diff options
91 files changed, 2724 insertions, 1992 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 83fd02c..d1be73e 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -269,19 +269,8 @@ function local_user_set(& $user) { fwrite($fd, $user['password']); pclose($fd); $user_group = "wheel"; - $user_home = "/root"; } - /* admin user special handling */ - if ($user_uid == 0) { - $cmd = "/usr/sbin/pw usermod -q -n admin -s /bin/sh -H 0"; - if($debug) - log_error("Running: {$cmd}"); - $fd = popen($cmd, "w"); - fwrite($fd, $user['password']); - pclose($fd); - $user_group = "wheel"; - } /* read from pw db */ $fd = popen("/usr/sbin/pw usershow {$user_name} 2>&1", "r"); @@ -289,10 +278,11 @@ function local_user_set(& $user) { pclose($fd); /* determine add or mod */ - if (!strncmp($pwread, "pw:", 3)) - $user_op = "useradd"; - else + if (!strncmp($pwread, "pw:", 3)) { + $user_op = "useradd -o"; + } else { $user_op = "usermod"; + } /* add or mod pw db */ $cmd = "/usr/sbin/pw {$user_op} -q -u {$user_uid} -n {$user_name}". @@ -305,6 +295,18 @@ function local_user_set(& $user) { fwrite($fd, $user['password']); pclose($fd); + + /* admin user special handling */ + if ($user_uid == 0) { + $cmd = "/usr/sbin/pw usermod -q -n {$user_name} -s /bin/sh -H 0"; + if($debug) + log_error("Running: {$cmd}"); + $fd = popen($cmd, "w"); + fwrite($fd, $user['password']); + pclose($fd); + $user_group = "wheel"; + } + /* create user directory if required */ if (!is_dir($user_home)) { mkdir($user_home, 0700); diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index be89ba5..31cc680 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -107,7 +107,7 @@ function captiveportal_configure() { unlink_if_exists("{$g['vardb_path']}/captiveportal_mac.db"); unlink_if_exists("{$g['vardb_path']}/captiveportal_ip.db"); unlink_if_exists("{$g['vardb_path']}/captiveportal_radius.db"); - mwexec("/sbin/ipfw table all flush"); + mwexec("/sbin/ipfw -q table all flush"); /* setup new database in case someone tries to access the status -> captive portal page */ touch("{$g['vardb_path']}/captiveportal.db"); @@ -118,7 +118,8 @@ function captiveportal_configure() { /* make sure ipfw is loaded */ if (!is_module_loaded("ipfw.ko")) filter_load_ipfw(); - if (isset($config['captiveportal']['peruserbw']) && !is_module_loaded("dummynet.ko")) + /* Always load dummynet now that even allowed ip and mac passthrough use it. */ + if (!is_module_loaded("dummynet.ko")) mwexec("/sbin/kldload dummynet"); /* generate ipfw rules */ @@ -126,7 +127,8 @@ function captiveportal_configure() { $cprules = captiveportal_rules_generate($cpinterface, $cpips); $cprules .= "\n"; /* generate passthru mac database */ - captiveportal_passthrumac_configure(true); + $cprules .= captiveportal_passthrumac_configure(true); + $cprules .= "\n"; /* allowed ipfw rules to make allowed ip work */ $cprules .= captiveportal_allowedip_configure(); @@ -228,7 +230,7 @@ EOD; fwrite($fd, $cprules); fclose($fd); - mwexec("/sbin/ipfw {$g['tmp_path']}/ipfw.cp.rules"); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/ipfw.cp.rules"); @unlink("{$g['tmp_path']}/ipfw.cp.rules"); @@ -327,12 +329,14 @@ EOD; $listifs = get_configured_interface_list_by_realif(); foreach ($listifs as $listrealif => $listif) { if (!empty($listrealif)) { - mwexec("/sbin/ifconfig {$listrealif} -ipfwfilter"); - $carpif = link_ip_to_carp_interface(find_interface_ip($listrealif)); - if (!empty($carpif)) { - $carpsif = explode(" ", $carpif); - foreach ($carpsif as $cpcarp) - mwexec("/sbin/ifconfig {$cpcarp} -ipfwfilter"); + if (does_interface_exist($listrealif)) { + mwexec("/sbin/ifconfig {$listrealif} -ipfwfilter"); + $carpif = link_ip_to_carp_interface(find_interface_ip($listrealif)); + if (!empty($carpif)) { + $carpsif = explode(" ", $carpif); + foreach ($carpsif as $cpcarp) + mwexec("/sbin/ifconfig {$cpcarp} -ipfwfilter"); + } } } } @@ -346,30 +350,30 @@ EOD; function captiveportal_rules_generate($cpif, &$cpiparray) { global $config, $g; - $cprules = "add 65301 set 1 allow pfsync from any to any\n"; - $cprules .= "add 65302 set 1 allow carp from any to any\n"; + $cprules = "add 65291 set 1 allow pfsync from any to any\n"; + $cprules .= "add 65292 set 1 allow carp from any to any\n"; $cprules .= <<<EOD -# add 65305 set 1 skipto 65534 all from any to any not layer2 +# add 65300 set 1 skipto 65534 all from any to any not layer2 # layer 2: pass ARP -add 65310 set 1 pass layer2 mac-type arp +add 65301 set 1 pass layer2 mac-type arp # pfsense requires for WPA -add 65311 set 1 pass layer2 mac-type 0x888e -add 65312 set 1 pass layer2 mac-type 0x88c7 +add 65302 set 1 pass layer2 mac-type 0x888e +add 65303 set 1 pass layer2 mac-type 0x88c7 # PPP Over Ethernet Discovery Stage -add 65313 set 1 pass layer2 mac-type 0x8863 +add 65304 set 1 pass layer2 mac-type 0x8863 # PPP Over Ethernet Session Stage -add 65314 set 1 pass layer2 mac-type 0x8864 +add 65305 set 1 pass layer2 mac-type 0x8864 # Allow WPA -add 65315 set 1 pass layer2 mac-type 0x888e +add 65306 set 1 pass layer2 mac-type 0x888e # layer 2: block anything else non-IP -add 65316 set 1 deny layer2 not mac-type ip +add 65307 set 1 deny layer2 not mac-type ip EOD; - $rulenum = 65320; + $rulenum = 65310; $ips = "255.255.255.255 "; foreach ($cpiparray as $cpip) $ips .= "or {$cpip} "; @@ -403,16 +407,35 @@ EOD; } if (!empty($config['system']['webgui']['port'])) $port = $config['system']['webgui']['port']; - else if ($config['system']['webgui']['proto'] == "https") - $port = 443; - else + else if ($config['system']['webgui']['proto'] == "http") $port = 80; + else + $port = 443; $rulenum++; $cprules .= "add {$rulenum} set 1 pass tcp from any to {$ips} {$port} in \n"; $rulenum++; $cprules .= "add {$rulenum} set 1 pass tcp from {$ips} {$port} to any out \n"; $rulenum++; + /* Allowed ips */ + $cprules .= "add {$rulenum} allow ip from table(3) to any in\n"; + $rulenum++; + $cprules .= "add {$rulenum} allow ip from any to table(4) out\n"; + $rulenum++; + $cprules .= "add {$rulenum} pipe tablearg ip from table(5) to any in\n"; + $rulenum++; + $cprules .= "add {$rulenum} pipe tablearg ip from any to table(6) out\n"; + $rulenum++; + $cprules .= "add {$rulenum} allow ip from any to table(7) in\n"; + $rulenum++; + $cprules .= "add {$rulenum} allow ip from table(8) to any out\n"; + $rulenum++; + $cprules .= "add {$rulenum} pipe tablearg ip from any to table(9) in\n"; + $rulenum++; + $cprules .= "add {$rulenum} pipe tablearg ip from table(10) to any out\n"; + $rulenum++; + + /* Authenticated users rules. */ if (isset($config['captiveportal']['peruserbw'])) { $cprules .= "add {$rulenum} set 1 pipe tablearg ip from table(1) to any in\n"; $rulenum++; @@ -699,31 +722,119 @@ function captiveportal_radius_stop_all($lock = false) { unlock($captiveportallck); } +function captiveportal_passthrumac_configure_entry($macent) { + $rules = ""; + $enBwup = isset($macent['bw_up']); + $enBwdown = isset($macent['bw_down']); + $actionup = "allow"; + $actiondown = "allow"; + + if ($enBwup && $enBwdown) + $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, true); + else + $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, false); + + if ($enBwup) { + $bw_up = $ruleno + 20000; + $rules .= "pipe {$bw_up} config bw {$macent['bw_up']}Kbit/s queue 100\n"; + $actionup = "pipe {$bw_up}"; + } + if ($enBwdown) { + $bw_down = $ruleno + 20001; + $rules .= "pipe {$bw_down} config bw {$macent['bw_down']}Kbit/s queue 100\n"; + $actiondown = "pipe {$bw_down}"; + } + $rules .= "add {$ruleno} {$actionup} ip from any to any MAC {$macent['mac']} any\n"; + $ruleno++; + $rules .= "add {$ruleno} {$actiondown} ip from any to any MAC any {$macent['mac']}\n"; + + return $rules; +} + function captiveportal_passthrumac_configure($lock = false) { global $config, $g; - if (!$lock) - $captiveportallck = lock('captiveportal'); - - /* clear out passthru macs, if necessary */ - unlink_if_exists("{$g['vardb_path']}/captiveportal_mac.db"); + $rules = ""; if (is_array($config['captiveportal']['passthrumac'])) { $macdb = array(); foreach ($config['captiveportal']['passthrumac'] as $macent) { + $rules .= captiveportal_passthrumac_configure_entry($macent); $macdb[$macent['mac']]['active'] = true; - if (isset($macent['bw_up'])) - $macdb[$macent['mac']]['bw_up'] = $macent['bw_up']; - if (isset($macent['bw_down'])) - $macdb[$macent['mac']]['bw_down'] = $macent['bw_down']; } - /* record passthru MACs so can be recognized and let thru */ - file_put_contents("{$g['vardb_path']}/captiveportal_mac.db", serialize($macdb)); } - if (!$lock) - unlock($captiveportallck); + return $rules; +} + +/* + * table (3=IN)/(4=OUT) hold allowed ip's without bw limits + * table (5=IN)/(6=OUT) hold allowed ip's with bw limit. + */ +function captiveportal_allowedip_configure_entry($ipent) { + + $rules = ""; + $enBwup = isset($ipent['bw_up']); + $enBwdown = isset($ipent['bw_down']); + $bw_up = ""; + $bw_down = ""; + $tablein = array(); + $tableout = array(); + + if ($enBwup && $enBwdown) + $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, true); + else + $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, false); + + if ($ipent['dir'] == "from") { + if ($enBwup) + $tablein[] = 5; + else + $tablein[] = 3; + if ($enBwdown) + $tableout[] = 6; + else + $tableout[] = 4; + } else if ($ipent['dir'] == "to") { + if ($enBwup) + $tablein[] = 9; + else + $tablein[] = 7; + if ($enBwdown) + $tableout[] = 10; + else + $tableout[] = 8; + } else if ($ipent['dir'] == "both") { + if ($enBwup) { + $tablein[] = 5; + $tablein[] = 9; + } else { + $tablein[] = 3; + $tablein[] = 7; + } + if ($enBwdown) { + $tableout[] = 6; + $tableout[] = 10; + } else { + $tableout[] = 4; + $tableout[] = 8; + } + } + if ($enBwup) { + $bw_up = $ruleno + 20000; + $rules .= "pipe {$bw_up} config bw {$ipent['bw_up']}Kbit/s queue 100\n"; + } + foreach ($tablein as $table) + $rules .= "table {$table} add {$ipent['ip']} {$bw_up}\n"; + if ($enBwdown) { + $bw_down = $ruleno + 20001; + $rules .= "pipe {$bw_down} config bw {$ipent['bw_down']}Kbit/s queue 100\n"; + } + foreach ($tableout as $table) + $rules .= "table {$table} add {$ipent['ip']} {$bw_down}\n"; + + return $rules; } function captiveportal_allowedip_configure() { @@ -731,26 +842,8 @@ function captiveportal_allowedip_configure() { $rules = ""; if (is_array($config['captiveportal']['allowedip'])) { - $peruserbw = isset($config['captiveportal']['peruserbw']); foreach ($config['captiveportal']['allowedip'] as $ipent) { - $ruleno = captiveportal_get_next_ipfw_ruleno(); - $bw_up = ""; - $bw_down = ""; - if ($peruserbw) { - $bwup = isset($ipent['bw_up']) ? trim($ipent['bw_up']) : $config['captiveportal']['bwdefaultup']; - $bwdown = isset($ipent['bw_down']) ? trim($ipent['bw_down']) : $config['captiveportal']['bwdefaultdn']; - if (!empty($bwup) && is_numeric($bwup)) { - $bw_up = $ruleno + 20000; - $rules .= "pipe {$bw_up} config bw {$bw_up}Kbit/s queue 100\n"; - } - if (!empty($bwdown) && is_numeric($bwdown)) { - $bw_down = $ruleno + 20001; - $rules .= "pipe {$bw_down} config bw {$bw_down}Kbit/s queue 100\n"; - } - } - /* insert address in ipfw table */ - $rules .= "table 1 add {$ipent['ip']} ${bw_up}\n"; - $rules .= "table 2 add {$ipent['ip']} ${bw_down}\n"; + $rules .= captiveportal_allowedip_configure_entry($ipent); } } @@ -953,7 +1046,7 @@ function captiveportal_init_ipfw_ruleno($rulenos_start = 2000, $rulenos_range_ma * within the range specified based on the actual logged on users * */ -function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_range_max = 49899) { +function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_range_max = 49899, $usebw = false) { global $config, $g; if(!isset($config['captiveportal']['enable'])) @@ -975,7 +1068,7 @@ function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_rang } $ruleno = $ridx; $rules[$ridx] = "used"; - if (isset($config['captiveportal']['peruserbw'])) + if (isset($config['captiveportal']['peruserbw']) || $usebw == true) $rules[++$ridx] = "used"; break; } @@ -988,7 +1081,7 @@ function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_rang return $ruleno; } -function captiveportal_free_ipfw_ruleno($ruleno) { +function captiveportal_free_ipfw_ruleno($ruleno, $usedbw = false) { global $config, $g; if(!isset($config['captiveportal']['enable'])) @@ -997,13 +1090,13 @@ function captiveportal_free_ipfw_ruleno($ruleno) { if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); $rules[$ruleno] = false; - if (isset($config['captiveportal']['peruserbw'])) + if (isset($config['captiveportal']['peruserbw']) || $usedbw == true) $rules[++$ruleno] = false; file_put_contents("{$g['vardb_path']}/captiveportal.rules", serialize($rules)); } } -function captiveportal_get_ipfw_ruleno_byvalue($value) { +function captiveportal_get_ipfw_passthru_ruleno($value) { global $config, $g; if(!isset($config['captiveportal']['enable'])) @@ -1011,7 +1104,7 @@ function captiveportal_get_ipfw_ruleno_byvalue($value) { if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); - $ruleno = intval(`/sbin/ipfw table 1 list | /usr/bin/grep {$value} | /usr/bin/grep -v grep | /usr/bin/cut -d " " -f 1 | /usr/bin/head -n 1`); + $ruleno = intval(`/sbin/ipfw show | /usr/bin/grep {$value} | /usr/bin/grep -v grep | /usr/bin/cut -d " " -f 1 | /usr/bin/head -n 1`); if ($rules[$ruleno]) return $ruleno; } @@ -1088,18 +1181,6 @@ function getNasIP() return $nasIp; } -function portal_mac_fixed($clientmac) { - global $g ; - - /* open captive portal mac db */ - if (file_exists("{$g['vardb_path']}/captiveportal_mac.db")) { - $macdb = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal_mac.db")); - if (isset($macdb[$clientmac])) - return $macdb[$clientmac]; - } - return FALSE ; -} - function portal_ip_from_client_ip($cliip) { global $config; diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index 4d6ca8d..e0f63f6 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -484,7 +484,7 @@ function write_config($desc="Unknown", $backup = true) { if (!safe_write_file("{$g['cf_conf_path']}/config.xml", $xmlconfig, false)) { log_error("WARNING: Config contents could not be save. Could not open file!"); unlock($lockkey); - file_notice("Unable to open {$g['cf_conf_path']}/config.xml for writing in write_config()\n"); + file_notice("config.xml", "Unable to open {$g['cf_conf_path']}/config.xml for writing in write_config()\n"); return -1; } diff --git a/etc/inc/dyndns.class b/etc/inc/dyndns.class index 29011fb..bf442fb 100644 --- a/etc/inc/dyndns.class +++ b/etc/inc/dyndns.class @@ -375,7 +375,7 @@ if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON"; curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass); - $server = "https://updates.opendns.com/nic/update?hostname="; + $server = "https://updates.opendns.com/nic/update?hostname=". $this->_dnsHost; $port = ""; if($this->_dnsServer) $server = $this->_dnsServer; diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 5dc5cd5..d485de8 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -51,6 +51,9 @@ $time_based_rules = false; /* Used to hold the interface list that will be used on ruleset creation. */ $FilterIflist = array(); +/* Create a global array to avoid errors on rulesets. */ +$GatewaysList = array(); + /* Used for the hostname dns resolver */ $filterdns = ""; @@ -482,8 +485,12 @@ function filter_generate_aliases() { if(isset($config['aliases']['alias'])) { foreach ($config['aliases']['alias'] as $aliased) { $extraalias = ""; - $ip = find_interface_ip($aliased['address']); - $extraalias = " " . link_ip_to_carp_interface($ip); + /* + * XXX: i am not sure what this does so i am commenting it out for now, because as it is + * its quite dangerous! + * $ip = find_interface_ip($aliased['address']); + * $extraalias = " " . link_ip_to_carp_interface($ip); + */ $aliasnesting = array(); $aliasaddrnesting = array(); $addrlist = filter_generate_nested_alias($aliased['name'], $aliased['address'], $aliasnesting, $aliasaddrnesting); @@ -531,7 +538,7 @@ function filter_generate_aliases() { } function filter_generate_gateways() { - global $config, $g; + global $config, $g, $GatewaysList; $rules = "# Gateways\n"; @@ -588,6 +595,9 @@ function filter_generate_gateways() { } } + /* Create a global array to avoid errors on rulesets. */ + $GatewaysList = array_merge($GatewaysList, $GatewayGroupsList); + $rules .= "\n"; return $rules; @@ -772,50 +782,136 @@ function filter_flush_state_table() { return mwexec("/sbin/pfctl -F state"); } -function filter_generate_reflection($rule, $nordr, $srcaddr, $dstport, &$starting_localhost_port, &$reflection_txt) { +function filter_get_reflection_interfaces($natif = "") { + global $FilterIflist; + + $nat_if_list = array(); + + foreach ($FilterIflist as $ifent => $ifname) { + if($ifname['if'] == $natif) + continue; + + /* Do not add reflection redirects for interfaces with gateways */ + if(interface_has_gateway($ifent)) + continue; + + $nat_if_list[] = $ifname['if']; + } + + return $nat_if_list; +} + +function filter_generate_reflection_nat($rule, $nat_ifs, $protocol, $target, $target_ip, $target_subnet = "") { + // Initialize natrules holder string + $natrules = ""; + + update_filter_reload_status("Creating reflection NAT rule for {$rule['descr']}..."); + + /* TODO: Add this option to port forwards page. */ + if(isset($rule['staticnatport'])) { + $static_port = " static-port"; + } else { + $static_port = " port 1024:65535"; + } + + if(!empty($protocol)) { + $protocol_text = " proto {$protocol}"; + } else { + $protocol_text = ""; + } + + $target_if_list = array(); + if(empty($target_subnet) || !is_numeric($target_subnet) || $target_subnet == 32) { + $target_if_list[] = guess_interface_from_ip($target_ip); + } else { + $target_if_list[] = guess_interface_from_ip(gen_subnet_max($target_ip, $target_subnet)); + } + + foreach ($target_if_list as $target_if) { + /* Only install additional NAT rules if the + * target is in the list of source networks */ + if(in_array($target_if, $nat_ifs)) { + $target_networks = "{$target_if}:network"; + + $natrules .= "no nat on {$target_if}{$protocol_text} from {$target_if} to {$target}\n"; + $natrules .= "nat on {$target_if}{$protocol_text} from {$target_networks} to {$target} -> {$target_if}{$static_port}\n"; + } + } + + return $natrules; +} + +function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_port, $dstport, &$starting_localhost_port, &$reflection_txt) { global $FilterIflist, $config; // Initialize natrules holder string $natrules = ""; $reflection_txt = array(); - if(!isset($config['system']['disablenatreflection'])) { + if(!empty($rdr_ifs)) { if($config['system']['reflectiontimeout']) $reflectiontimeout = $config['system']['reflectiontimeout']; else $reflectiontimeout = "2000"; - update_filter_reload_status("Setting up NAT Reflection"); - - $natrules .= "\n# Reflection redirects\n"; - $rdr_if_list = ""; - foreach ($FilterIflist as $ifent => $ifname) { - /* do not process interfaces with gateways*/ - if(interface_has_gateway($ifent)) - continue; + update_filter_reload_status("Creating reflection rule for {$rule['descr']}..."); - $rdr_if_list .= " " . $ifname['if']; - } - if (!empty($rdr_if_list)) + $rdr_if_list = implode(" ", $rdr_ifs); + if(count($rdr_ifs) > 1) $rdr_if_list = "{ {$rdr_if_list} }"; - update_filter_reload_status("Creating reflection rule for {$rule['descr']}..."); + $natrules .