MTU Must be at least 576 (Per RFC 791). Please press back in your browser window and correct.");
+			die;
+		}
+		if(!empty($_POST['macaddress']) && !is_macaddr($_POST['macaddress'])) {
+			print_info_box_np("Invalid MAC Address. Please press back in your browser window and correct.");
+			die;
+		}
+		if(!empty($_POST['ipaddress']) && ($_POST['selectedtype'] == "Static") && (!is_ipaddr($_POST['ipaddress']))) {
+			print_info_box_np("Invalid WAN IP Address. Please press back in your browser window and correct.");
+			die;
+		}
+		if(!empty($_POST['dhcphostname']) && !is_hostname($_POST['dhcphostname'])) {
+			print_info_box_np("Invalid DHCP Hostname. Please press back in your browser window and correct.");
+			die;
+		}
+		if(!empty($_POST['pptplocalipaddress']) && !is_ipaddr($_POST['pptplocalipaddress'])) {
+			print_info_box_np("Invalid PPTP Local IP Address. Please press back in your browser window and correct.");
+			die;
+		}
+		if(!empty($_POST['pptpremoteipaddress']) && !is_ipaddr($_POST['pptpremoteipaddress'])) {
+			print_info_box_np("Invalid PPTP Remopte IP Address. Please press back in your browser window and correct.");
+			die;
+		}
+		]]>
+	</stepsubmitphpaction>
 	<stepsubmitbeforesave>
 		<![CDATA[
 			if($_POST['selectedtype'] == "Static") { 
@@ -352,6 +426,8 @@
 			<type>input</type>
 			<bindstofield>interfaces->lan->ipaddr</bindstofield>
 			<description>Type dhcp if this interface uses DHCP to obtain its IP address.</description>
+			<validate>^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$</validate>
+			<message>LAN IP Address field is invalid</message>
 		</field>
 				<field>
 			<name>Subnet Mask</name>
@@ -364,6 +440,11 @@
 		</field>
 	</fields>
 	<stepsubmitphpaction>
+		<![CDATA[
+		if(empty($_POST['lanipaddress']) || !is_ipaddr($_POST['lanipaddress'])) {
+			print_info_box_np("Invalid LAN IP Address. Please press back in your browser window and correct.");
+			die;
+		}
 		$ft = split("\.", $_POST['lanipaddress']);
 		$ft_ip = $ft[0] . "." . $ft[1] . "." . $ft[2] . ".";
 		$config['dhcpd']['lan']['range']['from'] = $ft_ip . "10";
@@ -371,6 +452,7 @@
 		$hi = split("\.", $highestip);
 		$highestip = $hi[3]-10;
 		$config['dhcpd']['lan']['range']['to'] = $ft_ip . $highestip;
+		]]>
 	</stepsubmitphpaction>
 </step>
 <step>
diff --git a/usr/share/skel/dot.tcshrc b/usr/share/skel/dot.tcshrc
new file mode 100644
index 0000000..97ca003
--- /dev/null
+++ b/usr/share/skel/dot.tcshrc
@@ -0,0 +1,5 @@
+set prompt="%{\033[0;1;33m%}[%{\033[0;1;37m%}`cat /etc/version`%{\033[0;1;33m%}]%{\033[0;1;33m%}%B[%{\033[0;1;37m%}%n%{\033[0;1;31m%}@%{\033[0;1;37m%}%M%{\033[0;1;33m%}]%{\033[0;1;32m%}%b%/%{\033[0;1;33m%}(%{\033[0;1;37m%}%h%{\033[0;1;33m%})%{\033[0;1;36m%}%{\033[0;1;31m%}:%{\033[0;40;37m%} "
+set autologout="0"
+set autolist set color set colorcat
+setenv CLICOLOR "true"
+setenv LSCOLORS "exfxcxdxbxegedabagacad"