summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--etc/inc/vpn.inc180
-rw-r--r--etc/version2
-rwxr-xr-xusr/local/www/vpn_pppoe_users.php132
-rwxr-xr-xusr/local/www/vpn_pppoe_users_edit.php160
4 files changed, 473 insertions, 1 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 685713b..a5cf992 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -781,4 +781,184 @@ function vpn_endpoint_determine($tunnel, $curwanip) {
return null;
}
+function vpn_pppoe_configure() {
+ global $config, $g;
+
+ $syscfg = $config['system'];
+ $pppoecfg = $config['pppoe'];
+
+ if ($g['booting']) {
+ if (!$pppoecfg['mode'] || ($pppoecfg['mode'] == "off"))
+ return 0;
+
+ echo "Configuring PPPoE VPN service... ";
+ } else {
+ /* kill mpd */
+ killbypid("{$g['varrun_path']}/mpd-vpn.pid");
+
+ /* wait for process to die */
+ sleep(2);
+
+ vpn_pptp_configure();
+ }
+
+ /* make sure mpd-vpn directory exists */
+ if (!file_exists("{$g['varetc_path']}/mpd-vpn"))
+ mkdir("{$g['varetc_path']}/mpd-vpn");
+
+ switch ($pppoecfg['mode']) {
+
+ case 'server':
+
+ /* write mpd.conf */
+ $fd = fopen("{$g['varetc_path']}/mpd-vpn/mpd.conf", "a");
+ if (!$fd) {
+ printf("Error: cannot open mpd.conf in vpn_pppoe_configure().\n");
+ return 1;
+ }
+ $mpdconf = "\n\n";
+ $mpdconf .= <<<EOD
+pppoe:
+
+EOD;
+
+ for ($i = 0; $i < $g['n_pppoe_units']; $i++) {
+ $mpdconf .= " load pt{$i}\n";
+ }
+
+ for ($i = 0; $i < $g['n_pppoe_units']; $i++) {
+
+ $clientip = long2ip(ip2long($pppoecfg['remoteip']) + $i);
+ $ngif = "ng" . ($i+1);
+
+ $mpdconf .= <<<EOD
+
+pppoe0:
+ new -i {$ngif} pppoe{i} pppoe{i}
+ set ipcp ranges {$pppoecfg['localip']}/32 {$clientip}/32
+ load pppoe_standart
+
+EOD;
+ }
+
+ $mpdconf .= <<<EOD
+
+pppoe_standart:
+ #set link type pppoe
+ #set pppoe iface lnc0
+ set pppoe service "*"
+ set pppoe disable originate
+ set pppoe enable incoming
+ set bundle no multilink
+ set bundle enable compression
+ set bundle accept encryption
+ set bundle max-logins 1
+ set iface idle 0
+ set iface disable on-demand
+ set iface disable proxy-arp
+ set iface enable tcpmssfix
+ set iface mtu 1500
+ set link mtu 1500
+ set link no pap chap
+ set link enable chap
+ set link keep-alive 60 180
+ set ipcp yes vjcomp
+ set ipcp no vjcomp
+ set link max-redial -1
+ set link mtu 1452
+ set ccp yes mpp-e40
+ set ccp yes mpp-e128
+ set ccp yes mpp-stateless
+ set ipcp dns 10.10.1.3
+ set link latency 1
+
+EOD;
+
+ if (isset($config['dnsmasq']['enable'])) {
+ $mpdconf .= " set ipcp dns " . $config['interfaces']['lan']['ipaddr'];
+ if ($syscfg['dnsserver'][0])
+ $mpdconf .= " " . $syscfg['dnsserver'][0];
+ $mpdconf .= "\n";
+ } else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
+ $mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n";
+ }
+
+ if (isset($pppoecfg['radius']['enable'])) {
+ $mpdconf .= <<<EOD
+ set radius server {$pppoecfg['radius']['server']} "{$pppoecfg['radius']['secret']}"
+ set radius retries 3
+ set radius timeout 10
+ set bundle enable radius-auth
+ set bundle disable radius-fallback
+
+EOD;
+
+ if (isset($pppoecfg['radius']['accounting'])) {
+ $mpdconf .= <<<EOD
+ set bundle enable radius-acct
+
+EOD;
+ }
+ }
+
+ fwrite($fd, $mpdconf);
+ fclose($fd);
+
+ /* write mpd.links */
+ $fd = fopen("{$g['varetc_path']}/mpd-vpn/mpd.links", "a");
+ if (!$fd) {
+ printf("Error: cannot open mpd.links in vpn_pppoe_configure().\n");
+ return 1;
+ }
+
+ $mpdlinks = "";
+
+ for ($i = 0; $i < $g['n_pppoe_units']; $i++) {
+ $mpdlinks .= <<<EOD
+
+pppoe:
+ set link type pppoe
+ #set pppoe iface lnc0
+
+EOD;
+ }
+
+ fwrite($fd, $mpdlinks);
+ fclose($fd);
+
+ /* write mpd.secret */
+ $fd = fopen("{$g['varetc_path']}/mpd-vpn/mpd.secret", "a");
+ if (!$fd) {
+ printf("Error: cannot open mpd.secret in vpn_pppoe_configure().\n");
+ return 1;
+ }
+
+ $mpdsecret = "\n\n";
+
+ if (is_array($pppoecfg['user'])) {