= "\n# Reflection redirects\n"; if($dstport[1]) $range_end = ($dstport[1]); else $range_end = ($dstport[0]); - $range_end++; - - /* TODO: support multiple ip's in an alias. */ - if (is_alias($rule['destination']['address'])) - $dstaddr = filter_expand_alias($rule['destination']['address']); - else if(is_ipaddr($rule['destination']['address'])) - $dstaddr = $rule['destination']['address']; - else if (is_ipaddr($FilterIflist[$rule['interface']]['ip'])) - $dstaddr = $FilterIflist[$rule['interface']]['ip']; + + $dstaddr = explode(" ", $dstaddr_port); + if($dstaddr[2]) + $rflctintrange = $dstaddr[2]; else - return "\n"; + $rflctintrange = ""; + $dstaddr = $dstaddr[0]; + if(empty($dstaddr) || strtolower(trim($dstaddr)) == "port") + return ""; + + if(isset($rule['destination']['any'])) { + if(!$rule['interface']) + $natif = "wan"; + else + $natif = $rule['interface']; + + if(!isset($FilterIflist[$natif])) + return ""; + if(is_ipaddr($FilterIflist[$natif]['ip'])) + $dstaddr = $FilterIflist[$natif]['ip']; + else + return ""; + + if(!empty($FilterIflist[$natif]['sn'])) + $dstaddr = gen_subnet($dstaddr, $FilterIflist[$natif]['sn']) . '/' . $FilterIflist[$natif]['sn']; + } + + switch($rule['protocol']) { + case "tcp/udp": + $protocol = "{ tcp udp }"; + $reflect_protos = array('tcp', 'udp'); + break; + case "tcp": + case "udp": + $protocol = $rule['protocol']; + $reflect_protos = array($rule['protocol']); + break; + default: + return ""; + break; + } + + if(!empty($nordr)) { + $natrules .= "no rdr on {$rdr_if_list} proto {$protocol} from {$srcaddr} to {$dstaddr} port {$rflctintrange}\n"; + return $natrules; + } if (is_alias($rule['target'])) $target = filter_expand_alias($rule['target']); @@ -824,12 +920,11 @@ function filter_generate_reflection($rule, $nordr, $srcaddr, $dstport, &$startin else if (is_ipaddr($FilterIflist[$rule['target']]['ip'])) $target = $FilterIflist[$rule['target']]['ip']; else - return "\n"; + return ""; if($rule['local-port']) $lrange_start = $rule['local-port']; - if($range_end - $dstport[0] > 500) { - $range_end = $dstport[0]+1; + if(($range_end + 1) - $dstport[0] > 500) { log_error("Not installing nat reflection rules for a port range > 500"); /* only install reflection rules for < 19991 items */ } else if($starting_localhost_port < 19991) { @@ -846,55 +941,45 @@ function filter_generate_reflection($rule, $nordr, $srcaddr, $dstport, &$startin } $inetdport = $starting_localhost_port; - if(($range_end - 1) > $dstport[0]) { + if($range_end > $dstport[0]) { $rflctrange = "{$starting_localhost_port}"; - $delta = $range_end - $dstport[0] - 1; + $delta = $range_end - $dstport[0]; if(($starting_localhost_port + $delta) > 19990) { log_error("Installing partial nat reflection rules. Maximum 1,000 reached."); $delta = 19990 - $starting_localhost_port; + $range_end = $dstport[0] + $delta; + $rflctintrange = ""; } $starting_localhost_port = $starting_localhost_port + $delta; $rflctrange .= ":{$starting_localhost_port}"; - $rflctintrange = "{$dstport[0]}:{$range_end}"; + if(empty($rflctintrange)) + $rflctintrange = "{$dstport[0]}:{$range_end}"; if($rflctnorange) $toadd_array = range($loc_pt, $loc_pt + $delta); + $starting_localhost_port++; } else { $rflctrange = $starting_localhost_port; - $rflctintrange = $dstport[0]; + if(empty($rflctintrange)) + $rflctintrange = $dstport[0]; if($rflctnorange) $toadd_array = array($loc_pt); $starting_localhost_port++; } - switch($rule['protocol']) { - case "tcp/udp": - $protocol = "{ tcp udp }"; - foreach($toadd_array as $tda) { - $reflection_txt[] = "{$inetdport}\tstream\ttcp\tnowait/0\tnobody\t/usr/bin/nc\tnc -w {$reflectiontimeout} {$target} {$tda}\n"; - $reflection_txt[] = "{$inetdport}\tdgram\tudp\tnowait/0\tnobody\t/usr/bin/nc\tnc -u -w {$reflectiontimeout} {$target} {$tda}\n"; - $inetdport++; + foreach($toadd_array as $tda){ + foreach($reflect_protos as $reflect_proto) { + if($reflect_proto == "udp") { + $socktype = "dgram"; + $dash_u = "-u "; + } else { + $socktype = "stream"; + $dash_u = ""; } - $natrules .= "{$nordr}rdr on {$rdr_if_list} proto {$protocol} from {$srcaddr} to {$dstaddr} port {$rflctintrange} tag PFREFLECT" . - ($nordr == "" ? " -> 127.0.0.1 port {$rflctrange}" : "") . "\n"; - break; - case "tcp": - case "udp": - $protocol = $rule['protocol']; - if($protocol == "udp") { - $socktype = "dgram"; - $dash_u = "-u "; - } else { - $socktype = "stream"; - $dash_u = ""; - } - foreach($toadd_array as $tda){ - $reflection_txt[] = "{$inetdport}\t{$socktype}\t{$protocol}\tnowait/0\tnobody\t/usr/bin/nc\tnc {$dash_u}-w {$reflectiontimeout} {$target} {$tda}\n"; - $inetdport++; + $reflection_txt[] = "{$inetdport}\t{$socktype}\t{$reflect_proto}\tnowait/0\tnobody\t/usr/bin/nc\tnc {$dash_u}-w {$reflectiontimeout} {$target} {$tda}\n"; } - $natrules .= "{$nordr}rdr on {$rdr_if_list} proto {$protocol} from {$srcaddr} to {$dstaddr} port {$rflctintrange} tag PFREFLECT" . - ($nordr == "" ? " -> 127.0.0.1 port {$rflctrange}" : "") . "\n"; - break; + $inetdport++; } + $natrules .= "rdr on {$rdr_if_list} proto {$protocol} from {$srcaddr} to {$dstaddr} port {$rflctintrange} tag PFREFLECT -> 127.0.0.1 port {$rflctrange}\n"; } $reflection_txt = array_unique($reflection_txt); } @@ -983,8 +1068,27 @@ function filter_nat_rules_generate() { else $natif = $natent['interface']; $natif = $FilterIflist[$natif]['if']; - if($natif) - $natrules .= "binat on $natif from {$natent['internal']}/{$sn} to any -> {$natent['external']}/{$sn}\n"; + + if($natif) { + /* If reflection is enabled, turn on extra redirections + * for this rule by adding other interfaces to binat rule. */ + if(isset($config['system']['enablebinatreflection'])) { + $nat_if_list = filter_get_reflection_interfaces($natif); + } else { + $nat_if_list = array(); + } + + $nat_if_list = array_merge(array($natif), $nat_if_list); + //$binat_if_list = implode(" ", $nat_if_list); + //if(count($nat_if_list) > 1) + // $binat_if_list = "{ {$binat_if_list} }"; + + /* binat seems to currently only work with the first interface specified on the line */ + // $natrules .= "binat on {$binat_if_list} from {$natent['internal']}/{$sn} to any -> {$natent['external']}/{$sn}\n"; + foreach ($nat_if_list as $natifname) + $natrules .= "binat on {$natifname} from {$natent['internal']}/{$sn} to any -> {$natent['external']}/{$sn}\n"; + $natrules .= filter_generate_reflection_nat($rule, $nat_if_list, "", "{$natent['internal']}/{$sn}", $natent['internal'], $sn); + } } } $natrules .= "\n# Outbound NAT rules\n"; @@ -1176,17 +1280,6 @@ function filter_nat_rules_generate() { if(isset($rule['disabled'])) continue; - if (strtolower($rule['protocol']) == "tcp/udp") - $protocol = "{ tcp udp }"; - else - $protocol = strtolower($rule['protocol']); - - /* if item is an alias, expand */ - $srcport = ""; - $srcport[0] = alias_expand($rule['source']['port']); - if(!$srcport[0]) - $srcport = explode("-", $rule['source']['port']); - /* if item is an alias, expand */ $dstport = ""; $dstport[0] = alias_expand($rule['destination']['port']); @@ -1195,8 +1288,10 @@ function filter_nat_rules_generate() { /* if item is an alias, expand */ $localport = alias_expand($rule['local-port']); - if(!$localport || $rule['destination']['port'] == $rule['local-port']) { + if(!$localport || $dstport[0] == $localport) { $localport = ""; + } else if(is_alias($rule['destination']['port']) || is_alias($rule['local-port'])) { + $localport = " port {$localport}"; } else { if(($dstport[1]) && ($dstport[0] != $dstport[1])) { $localendport = $localport + ($dstport[1] - $dstport[0]); @@ -1207,8 +1302,22 @@ function filter_nat_rules_generate() { $localport = " port {$localport}"; } + switch(strtolower($rule['protocol'])) { + case "tcp/udp": + $protocol = "{ tcp udp }"; + break; + case "tcp": + case "udp": + $protocol = strtolower($rule['protocol']); + break; + default: + $protocol = strtolower($rule['protocol']); + $localport = ""; + break; + } + $target = alias_expand($rule['target']); - if(!$target) { + if(!$target && !isset($rule['nordr'])) { $natrules .= "# Unresolvable alias {$rule['target']}\n"; continue; /* unresolvable alias */ } @@ -1233,18 +1342,26 @@ function filter_nat_rules_generate() { $natif = $FilterIflist[$natif]['if']; - if (isset($rule['nordr'])) + if (isset($rule['nordr'])) { $nordr = "no "; - else + $rdrpass = ""; + } else $nordr = ""; - if($srcaddr <> "" && $dstaddr <> "") { - /* is rule a port range? */ - if($natif) - $natrules .= "{$nordr}rdr {$rdrpass}on {$natif} proto {$protocol} from {$srcaddr} to {$dstaddr}" . ($nordr == "" ? " -> {$target}{$localport}" : ""); + if(!isset($config['system']['disablenatreflection'])) { + $nat_if_list = filter_get_reflection_interfaces($natif); + } else { + $nat_if_list = array(); + } + + if($srcaddr <> "" && $dstaddr <> "" && $natif) { + $srcaddr = trim($srcaddr); + $dstaddr = trim($dstaddr); + + $natrules .= "{$nordr}rdr {$rdrpass}on {$natif} proto {$protocol} from {$srcaddr} to {$dstaddr}" . ($nordr == "" ? " -> {$target}{$localport}" : ""); /* Does this rule redirect back to a internal host? */ - if($dstaddr == "any" && !interface_has_gateway($rule['interface'])) { + if(isset($rule['destination']['any']) && !interface_has_gateway($rule['interface']) && !isset($rule['nordr'])) { $rule_interface_ip = find_interface_ip($natif); $rule_interface_subnet = find_interface_subnet($natif); $rule_subnet = gen_subnet($rule_interface_ip, $rule_interface_subnet); @@ -1252,7 +1369,7 @@ function filter_nat_rules_generate() { $natrules .= "no nat on {$natif} proto tcp from ({$natif}) to {$rule_subnet}/{$rule_interface_subnet}\n"; $natrules .= "nat on {$natif} proto tcp from {$rule_subnet}/{$rule_interface_subnet} to {$target} port {$dstport[0]} -> ({$natif})\n"; } - $natrules .= filter_generate_reflection($rule, $nordr, $srcaddr, $dstport, $starting_localhost_port, $reflection_rules); + $natrules .= filter_generate_reflection($rule, $nordr, $nat_if_list, $srcaddr, $dstaddr, $dstport, $starting_localhost_port, $reflection_rules); $natrules .= "\n"; foreach ($reflection_rules as $txtline) @@ -1324,7 +1441,7 @@ function filter_generate_address(& $rule, $target = "source", $isnat = false) { if(strstr($rule[$target]['network'], "opt")) { $optmatch = ""; $matches = ""; - if(preg_match("/opt([0-9]*)/", $rule[$target]['network'], $optmatch)) { + if(preg_match("/opt([0-9]*)$/", $rule[$target]['network'], $optmatch)) { $opt_ip = $FilterIflist["opt{$optmatch[1]}"]['ip']; if(!is_ipaddr($opt_ip)) return ""; @@ -1408,7 +1525,7 @@ function filter_generate_address(& $rule, $target = "source", $isnat = false) { } function filter_generate_user_rule($rule) { - global $config, $g, $FilterIflist; + global $config, $g, $FilterIflist, $GatewaysList; global $layer7_rules_list; if(isset($config['system']['developerspew'])) { @@ -1498,8 +1615,11 @@ function filter_generate_user_rule($rule) { } /* if user has selected a custom gateway, lets work with it */ else if($rule['gateway'] <> "") { - /* Add the load balanced gateways */ - $aline['route'] = " \$GW{$rule['gateway']} "; + if (isset($GatewaysList[$rule['gateway']])) + /* Add the load balanced gateways */ + $aline['route'] = " \$GW{$rule['gateway']} "; + else + log_error("The gateway: {$rule['gateway']} is invalid/unkown not using it."); } if(isset($rule['protocol'])) { @@ -1553,9 +1673,29 @@ function filter_generate_user_rule($rule) { if($type == "pass") { if(isset($rule['allowopts'])) $aline['allowopts'] = " allow-opts "; - if( isset($rule['source-track']) or isset($rule['max']) or isset($rule['max-src-nodes']) or isset($rule['max-src-conn']) or isset($rule['max-src-states']) ) - if($rule['protocol'] == "tcp") + + $aline['flags'] = ""; + if($rule['protocol'] == "tcp") { + if (isset($rule['tcpflags_any'])) + $aline['flags'] = "flags any "; + else if (!empty($rule['tcpflags2'])) { + $aline['flags'] = "flags "; + if (!empty($rule['tcpflags1'])) { + $flags1 = explode(",", $rule['tcpflags1']); + foreach ($flags1 as $flag1) + $aline['flags'] .= strtoupper($flag1[0]); + } + $aline['flags'] .= "/"; + if (!empty($rule['tcpflags2'])) { + $flags2 = explode(",", $rule['tcpflags2']); + foreach ($flags2 as $flag2) + $aline['flags'] .= strtoupper($flag2[0]); + } + $aline['flags'] .= " "; + } else $aline['flags'] = "flags S/SA "; + } + /* * # keep state * works with TCP, UDP, and ICMP. @@ -1574,30 +1714,37 @@ function filter_generate_user_rule($rule) { switch($rule['statetype']) { case "none": $noadvoptions = true; - $aline['flags'] = " no state "; + $aline['flags'] .= " no state "; break; case "modulate state": case "synproxy state": if($rule['protocol'] == "tcp") - $aline['flags'] = "{$rule['statetype']} "; + $aline['flags'] .= "{$rule['statetype']} "; + break; + case "sloppy state": + $aline['flags'] .= "keep state "; + $rule['sloppy'] = true; break; default: - $aline['flags'] = "{$rule['statetype']} "; + $aline['flags'] .= "{$rule['statetype']} "; + break; } } else - $aline['flags'] = "keep state "; + $aline['flags'] .= "keep state "; if($noadvoptions == false || $l7_present) - if( isset($rule['source-track']) and $rule['source-track'] <> "" or - isset($rule['max']) and $rule['max'] <> "" or - isset($rule['max-src-nodes']) and $rule['max-src-nodes'] <> "" or - isset($rule['max-src-conn']) and $rule['max-src-conn'] <> "" or - isset($rule['max-src-conn-rate']) and $rule['max-src-conn-rate'] <> "" or - isset($rule['max-src-conn-rates']) and $rule['max-src-conn-rates'] <> "" or - isset($rule['max-src-states']) and $rule['max-src-states'] <> "" or - isset($rule['statetimeout']) and $rule['statetimeout'] <> "" or - $l7_present) { + if( (isset($rule['source-track']) and $rule['source-track'] <> "") or + (isset($rule['max']) and $rule['max'] <> "") or + (isset($rule['max-src-nodes']) and $rule['max-src-nodes'] <> "") or + (isset($rule['max-src-conn']) and $rule['max-src-conn'] <> "") or + (isset($rule['max-src-conn-rate']) and $rule['max-src-conn-rate'] <> "") or + (isset($rule['max-src-conn-rates']) and $rule['max-src-conn-rates'] <> "") or + (isset($rule['max-src-states']) and $rule['max-src-states'] <> "") or + (isset($rule['statetimeout']) and $rule['statetimeout'] <> "") or + isset($rule['sloppy']) or $l7_present) { $aline['flags'] .= "( "; + if (isset($rule['sloppy'])) + $aline['flags'] .= "sloppy "; if(isset($rule['source-track']) and $rule['source-track'] <> "") $aline['flags'] .= "source-track rule "; if(isset($rule['max']) and $rule['max'] <> "") @@ -1918,34 +2065,6 @@ pass out on \$IPsec all keep state label "IPsec internal host to host" EOD; - /* pass traffic between statically routed subnets and the subnet on the - * interface in question to avoid problems with complicated routing - * topologies - */ - if(isset($config['filter']['bypassstaticroutes']) && is_array($config['staticroutes']['route']) && count($config['staticroutes']['route'])) { - $ipfrules .= "anchor \"staticrouted\" \n"; - foreach ($config['staticroutes']['route'] as $route) { - $realif = guess_interface_from_ip(lookup_gateway_ip_by_name($route['gateway'])); - $friendly = convert_real_interface_to_friendly_interface_name($realif); - if(is_array($FilterIflist[$friendly])) { - $oc = $FilterIflist[$friendly]; - if($oc['ip']) { - $sa = $oc['sa']; - $sn = $oc['sn']; - $if = $oc['if']; - } - if($sa) { - $ipfrules .= <<<EOD -pass in quick on \${$oc['descr']} from {$sa}/{$sn} to {$route['network']} no state label "pass traffic between statically routed subnets" -pass in quick on \${$oc['descr']} from {$route['network']} to {$sa}/{$sn} no state label "pass traffic between statically routed subnets" -pass out quick on \${$oc['descr']} from {$sa}/{$sn} to {$route['network']} no state label "pass traffic between statically routed subnets" -pass out quick on \${$oc['descr']} from {$route['network']} to {$sa}/{$sn} no state label "pass traffic between statically routed subnets" - -EOD; - } - } - } - } if(!isset($config['system']['webgui']['noantilockout'])) { if(count($config['interfaces']) > 1 && !empty($FilterIflist['lan']['if'])) { /* if antilockout is enabled, LAN exists and has @@ -2033,6 +2152,35 @@ EOD; } } + /* pass traffic between statically routed subnets and the subnet on the + * interface in question to avoid problems with complicated routing + * topologies + */ + if(isset($config['filter']['bypassstaticroutes']) && is_array($config['staticroutes']['route']) && count($config['staticroutes']['route'])) { + $ipfrules .= "anchor \"staticrouted\" \n"; + foreach ($config['staticroutes']['route'] as $route) { + $realif = guess_interface_from_ip(lookup_gateway_ip_by_name($route['gateway'])); + $friendly = convert_real_interface_to_friendly_interface_name($realif); + if(is_array($FilterIflist[$friendly])) { + $oc = $FilterIflist[$friendly]; + if($oc['ip']) { + $sa = $oc['sa']; + $sn = $oc['sn']; + $if = $oc['if']; + } + if($sa) { + $ipfrules .= <<<EOD +pass quick on \${$oc['descr']} proto tcp from {$sa}/{$sn} to {$route['network']} flags any keep state(sloppy) label "pass traffic between statically routed subnets" +pass quick on \${$oc['descr']} from {$sa}/{$sn} to {$route['network']} keep state(sloppy) label "pass traffic between statically routed subnets" +pass quick on \${$oc['descr']} proto tcp from {$route['network']} to {$sa}/{$sn} flags any keep state(sloppy) label "pass traffic between statically routed subnets" +pass quick on \${$oc['descr']} from {$route['network']} to {$sa}/{$sn} keep state(sloppy) label "pass traffic between statically routed subnets" + +EOD; + } + } + } + } + update_filter_reload_status("Creating IPsec rules..."); $ipfrules .= filter_generate_ipsec_rules(); @@ -2457,8 +2605,12 @@ EOD; function discover_pkg_rules($ruletype) { global $config, $g; - if(!is_dir("/usr/local/pkg")) + + /* Bail if there is no pkg directory, or if the package files might be out of sync. */ + if(!is_dir("/usr/local/pkg") || file_exists('/conf/needs_package_sync')) return ""; + + $rules = ""; $files = split("\n", trim(`ls /usr/local/pkg/*.inc`)); foreach($files as $pkg_inc) { if($pkg_inc == "ls: No match.") @@ -2469,15 +2621,16 @@ function discover_pkg_rules($ruletype) { $pkg_generate_rules = "{$pkg}_generate_rules"; if(function_exists($pkg_generate_rules)) { update_filter_reload_status("Processing early {$ruletype} rules for package {$pkg_inc}"); - $rules .= $pkg_generate_rules("$ruletype"); - file_put_contents("{$g['tmp_path']}/rules.packages", $rules); - $status = mwexec("/sbin/pfctl -nf {$g['tmp_path']}/rules.packages"); + $tmprules = $pkg_generate_rules("$ruletype"); + file_put_contents("{$g['tmp_path']}/rules.test.packages", $tmprules); + $status = mwexec("/sbin/pfctl -nf {$g['tmp_path']}/rules.test.packages"); if ($status <> 0) { $errorrules = "There was an error while parsing the package filter rules for {$pkg_inc}.\n"; log_error($errorrules); file_put_contents("{$g['tmp_path']}/rules.packages.{$pkg_inc}", "#{$errorrules}\n"); - return ""; + continue; } + $rules .= $tmprules; } } return $rules; diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 3506869..0dbf329 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -42,14 +42,11 @@ function setup_gateways_monitor() { $a_gateway_item = &$config['gateways']['gateway_item']; - if (is_array($config['gateways']['settings'])) { - $a_settings = &$config['gateways']['settings']; - } else { - $a_settings['latencylow'] = "200"; - $a_settings['latencyhigh'] = "500"; - $a_settings['losslow'] = "10"; - $a_settings['losshigh'] = "20"; - } + $a_settings = array(); + $a_settings['latencylow'] = "200"; + $a_settings['latencyhigh'] = "500"; + $a_settings['losslow'] = "10"; + $a_settings['losshigh'] = "20"; /* kill apinger process */ if(is_process_running("apinger")) @@ -149,9 +146,10 @@ EOD; if(is_array($gateways_arr)) { $i = 2; foreach($gateways_arr as $name => $gateway) { + $gwref = $a_gateway_item[$gateway['attribute']]; /* for dynamic gateways without an IP address we subtitute a local one */ - if((is_numeric($gateway['attribute'])) && is_ipaddr($a_gateway_item[$gateway['attribute']]['monitor'])) { - $gateway['monitor'] = $a_gateway_item[$gateway['attribute']]['monitor']; + if((is_numeric($gateway['attribute'])) && is_ipaddr($gwref['monitor'])) { + $gateway['monitor'] = $gwref['monitor']; } else { if(($gateway['gateway'] == "dynamic") && ($gateway['monitor'])) { $gateway['monitor'] = "127.0.0.{$i}"; @@ -161,11 +159,59 @@ EOD; $gateway['monitor'] = $gateway['gateway']; } } - $apingerconfig .= "target \"{$gateway['monitor']}\" {\n"; - $apingerconfig .= " description \"{$gateway['name']}\"\n"; - $apingerconfig .= " rrd file \"{$g['vardb_path']}/rrd/{$gateway['name']}-quality.rrd\"\n"; - $apingerconfig .= "}\n"; - $apingerconfig .= "\n"; + + $apingercfg .= "target \"{$gateway['monitor']}\" {\n"; + $apingercfg .= " description \"{$gateway['name']}\"\n"; + $alarms = ""; + $override = false; + if (!empty($gwref['lowloss'])) { + $alarmscfg .= "alarm loss \"{$gateway['name']}loss\" {\n"; + $alarmscfg .= "\tpercent_low {$gwref['losslow']}\n"; + $alarmscfg .= "\tpercent_high {$gwref['losshigh']}\n"; + $alarmscfg .= "}\n"; + $alarms .= "\"{$gateway['name']}loss\""; + $override = true; + } else { + if ($override == true) + $alarms .= ","; + $alarms .= "\"loss\""; + $override = true; + } + if (!empty($gwref['latencylow'])) { + $alarmscfg .= "alarm delay \"{$gateway['name']}delay\" {\n"; + $alarmscfg .= "\tdelay_low {$gwref['latencylow']}ms\n"; + $alarmscfg .= "\tdelay_high {$gwref['latencyhigh']}ms\n"; + $alarmscfg .= "}\n"; + if ($override == true) + $alarms .= ","; + $alarms .= "\"{$gateway['name']}delay\""; + $override = true; + } else { + if ($override == true) + $alarms .= ","; + $alarms .= "\"delay\""; + $override = true; + } + if (!empty($gwref['down'])) { + $alarmscfg .= "alarm down \"{$gateway['name']}down\" {\n"; + $alarmscfg .= "\ttime {$gwref['down']}s\n"; + $alarmscfg .= "}\n"; + if ($override == true) + $alarms .= ","; + $alarms .= "\"{$gateway['name']}down\""; + $override = true; + } else { + if ($override == true) + $alarms .= ","; + $alarms .= "\"down\""; + $override = true; + } + if ($override == true) + $apingercfg .= "\talarms override {$alarms};\n"; + + $apingercfg .= " rrd file \"{$g['vardb_path']}/rrd/{$gateway['name']}-quality.rrd\"\n"; + $apingercfg .= "}\n"; + $apingercfg .= "\n"; if($gateway['monitor'] == $gateway['gateway']) { /* if the gateway is the same as the monitor we do not add a * route as this will break the routing table */ @@ -179,6 +225,8 @@ EOD; } } } + $apingerconfig .= $alarmscfg; + $apingerconfig .= $apingercfg; } fwrite($fd, $apingerconfig); fclose($fd); @@ -222,32 +270,13 @@ function return_gateways_status() { } foreach($apingerstatus as $line) { - $fields = explode(":", $line); - switch($fields[0]) { - case "Target": - $target = trim($fields[1]); - break; - case "Description": - if($target) - $status[$target]['name'] = trim($fields[1]); - break; - case "Last reply received": - if($target) - $status[$target]['lastcheck'] = trim($fields[1]) .":". trim($fields[2]) .":". trim($fields[3]); - break; - case "Average delay": - if($target) - $status[$target]['delay'] = trim($fields[1]); - break; - case "Average packet loss": - if($target) - $status[$target]['loss'] = trim($fields[1]); - break; - case "Active alarms": - if($target) - $status[$target]['status'] = trim($fields[1]); - break; - } + $info = explode("|", $line); + $target = $info[0]; + $status[$target]['name'] = $info[1]; + $status[$target]['lastcheck'] = $info[4] ? date('r', $info[4]) : date('r'); + $status[$target]['delay'] = $info[5]; + $status[$target]['loss'] = $info[6]; + $status[$target]['status'] = trim($info[7]); } return($status); } @@ -370,7 +399,7 @@ function return_gateway_groups_array() { } else { $tiers[$tier][] = $gwname; } - } elseif (stristr($status['status'], $delay)) { + } elseif (stristr($status['status'], "delay")) { if (strstr($group['trigger'] , "latency")) { /* high latency */ $msg = "MONITOR: $gwname has high latency, removing from routing group"; diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 6b42811..ca0af88 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -692,7 +692,7 @@ function interfaces_configure() { foreach($iflist as $if => $ifname) { $realif = $config['interfaces'][$if]['if']; - if(is_array($realif['pppoe']) && isset($realif['pppoe']['pppoe-reset-type'])) + if(is_array($config['interfaces'][$if]['pppoe']) && isset($config['interfaces'][$if]['pppoe']['pppoe-reset-type'])) setup_pppoe_reset_file($if, true); else setup_pppoe_reset_file($if, false); @@ -3121,17 +3121,19 @@ function link_ip_to_carp_interface($ip) { $carp_ints = ""; if (is_array($config['virtualip']['vip'])) { + $first = 0; + $carp_int = array(); foreach ($config['virtualip']['vip'] as $vip) { if ($vip['mode'] == "carp" || $vip['mode'] == "carpdev") { $carp_ip = $vip['subnet']; $carp_sn = $vip['subnet_bits']; $carp_nw = gen_subnet($carp_ip, $carp_sn); - if (ip_in_subnet($ip, "{$carp_nw}/{$carp_sn}")) { - if (!stristr($carp_ints, $carp_int)) - $carp_ints .= " {$carp_int}"; - } + if (ip_in_subnet($ip, "{$carp_nw}/{$carp_sn}")) + $carp_int[] = "vip{$vip['vhid']}"; } } + if (!empty($carp_int)) + $carp_ints = implode(" ", array_unique($carp_int)); } return $carp_ints; diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index d80f1c2..0dd0fe0 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -453,4 +453,14 @@ function ipsec_dump_sad() return $sad; } +function ipsec_mobilekey_sort() { + global $config; + + function mobilekeycmp($a, $b) { + return strcmp($a['ident'][0], $b['ident'][0]); + } + + usort($config['ipsec']['mobilekey'], "mobilekeycmp"); +} + ?> diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 66a81fc..72630e7 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -336,8 +336,8 @@ function openvpn_reconfigure($mode,& $settings) { $conf .= "persist-key\n"; $conf .= "proto {$proto}\n"; $conf .= "cipher {$cipher}\n"; - $conf .= "up /etc/rc.filter_configure\n"; - $conf .= "down /etc/rc.filter_configure\n"; + $conf .= "up /usr/local/sbin/ovpn-linkup\n"; + $conf .= "down /usr/local/sbin/ovpn-linkdown\n"; if (!empty($iface_ip)) { $conf .= "local {$iface_ip}\n"; @@ -424,6 +424,9 @@ function openvpn_reconfigure($mode,& $settings) { openvpn_add_dhcpopts($settings, $conf); break; } + + if ($settings['client2client']) + $conf .= "client-to-client\n"; } // client specific settings diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc index b20fe55..fa2920e 100644 --- a/etc/inc/rrd.inc +++ b/etc/inc/rrd.inc @@ -37,7 +37,7 @@ function dump_rrd_to_xml($rrddatabase, $xmldumpfile) { $rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool"; if(file_exists($xmldumpfile)) - exec("rm {$xmldumpfile}"); + mwexec("rm {$xmldumpfile}"); exec("$rrdtool dump {$rrddatabase} {$xmldumpfile} 2>&1", $dumpout, $dumpret); if ($dumpret <> 0) { @@ -275,7 +275,7 @@ function enable_rrd_graphing() { /* enter UNKNOWN values in the RRD so it knows we rebooted. */ if($g['booting']) { - exec("$rrdtool update $rrddbpath$ifname$traffic N:U:U:U:U"); + mwexec("$rrdtool update $rrddbpath$ifname$traffic N:U:U:U:U"); } $rrdupdatesh .= "\n"; @@ -301,7 +301,7 @@ function enable_rrd_graphing() { /* enter UNKNOWN values in the RRD so it knows we rebooted. */ if($g['booting']) { - exec("$rrdtool update $rrddbpath$ifname$packets N:U:U:U:U"); + mwexec("$rrdtool update $rrddbpath$ifname$packets N:U:U:U:U"); } $rrdupdatesh .= "\n"; @@ -327,7 +327,7 @@ function enable_rrd_graphing() { /* enter UNKNOWN values in the RRD so it knows we rebooted. */ if($g['booting']) { - exec("$rrdtool update $rrddbpath$ifname$wireless N:U:U:U"); + mwexec("$rrdtool update $rrddbpath$ifname$wireless N:U:U:U"); } $rrdupdatesh .= "\n"; @@ -466,7 +466,7 @@ function enable_rrd_graphing() { /* enter UNKNOWN values in the RRD so it knows we rebooted. */ if($g['booting']) { - exec("$rrdtool update $rrddbpath$ifname$states N:U:U:U:U:U"); + mwexec("$rrdtool update $rrddbpath$ifname$states N:U:U:U:U:U"); } /* the pf states gathering function. */ @@ -500,7 +500,7 @@ function enable_rrd_graphing() { /* enter UNKNOWN values in the RRD so it knows we rebooted. */ if($g['booting']) { - exec("$rrdtool update $rrddbpath$ifname$proc N:U:U:U:U:U"); + mwexec("$rrdtool update $rrddbpath$ifname$proc N:U:U:U:U:U"); } /* the CPU stats gathering function. */ @@ -538,7 +538,7 @@ function enable_rrd_graphing() { /* enter UNKNOWN values in the RRD so it knows we rebooted. */ if($g['booting']) { - exec("$rrdtool update $rrddbpath$ifname$mem N:U:U:U:U:U"); + mwexec("$rrdtool update $rrddbpath$ifname$mem N:U:U:U:U:U"); } /* the Memory stats gathering function. */ @@ -597,7 +597,7 @@ function enable_rrd_graphing() { /* enter UNKNOWN values in the RRD so it knows we rebooted. */ if($g['booting']) { - exec("$rrdtool update $rrddbpath$ifname$cellular N:U:U"); + mwexec("$rrdtool update $rrddbpath$ifname$cellular N:U:U"); } $rrdupdatesh .= "\n"; diff --git a/etc/inc/shaper.inc b/etc/inc/shaper.inc index 9a023eb..96712bf 100644 --- a/etc/inc/shaper.inc +++ b/etc/inc/shaper.inc @@ -513,7 +513,7 @@ class altq_root_queue { * this->queues[$qkey]->build_rule(); */ function build_rules() { - if (count($this->queues) > 0 && $this->GetEnabled()) { + if (count($this->queues) > 0 && $this->GetEnabled() == "on") { $rules = " altq on " . get_real_interface($this->GetInterface()); if ($this->GetScheduler()) $rules .= " ".strtolower($this->GetScheduler()); @@ -593,7 +593,15 @@ class altq_root_queue { * to the user like the traffic wizard does. */ function build_form() { - $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>"; + $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>"; + $form .= "Enable/Disable"; + $form .= "</td><td class=\"vncellreq\">"; + $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\""; + if ($this->GetEnabled() == "on") + $form .= " CHECKED"; + $form .= " ><span class=\"vexpl\"> Enable/Disable discipline and its childs</span>"; + $form .= "</td></tr>"; + $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>"; $form .= "<td class=\"vncellreq\">"; $form .= "<strong>".$this->GetQname()."</strong>"; $form .= "</td></tr>"; @@ -1067,6 +1075,14 @@ class priq_queue { * need to update it. */ function build_form() { + $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>"; + $form .= "Enable/Disable"; + $form .= "</td><td class=\"vncellreq\">"; + $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\""; + if ($this->GetEnabled() == "on") + $form .= " CHECKED"; + $form .= " ><span class=\"vexpl\"> Enable/Disable queue and its childs</span>"; + $form .= "</td></tr>"; $form .= "<tr>"; $form .= "<td width=\"22%\" valign=\"top\" class=\"vncellreq\">"; $form .= "Queue Name</td><td width=\"78%\" class=\"vtable\">"; @@ -2907,7 +2923,15 @@ class dnpipe_class extends dummynet_class { } function build_form() { - $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>"; + $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>"; + $form .= "Enable/Disable"; + $form .= "</td><td class=\"vncellreq\">"; + $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\""; + if ($this->GetEnabled() == "on") + $form .= " CHECKED"; + $form .= " ><span class=\"vexpl\"> Enable/Disable limiter and its childs</span>"; + $form .= "</td></tr>"; + $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>"; $form .= "<td class=\"vncellreq\">"; $form .= "<input type=\"text\" id=\"name\" name=\"name\" value=\""; $form .= $this->GetQname()."\">"; @@ -3142,7 +3166,15 @@ class dnqueue_class extends dummynet_class { } function build_form() { - $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>"; + $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>"; + $form .= "Enable/Disable"; + $form .= "</td><td class=\"vncellreq\">"; + $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\""; + if ($this->GetEnabled() == "on") + $form .= " CHECKED"; + $form .= " ><span class=\"vexpl\"> Enable/Disable queue and its childs</span>"; + $form .= "</td></tr>"; + $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>"; $form .= "<td class=\"vncellreq\">"; $form .= "<input type=\"text\" id=\"name\" name=\"name\" value=\""; $form .= $this->GetQname()."\">"; @@ -3355,8 +3387,8 @@ class layer7 { $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>"; $form .= "Enable/Disable"; $form .= "</td><td class=\"vncellreq\">"; - $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\""; - if ($this->GetREnabled()) { + $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\" "; + if ($this->GetREnabled() == "on") { $form .= "checked = \"CHECKED\""; } $form .= " ><span class=\"vexpl\"> Enable/Disable layer7 Container</span>"; @@ -3443,7 +3475,7 @@ class layer7 { } function delete_l7c() { - mwexec("/bin/pkill -f 'ipfw-classifyd .* -p ". $l7rules->GetRPort() . "'", true); + mwexec("/bin/pkill -f 'ipfw-classifyd .* -p ". $this->GetRPort() . "'", true); unset_l7_object_by_reference($this->GetRName()); cleanup_l7_from_rules($this->GetRName()); } diff --git a/etc/inc/system.inc b/etc/inc/system.inc index d26b1bb..369d181 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -192,11 +192,21 @@ function system_hosts_generate() { $hosts .= "127.0.0.1 localhost localhost.{$syscfg['domain']}\n"; - $sysiflist = get_configured_interface_list(); - foreach ($sysiflist as $sysif) { - $cfgip = get_interface_ip($sysif); + if ($config['interfaces']['lan']) { + $cfgip = get_interface_ip("lan"); if (is_ipaddr($cfgip)) $hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n"; + } else { + $sysiflist = get_configured_interface_list(); + foreach ($sysiflist as $sysif) { + if (!interface_has_gateway($sysif)) { + $cfgip = get_interface_ip($sysif); + if (is_ipaddr($cfgip)) { + $hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n"; + break; + } + } + } } foreach ($hostscfg as $host) { @@ -281,7 +291,7 @@ function system_routing_configure() { * gateway setup configured. * Force WAN to be default gateway because that is the 1.2 behavior. */ - log_error("SYSTEM: We do not have a default gateway in our config. Is this configuration damaged?"); + log_error("WARNING: There is no default gateway in the configuration."); if (is_ipaddr($config['interfaces']['wan']['gateway'])) { $gatewayip = $config['interfaces']['wan']['gateway']; mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true); @@ -303,7 +313,7 @@ function system_routing_configure() { } else if (is_ipaddr($rtent['gateway'])) { $gatewayip = $rtent['gateway']; } else { - log_error("Static Routes: Gateway ip could not be found for {$rtent['network']}"); + log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}"); continue; } diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index 3e53abe..d72e5a6 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -800,6 +800,34 @@ function upgrade_042_to_043() { function upgrade_043_to_044() { global $config; + + /* migrate static routes to the new gateways config */ + $gateways = return_gateways_array(true); + $i = 0; + if (is_array($config['staticroutes']['route'])) { + foreach ($config['staticroutes']['route'] as $idx => $sroute) { + $found = false; + foreach ($gateways as $gwname => $gw) { + if ($gw['gateway'] == $sroute['gateway']) { + $config['staticroutes']['route'][$idx]['gateway'] = $gwname; + $found = true; + break; + } + } + if ($found == false) { + $gateway = array(); + $gateway['name'] = "SROUTE{$i}"; + $gateway['gateway'] = $sroute['gateway']; + $gateway['interface'] = $sroute['interface']; + $gateway['descr'] = "Upgraded static route for {$sroute['network']}"; + if (!is_array($config['gateways']['gateway_item'])) + $config['gateways']['gateway_item'] = array(); + $config['gateways']['gateway_item'][] = $gateway; + $config['staticroutes']['route'][$idx]['gateway'] = $gateway['name']; + $i++; + } + } + } } @@ -1066,34 +1094,40 @@ function upgrade_046_to_047() { function upgrade_047_to_048() { global $config; - $config['dyndnses']['dyndns'] = array(); - if (isset($config['dyndns']['enable'])) { - $tempdyn = array(); - $tempdyn['enable'] = isset($config['dyndns']['enable']); - $tempdyn['type'] = $config['dyndns']['type']; - $tempdyn['wildcard'] = isset($config['dyndns']['wildcard']); - $tempdyn['usernamefld'] = $config['dyndns']['username']; - $tempdyn['passwordfld'] = $config['dyndns']['password']; - $tempdyn['host'] = $config['dyndns']['host']; - $tempdyn['mx'] = $config['dyndns']['mx']; - $config['dyndnses']['dyndns'][] = $tempdyn; + if (!empty($config['dyndns'])) { + $config['dyndnses'] = array(); + $config['dyndnses']['dyndns'] = array(); + if(isset($config['dyndns'][0]['enable'])) { + $tempdyn = array(); + $tempdyn['enable'] = isset($config['dyndns'][0]['enable']); + $tempdyn['type'] = $config['dyndns'][0]['type']; + $tempdyn['wildcard'] = isset($config['dyndns'][0]['wildcard']); + $tempdyn['usernamefld'] = $config['dyndns'][0]['username']; + $tempdyn['passwordfld'] = $config['dyndns'][0]['password']; + $tempdyn['host'] = $config['dyndns'][0]['host']; + $tempdyn['mx'] = $config['dyndns'][0]['mx']; + $tempdyn['interface'] = "wan"; + $tempdyn['descr'] = "Upgraded Dyndns {$tempdyn['type']}"; + $config['dyndnses']['dyndns'][] = $tempdyn; + } unset($config['dyndns']); } - $config['dnsupdates']['dnsupdate'] = array(); - if (isset($config['dnsupdate']['enable'])) { + if (!empty($config['dnsupdate'])) { + $config['dnsupdates'][0]['dnsupdate'] = array(); $pconfig = array(); - $pconfig['dnsupdate_enable'] = isset($config['dnsupdate']['enable']); - $pconfig['dnsupdate_host'] = $config['dnsupdate']['host']; - $pconfig['dnsupdate_ttl'] = $config['dnsupdate']['ttl']; + $pconfig['dnsupdate_enable'] = isset($config['dnsupdate'][0]['enable']); + $pconfig['dnsupdate_host'] = $config['dnsupdate'][0]['host']; + $pconfig['dnsupdate_ttl'] = $config['dnsupdate'][0]['ttl']; if (!$pconfig['dnsupdate_ttl']) $pconfig['dnsupdate_ttl'] = 60; - $pconfig['dnsupdate_keydata'] = $config['dnsupdate']['keydata']; - $pconfig['dnsupdate_keyname'] = $config['dnsupdate']['keyname']; - $pconfig['dnsupdate_keytype'] = $config['dnsupdate']['keytype']; + $pconfig['dnsupdate_keydata'] = $config['dnsupdate'][0]['keydata']; + $pconfig['dnsupdate_keyname'] = $config['dnsupdate'][0]['keyname']; + $pconfig['dnsupdate_keytype'] = $config['dnsupdate'][0]['keytype']; if (!