+ foreach ($pppoecfg['user'] as $user)
+ $mpdsecret .= "{$user['name']} \"{$user['password']}\" {$user['ip']}\n";
+ }
+
+ fwrite($fd, $mpdsecret);
+ fclose($fd);
+ chmod("{$g['varetc_path']}/mpd-vpn/mpd.secret", 0600);
+
+ /* fire up mpd */
+ mwexec("/usr/local/sbin/mpd -b -d {$g['varetc_path']}/mpd-vpn -p {$g['varrun_path']}/mpd-vpn.pid pppoe");
+
+ break;
+
+ case 'redir':
+ break;
+ }
+
+ touch("{$g["tmp_path"]}/filter_dirty");
+
+ if ($g['booting'])
+ echo "done\n";
+
+ return 0;
+}
+
?> \ No newline at end of file
diff --git a/etc/version b/etc/version
index b0d230e..eecd809 100644
--- a/etc/version
+++ b/etc/version
@@ -1 +1 @@
-0.71.12 \ No newline at end of file
+0.72 \ No newline at end of file
diff --git a/usr/local/www/vpn_pppoe_users.php b/usr/local/www/vpn_pppoe_users.php
new file mode 100755
index 0000000..7fb7f92
--- /dev/null
+++ b/usr/local/www/vpn_pppoe_users.php
@@ -0,0 +1,132 @@
+#!/usr/local/bin/php
+<?php
+/*
+ vpn_pppoe_users.php
+ part of pfSense
+
+ Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+if (!is_array($config['pppoe']['user'])) {
+ $config['pppoe']['user'] = array();
+}
+pppoe_users_sort();
+$a_secret = &$config['pppoe']['user'];
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval = vpn_pppoe_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+ if ($retval == 0) {
+ if (file_exists($d_pppoeuserdirty_path))
+ unlink($d_pppoeuserdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_secret[$_GET['id']]) {
+ unset($a_secret[$_GET['id']]);
+ write_config();
+ touch($d_pppoeuserdirty_path);
+ header("Location: vpn_pppoe_users.php");
+ exit;
+ }
+}
+
+$pgtitle = "VPN: PPTP: Users";
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></p>
+<form action="vpn_pppoe_users.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (isset($config['pppoe']['radius']['enable']))
+ print_info_box("Warning: RADIUS is enabled. The local user database will not be used."); ?>
+<?php if (file_exists($d_pppoeuserdirty_path)): ?><p>
+<?php print_info_box_np("The PPTP user list has been modified.<br>You must apply the changes in order for them to take effect.<br><b>Warning: this will terminate all current PPTP sessions!</b>");?><br>
+<?php endif; ?>
+<div id="mainarea">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[0] = array("Configuration", false, "vpn_pppoe.php");
+ $tab_array[1] = array("Users", true, "vpn_pppoe_users.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+ <tr>
+ <td colspan="3" class="tabcont">
+ <table width="80%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td class="listhdrr">Username</td>
+ <td class="listhdr">IP address</td>
+ <td class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_secret as $secretent): ?>
+ <tr>
+ <td class="listlr">
+ <?=htmlspecialchars($secretent['name']);?>
+ </td>
+ <td class="listr">
+ <?=htmlspecialchars($secretent['ip']);?>&nbsp;
+ </td>
+ <td class="list" nowrap> <a href="vpn_pppoe_users_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit user" width="17" height="17" border="0"></a>
+ &nbsp;<a href="vpn_pppoe_users.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this user?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" title="delete user" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="2"></td>
+ <td class="list"> <a href="vpn_pppoe_users_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add user" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+</table>
+</div>
+</form>
+<?php include("fend.inc"); ?>
+<script type="text/javascript">
+NiftyCheck();
+Rounded("div#mainarea","bl br","#FFF","#eeeeee","smooth");
+</script>
+
+</body>
+</html>
+
+
diff --git a/usr/local/www/vpn_pppoe_users_edit.php b/usr/local/www/vpn_pppoe_users_edit.php
new file mode 100755
index 0000000..aa8fc02
--- /dev/null
+++ b/usr/local/www/vpn_pppoe_users_edit.php
@@ -0,0 +1,160 @@