$pconfig['dnsupdate_keytype']) $pconfig['dnsupdate_keytype'] = "zone"; - $pconfig['dnsupdate_server'] = $config['dnsupdate']['server']; - $pconfig['dnsupdate_usetcp'] = isset($config['dnsupdate']['usetcp']); + $pconfig['dnsupdate_server'] = $config['dnsupdate'][0]['server']; + $pconfig['dnsupdate_usetcp'] = isset($config['dnsupdate'][0]['usetcp']); + $pconfig['interface'] = "wan"; $config['dnsupdates']['dnsupdate'][] = $pconfig; unset($config['dnsupdate']); } @@ -1598,9 +1632,10 @@ function upgrade_053_to_054() { } // Unset lbpool if we no longer have any server pools if (count($lbpool_srv_arr) == 0) { - unset($config['load_balancer']['lbpool']); - if(count($config['load_balancer']) == 0) { + if(empty($config['load_balancer'])) { unset($config['load_balancer']); + } else { + unset($config['load_balancer']['lbpool']); } } else { $config['load_balancer']['lbpool'] = $lbpool_srv_arr; @@ -1887,7 +1922,8 @@ function upgrade_061_to_062() { ); if (empty($natent['destination']['address'])) { - $natent['destination']['address'] = $natent['interface'] . 'ip'; + unset($natent['destination']['address']); + $natent['destination']['network'] = $natent['interface'] . 'ip'; } else if ($natent['destination']['address'] == 'any') { unset($natent['destination']['address']); $natent['destination']['any'] = true; @@ -1902,20 +1938,14 @@ function upgrade_061_to_062() { } function upgrade_062_to_063() { + /* Upgrade legacy Themes to the new pfsense_ng */ global $config; - if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { - foreach ($config['ppps']['ppp'] as $pppid => $ppp) { - if (isset($ppp['port'])){ - $config['ppps']['ppp'][$pppid]['ports'] = $ppp['port']; - unset($config['ppps']['ppp'][$pppid]['port']); - } - if (!isset($ppp['type'])){ - $config['ppps']['ppp'][$pppid]['type'] = "ppp"; - } - if (!isset($ppp['ptpid'])){ - $config['ppps']['ppp'][$pppid]['ptpid'] = uniqid('', true); - } - } + + switch($config['theme']) { + case "nervecenter": + $config['theme'] = "pfsense_ng"; + break; } + } ?> diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 3aba988..f2343e1 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -291,6 +291,13 @@ function vpn_ipsec_configure($ipchg = false) } } + /* add PSKs for mobile clients */ + if (is_array($ipseccfg['mobilekey'])) { + foreach ($ipseccfg['mobilekey'] as $key) { + $pskconf .= "{$key['ident']} {$key['pre-shared-key']}\n"; + } + } + fwrite($fd, $pskconf); fclose($fd); chmod("{$g['varetc_path']}/psk.txt", 0600); @@ -484,10 +491,19 @@ function vpn_ipsec_configure($ipchg = false) $init = "on"; $genp = "off"; + $pcheck = "claim"; + $passive = ""; if (isset($ph1ent['mobile'])) { $rgip = "anonymous"; - $init = "off"; - $genp = "unique"; + /* Mimic 1.2.3's behavior for pure-psk mobile tunnels */ + if ($ph1ent['authentication_method'] == "pre_shared_key") { + $passive = "passive on;"; + $pcheck = "obey"; + $genp = "on"; + } else { + $init = "off"; + $genp = "unique"; + } } $dpdline1 = ''; @@ -551,6 +567,11 @@ function vpn_ipsec_configure($ipchg = false) if ($ph1ent['lifetime']) $lifeline = "lifetime time {$ph1ent['lifetime']} secs;"; + /* Only specify peer ID if we are not dealing with a mobile PSK-only tunnel */ + if (!(($ph1ent['authentication_method'] == "pre_shared_key") && isset($ph1ent['mobile']))) { + $peerid_spec = "peers_identifier {$peerid_type} {$peerid_data};"; + } + /* add remote section to configuration */ $racoonconf .=<<<EOD @@ -560,7 +581,7 @@ remote {$rgip} ph1id {$ikeid}; exchange_mode {$ph1ent['mode']}; my_identifier {$myid_type} {$myid_data}; - peers_identifier {$peerid_type} {$peerid_data}; + {$peerid_spec} ike_frag on; generate_policy = {$genp}; initial_contact = {$init}; @@ -569,7 +590,8 @@ remote {$rgip} {$dpdline1} {$dpdline2} support_proxy on; - proposal_check claim; + proposal_check {$pcheck}; + {$passive} proposal { @@ -611,7 +633,8 @@ EOD; $localid_type = $ph2ent['localid']['type']; $localid_data = ipsec_idinfo_to_cidr($ph2ent['localid']); - if ($localid_type == "none") + /* Do not print localid in some cases, such as a pure-psk mobile tunnel */ + if (($localid_type == "none") || ($ph1ent['authentication_method'] == "pre_shared_key") && isset($ph1ent['mobile'])) $localid_spec = " "; else if ($localid_type != "address") { $localid_type = "subnet"; diff --git a/etc/inc/xmlparse.inc b/etc/inc/xmlparse.inc index 3dac5a7..22cb5d6 100644 --- a/etc/inc/xmlparse.inc +++ b/etc/inc/xmlparse.inc @@ -47,7 +47,7 @@ function listtags() { "option ppp package passthrumac phase1 phase2 priv proxyarpnet qinqentry queue ". "pages pipe roll route row rrddatafile rule schedule service servernat servers ". "serversdisabled earlyshellcmd shellcmd staticmap subqueue timerange ". - "tunnel user vip virtual_server vlan winsserver wolentry widget " + "tunnel user vip virtual_server vlan winsserver wolentry widget" ); return $ret; } diff --git a/etc/inc/xmlreader.inc b/etc/inc/xmlreader.inc index dd6eb9a..41f2938 100644 --- a/etc/inc/xmlreader.inc +++ b/etc/inc/xmlreader.inc @@ -40,19 +40,19 @@ function listtags() { * I know it's a pain, but it's a pain to find stuff too if it's not */ $ret = explode(" ", - "alias aliasurl allowedip authserver bridged ca cacert cert clone config ". - "container columnitem depends_on_package disk dnsserver dnsupdate ". - "domainoverrides dyndns earlyshellcmd element encryption-algorithm-option ". - "field fieldname hash-algorithm-option gateway_item gateway_group gif gre ". - "group hosts member ifgroupentry igmpentry interface_array item key lagg " . - "lbaction lbpool l7rules lbprotocol ". - "member menu tab mobilekey monitor_type mount ntpserver onetoone ". - "openvpn-server openvpn-client openvpn-csc " . - "option ppp package passthrumac phase1 phase2 priv proxyarpnet qinqentry queue ". - "pages pipe roll route row rrddatafile rule schedule service servernat servers ". - "serversdisabled earlyshellcmd shellcmd staticmap subqueue timerange ". - "tunnel user vip virtual_server vlan winsserver wolentry widget " - ); + "alias aliasurl allowedip authserver bridged ca cacert cert clone config ". + "container columnitem depends_on_package disk dnsserver dnsupdate ". + "domainoverrides dyndns earlyshellcmd element encryption-algorithm-option ". + "field fieldname hash-algorithm-option gateway_item gateway_group gif gre ". + "group hosts member ifgroupentry igmpentry interface_array item key lagg " . + "lbaction lbpool l7rules lbprotocol ". + "member menu tab mobilekey monitor_type mount ntpserver onetoone ". + "openvpn-server openvpn-client openvpn-csc " . + "option ppp package passthrumac phase1 phase2 priv proxyarpnet qinqentry queue ". + "pages pipe roll route row rrddatafile rule schedule service servernat servers ". + "serversdisabled earlyshellcmd shellcmd staticmap subqueue timerange ". + "tunnel user vip virtual_server vlan winsserver wolentry widget" + ); return array_flip($ret); } @@ -68,36 +68,30 @@ function add_elements(&$cfgarray, &$parser) { while ($parser->read()) { switch ($parser->nodeType) { case XMLReader::WHITESPACE: - //$type = "WHITESPACE"; - break; case XMLReader::SIGNIFICANT_WHITESPACE: - //$type = "SIGNIFICANT_WHITESPACE"; break; case XMLReader::ELEMENT: - if ($parser->isEmptyElement) { - $cfgarray[$parser->name] = ""; - } else { - if (isset($listtags[$parser->name])) + if (isset($listtags[strtolower($parser->name)])) { + if (!$parser->isEmptyElement) add_elements($cfgarray[$parser->name][], $parser); - else { - add_elements($cfgarray[$parser->name], $parser); - if (!isset($cfgarray[$parser->name])) - $cfgarray[$parser->name] = array(); - } - } + } else { + if ($parser->isEmptyElement) + $cfgarray[$parser->name] = ""; + else + add_elements($cfgarray[$parser->name], $parser); + } break; case XMLReader::TEXT: case XMLReader::CDATA: $cfgarray = $parser->value; break; case XMLReader::END_ELEMENT: - return; - break; + return; + break; default: break; } - - } + } } function parse_xml_config($cffile, $rootobj, $isstring = "false") { @@ -108,6 +102,7 @@ function parse_xml_config($cffile, $rootobj, $isstring = "false") { $listtags[$tag] = $tag; } } + return parse_xml_config_raw($cffile, $rootobj); } @@ -127,7 +122,7 @@ function parse_xml_config_raw($cffile, $rootobj, $isstring = "false") { $parsedcfg = array(); $par = new XMLReader(); - if ($par->open($cffile)) { + if ($par->open($cffile, "UTF-8", LIBXML_NOERROR | LIBXML_NOWARNING)) { add_elements($parsedcfg, $par); $par->close(); } else @@ -136,53 +131,45 @@ function parse_xml_config_raw($cffile, $rootobj, $isstring = "false") { return $parsedcfg[$rootobj]; } -function dump_xml_config_sub($arr, $indent) { - - global $listtags; - - $xmlconfig = ""; - - foreach ($arr as $ent => $val) { - if (is_array($val)) { - /* is it just a list of multiple values? */ - if (isset($listtags[strtolower($ent)])) { - foreach ($val as $cval) { - if (is_array($cval)) { - $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "<$ent>\n"; - $xmlconfig .= dump_xml_config_sub($cval, $indent + 1); - $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "</$ent>\n"; - } else { - $xmlconfig .= str_repeat("\t", $indent); - if($cval === false) continue; - if(($cval === true) || ($cval === "")) { - $xmlconfig .= "<$ent/>\n"; - } else { - $xmlconfig .= "<$ent>" . htmlspecialchars($cval) . "</$ent>\n"; - } - } - } - } else { - /* it's an array */ - $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "<$ent>\n"; - $xmlconfig .= dump_xml_config_sub($val, $indent + 1); - $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "</$ent>\n"; - } - } else { - if ((is_bool($val) && ($val == true)) || ($val === "")) { - $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "<$ent/>\n"; - } else if (!is_bool($val)) { - $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "<$ent>" . htmlspecialchars($val) . "</$ent>\n"; - } - } - } +function dump_xml_config_sub(& $writer, $arr) { + global $listtags; - return $xmlconfig; + foreach ($arr as $ent => $val) { + if (is_array($val)) { + /* is it just a list of multiple values? */ + if (isset($listtags[strtolower($ent)])) { + foreach ($val as $cval) { + if (is_array($cval)) { + if (empty($cval)) + $writer->writeElement($ent); + else { + $writer->startElement($ent); + dump_xml_config_sub($writer, $cval); + $writer->endElement(); + } + } else { + if($cval === false) continue; + if ((is_bool($val) && ($val == true)) || ($val === "")) + $writer->writeElement($ent); + else if (!is_bool($val)) + $writer->writeElement($ent, $cval); + } + } + } else if (empty($val)) { + $writer->writeElement($ent); + } else { + /* it's an array */ + $writer->startElement($ent); + dump_xml_config_sub($writer, $val); + $writer->endElement(); + } + } else { + if ((is_bool($val) && ($val == true)) || ($val === "")) + $writer->writeElement($ent); + else if (!is_bool($val)) + $writer->writeElement($ent, $val); + } + } } function dump_xml_config($arr, $rootobj) { @@ -209,14 +196,19 @@ function dump_xml_config_pkg($arr, $rootobj) { function dump_xml_config_raw($arr, $rootobj) { - $xmlconfig = "<?xml version=\"1.0\"?" . ">\n"; - $xmlconfig .= "<$rootobj>\n"; - - $xmlconfig .= dump_xml_config_sub($arr, 1); + $writer = new XMLWriter(); + $writer->openMemory(); + $writer->setIndent(true); + $writer->setIndentString("\t"); + $writer->startDocument("1.0", "UTF-8"); + $writer->startElement($rootobj); - $xmlconfig .= "</$rootobj>\n"; + dump_xml_config_sub($writer, $arr); - return $xmlconfig; + $writer->endElement(); + $writer->endDocument(); + $xmlconfig = $writer->outputMemory(true); + return $xmlconfig; } ?> diff --git a/etc/phpshellsessions/gitsync b/etc/phpshellsessions/gitsync index 4176dfe..ec7031f 100644 --- a/etc/phpshellsessions/gitsync +++ b/etc/phpshellsessions/gitsync @@ -39,7 +39,8 @@ if(is_dir("/root/pfsense/HEAD")) /* NOTE: Set branches here */ $branches = array( "master" => "2.0 development branch", - "RELENG_1_2" => "1.2* release branch" + "RELENG_1_2" => "1.2* release branch", + "build_commit" => "The commit originally used to build the image" ); if(file_exists("/root/cvssync_backup.tgz")) { @@ -151,11 +152,19 @@ if(is_dir("$CODIR/pfSenseGITREPO/pfSenseGITREPO")) { exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git config remote.origin.url $GIT_REPO"); exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git fetch"); exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git clean -f -f -x -d"); - $git_cmd = array( - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git branch $branch origin/$branch 2>/dev/null", - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout -f $branch 2>/dev/null", - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git reset --hard origin/$branch" - ); + if($branch == "build_commit") { + $git_cmd = array( + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git branch $branch 2>/dev/null", + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout -f $branch 2>/dev/null", + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git reset --hard `cat /etc/version.lastcommit`" + ); + } else { + $git_cmd = array( + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git branch $branch origin/$branch 2>/dev/null", + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout -f $branch 2>/dev/null", + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git reset --hard origin/$branch" + ); + } run_cmds($git_cmd); } else { exec("mkdir -p $CODIR/pfSenseGITREPO"); @@ -167,6 +176,8 @@ if(is_dir("$CODIR/pfSenseGITREPO/pfSenseGITREPO")) { exec("mv $CODIR/pfSenseGITREPO/mainline $CODIR/pfSenseGITREPO/pfSenseGITREPO"); if($branch == "master") { exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout master"); + } else if($branch == "build_commit") { + exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout -b build_commit `cat /etc/version.lastcommit`"); } else { exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout -b $branch origin/$branch"); } @@ -43,6 +43,7 @@ fi product=`cat /etc/inc/globals.inc | grep product_name | cut -d'"' -f4` hideplatform=`cat /etc/inc/globals.inc | grep hideplatform | wc -l` +varrunpath=`cat /etc/inc/globals.inc | grep varrun_path | cut -d'"' -f4` if [ "$hideplatform" -gt "0" ]; then platformbanner="" # hide the platform @@ -324,6 +325,7 @@ cap_mkdb /etc/login.conf echo -n "Launching the init system..." rm -f /cf/conf/backup/backup.cache rm -f /root/lighttpd* +touch $varrunpath/booting /etc/rc.bootup # If a shell was selected from recovery @@ -360,6 +362,7 @@ minicron 86400 /var/run/update_alias_url_data.pid /etc/rc.update_alias_url_data /bin/chmod a+rw /tmp/. echo "Bootup complete" +rm $varrunpath/booting /usr/local/bin/beep.sh start 2>&1 >/dev/null diff --git a/etc/rc.banner b/etc/rc.banner index ae762c3..0d68af7 100755 --- a/etc/rc.banner +++ b/etc/rc.banner @@ -39,12 +39,13 @@ $platform = trim(file_get_contents("{$g['etc_path']}/platform")); $hostname = $config['system']['hostname']; $product = $g['product_name']; + $machine = trim(`uname -m`); $hideplatform = $g['hideplatform']; if(!$hideplatform) $platformbanner = "-{$platform}"; - print "\n*** Welcome to {$product} {$version}{$platformbanner} on {$hostname} ***\n"; + print "\n*** Welcome to {$product} ({$machine}) {$version}{$platformbanner} on {$hostname} ***\n"; $iflist = get_configured_interface_with_descr(false, true); foreach($iflist as $ifname => $friendly) { diff --git a/etc/rc.bootup b/etc/rc.bootup index b96dfa4..65cc5dc 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -96,7 +96,6 @@ if (led_count() >= 3) { /* let the other functions know we're booting */ $pkg_interface = 'console'; $g['booting'] = true; -touch("{$g['varrun_path']}/booting"); /* parse the configuration and include all functions used below */ require_once("/etc/inc/config.inc"); @@ -367,7 +366,6 @@ upnp_start(); activate_powerd(); /* done */ -unlink("{$g['varrun_path']}/booting"); unset($g['booting']); led_normalize(); diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize index c4d8960..6e49ed3 100755 --- a/etc/rc.filter_synchronize +++ b/etc/rc.filter_synchronize @@ -80,7 +80,7 @@ function remove_special_characters($string) { function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsense.restore_config_section') { global $config, $g; - if($g['booting']) + if(file_exists("{$g['varrun_path']}/booting")) return; update_filter_reload_status("Syncing CARP data to {$url}"); @@ -199,7 +199,8 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens } } -if ($g['booting']) +global $g; +if (file_exists("{$g['varrun_path']}/booting")) return; if (is_array($config['installedpackages']['carpsettings']['config'])) { diff --git a/etc/rc.linkup b/etc/rc.linkup index 5f4bf61..59c604e 100755 --- a/etc/rc.linkup +++ b/etc/rc.linkup @@ -63,7 +63,8 @@ function handle_argument_group($iface, $argument2) { } } -if ($g['booting'] == true) { +global $g; +if (file_exists("{$g['varrun_path']}/booting")) { /* ignore all linkup events */ } else { foreach($_SERVER['argv'] as $argv) { diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup index fd67a83..2a0a433 100755 --- a/etc/rc.php_ini_setup +++ b/etc/rc.php_ini_setup @@ -92,6 +92,7 @@ PHPMODULES="apc \ # Config read/write xml \ xmlreader \ + xmlwriter \ libxml \ # user manager mhash \ diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 7d51fc3..c100ecf 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -119,12 +119,6 @@ setTimeout('window.close();',5000) ; EOD; exit; -/* The $macfilter can be removed safely since we first check if the $clientmac is present, if not we fail */ -} else if ($clientmac && portal_mac_fixed($clientmac)) { - /* punch hole in ipfw for pass thru mac addresses */ - portal_allow($clientip, $clientmac, "unauthenticated"); - exit; - } else if ($clientmac && $radmac_enable && portal_mac_radius($clientmac,$clientip)) { /* radius functions handle everything so we exit here since we're done */ exit; @@ -240,201 +234,188 @@ function portal_mac_radius($clientmac,$clientip) { function portal_allow($clientip,$clientmac,$username,$password = null, $attributes = null, $ruleno = null) { - global $redirurl, $g, $config, $url_redirection, $type; + global $redirurl, $g, $config, $url_redirection, $type; - /* See if a ruleno is passed, if not start locking the sessions because this means there isn't one atm */ - $captiveshouldunlock = false; - if ($ruleno == null) { - $cplock = lock('captiveportal'); - $captiveshouldunlock = true; - $ruleno = captiveportal_get_next_ipfw_ruleno(); - } - - /* if the pool is empty, return appropriate message and exit */ - if (is_null($ruleno)) { - portal_reply_page($redirurl, "error", "System reached maximum login capacity"); - log_error("WARNING! Captive portal has reached maximum login capacity"); - if ($captiveshouldunlock == true) - unlock($cplock); - exit; - } + /* See if a ruleno is passed, if not start locking the sessions because this means there isn't one atm */ + $captiveshouldunlock = false; + if ($ruleno == null) { + $cplock = lock('captiveportal'); + $captiveshouldunlock = true; + $ruleno = captiveportal_get_next_ipfw_ruleno(); + } - // Ensure we create an array if we are missing attributes - if (!is_array($attributes)) - $attributes = array(); + /* if the pool is empty, return appropriate message and exit */ + if (is_null($ruleno)) { + portal_reply_page($redirurl, "error", "System reached maximum login capacity"); + log_error("WARNING! Captive portal has reached maximum login capacity"); + if ($captiveshouldunlock == true) + unlock($cplock); + exit; + } - /* read in client database */ - $cpdb = captiveportal_read_db(); + // Ensure we create an array if we are missing attributes + if (!is_array($attributes)) + $attributes = array(); - $radiusservers = captiveportal_get_radius_servers(); + /* read in client database */ + $cpdb = captiveportal_read_db(); - if ($attributes['voucher']) - $remaining_time = $attributes['session_timeout']; + $radiusservers = captiveportal_get_radius_servers(); - /* Find an existing session */ - for ($i = 0; $i < count($cpdb); $i++) { - /* on the same ip */ - if($cpdb[$i][2] == $clientip) { - captiveportal_logportalauth($cpdb[$i][4],$cpdb[$i][3],$cpdb[$i][2],"CONCURRENT LOGIN - REUSING OLD SESSION"); - $sessionid = $cpdb[$i][5]; - break; - } - elseif (($attributes['voucher']) && ($username != 'unauthenticated') && ($cpdb[$i][4] == $username)) { - // user logged in with an active voucher. Check for how long and calculate - // how much time we can give him (voucher credit - used time) - $remaining_time = $cpdb[$i][0] + $cpdb[$i][7] - time(); - if ($remaining_time < 0) // just in case. - $remaining_time = 0; - - /* This user was already logged in so we disconnect the old one */ - captiveportal_disconnect($cpdb[$i],$radiusservers,13); - captiveportal_logportalauth($cpdb[$i][4],$cpdb[$i][3],$cpdb[$i][2],"CONCURRENT LOGIN - TERMINATING OLD SESSION"); - unset($cpdb[$i]); - break; - } - elseif ((isset($config['captiveportal']['noconcurrentlogins'])) && ($username != 'unauthenticated')) { - /* on the same username */ - if (strcasecmp($cpdb[$i][4], $username) == 0) { - /* This user was already logged in so we disconnect the old one */ - captiveportal_disconnect($cpdb[$i],$radiusservers,13); - captiveportal_logportalauth($cpdb[$i][4],$cpdb[$i][3],$cpdb[$i][2],"CONCURRENT LOGIN - TERMINATING OLD SESSION"); - unset($cpdb[$i]); - break; - } - } - } - - if ($attributes['voucher'] && $remaining_time <= 0) { - unlock($cplock); - return 0; // voucher already used and no time left - } - - $writecfg = false; - if (!isset($sessionid)) { - - /* generate unique session ID */ - $tod = gettimeofday(); - $sessionid = substr(md5(mt_rand() . $tod['sec'] . $tod['usec'] . $clientip . $clientmac), 0, 16); - - /* Add rules for traffic shaping - * We don't need to add extra rules since traffic will pass due to the following kernel option - * net.inet.ip.fw.one_pass: 1 - */ - $peruserbw = isset($config['captiveportal']['peruserbw']); - $passthrumacadd = isset($config['captiveportal']['passthrumacadd']); - $portalmac = NULL; - if (!empty($clientmac)) { - $portalmac = portal_mac_fixed($clientmac); - if ($portalmac) { - $attributes['bw_up'] = $portalmac['bw_up']; - $attributes['bw_down'] = $portalmac['bw_down']; + if ($attributes['voucher']) + $remaining_time = $attributes['session_timeout']; + + /* Find an existing session */ + for ($i = 0; $i < count($cpdb); $i++) { + /* on the same ip */ + if($cpdb[$i][2] == $clientip) { + captiveportal_logportalauth($cpdb[$i][4],$cpdb[$i][3],$cpdb[$i][2],"CONCURRENT LOGIN - REUSING OLD SESSION"); + $sessionid = $cpdb[$i][5]; + break; + } + elseif (($attributes['voucher']) && ($username != 'unauthenticated') && ($cpdb[$i][4] == $username)) { + // user logged in with an active voucher. Check for how long and calculate + // how much time we can give him (voucher credit - used time) + $remaining_time = $cpdb[$i][0] + $cpdb[$i][7] - time(); + if ($remaining_time < 0) // just in case. + $remaining_time = 0; + + /* This user was already logged in so we disconnect the old one */ + captiveportal_disconnect($cpdb[$i],$radiusservers,13); + captiveportal_logportalauth($cpdb[$i][4],$cpdb[$i][3],$cpdb[$i][2],"CONCURRENT LOGIN - TERMINATING OLD SESSION"); + unset($cpdb[$i]); + break; + } + elseif ((isset($config['captiveportal']['noconcurrentlogins'])) && ($username != 'unauthenticated')) { + /* on the same username */ + if (strcasecmp($cpdb[$i][4], $username) == 0) { + /* This user was already logged in so we disconnect the old one */ + captiveportal_disconnect($cpdb[$i],$radiusservers,13); + captiveportal_logportalauth($cpdb[$i][4],$cpdb[$i][3],$cpdb[$i][2],"CONCURRENT LOGIN - TERMINATING OLD SESSION"); + unset($cpdb[$i]); + break; + } } } - $bw_up = isset($attributes['bw_up']) ? trim($attributes['bw_up']) : $config['captiveportal']['bwdefaultup']; - $bw_down = isset($attributes['bw_down']) ? trim($attributes['bw_down']) : $config['captiveportal']['bwdefaultdn']; - - if ($passthrumacadd && $portalmac == NULL) { - $mac = array(); - $mac['mac'] = $clientmac; - $mac['descr'] = "Auto added pass-through MAC for user {$username}"; - if (!empty($bw_up)) - $mac['bw_up'] = $bw_up; - if (!empty($bw_down)) - $mac['bw_down'] = $bw_down; - if (!is_array($config['captiveportal']['passthrumac'])) - $config['captiveportal']['passthrumac'] = array(); - $config['captiveportal']['passthrumac'][] = $mac; - $writecfg = true; + if ($attributes['voucher'] && $remaining_time <= 0) { + unlock($cplock); + return 0; // voucher already used and no time left } - - if ($peruserbw && !empty($bw_up) && is_numeric($bw_up)) { - $bw_up_pipeno = $ruleno + 20000; - //$bw_up /= 1000; // Scale to Kbit/s - mwexec("/sbin/ipfw pipe {$bw_up_pipeno} config bw {$bw_up}Kbit/s queue 100"); - - if (!isset($config['captiveportal']['nomacfilter']) || $passthrumacadd) - mwexec("/sbin/ipfw table 1 add {$clientip} mac {$clientmac} {$bw_up_pipeno}"); - else - mwexec("/sbin/ipfw table 1 add {$clientip} {$bw_up_pipeno}"); - } else { - if (!isset($config['captiveportal']['nomacfilter']) || $passthrumacadd) - mwexec("/sbin/ipfw table 1 add {$clientip} mac {$clientmac}"); - else - mwexec("/sbin/ipfw table 1 add {$clientip}"); - } - if ($peruserbw && !empty($bw_down) && is_numeric($bw_down)) { - $bw_down_pipeno = $ruleno + 20001; - //$bw_down /= 1000; // Scale to Kbit/s - mwexec("/sbin/ipfw pipe {$bw_down_pipeno} config bw {$bw_down}Kbit/s queue 100"); - - if (!isset($config['captiveportal']['nomacfilter']) || $passthrumacadd) - mwexec("/sbin/ipfw table 2 add {$clientip} mac {$clientmac} {$bw_down_pipeno}"); - else - mwexec("/sbin/ipfw table 2 add {$clientip} {$bw_down_pipeno}"); - } else { - if (!isset($config['captiveportal']['nomacfilter']) || $passthrumacadd) - mwexec("/sbin/ipfw table 2 add {$clientip} mac {$clientmac}"); - else - mwexec("/sbin/ipfw table 2 add {$clientip}"); - } - - if ($attributes['voucher']) - $attributes['session_timeout'] = $remaining_time; - - /* encode password in Base64 just in case it contains commas */ - $bpassword = base64_encode($password); - $cpdb[] = array(time(), $ruleno, $clientip, $clientmac, $username, $sessionid, $bpassword, - $attributes['session_timeout'], - $attributes['idle_timeout'], - $attributes['session_terminate_time']); - - if (isset($config['captiveportal']['radacct_enable']) && !empty($radiusservers)) { - $acct_val = RADIUS_ACCOUNTING_START($ruleno, - $username, - $sessionid, - $radiusservers, - $clientip, - $clientmac); - - if ($acct_val == 1) - captiveportal_logportalauth($username,$clientmac,$clientip,$type,"RADIUS ACCOUNTING FAILED"); - } - - /* rewrite information to database */ - captiveportal_write_db($cpdb); - } - - if ($captiveshouldunlock == true) - unlock($cplock); - - if ($writecfg == true) { - write_config(); - captiveportal_passthrumac_configure(true); - } - /* redirect user to desired destination */ - if ($url_redirection) - $my_redirurl = $url_redirection; - else if ($config['captiveportal']['redirurl']) - $my_redirurl = $config['captiveportal']['redirurl']; - else - $my_redirurl = $redirurl; - - if(isset($config['captiveportal']['logoutwin_enable']) && !isset($config['captiveportal']['passthrumacadd'])) { - - if (isset($config['captiveportal']['httpslogin'])) - $logouturl = "https://{$config['captiveportal']['httpsname']}:8001/"; - else { - $ifip = portal_ip_from_client_ip($clientip); - if (!$ifip) - $ourhostname = $config['system']['hostname'] . ":8000"; - else - $ourhostname = "{$ifip}:8000"; - $logouturl = "http://{$ourhostname}/"; + $writecfg = false; + if (!isset($sessionid)) { + + /* generate unique session ID */ + $tod = gettimeofday(); + $sessionid = substr(md5(mt_rand() . $tod['sec'] . $tod['usec'] . $clientip . $clientmac), 0, 16); + + /* Add rules for traffic shaping + * We don't need to add extra rules since traffic will pass due to the following kernel option + * net.inet.ip.fw.one_pass: 1 + */ + $peruserbw = isset($config['captiveportal']['peruserbw']); + + $bw_up = isset($attributes['bw_up']) ? trim($attributes['bw_up']) : $config['captiveportal']['bwdefaultup']; + $bw_down = isset($attributes['bw_down']) ? trim($attributes['bw_down']) : $config['captiveportal']['bwdefaultdn']; + + if ($passthrumac) { + $mac = array(); + $mac['mac'] = $clientmac; + $mac['descr'] = "Auto added pass-through MAC for user {$username}"; + if (!empty($bw_up)) + $mac['bw_up'] = $bw_up; + if (!empty($bw_down)) + $mac['bw_down'] = $bw_down; + if (!is_array($config['captiveportal']['passthrumac'])) + $config['captiveportal']['passthrumac'] = array(); + $config['captiveportal']['passthrumac'][] = $mac; + $macrules = captiveportal_passthrumac_configure_entry($mac); + file_put_contents("{$g['tmp_path']}/macentry.rules.tmp", $macrules); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry.rules.tmp"); + $writecfg = true; + } else { + + if ($peruserbw && !empty($bw_up) && is_numeric($bw_up)) { + $bw_up_pipeno = $ruleno + 20000; + //$bw_up /= 1000; // Scale to Kbit/s + mwexec("/sbin/ipfw pipe {$bw_up_pipeno} config bw {$bw_up}Kbit/s queue 100"); + + if (!isset($config['captiveportal']['nomacfilter'])) + mwexec("/sbin/ipfw table 1 add {$clientip} mac {$clientmac} {$bw_up_pipeno}"); + else + mwexec("/sbin/ipfw table 1 add {$clientip} {$bw_up_pipeno}"); + } else { + if (!isset($config['captiveportal']['nomacfilter'])) + mwexec("/sbin/ipfw table 1 add {$clientip} mac {$clientmac}"); + else + mwexec("/sbin/ipfw table 1 add {$clientip}"); + } + if ($peruserbw && !empty($bw_down) && is_numeric($bw_down)) { + $bw_down_pipeno = $ruleno + 20001; + //$bw_down /= 1000; // Scale to Kbit/s + mwexec("/sbin/ipfw pipe {$bw_down_pipeno} config bw {$bw_down}Kbit/s queue 100"); + + if (!isset($config['captiveportal']['nomacfilter'])) + mwexec("/sbin/ipfw table 2 add {$clientip} mac {$clientmac} {$bw_down_pipeno}"); + else + mwexec("/sbin/ipfw table 2 add {$clientip} {$bw_down_pipeno}"); + } else { + if (!isset($config['captiveportal']['nomacfilter'])) + mwexec("/sbin/ipfw table 2 add {$clientip} mac {$clientmac}"); + else + mwexec("/sbin/ipfw table 2 add {$clientip}"); + } + + if ($attributes['voucher']) + $attributes['session_timeout'] = $remaining_time; + + /* encode password in Base64 just in case it contains commas */ + $bpassword = base64_encode($password); + $cpdb[] = array(time(), $ruleno, $clientip, $clientmac, $username, $sessionid, $bpassword, + $attributes['session_timeout'], $attributes['idle_timeout'], $attributes['session_terminate_time']); + + if (isset($config['captiveportal']['radacct_enable']) && !empty($radiusservers)) { + $acct_val = RADIUS_ACCOUNTING_START($ruleno, + $username, $sessionid, $radiusservers, $clientip, $clientmac); + + if ($acct_val == 1) + captiveportal_logportalauth($username,$clientmac,$clientip,$type,"RADIUS ACCOUNTING FAILED"); + } + + /* rewrite information to database */ + captiveportal_write_db($cpdb); + } } - echo <<<EOD + if ($captiveshouldunlock == true) + unlock($cplock); + + if ($writecfg == true) + write_config(); + + /* redirect user to desired destination */ + if ($url_redirection) + $my_redirurl = $url_redirection; + else if ($config['captiveportal']['redirurl']) + $my_redirurl = $config['captiveportal']['redirurl']; + else + $my_redirurl = $redirurl; + + if(isset($config['captiveportal']['logoutwin_enable']) && !isset($config['captiveportal']['passthrumacadd'])) { + + if (isset($config['captiveportal']['httpslogin'])) + $logouturl = "https://{$config['captiveportal']['httpsname']}:8001/"; + else { + $ifip = portal_ip_from_client_ip($clientip); + if (!$ifip) + $ourhostname = $config['system']['hostname'] . ":8000"; + else + $ourhostname = "{$ifip}:8000"; + $logouturl = "http://{$ourhostname}/"; + } + + echo <<<EOD <HTML> <HEAD><TITLE>Redirecting...</TITLE></HEAD> <BODY> @@ -466,12 +447,11 @@ document.location.href="{$my_redirurl}"; </HTML> EOD; - } else { - header("Location: " . $my_redirurl); - return $sessionid; - } + } else { + header("Location: " . $my_redirurl); + } - return $sessionid; + return $sessionid; } diff --git a/usr/local/sbin/ovpn-linkdown b/usr/local/sbin/ovpn-linkdown new file mode 100755 index 0000000..451f606 --- /dev/null +++ b/usr/local/sbin/ovpn-linkdown @@ -0,0 +1,7 @@ +#!/bin/sh +/sbin/pfctl -b $3 +# delete the node just in case mpd cannot do that +/bin/rm -f /var/etc/nameserver_$1 +/bin/rm -f /tmp/$1_router +/bin/rm -f /tmp/$1up +/usr/bin/touch /tmp/filter_dirty diff --git a/usr/local/sbin/ovpn-linkup b/usr/local/sbin/ovpn-linkup new file mode 100755 index 0000000..2ade032 --- /dev/null +++ b/usr/local/sbin/ovpn-linkup @@ -0,0 +1,11 @@ +#!/bin/sh + +# write nameservers to file needs dns fidnings?! + +# let the configuration system know that the ip has changed. +#/bin/echo $1 > /tmp/rc.newwanip +/bin/echo $4 > /tmp/$1_router +/usr/bin/touch /tmp/$1up +# reload filter +/usr/bin/touch /tmp/filter_dirty +exit 0 diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index 1ff119e..ffac280 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -242,6 +242,13 @@ if ($_POST) { header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename={$name}"); header("Content-Length: $size"); + if (isset($_SERVER['HTTPS'])) { + header('Pragma: '); + header('Cache-Control: '); + } else { + header("Pragma: private"); + header("Cache-Control: private, must-revalidate"); + } echo $data; exit; diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index 29b9464..9dda6cc 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -60,7 +60,7 @@ function return_ext_menu($section) { } else { $myurl = $addresswithport; } - $description = str_replace('\$myurl', $myurl, $menuitem['url']); + $description = str_replace('$myurl', $myurl, $menuitem['url']); } else { $description = '/pkg.php?xml=' . $menuitem['configfile']; } diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index 127a733..d840d35 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -581,7 +581,7 @@ include("fbegin.inc"); ?> </tr> </table> <br /> - <span class="vexpl">Specify the source port or port range for this rule. <b>This is almost never equal to the destination port range (and is usually "any")</b>. <br /> Hint: you can leave the <em>'to'</em> field empty if you only want to filter a single port</span><br/> + <span class="vexpl"><?=gettext("Specify the source port or port range for this rule. <b>This is usually <em>random</em> and almost never equal to the destination port range (and should usually be "any").</b> <br /> Hint: you can leave the <em>'to'</em> field empty if you only want to filter a single port.");?></span><br/> </td> </tr> <tr> diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 8bd7e49..05ad793 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -121,6 +121,15 @@ if (isset($id) && $a_filter[$id]) { $pconfig['log'] = isset($a_filter[$id]['log']); $pconfig['descr'] = $a_filter[$id]['descr']; + if (isset($a_filter[$id]['tcpflags_any'])) + $pconfig['tcpflags_any'] = true; + else { + if (isset($a_filter[$id]['tcpflags1']) && $a_filter[$id]['tcpflags1'] <> "") + $pconfig['tcpflags1'] = $a_filter[$id]['tcpflags1']; + if (isset($a_filter[$id]['tcpflags2']) && $a_filter[$id]['tcpflags2'] <> "") + $pconfig['tcpflags2'] = $a_filter[$id]['tcpflags2']; + } + if (isset($a_filter[$id]['tag']) && $a_filter[$id]['tag'] <> "") $pconfig['tag'] = $a_filter[$id]['tag']; if (isset($a_filter[$id]['tagged']) && $a_filter[$id]['tagged'] <> "") @@ -247,12 +256,16 @@ if ($_POST) { } /* input validation */ - $reqdfields = explode(" ", "type proto src"); - if ( isset($a_filter[$id]['associated-rule-id'])===false ) + $reqdfields = explode(" ", "type proto"); + if ( isset($a_filter[$id]['associated-rule-id'])===false ) { + $redqfields[] = "src"; $redqfields[] = "dst"; - $reqdfieldsn = explode(",", "Type,Protocol,Source"); - if ( isset($a_filter[$id]['associated-rule-id'])===false ) + } + $reqdfieldsn = explode(",", "Type,Protocol"); + if ( isset($a_filter[$id]['associated-rule-id'])===false ) { + $reqdfieldsn[] = "Source"; $reqdfieldsn[] = "Destination"; + } if($_POST['statetype'] == "modulate state" or $_POST['statetype'] == "synproxy state") { if( $_POST['proto'] != "tcp" ) @@ -261,7 +274,8 @@ if ($_POST) { $input_errors[] = "{$_POST['statetype']} is only valid if the gateway is set to 'default'."; } - if (!(is_specialnet($_POST['srctype']) || ($_POST['srctype'] == "single"))) { + if ( isset($a_filter[$id]['associated-rule-id'])===false && + (!(is_specialnet($_POST['srctype']) || ($_POST['srctype'] == "single"))) ) { $reqdfields[] = "srcmask"; $reqdfieldsn[] = "Source bit count"; } @@ -359,6 +373,19 @@ if ($_POST) { $input_errors[] = "You can only select a layer7 container for Pass type rules."; } + if (!$_POST['tcpflags_any']) { + $settcpflags = array(); + $outoftcpflags = array(); + foreach ($tcpflags as $tcpflag) { + if ($_POST['tcpflags1_' . $tcpflag] == "on") + $settcpflags[] = $tcpflag; + if ($_POST['tcpflags2_' . $tcpflag] == "on") + $outoftcpflags[] = $tcpflag; + } + if (empty($outoftcpflags) && !empty($settcpflags)) + $input_errors[] = "If you specify TCP flags that should be set you should specify out of which flags as well."; + } + if (!$input_errors) { $filterent = array(); $filterent['id'] = $_POST['ruleid']>0?$_POST['ruleid']:''; @@ -366,6 +393,24 @@ if ($_POST) { if (isset($_POST['interface'] )) $filterent['interface'] = $_POST['interface']; + if ($_POST['tcpflags_any']) { + $filterent['tcpflags_any'] = true; + } else { + $settcpflags = array(); + $outoftcpflags = array(); + foreach ($tcpflags as $tcpflag) { + if ($_POST['tcpflags1_' . $tcpflag] == "on") + $settcpflags[] = $tcpflag; + if ($_POST['tcpflags2_' . $tcpflag] == "on") + $outoftcpflags[] = $tcpflag; + } + if (!empty($outoftcpflags)) { + $filterent['tcpflags2'] = join(",", $outoftcpflags); + if (!empty($settcpflags)) + $filterent['tcpflags1'] = join(",", $settcpflags); + } + } + if ($if == "FloatingRules" || isset($_POST['floating'])) { if (isset($_POST['tag'])) $filterent['tag'] = $_POST['tag']; @@ -468,8 +513,9 @@ if ($_POST) { $filterent['sched'] = $_POST['sched']; } - // If we have an associated nat rule, make sure the destination doesn't change + // If we have an associated nat rule, make sure the source and destination doesn't change if( isset($a_filter[$id]['associated-rule-id']) ) { + $filterent['source'] = $a_filter[$id]['source']; $filterent['destination'] = $a_filter[$id]['destination']; $filterent['associated-rule-id'] = $a_filter[$id]['associated-rule-id']; } @@ -595,7 +641,7 @@ include("head.inc"); if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) $interfaces["openvpn"] = "OpenVPN"; foreach ($interfaces as $iface => $ifacename): ?> - <option value="<?=$iface;?>" <?php if ($pconfig['interface'] <> "" && stristr($pconfig['interface'], $iface)) echo "selected"; ?>><?=gettext($ifacename);?></option> + <option value="<?=$iface;?>" <?php if ($pconfig['interface'] <> "" && (strcasecmp($pconfig['interface'], $iface) == 0)) echo "selected"; ?>><?=gettext($ifacename);?></option> <?php endforeach; ?