+#!/usr/local/bin/php
+<?php
+/*
+ vpn_pppoe_users_edit.php
+ part of pfSense
+
+ Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+if (!is_array($config['pppoe']['user'])) {
+ $config['pppoe']['user'] = array();
+}
+pppoe_users_sort();
+$a_secret = &$config['pppoe']['user'];
+
+$id = $_GET['id'];
+if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+if (isset($id) && $a_secret[$id]) {
+ $pconfig['username'] = $a_secret[$id]['name'];
+ $pconfig['ip'] = $a_secret[$id]['ip'];
+}
+
+if ($_POST) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ if (isset($id) && ($a_secret[$id])) {
+ $reqdfields = explode(" ", "username");
+ $reqdfieldsn = explode(",", "Username");
+ } else {
+ $reqdfields = explode(" ", "username password");
+ $reqdfieldsn = explode(",", "Username,Password");
+ }
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username']))
+ $input_errors[] = "The username contains invalid characters.";
+
+ if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['password']))
+ $input_errors[] = "The password contains invalid characters.";
+
+ if (($_POST['password']) && ($_POST['password'] != $_POST['password2'])) {
+ $input_errors[] = "The passwords do not match.";
+ }
+ if (($_POST['ip'] && !is_ipaddr($_POST['ip']))) {
+ $input_errors[] = "The IP address entered is not valid.";
+ }
+
+ if (!$input_errors && !(isset($id) && $a_secret[$id])) {
+ /* make sure there are no dupes */
+ foreach ($a_secret as $secretent) {
+ if ($secretent['name'] == $_POST['username']) {
+ $input_errors[] = "Another entry with the same username already exists.";
+ break;
+ }
+ }
+ }
+
+ if (!$input_errors) {
+
+ if (isset($id) && $a_secret[$id])
+ $secretent = $a_secret[$id];
+
+ $secretent['name'] = $_POST['username'];
+ $secretent['ip'] = $_POST['ip'];
+
+ if ($_POST['password'])
+ $secretent['password'] = $_POST['password'];
+
+ if (isset($id) && $a_secret[$id])
+ $a_secret[$id] = $secretent;
+ else
+ $a_secret[] = $secretent;
+
+ write_config();
+ touch($d_pppoeuserdirty_path);
+
+ header("Location: vpn_pppoe_users.php");
+ exit;
+ }
+}
+
+$pgtitle = "VPN: PPTP: User: Edit";
+include("head.inc");
+
+?>
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></p>
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+ <form action="vpn_pppoe_users_edit.php" method="post" name="iform" id="iform">
+ <?display_topbar()?>
+ <div id="mainarea">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Username</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="username" type="text" class="formfld" id="username" size="20" value="<?=htmlspecialchars($pconfig['username']);?>">
+ </td>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Password</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="password" type="password" class="formfld" id="password" size="20">
+ <br><?=$mandfldhtml;?><input name="password2" type="password" class="formfld" id="password2" size="20">
+ &nbsp;(confirmation)<?php if (isset($id) && $a_secret[$id]): ?><br>
+ <span class="vexpl">If you want to change the users' password,
+ enter it here twice.</span><?php endif; ?></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">IP address</td>
+ <td width="78%" class="vtable">
+ <input name="ip" type="text" class="formfld" id="ip" size="20" value="<?=htmlspecialchars($pconfig['ip']);?>">
+ <br><span class="vexpl">If you want the user to be assigned a specific IP address, enter it here.</span></td>
+ </tr>
+ <tr>
+ <td class="vncell" width="22%" valign="top">&nbsp;</td>
+ <td class="vncell" width="78%">
+ <input name="Submit" type="submit" class="formbtn" value="Save">
+ <?php if (isset($id) && $a_secret[$id]): ?>
+ <input name="id" type="hidden" value="<?=$id;?>">
+ <?php endif; ?>
+ </td>
+ </tr>
+ </table>
+ </div>
+</form>
+<?php include("fend.inc"); ?>
+</body>
+</html>
+
+
OpenPOWER on IntegriCloud