> </select> <br /> @@ -681,8 +727,8 @@ include("head.inc"); $edit_disabled=true; if (is_array($config['nat']['rule'])) { foreach( $config['nat']['rule'] as $index => $nat_rule ) { - if( $nat_rule['associated-rule-id']==$pconfig['associated-rule-id']) { - echo "<a href=\"firewall_nat_edit.php?id={$nat_rule[$index]}\">View the NAT rule</a><br>"; + if( isset($nat_rule['associated-rule-id']) && $nat_rule['associated-rule-id']==$pconfig['associated-rule-id'] ) { + echo "<a href=\"firewall_nat_edit.php?id={$index}\">View the NAT rule</a><br>"; break; } } @@ -780,7 +826,7 @@ include("head.inc"); </tr> </table> <br /> - <span class="vexpl">Specify the source port or port range for this rule. <b>This is almost never equal to the destination port range (and is usually "any")</b>. <br /> Hint: you can leave the <em>'to'</em> field empty if you only want to filter a single port</span><br/> + <span class="vexpl"><?=gettext("Specify the source port or port range for this rule. <b>This is usually <em>random</em> and almost never equal to the destination port range (and should usually be "any").</b> <br /> Hint: you can leave the <em>'to'</em> field empty if you only want to filter a single port.");?></span><br/> </td> </tr> <tr> @@ -915,10 +961,10 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell">Source OS</td> <td width="78%" class="vtable"> - <div id="showadvsourceosbox"> + <div id="showadvsourceosbox" <? if ($pconfig['os']) echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_sourceos()" value="Advanced"></input> - Show advanced option</a> </div> - <div id="showsourceosadv" style="display:none"> + <div id="showsourceosadv" <? if (empty($pconfig['os'])) echo "style='display:none'"; ?>> OS Type: <select name="os" id="os" class="formselect"> <?php @@ -949,10 +995,10 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell">Diffserv Code Point</td> <td width="78%" class="vtable"> - <div id="dsadv" name="dsadv"> + <div id="dsadv" name="dsadv" <? if ($pconfig['dscp']) echo "style='display:none'"; ?>> <input type="button" onClick="show_dsdiv();" value="Advanced"> - Show advanced option </div> - <div id="dsdivmain" name="dsdivmain" style="display:none"> + <div id="dsdivmain" name="dsdivmain" <? if (empty($pconfig['dscp'])) echo "style='display:none'"; ?>> <select name="dscp" id="dscp"> <option value=""></option> <?php foreach($firewall_rules_dscp_types as $frdt): ?> @@ -1004,21 +1050,65 @@ include("head.inc"); </div> </td> </tr> + <tr id="tcpflags" name="tcpflags"> + <td width="22%" valign="top" class="vncell">TCP flags</td> + <td width="78%" class="vtable"> + <div id="showtcpflagsbox" <? if ($pconfig['tcpflags_any'] || $pconfig['tcpflags1'] || $pconfig['tcpflags2']) echo "style='display:none'"; ?>> + <input type="button" onClick="show_advanced_tcpflags()" value="Advanced"></input> - Show advanced option</a> + </div> + <div id="showtcpflagsadv" <? if (empty($pconfig['tcpflags_any']) && empty($pconfig['tcpflags1']) && empty($pconfig['tcpflags2'])) echo "style='display:none'"; ?>> + <div id="tcpheader" name="tcpheader"> + <center> + <table border="0" cellspacing="0" cellpadding="0"> + <?php + $setflags = explode(",", $pconfig['tcpflags1']); + $outofflags = explode(",", $pconfig['tcpflags2']); + $header = "<td width='40' nowrap></td>"; + $tcpflags1 = "<td width='40' nowrap>set</td>"; + $tcpflags2 = "<td width='40' nowrap>out of</td>"; + foreach ($tcpflags as $tcpflag) { + $header .= "<td width='40' nowrap><strong>" . strtoupper($tcpflag) . "</strong></td>\n"; + $tcpflags1 .= "<td width='40' nowrap> <input type='checkbox' name='tcpflags1_{$tcpflag}' value='on' "; + if (array_search($tcpflag, $setflags) !== false) + $tcpflags1 .= "checked"; + $tcpflags1 .= "></td>\n"; + $tcpflags2 .= "<td width='40' nowrap> <input type='checkbox' name='tcpflags2_{$tcpflag}' value='on' "; + if (array_search($tcpflag, $outofflags) !== false) + $tcpflags2 .= "checked"; + $tcpflags2 .= "></td>\n"; + } + echo "<tr id='tcpheader' name='tcpheader'>{$header}</tr>\n"; + echo "<tr id='tcpflags1' name='tcpflags1'>{$tcpflags1}</tr>\n"; + echo "<tr id='tcpflags2' name='tcpflags2'>{$tcpflags2}</tr>\n"; + ?> + </table> + <center> + </div> + <br/><center> + <input onClick='tcpflags_anyclick(this);' type='checkbox' name='tcpflags_any' value='on' <?php if ($pconfig['tcpflags_any']) echo "checked"; ?>><strong>Any flags.</strong><br/></center> + <br/> + <span class="vexpl">Use this to choose TCP flags that must + be set or cleared for this rule to match.</span> + </div> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncell">State Type</td> <td width="78%" class="vtable"> - <div id="showadvstatebox"> + <div id="showadvstatebox" <? if (!empty($pconfig['statetype']) && $pconfig['statetype'] != "keep state") echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_state()" value="Advanced"></input> - Show advanced option</a> </div> - <div id="showstateadv" style="display:none"> + <div id="showstateadv" <? if (empty($pconfig['statetype']) || $pconfig['statetype'] == "keep state") echo "style='display:none'"; ?>> <select name="statetype"> <option value="keep state" <?php if(!isset($pconfig['statetype']) or $pconfig['statetype'] == "keep state") echo "selected"; ?>>keep state</option> + <option value="sloppy state" <?php if($pconfig['statetype'] == "sloppy state") echo "selected"; ?>>sloppy state</option> <option value="synproxy state"<?php if($pconfig['statetype'] == "synproxy state") echo "selected"; ?>>synproxy state</option> <option value="none"<?php if($pconfig['statetype'] == "none") echo "selected"; ?>>none</option> </select><br>HINT: Select which type of state tracking mechanism you would like to use. If in doubt, use keep state. <p> <table width="90%"> <tr><td width="25%"><ul><li>keep state</li></td><td>Works with all IP protocols.</ul></td></tr> + <tr><td width="25%"><ul><li>sloppy state</li></td><td>Works with all IP protocols.</ul></td></tr> <tr><td width="25%"><ul><li>synproxy state</li></td><td>Proxies incoming TCP connections to help protect servers from spoofed TCP SYN floods. This option includes the functionality of keep state and modulate state combined.</ul></td></tr> <tr><td width="25%"><ul><li>none</li></td><td>Do not use state mechanisms to keep track. This is only useful if you're doing advanced queueing in certain situations. Please check the documentation.</ul></td></tr> </table> @@ -1029,10 +1119,10 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell">No XMLRPC Sync</td> <td width="78%" class="vtable"> - <div id="showadvnoxmlrpcsyncbox"> + <div id="showadvnoxmlrpcsyncbox" <? if ($pconfig['nosync']) echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_noxmlrpc()" value="Advanced"></input> - Show advanced option</a> </div> - <div id="shownoxmlrpcadv" style="display:none"> + <div id="shownoxmlrpcadv" <? if (empty($pconfig['nosync'])) echo "style='display:none'"; ?>> <input type="checkbox" name="nosync"<?php if($pconfig['nosync']) echo " CHECKED"; ?>><br> HINT: This prevents the rule from automatically syncing to other CARP members. </div> @@ -1052,10 +1142,10 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell">Schedule</td> <td width="78%" class="vtable"> - <div id="showadvschedulebox"> + <div id="showadvschedulebox" <? if (!empty($pconfig['sched'])) echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_schedule()" value="Advanced"></input> - Show advanced option</a> </div> - <div id="showscheduleadv" style="display:none"> + <div id="showscheduleadv" <? if (empty($pconfig['sched'])) echo "style='display:none'"; ?>> <select name='sched'> <?php foreach($schedules as $schedule) { @@ -1076,56 +1166,28 @@ include("head.inc"); </div> </td> </tr> - -<?php - /* build a list of gateways */ - $gateways = array(); - $gateways[] = "default"; // default to don't use this feature :) - if (is_array($config['gateways']['gateway_item'])) { - foreach($config['gateways']['gateway_item'] as $gw_item) { - if($gw_item['gateway'] <> "") - $gateways[] = $gw_item['name']; - } - } - -?> <tr> <td width="22%" valign="top" class="vncell">Gateway</td> <td width="78%" class="vtable"> - <div id="showadvgatewaybox"> + <div id="showadvgatewaybox" <? if (!empty($pconfig['gateway'])) echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_gateway()" value="Advanced"></input> - Show advanced option</a> </div> - <div id="showgatewayadv" style="display:none"> + <div id="showgatewayadv" <? if (empty($pconfig['gateway'])) echo "style='display:none'"; ?>> <select name='gateway'> + <option value="" >default</option> <?php + /* build a list of gateways */ + $gateways = return_gateways_array(); // add statically configured gateways to list - foreach($gateways as $gw) { + foreach($gateways as $gwname => $gw) { if($gw == "") continue; - if($gw == $pconfig['gateway']) { + if($gwname == $pconfig['gateway']) { $selected = " SELECTED"; } else { $selected = ""; } - if ($gw == "default") { - echo "<option value=\"\" {$selected}>{$gw}</option>\n"; - } else { - $gwip = lookup_gateway_ip_by_name($gw); - echo "<option value=\"{$gw}\" {$selected}>{$gw} - {$gwip}</option>\n"; - } - } - // add dynamic gateways to list - $iflist = get_configured_interface_with_descr(); - foreach ($iflist as $ifent => $ifdesc) { - if (in_array($config['interfaces'][$ifent]['ipaddr'], array("dhcp", "pppoe", "pptp", "ppp"))) { - if ($pconfig['gateway'] == $ifent) { - $selected = " SELECTED"; - } else { - $selected = ""; - } - if($ifdesc <> "") - echo "<option value=\"{$ifent}\" {$selected}>".strtoupper($ifent)." - {$ifdesc}</option>\n"; - } + echo "<option value=\"{$gwname}\" {$selected}>{$gw['name']} - {$gw['gateway']}</option>\n"; } /* add gateway groups to the list */ if (is_array($config['gateways']['gateway_group'])) { @@ -1148,10 +1210,10 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell">In/Out</td> <td width="78%" class="vtable"> - <div id="showadvinoutbox"> + <div id="showadvinoutbox" <? if (!empty($pconfig['dnpipe'])) echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_inout()" value="Advanced"></input> - Show advanced option</a> </div> - <div id="showinoutadv" style="display:none"> + <div id="showinoutadv" <? if (empty($pconfig['dnpipe'])) echo "style='display:none'"; ?>> <select name="dnpipe"> <?php if (!is_array($dnqlist)) @@ -1198,10 +1260,10 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell">Ackqueue/Queue</td> <td width="78%" class="vtable"> - <div id="showadvackqueuebox"> + <div id="showadvackqueuebox" <? if (!empty($pconfig['defaultqueue'])) echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_ackqueue()" value="Advanced"></input> - Show advanced option</a> </div> - <div id="showackqueueadv" style="display:none"> + <div id="showackqueueadv" <? if (empty($pconfig['defaultqueue'])) echo "style='display:none'"; ?>> <select name="ackqueue"> <?php if (!is_array($qlist)) @@ -1246,10 +1308,10 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell">Layer7</td> <td width="78%" class="vtable"> - <div id="showadvlayer7box"> + <div id="showadvlayer7box" <? if (!empty($pconfig['l7container'])) echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_layer7()" value="Advanced"></input> - Show advanced option</a> </div> - <div id="showlayer7adv" style="display:none"> + <div id="showlayer7adv" <? if (empty($pconfig['l7container'])) echo "style='display:none'"; ?>> <select name="l7container"> <?php if (!is_array($l7clist)) diff --git a/usr/local/www/firewall_shaper.php b/usr/local/www/firewall_shaper.php index e4db1ee..6b6824f 100755 --- a/usr/local/www/firewall_shaper.php +++ b/usr/local/www/firewall_shaper.php @@ -374,22 +374,6 @@ else $output_form .= "</div>"; $output = "<div id=\"shaperarea\" style=\"position:relative\">"; -if (!$dontshow) { -if ($queue || $altq || $newqueue) { - $output .= "<tr><td valign=\"top\" class=\"vncellreq\"><br>"; - $output .= "Enable/Disable"; - $output .= "</td><td class=\"vncellreq\">"; - $output .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"enabled\""; - if ($queue) - if ($queue->GetEnabled()) - $output .= " CHECKED"; - else if ($altq) - if ($altq->GetEnabled()) - $output .= " CHECKED"; - $output .= " ><span class=\"vexpl\"> Enable/Disable queue and its childs</span>"; - $output .= "</td></tr>"; -} -} $output .= $output_form; //$pgtitle = "Firewall: Shaper: By Interface View"; diff --git a/usr/local/www/firewall_shaper_vinterface.php b/usr/local/www/firewall_shaper_vinterface.php index f3b5536..45ec5cc 100644 --- a/usr/local/www/firewall_shaper_vinterface.php +++ b/usr/local/www/firewall_shaper_vinterface.php @@ -318,19 +318,6 @@ else $output_form .= "</div>"; $output = "<div id=\"shaperarea\" style=\"position:relative\">"; -if (!$dontshow) { -if ($queue || $dnpipe || $newqueue) { - $output .= "<tr><td valign=\"top\" class=\"vncellreq\"><br>"; - $output .= "Enable/Disable"; - $output .= "</td><td class=\"vncellreq\">"; - $output .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\""; - if ($queue) - if ($queue->GetEnabled() <> "") - $output .= " CHECKED"; - $output .= " ><span class=\"vexpl\"> Enable/Disable queue and its children.</span>"; - $output .= "</td></tr>"; -} -} $output .= $output_form; include("head.inc"); diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 0de2f2d..851fdec 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -93,20 +93,21 @@ if(!$ignorefirmwarelock) { } $firewall_rules_dscp_types = array("af11", - "af12", - "af13", - "af21", - "af22", - "af23", - "af31", - "af32", - "af33", - "af41", - "af42", - "af43", - "EF", - "1-64", - "0x04-0xfc"); + "af12", + "af13", + "af21", + "af22", + "af23", + "af31", + "af32", + "af33", + "af41", + "af42", + "af43", + "EF", + "1-64", + "0x10", + "0x04-0xfc"); $auth_server_types = array( 'ldap' => "LDAP", @@ -202,6 +203,9 @@ $wkports = array( 69 => "TFTP", 5900 => "VNC"); +/* TCP flags */ +$tcpflags = array("fin", "syn", "rst", "psh", "ack", "urg"); + $specialnets = array("wanip" => "WAN address", "lanip" => "LAN address", "lan" => "LAN net", "pptp" => "PPTP clients", "pppoe" => "PPPoE clients", "l2tp" => "L2TP clients"); $spiflist = get_configured_interface_with_descr(true, true); diff --git a/usr/local/www/index.php b/usr/local/www/index.php index ffc9a4d..4125b51 100755 --- a/usr/local/www/index.php +++ b/usr/local/www/index.php @@ -42,16 +42,43 @@ ##|*MATCH=index.php* ##|-PRIV - // Turn on buffering to speed up rendering - ini_set('output_buffering','true'); - - // Start buffering with a cache size of 100000 - ob_start(null, "1000"); +// Turn on buffering to speed up rendering +ini_set('output_buffering','true'); + +// Start buffering with a cache size of 100000 +ob_start(null, "1000"); - ## Load Essential Includes - require_once('functions.inc'); - require_once('guiconfig.inc'); - require_once('notices.inc'); +## Load Essential Includes +require_once('functions.inc'); +require_once('guiconfig.inc'); +require_once('notices.inc'); + +##build list of widgets +$directory = "/usr/local/www/widgets/widgets/"; +$dirhandle = opendir($directory); +$filename = ""; +$widgetnames = array(); +$widgetfiles = array(); +$widgetlist = array(); + +while (false !== ($filename = readdir($dirhandle))) { + $periodpos = strpos($filename, "."); + $widgetname = substr($filename, 0, $periodpos); + $widgetnames[] = $widgetname; + if ($widgetname != "system_information") + $widgetfiles[] = $filename; +} + +##sort widgets alphabetically +sort($widgetfiles); + +##insert the system information widget as first, so as to be displayed first +array_unshift($widgetfiles, "system_information.widget.php"); + +##if no config entry found, initialize config entry +if (!is_array($config['widgets'])) { + $config['widgets'] = array(); +} if ($_POST && $_POST['submit']) { $config['widgets']['sequence'] = $_POST['sequence']; @@ -146,32 +173,6 @@ EOF; fclose($fd); } -##build list of widgets -$directory = "/usr/local/www/widgets/widgets/"; -$dirhandle = opendir($directory); -$filename = ""; -$widgetnames = array(); -$widgetfiles = array(); -$widgetlist = array(); -while (false !== ($filename = readdir($dirhandle))) { - $periodpos = strpos($filename, "."); - $widgetname = substr($filename, 0, $periodpos); - $widgetnames[] = $widgetname; - if ($widgetname != "system_information") - $widgetfiles[] = $filename; -} - -##sort widgets alphabetically -sort($widgetfiles); - -##insert the system information widget as first, so as to be displayed first -array_unshift($widgetfiles, "system_information.widget.php"); - -##if no config entry found, initialize config entry -if (!is_array($config['widgets'])) { - $config['widgets'] = array(); -} - ##build widget saved list information if ($config['widgets'] && $config['widgets']['sequence'] != "") { $pconfig['sequence'] = $config['widgets']['sequence']; diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index 427d303..e67b346 100755 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -316,6 +316,7 @@ if ($_GET['act'] == "add") { /* find next free optional interface number */ if(!$config['interfaces']['lan']) { $newifname = "lan"; + $descr = "LAN"; $config['interfaces'][$newifname] = array(); $config['interfaces'][$newifname]['descr'] = $descr; } else { @@ -327,9 +328,10 @@ if ($_GET['act'] == "add") { $descr = "OPT{$i}"; $config['interfaces'][$newifname] = array(); $config['interfaces'][$newifname]['descr'] = $descr; - uksort($config['interfaces'], "strnatcmp"); } - + + uksort($config['interfaces'], "compare_interface_names"); + /* Find an unused port for this interface */ foreach ($portlist as $portname => $portinfo) { $portused = false; @@ -358,6 +360,21 @@ if ($_GET['act'] == "add") { } +function compare_interface_names($a, $b) { + if ($a == $b) + return 0; + else if ($a == 'wan') + return -1; + else if ($b == 'wan') + return 1; + else if ($a == 'lan') + return -1; + else if ($b == 'lan') + return 1; + + return strnatcmp($a, $b); +} + include("head.inc"); if(file_exists("/var/run/interface_mismatch_reboot_needed")) diff --git a/usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js b/usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js index 1b7f33a..38b9363 100644 --- a/usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js +++ b/usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js @@ -3,13 +3,13 @@ var portsenabled = 1; var editenabled = 1; function ext_change() { - if ((document.iform.srcbeginport.selectedIndex == 0) && portsenabled) { + if ((document.iform.srcbeginport.selectedIndex == 0) && portsenabled && editenabled) { document.iform.srcbeginport_cust.disabled = 0; } else { document.iform.srcbeginport_cust.value = ""; document.iform.srcbeginport_cust.disabled = 1; } - if ((document.iform.srcendport.selectedIndex == 0) && portsenabled) { + if ((document.iform.srcendport.selectedIndex == 0) && portsenabled && editenabled) { document.iform.srcendport_cust.disabled = 0; } else { document.iform.srcendport_cust.value = ""; @@ -34,9 +34,9 @@ function ext_change() { document.iform.dstbeginport.disabled = 1; document.iform.dstendport.disabled = 1; } else { - document.iform.srcbeginport.disabled = 0; - document.iform.srcendport.disabled = 0; if( editenabled ) { + document.iform.srcbeginport.disabled = 0; + document.iform.srcendport.disabled = 0; document.iform.dstbeginport.disabled = 0; document.iform.dstendport.disabled = 0; } @@ -90,8 +90,10 @@ function typesel_change() { function proto_change() { if (document.iform.proto.selectedIndex < 3) { portsenabled = 1; + document.getElementById("tcpflags").style.display = ''; } else { portsenabled = 0; + document.getElementById("tcpflags").style.display = 'none'; } /* Disable OS knob if the proto is not TCP. */ @@ -180,6 +182,12 @@ function show_advanced_state() { aodiv.style.display = "block"; } +function show_advanced_tcpflags() { + document.getElementById("showtcpflagsbox").innerHTML=''; + aodiv = document.getElementById('showtcpflagsadv'); + aodiv.style.display = "block"; +} + function show_advanced_layer7() { document.getElementById("showadvlayer7box").innerHTML=''; aodiv = document.getElementById('showlayer7adv'); @@ -194,4 +202,11 @@ function dst_rep_change() { document.iform.dstendport.selectedIndex = document.iform.dstbeginport.selectedIndex; } +function tcpflags_anyclick(obj) { + if (obj.checked) { + document.getElementById('tcpheader').style.display= 'none'; + } else { + document.getElementById('tcpheader').style.display= ""; + } +} //--> diff --git a/usr/local/www/load_balancer_monitor.php b/usr/local/www/load_balancer_monitor.php index 797412b..ebb6406 100755 --- a/usr/local/www/load_balancer_monitor.php +++ b/usr/local/www/load_balancer_monitor.php @@ -39,11 +39,11 @@ ##|*MATCH=load_balancer_monitor.php* ##|-PRIV -require("guiconfig.inc"); +require_once("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); -require("util.inc"); +require_once("util.inc"); if (!is_array($config['load_balancer']['monitor_type'])) { $config['load_balancer']['monitor_type'] = array(); @@ -105,8 +105,6 @@ include("head.inc"); $tab_array[] = array("Monitors", true, "load_balancer_monitor.php"); $tab_array[] = array("Pools", false, "load_balancer_pool.php"); $tab_array[] = array("Virtual Servers", false, "load_balancer_virtual_server.php"); - $tab_array[] = array("Relay Actions", false, "load_balancer_relay_action.php"); - $tab_array[] = array("Relay Protocols", false, "load_balancer_relay_protocol.php"); display_top_tabs($tab_array); ?> </td></tr> diff --git a/usr/local/www/load_balancer_pool.php b/usr/local/www/load_balancer_pool.php index 103cb7e..c320683 100755 --- a/usr/local/www/load_balancer_pool.php +++ b/usr/local/www/load_balancer_pool.php @@ -39,7 +39,7 @@ ##|*MATCH=load_balancer_pool.php* ##|-PRIV -require("guiconfig.inc"); +require_once("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); @@ -114,8 +114,6 @@ include("head.inc"); $tab_array[] = array("Monitors", false, "load_balancer_monitor.php"); $tab_array[] = array("Pools", true, "load_balancer_pool.php"); $tab_array[] = array("Virtual Servers", false, "load_balancer_virtual_server.php"); - $tab_array[] = array("Relay Actions", false, "load_balancer_relay_action.php"); - $tab_array[] = array("Relay Protocols", false, "load_balancer_relay_protocol.php"); display_top_tabs($tab_array); ?> </td></tr> diff --git a/usr/local/www/load_balancer_relay_action.php b/usr/local/www/load_balancer_relay_action.php index 9ee0deb..8926f65 100755 --- a/usr/local/www/load_balancer_relay_action.php +++ b/usr/local/www/load_balancer_relay_action.php @@ -39,7 +39,7 @@ ##|*MATCH=load_balancer_relay_action.php* ##|-PRIV -require("guiconfig.inc"); +require_once("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); diff --git a/usr/local/www/load_balancer_relay_protocol.php b/usr/local/www/load_balancer_relay_protocol.php index cfa8086..767e962 100755 --- a/usr/local/www/load_balancer_relay_protocol.php +++ b/usr/local/www/load_balancer_relay_protocol.php @@ -39,7 +39,7 @@ ##|*MATCH=load_balancer_relay_protocol.php* ##|-PRIV -require("guiconfig.inc"); +require_once("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); @@ -117,8 +117,6 @@ include("head.inc"); $tab_array[] = array("Monitors", false, "load_balancer_monitor.php"); $tab_array[] = array("Pools", false, "load_balancer_pool.php"); $tab_array[] = array("Virtual Servers", false, "load_balancer_virtual_server.php"); - $tab_array[] = array("Relay Actions", false, "load_balancer_relay_action.php"); - $tab_array[] = array("Relay Protocols", true, "load_balancer_relay_protocol.php"); display_top_tabs($tab_array); ?> </td></tr> diff --git a/usr/local/www/load_balancer_virtual_server.php b/usr/local/www/load_balancer_virtual_server.php index 063b02d..772cbf8 100755 --- a/usr/local/www/load_balancer_virtual_server.php +++ b/usr/local/www/load_balancer_virtual_server.php @@ -39,7 +39,7 @@ ##|*MATCH=load_balancer_virtual_server.php* ##|-PRIV -require("guiconfig.inc"); +require_once("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); @@ -113,8 +113,6 @@ include("head.inc"); $tab_array[] = array("Monitors", false, "load_balancer_monitor.php"); $tab_array[] = array("Pools", false, "load_balancer_pool.php"); $tab_array[] = array("Virtual Servers", true, "load_balancer_virtual_server.php"); - $tab_array[] = array("Relay Actions", false, "load_balancer_relay_action.php"); - $tab_array[] = array("Relay Protocols", false, "load_balancer_relay_protocol.php"); display_top_tabs($tab_array); ?> </td></tr> diff --git a/usr/local/www/load_balancer_virtual_server_edit.php b/usr/local/www/load_balancer_virtual_server_edit.php index 9dd65d6..6eb49bd 100755 --- a/usr/local/www/load_balancer_virtual_server_edit.php +++ b/usr/local/www/load_balancer_virtual_server_edit.php @@ -239,6 +239,8 @@ document.observe("dom:loaded", function() { <?php endif; ?> </td> </tr> + <input type="hidden" name="mode" value="redirect_mode"> +<!-- <tr align="left"> <td width="22%" valign="top" class="vncellreq">Mode</td> <td width="78%" class="vtable" colspan="2"> @@ -248,6 +250,7 @@ document.observe("dom:loaded", function() { <br> </td> </tr> +--> <tr id="relay" align="left" style="display:none;"> <td width="22%" valign="top" class="vncellreq">Relay Protocol</td> <td width="78%" class="vtable" colspan="2"> diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 65e1e41..eeadc2e 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -245,7 +245,7 @@ if ($_POST) { } if($pkg['title'] <> "") { - $edit = ($only_edit ? '' : ': Edit'); + $edit = ($only_edit ? '' : ": " . gettext("Edit")); $title = $pkg['title'] . $edit; } else @@ -851,4 +851,4 @@ function parse_package_templates() { } } -?>
\ No newline at end of file +?> diff --git a/usr/local/www/pkg_mgr.php b/usr/local/www/pkg_mgr.php index 42ac121..1445dcf 100755 --- a/usr/local/www/pkg_mgr.php +++ b/usr/local/www/pkg_mgr.php @@ -44,7 +44,7 @@ require_once("globals.inc"); require_once("guiconfig.inc"); require_once("pkg-utils.inc"); -$pkg_info = get_pkg_info('all', array('noembedded', 'name', 'category', 'website', 'version', 'status', 'descr', 'maintainer', 'required_version', 'maximum_version', 'pkginfolink')); +$pkg_info = get_pkg_info('all', array("noembedded", "name", "category", "website", "version", "status", "descr", "maintainer", "required_version", "maximum_version", "pkginfolink")); if($pkg_info) { $fout = fopen("{$g['tmp_path']}/pkg_info.cache", "w"); fwrite($fout, serialize($pkg_info)); @@ -54,10 +54,10 @@ if($pkg_info) { $using_cache = true; $xmlrpc_base_url = isset($config['system']['altpkgrepo']['enable']) ? $config['system']['altpkgrepo']['xmlrpcbaseurl'] : $g['xmlrpcbaseurl']; if(file_exists("{$g['tmp_path']}/pkg_info.cache")) { - $savemsg = "Unable to retrieve package info from {$xmlrpc_base_url}. Cached data will be used."; + $savemsg = sprintf(gettext("Unable to retrieve package info from %s. Cached data will be used."), $xmlrpc_base_url); $pkg_info = unserialize(@file_get_contents("{$g['tmp_path']}/pkg_info.cache")); } else { - $savemsg = "Unable to communicate with {$xmlrpc_base_url}. Please verify DNS and interface configuration, and that {$g['product_name']} has functional Internet connectivity."; + $savemsg = sprintf(gettext("Unable to communicate with %s. Please verify DNS and interface configuration, and that %s has functional Internet connectivity."), $xmlrpc_base_url, $g['product_name']); } } @@ -65,7 +65,7 @@ if (! empty($_GET)) if (isset($_GET['ver'])) $requested_version = htmlspecialchars($_GET['ver']); -$pgtitle = array("System","Package Manager"); +$pgtitle = array(gettext("System"),gettext("Package Manager")); include("head.inc"); ?> @@ -88,10 +88,10 @@ include("head.inc"); $testing_version = substr($version, $hyphen + 1, strlen($version) - $hyphen); $tab_array = array(); - $tab_array[] = array("{$version} packages", $requested_version <> "" ? false : true, "pkg_mgr.php"); + $tab_array[] = array($version . gettext("packages"), $requested_version <> "" ? false : true, "pkg_mgr.php"); // $tab_array[] = array("Packages for any platform", $requested_version == "none" ? true : false, "pkg_mgr.php?ver=none"); // $tab_array[] = array("Packages with a different version", $requested_version == "other" ? true : false, "pkg_mgr.php?ver=other"); - $tab_array[] = array("Installed Packages", false, "pkg_mgr_installed.php"); + $tab_array[] = array(gettext("Installed Packages"), false, "pkg_mgr_installed.php"); display_top_tabs($tab_array); ?> </td> @@ -101,16 +101,16 @@ include("head.inc"); <div id="mainarea"> <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td width="10%" class="listhdrr">Package Name</td> - <td width="25%" class="listhdrr">Category</td> + <td width="10%" class="listhdrr"><?=gettext("Package Name"); ?></td> + <td width="25%" class="listhdrr"><?=gettext("Category"); ?></td> <!-- <td width="10%" class="listhdrr">Size</td> --> - <td width="5%" class="listhdrr">Status</td> - <td width="5%" class="listhdrr">Package Info</td> - <td width="50%" class="listhdr">Description</td> + <td width="5%" class="listhdrr"><?=gettext("Status"); ?></td> + <td width="5%" class="listhdrr"><?=gettext("Package Info"); ?></td> + <td width="50%" class="listhdr"><?=gettext("Description"); ?></td> </tr> <?php if(!$pkg_info) { - echo "<tr><td colspan=\"5\"><center>There are currently no packages available for installation.</td></tr>"; + echo "<tr><td colspan=\"5\"><center>" . gettext("There are currently no packages available for installation.") . "</td></tr>"; } else { $installed_pfsense_version = rtrim(file_get_contents("/etc/version")); $dash = strpos($installed_pfsense_version, "-"); @@ -181,13 +181,13 @@ include("head.inc"); </td> --> <td class="listr"> - <?= $index['status'] ?> + <?=$index['status'] ?> <br/> - <?= $index['version'] ?> + <?=$index['version'] ?> <br/> - platform: <?= $index['required_version'] ?> + <?=gettext("platform") .": ". $index['required_version'] ?> <br/> - <?= $index['maximum_version']; ?> + <?=$index['maximum_version'] ?> </td> <td class="listr"> <?php @@ -195,7 +195,7 @@ include("head.inc"); $pkginfolink = $index['pkginfolink']; echo "<a target='_new' href='$pkginfolink'>Package Info</a>"; } else { - echo "No info, check the <a href='http://forum.pfsense.org/index.php/board,15.0.html'>forum</a>"; + echo gettext("No info, check the") . "<a href='http://forum.pfsense.org/index.php/board,15.0.html'>" . gettext("forum") . "</a>"; } ?> </td> @@ -203,13 +203,13 @@ include("head.inc"); <?= $index['descr'] ?> </td> <td valign="middle" class="list" nowrap> - <a onclick="return confirm('Do you really want to install this package?')" href="pkg_mgr_install.php?id=<?=$index['name'];?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a> + <a onclick="return confirm('<?=gettext("Do you really want to install this package?"); ?>')" href="pkg_mgr_install.php?id=<?=$index['name'];?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a> </td> </tr> <?php } } else { - echo '<tr><td colspan="5"><center>There are currently no packages available for installation.</center></td></tr>'; + echo "<tr><td colspan='5'><center>" . gettext("There are currently no packages available for installation.") . "</center></td></tr>"; } } ?> diff --git a/usr/local/www/pkg_mgr_install.php b/usr/local/www/pkg_mgr_install.php index c22cc8a..e82440c 100755 --- a/usr/local/www/pkg_mgr_install.php +++ b/usr/local/www/pkg_mgr_install.php @@ -54,7 +54,7 @@ $sendto = "output"; $todo = array(); -$pgtitle = array("System","Package Manager","Install Package"); +$pgtitle = array(gettext("System"),gettext("Package Manager"),gettext("Install Package")); include("head.inc"); ?> @@ -69,11 +69,11 @@ include("head.inc"); <?php $version = file_get_contents("/etc/version"); $tab_array = array(); - $tab_array[] = array("{$version} packages", false, "pkg_mgr.php"); + $tab_array[] = array("{$version} " . gettext("packages"), false, "pkg_mgr.php"); // $tab_array[] = array("Packages for any platform", false, "pkg_mgr.php?ver=none"); // $tab_array[] = array("Packages for a different platform", $requested_version == "other" ? true : false, "pkg_mgr.php?ver=other"); - $tab_array[] = array("Installed packages", false, "pkg_mgr_installed.php"); - $tab_array[] = array("Package Installer", true, ""); + $tab_array[] = array(gettext("Installed packages"), false, "pkg_mgr_installed.php"); + $tab_array[] = array(gettext("Package Installer"), true, ""); display_top_tabs($tab_array); ?> </td> @@ -98,7 +98,7 @@ include("head.inc"); </table> <br> <!-- status box --> - <textarea cols="60" rows="1" name="status" id="status" wrap="hard">Beginning package installation.</textarea> + <textarea cols="60" rows="1" name="status" id="status" wrap="hard"><?=gettext("Beginning package installation.");?></textarea> <!-- command output box --> <textarea cols="60" rows="25" name="output" id="output" wrap="hard"></textarea> </center> @@ -121,7 +121,7 @@ Rounded("div#mainareapkg","bl br","#FFF","#eeeeee","smooth"); ob_flush(); // Write out configuration to creatae a backup prior to pkg install -write_config("Creating restore point before package installation."); +write_config(gettext("Creating restore point before package installation.")); /* mount rw fs */ conf_mount_rw(); @@ -130,8 +130,8 @@ switch($_GET['mode']) { case "delete": $id = get_pkg_id($_GET['pkg']); uninstall_package_from_name($_GET['pkg']); - update_status("Package deleted."); - $static_output .= "\nPackage deleted."; + update_status(gettext("Package deleted.")); + $static_output .= "\n" . gettext("Package deleted."); update_output_window($static_output); filter_configure(); break; @@ -145,8 +145,8 @@ switch($_GET['mode']) { $id = get_pkg_id(htmlspecialchars($_GET['pkg'])); delete_package_xml(htmlspecialchars($_GET['pkg'])); install_package(htmlspecialchars($_GET['pkg'])); - update_status("Package reinstalled."); - $static_output .= "\n\nPackage reinstalled."; + update_status(gettext("Package reinstalled.")); + $static_output .= "\n\n" . gettext("Package reinstalled."); start_service(htmlspecialchars($_GET['pkg'])); update_output_window($static_output); filter_configure(); @@ -154,7 +154,7 @@ switch($_GET['mode']) { case "reinstallxml": delete_package_xml(htmlspecialchars($_GET['pkg'])); install_package(htmlspecialchars($_GET['pkg'])); - $static_output .= "\n\nPackage reinstalled."; + $static_output .= "\n\n" . gettext("Package reinstalled."); start_service(htmlspecialchars($_GET['pkg'])); update_output_window($static_output); filter_configure(); @@ -164,10 +164,10 @@ switch($_GET['mode']) { if(file_exists("/tmp/{$_GET['pkg']}.info")) { $filename = escapeshellcmd("/tmp/" . $_GET['pkg'] . ".info"); $status = file_get_contents($filename); - update_status($_GET['pkg'] . " installation completed."); + update_status($_GET['pkg'] . " " . gettext("installation completed.")); update_output_window($status); } else { - update_output_window("Could not find {$_GET['pkg']}."); + update_output_window(gettext("Could not find") . " " . $_GET['pkg'] . "."); } break; case "reinstallall": @@ -187,8 +187,8 @@ switch($_GET['mode']) { $pkg_id++; } } - update_status("All packages reinstalled."); - $static_output .= "\n\nAll packages reinstalled."; + update_status(gettext("All packages reinstalled.")); + $static_output .= "\n\n" . gettext("All packages reinstalled."); start_service(htmlspecialchars($_GET['pkg'])); update_output_window($static_output); filter_configure(); @@ -196,19 +196,19 @@ switch($_GET['mode']) { default: $status = install_package(htmlspecialchars($_GET['id'])); if($status == -1) { - update_status("Installation of " . htmlspecialchars($_GET['id']) . " FAILED!"); - $static_output .= "\n\nInstallation halted."; + update_status(gettext("Installation of") . " " . htmlspecialchars($_GET['id']) . " " . gettext("FAILED!")); + $static_output .= "\n\n" . gettext("Installation halted."); update_output_window($static_output); } else { $filename = escapeshellcmd("/tmp/" . $_GET['id'] . ".info"); $fd = fopen($filename, "w"); - $status_a = "Installation of " . htmlspecialchars($_GET['id']) . " completed."; + $status_a = gettext("Installation of") . " " . htmlspecialchars($_GET['id']) . " " . gettext("completed."); update_status($status_a); $status = get_after_install_info($_GET['id']); if($status) - $static_output .= "\nInstallation completed.\n\n{$_GET['id']} setup instructions:\n\n{$status}"; + $static_output .= "\n" . gettext("Installation completed.") . "\n\n{$_GET['id']} " . gettext("setup instructions") . ":\n\n{$status}"; else - $static_output .= "\nInstallation completed. Please check to make sure that the package is configured from the respective menu then start the package."; + $static_output .= "\n" . gettext("Installation completed. Please check to make sure that the package is configured from the respective menu then start the package."); fwrite($fd, $status_a . "\n\n". $static_output); fclose($fd); echo "<script type='text/javascript'>document.location=\"pkg_mgr_install.php?mode=installedinfo&pkg={$_GET['id']}\";</script>"; @@ -228,4 +228,4 @@ if($fd_log) /* read only fs */ conf_mount_ro(); -?>
\ No newline at end of file +?> diff --git a/usr/local/www/pkg_mgr_installed.php b/usr/local/www/pkg_mgr_installed.php index 703cb2f..5db007f 100755 --- a/usr/local/www/pkg_mgr_installed.php +++ b/usr/local/www/pkg_mgr_installed.php @@ -47,7 +47,7 @@ if(is_array($config['installedpackages']['package'])) { $currentvers = get_pkg_info($tocheck, array('version', 'xmlver', 'pkginfolink')); } -$pgtitle = array("System","Package Manager"); +$pgtitle = array(gettext("System"),gettext("Package Manager")); include("head.inc"); ?> @@ -60,10 +60,10 @@ include("head.inc"); <?php $version = file_get_contents("/etc/version"); $tab_array = array(); - $tab_array[] = array("{$version} packages", false, "pkg_mgr.php"); + $tab_array[] = array("{$version} " . gettext("packages"), false, "pkg_mgr.php"); // $tab_array[] = array("Packages for any platform", false, "pkg_mgr.php?ver=none"); // $tab_array[] = array("Packages for a different platform", $requested_version == "other" ? true : false, "pkg_mgr.php?ver=other"); - $tab_array[] = array("Installed packages", true, "pkg_mgr_installed.php"); + $tab_array[] = array(gettext("Installed packages"), true, "pkg_mgr_installed.php"); display_top_tabs($tab_array); ?> </td> @@ -73,11 +73,11 @@ include("head.inc"); <div id="mainarea"> <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td width="10%" class="listhdrr">Package Name</td> - <td width="20%" class="listhdrr">Category</td> - <td width="10%" class="listhdrr">Package Info</td> - <td width="15%" class="listhdrr">Package Version</td> - <td width="45%" class="listhdr">Description</td> + <td width="10%" class="listhdrr"><?=gettext("Package Name"); ?></td> + <td width="20%" class="listhdrr"><?=gettext("Category"); ?></td> + <td width="10%" class="listhdrr"><?=gettext("Package Info"); ?></td> + <td width="15%" class="listhdrr"><?=gettext("Package Version"); ?></td> + <td width="45%" class="listhdr"><?=gettext("Description"); ?></td> </tr> <?php if(is_array($config['installedpackages']['package'])): @@ -99,14 +99,14 @@ include("head.inc"); // we're running a newer version of the package if(strcmp($pkg['version'], $latest_package) > 0) { $tdclass = "listbggrey"; - $pkgver = "Available: {$latest_package}<br/>"; - $pkgver .= "Installed: {$pkg['version']}"; + $pkgver = gettext("Available") .": ". $latest_package . "<br/>"; + $pkgver .= gettext("Installed") .": ". $pkg['version']; } // we're running an older version of the package if(strcmp($pkg['version'], $latest_package) < 0) { $tdclass = "listbg"; - $pkgver = "<font color='#ffffff'>Available: {$latest_package}<br/>"; - $pkgver .= "Installed: {$pkg['version']}"; + $pkgver = "<font color='#ffffff'>" . gettext("Available") .": ". $latest_package . "<br/>"; + $pkgver .= gettext("Installed") .": ". $pkg['version']; } // we're running the current version if(!strcmp($pkg['version'], $latest_package)) { @@ -132,9 +132,9 @@ include("head.inc"); <?php if($currentvers[$pkg['name']]['pkginfolink']) { $pkginfolink = $currentvers[$pkg['name']]['pkginfolink']; - echo "<a target='_new' href='$pkginfolink'>Package Info</a>"; + echo "<a target='_new' href='$pkginfolink'>" . gettext("Package Info") . "</a>"; } else { - echo "No info, check the <a href='http://forum.pfsense.org/index.php/board,15.0.html'>forum</a>"; + echo gettext("No info, check the") . "<a href='http://forum.pfsense.org/index.php/board,15.0.html'>" . gettext("forum") . "</a>"; } ?> </td> @@ -145,15 +145,15 @@ include("head.inc"); <?=$pkg['descr'];?> </td> <td valign="middle" class="list" nowrap> - <a onclick="return confirm('Do you really want to remove this package?')" href="pkg_mgr_install.php?mode=delete&pkg=<?= $pkg['name']; ?>"> - <img title="Remove this package." src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"> + <a onclick="return confirm('<?=gettext("Do you really want to remove this package?"); ?>')" href="pkg_mgr_install.php?mode=delete&pkg=<?= $pkg['name']; ?>"> + <img title="<?=gettext("Remove this package."); ?>" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"> </a> <br> <a href="pkg_mgr_install.php?mode=reinstallpkg&pkg=<?= $pkg['name']; ?>"> - <img title="Reinstall this package." src="./themes/<?= $g['theme']; ?>/images/icons/icon_reinstall_pkg.gif" width="17" height="17" border="0"> + <img title="<?=gettext("Reinstall this package."); ?>" src="./themes/<?= $g['theme']; ?>/images/icons/icon_reinstall_pkg.gif" width="17" height="17" border="0"> </a> <a href="pkg_mgr_install.php?mode=reinstallxml&pkg=<?= $pkg['name']; ?>"> - <img title="Reinstall this package's GUI components." src="./themes/<?= $g['theme']; ?>/images/icons/icon_reinstall_xml.gif" width="17" height="17" border="0"> + <img title="<?=gettext("Reinstall this package's GUI components."); ?>" src="./themes/<?= $g['theme']; ?>/images/icons/icon_reinstall_xml.gif" width="17" height="17" border="0"> </a> </td> </tr> @@ -163,7 +163,7 @@ include("head.inc"); ?> <tr> <td colspan="5" align="center"> - There are no packages currently installed. + <?=gettext("There are no packages currently installed."); ?> </td> </tr> <?php endif; ?> diff --git a/usr/local/www/pkg_mgr_settings.php b/usr/local/www/pkg_mgr_settings.php index 56e4e6d..650a4ab 100644 --- a/usr/local/www/pkg_mgr_settings.php +++ b/usr/local/www/pkg_mgr_settings.php @@ -59,7 +59,7 @@ if ($_POST) { $curcfg = $config['system']['altpkgrepo']; -$pgtitle = array("System","Package Settings"); +$pgtitle = array(gettext("System"),gettext("Package Settings")); include("head.inc"); ?> <script language="JavaScript"> @@ -89,9 +89,9 @@ function enable_altpkgrepourl(enable_over) { <?php $version = file_get_contents("/etc/version"); $tab_array = array(); - $tab_array[] = array("{$version} packages", false, "pkg_mgr.php"); - $tab_array[] = array("Installed Packages", false, "pkg_mgr_installed.php"); - $tab_array[] = array("Package Settings", true, "pkg_mgr_settings.php"); + $tab_array[] = array("{$version} " . gettext("packages"), false, "pkg_mgr.php"); + $tab_array[] = array(gettext("Installed Packages"), false, "pkg_mgr_installed.php"); + $tab_array[] = array(gettext("Package Settings"), true, "pkg_mgr_settings.php"); display_top_tabs($tab_array); ?> </td> @@ -99,17 +99,17 @@ function enable_altpkgrepourl(enable_over) { <tr><td><div id=mainarea> <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">Package Repository URL</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Package Repository URL");?></td> </tr> <tr> - <td valign="top" class="vncell">Package Repository URL</td> + <td valign="top" class="vncell"><?=gettext("Package Repository URL");?></td> <td class="vtable"> - <input name="alturlenable" type="checkbox" id="alturlenable" value="yes" onClick="enable_altpkgrepourl()" <?php if(isset($curcfg['enable'])) echo "checked"; ?>> Use a different URL server for packages other than <?php echo $g['product_website']; ?><br> + <input name="alturlenable" type="checkbox" id="alturlenable" value="yes" onClick="enable_altpkgrepourl()" <?php if(isset($curcfg['enable'])) echo "checked"; ?>> <?=gettext("Use a different URL server for packages other than");?> <?php echo $g['product_website']; ?><br> <table> - <tr><td>Base URL:</td><td><input name="pkgrepourl" type="input" class="formfld url" id="pkgrepourl" size="64" value="<?php if($curcfg['xmlrpcbaseurl']) echo $curcfg['xmlrpcbaseurl']; else echo $g['']; ?>"></td></tr> + <tr><td><?=gettext("Base URL");?>:</td><td><input name="pkgrepourl" type="input" class="formfld url" id="pkgrepourl" size="64" value="<?php if($curcfg['xmlrpcbaseurl']) echo $curcfg['xmlrpcbaseurl']; else echo $g['']; ?>"></td></tr> </table> <span class="vexpl"> - This is where <?php echo $g['product_name'] ?> will check for packages when the <a href="pkg_mgr.php">System: Packages</a> page is viewed. + <?=sprintf(gettext("This is where %s will check for packages when the"),$g['product_name']);?>, <a href="pkg_mgr.php"><?=gettext("System: Packages");?></a> <?=gettext("page is viewed");?>. </span> </td> </tr> @@ -117,7 +117,7 @@ function enable_altpkgrepourl(enable_over) { <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> </td> </tr> </table></div></td></tr></table> diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index fb8711b..4bf2cf9 100755 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -56,8 +56,10 @@ if ($_GET['act'] == "del") { $ipent = $a_allowedips[$_GET['id']]; if (isset($config['captiveportal']['enable'])) { - mwexec("/sbin/ipfw table 1 delete " . $ipent['ip']); - mwexec("/sbin/ipfw table 2 delete " . $ipent['ip']); + mwexec("/sbin/ipfw table 3 delete " . $ipent['ip']); + mwexec("/sbin/ipfw table 4 delete " . $ipent['ip']); + mwexec("/sbin/ipfw table 5 delete " . $ipent['ip']); + mwexec("/sbin/ipfw table 6 delete " . $ipent['ip']); } unset($a_allowedips[$_GET['id']]); @@ -104,7 +106,13 @@ include("head.inc"); <?php $i = 0; foreach ($a_allowedips as $ip): ?> <tr ondblclick="document.location='services_captiveportal_ip_edit.php?id=<?=$i;?>'"> <td class="listlr"> + <?php if($ip['dir'] == "to") + echo "any <img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\">"; + ?> <?=strtolower($ip['ip']);?> + <?php if($ip['dir'] == "from") + echo "<img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any"; + ?> </td> <td class="listbg"> <?=htmlspecialchars($ip['descr']);?> diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index 45c4e2f..09d8075 100755 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -67,6 +67,7 @@ if (isset($_POST['id'])) if (isset($id) && $a_allowedips[$id]) { $pconfig['ip'] = $a_allowedips[$id]['ip']; + $pconfig['dir'] = $a_allowedips[$id]['dir']; $pconfig['bw_up'] = $a_allowedips[$id]['bw_up']; $pconfig['bw_down'] = $a_allowedips[$id]['bw_down']; $pconfig['descr'] = $a_allowedips[$id]['descr']; @@ -104,6 +105,7 @@ if ($_POST) { if (!$input_errors) { $ip = array(); $ip['ip'] = $_POST['ip']; + $ip['dir'] = $_POST['dir']; $ip['descr'] = $_POST['descr']; if ($_POST['bw_up']) $ip['bw_up'] = $_POST['bw_up']; @@ -117,22 +119,11 @@ if ($_POST) { write_config(); - if (isset($config['captiveportal']['enable'])) { - $bwup = ""; - $bwdown = ""; - $ruleno = captiveportal_get_next_ipfw_ruleno(); - if (!empty($ip['bw_up'])) { - $pipeno = $ruleno + 20000; - mwexec("/sbin/ipfw pipe {$pipeno} config bw {$ip['bw_up']}Kbit/s queue 100"); - $bwup = "pipe {$pipeno}"; - } - if (!empty($ip['bw_down'])) { - $pipeno = $ruleno + 20001; - mwexec("/sbin/ipfw pipe {$pipeno} config bw {$ip['bw_down']}Kbit/s queue 100"); - $bwdown = "pipe {$pipeno}"; - } - mwexec("/sbin/ipfw table 1 add {$ip['ip']} {$bwup}"); - mwexec("/sbin/ipfw table 2 add {$ip['ip']} {$bwdown}"); + if (isset($config['captiveportal']['enable']) && is_module_loaded("ipfw.ko")) { + $rules = captiveportal_allowedip_configure_entry($ip); + file_put_contents("{$g['tmp_path']}/allowedip_tmp", $rules); + mwexec("/sbin/ipfw {$g['tmp_path']}/allowedip_tmp"); + @unlink("{$g['tmp_path']}/allowedip_tmp"); } header("Location: services_captiveportal_ip.php"); @@ -149,6 +140,22 @@ include("head.inc"); <form action="services_captiveportal_ip_edit.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> + <td width="22%" valign="top" class="vncellreq">Direction</td> + <td width="78%" class="vtable"> + <select name="dir" class="formfld"> + <?php + $dirs = explode(" ", "Both From To") ; + foreach ($dirs as $dir): ?> + <option value="<?=strtolower($dir);?>" <?php if (strtolower($dir) == strtolower($pconfig['dir'])) echo "selected";?> > + <?=htmlspecialchars($dir);?> + </option> + <?php endforeach; ?> + </select> + <br> + <span class="vexpl">Use <em>From</em> to always allow an IP address through the captive portal (without authentication). + Use <em>To</em> to allow access from all clients (even non-authenticated ones) behind the portal to this IP address.</span></td> + </tr> + <tr> <td width="22%" valign="top" class="vncellreq">IP address</td> <td width="78%" class="vtable"> <?=$mandfldhtml;?><input name="ip" type="text" class="formfld unknown" id="ip" size="17" value="<?=htmlspecialchars($pconfig['ip']);?>"> diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index dd5fdfe..7c40b85 100755 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -74,13 +74,12 @@ if ($_POST) { } } if ($found == true) { - $ip = captiveportal_get_ipfw_ruleno_byvalue($_POST['delmac']); - if ($ip) { - captiveportal_disconnect_client($ip); + $ruleno = captiveportal_get_ipfw_passthru_ruleno($_POST['delmac']); + if ($ruleno) { + mwexec("/sbin/ipfw delete {$ruleno}; /sbin/ipfw delete " . ++$ruleno); } unset($a_passthrumacs[$idx]); write_config(); - captiveportal_passthrumac_configure(true); } } exit; @@ -89,14 +88,13 @@ if ($_POST) { if ($_GET['act'] == "del") { if ($a_passthrumacs[$_GET['id']]) { - $ip = captiveportal_get_ipfw_ruleno_byvalue($a_passthrumacs[$_GET['id']]['mac']); - if ($ip) { - captiveportal_disconnect_client($ip); + $ruleno = captiveportal_get_ipfw_passthru_ruleno($a_passthrumacs[$_GET['id']]['mac']); + if ($ruleno) { + mwexec("/sbin/ipfw delete {$ruleno}; /sbin/ipfw delete " . ++$ruleno); } unset($a_passthrumacs[$_GET['id']]); write_config(); header("Location: services_captiveportal_mac.php"); - mark_subsystem_dirty('passthrumac'); exit; } } diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php index 89e2757..ac7b341 100755 --- a/usr/local/www/services_captiveportal_mac_edit.php +++ b/usr/local/www/services_captiveportal_mac_edit.php @@ -120,8 +120,6 @@ if ($_POST) { write_config(); - mark_subsystem_dirty('passthrumac'); - header("Location: services_captiveportal_mac.php"); exit; } diff --git a/usr/local/www/status_gateways.php b/usr/local/www/status_gateways.php index c84e815..fa9aa72 100755 --- a/usr/local/www/status_gateways.php +++ b/usr/local/www/status_gateways.php @@ -126,7 +126,7 @@ include("head.inc"); array_shift($lastchange); array_shift($lastchange); $lastchange = implode(" ", $lastchange); - PRINT "Last success $lastchange"; + PRINT "Last check $lastchange"; } else { print "Gathering data"; } diff --git a/usr/local/www/system.php b/usr/local/www/system.php index fc47d86..f63b9eb 100755 --- a/usr/local/www/system.php +++ b/usr/local/www/system.php @@ -67,7 +67,7 @@ if (!$pconfig['timezone']) if (!$pconfig['timeservers']) $pconfig['timeservers'] = "pool.ntp.org"; -$changedesc = "System: "; +$changedesc = gettext("System") . ": "; $changecount = 0; function is_timezone($elt) { @@ -106,25 +106,25 @@ if ($_POST) { /* input validation */ $reqdfields = split(" ", "hostname domain"); - $reqdfieldsn = split(",", "Hostname,Domain"); + $reqdfieldsn = array(gettext("Hostname"),gettext("Domain")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if ($_POST['hostname'] && !is_hostname($_POST['hostname'])) { - $input_errors[] = "The hostname may only contain the characters a-z, 0-9 and '-'."; + $input_errors[] = gettext("The hostname may only contain the characters a-z, 0-9 and '-'."); } if ($_POST['domain'] && !is_domain($_POST['domain'])) { - $input_errors[] = "The domain may only contain the characters a-z, 0-9, '-' and '.'."; + $input_errors[] = gettext("The domain may only contain the characters a-z, 0-9, '-' and '.'."); } if (($_POST['dns1'] && !is_ipaddr($_POST['dns1'])) || ($_POST['dns2'] && !is_ipaddr($_POST['dns2']))) { - $input_errors[] = "A valid IP address must be specified for the primary/secondary DNS server."; + $input_errors[] = gettext("A valid IP address must be specified for the primary/secondary DNS server."); } if (($_POST['dns3'] && !is_ipaddr($_POST['dns3'])) || ($_POST['dns4'] && !is_ipaddr($_POST['dns4']))) { - $input_errors[] = "A valid IP address must be specified for the primary/secondary DNS server."; + $input_errors[] = gettext("A valid IP address must be specified for the primary/secondary DNS server."); } if ($_POST['webguiport'] && (!is_numericint($_POST['webguiport']) || ($_POST['webguiport'] < 1) || ($_POST['webguiport'] > 65535))) { - $input_errors[] = "A valid TCP/IP port must be specified for the webConfigurator port."; + $input_errors[] = gettext("A valid TCP/IP port must be specified for the webConfigurator port."); } $direct_networks_list = explode(" ", filter_get_direct_networks_list()); @@ -135,7 +135,7 @@ if ($_POST) { if(interface_has_gateway($_POST[$dnsgwitem])) { foreach($direct_networks_list as $direct_network) { if(ip_in_subnet($_POST[$dnsitem], $direct_network)) { - $input_errors[] = "You can not assign a gateway to DNS '{$_POST[$dnsitem]}' server which is on a directly connected network."; + $input_errors[] = gettext("You can not assign a gateway to DNS '{$_POST[$dnsitem]}' server which is on a directly connected network."); } } } @@ -144,11 +144,11 @@ if ($_POST) { $t = (int)$_POST['timeupdateinterval']; if (($t < 0) || (($t > 0) && ($t < 6)) || ($t > 1440)) { - $input_errors[] = "The time update interval must be either 0 (disabled) or between 6 and 1440."; + $input_errors[] = gettext("The time update interval must be either 0 (disabled) or between 6 and 1440."); } foreach (explode(' ', $_POST['timeservers']) as $ts) { if (!is_domain($ts)) { - $input_errors[] = "A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'."; + $input_errors[] = gettext("A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'."); } } @@ -224,7 +224,7 @@ if ($_POST) { } } -$pgtitle = array("System","General Setup"); +$pgtitle = array(gettext("System"),gettext("General Setup")); include("head.inc"); ?> @@ -244,39 +244,39 @@ include("head.inc"); <div class="tabcont"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">System</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("System"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Hostname</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname"); ?></td> <td width="78%" class="vtable"> <input name="hostname" type="text" class="formfld unknown" id="hostname" size="40" value="<?=htmlspecialchars($pconfig['hostname']);?>"> <br/> <span class="vexpl"> - name of the firewall host, without domain part + <?=gettext("name of the firewall host, without domain part"); ?> <br/> - e.g. <em>firewall</em> + <?=gettext("e.g."); ?> <em>firewall</em> </span> </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Domain</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Domain"); ?></td> <td width="78%" class="vtable"> <input name="domain" type="text" class="formfld unknown" id="domain" size="40" value="<?=htmlspecialchars($pconfig['domain']);?>"> <br/> <span class="vexpl"> - Do not use "local" as a domain name. It will cause local hosts running mDNS (avahi, bonjour, etc.) to be unable to resolve local hosts not running mDNS. + <?=gettext("Do not use 'local' as a domain name. It will cause local hosts running mDNS (avahi, bonjour, etc.) to be unable to resolve local hosts not running mDNS."); ?> <br/> - e.g. <em>mycorp.com, home, office, private, etc.</em> + <?=gettext("e.g."); ?> <em><?=gettext("mycorp.com, home, office, private, etc."); ?></em> </span> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">DNS servers</td> + <td width="22%" valign="top" class="vncell"><?=gettext("DNS servers"); ?></td> <td width="78%" class="vtable"> <p> <table> <tr> - <td><b>DNS Server</b></td> + <td><b><?=gettext("DNS Server"); ?></b></td> <?php if ($multiwan): ?> - <td><b>Use gateway</b></td> + <td><b><?=gettext("Use gateway"); ?></b></td> <?php endif; ?> </tr> <?php @@ -319,33 +319,32 @@ include("head.inc"); </table> <br> <span class="vexpl"> - IP addresses; these are also used for the DHCP - service, DNS forwarder and for PPTP VPN clients. + <?=gettext("IP addresses: these are also used for the DHCP " . + "service, DNS forwarder and for PPTP VPN clients."); ?> <br/> <?php if($multiwan): ?> <br/> - In addition, select the gateway for each DNS server. - You should have a unique DNS server per gateway. + <?=gettext("In addition, select the gateway for each DNS server. " . + "You should have a unique DNS server per gateway."); ?> <br/> <?php endif; ?> <br/> <input name="dnsallowoverride" type="checkbox" id="dnsallowoverride" value="yes" <?php if ($pconfig['dnsallowoverride']) echo "checked"; ?>> <strong> - Allow DNS server list to be overridden by DHCP/PPP - on WAN + <?=gettext("Allow DNS server list to be overridden by DHCP/PPP on WAN"); ?> </strong> <br/> - If this option is set, <?=$g['product_name'];?> will - use DNS servers assigned by a DHCP/PPP server on WAN - for its own purposes (including the DNS forwarder). - However, they will not be assigned to DHCP and PPTP - VPN clients. + <?php sprintf(gettext("If this option is set, '%s' will " . + "use DNS servers assigned by a DHCP/PPP server on WAN " . + "for its own purposes (including the DNS forwarder). " . + "However, they will not be assigned to DHCP and PPTP " . + "VPN clients."), $g['product_name']); ?> </span> </p> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Time zone</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Time zone"); ?></td> <td width="78%" class="vtable"> <select name="timezone" id="timezone"> <?php foreach ($timezonelist as $value): ?> @@ -357,7 +356,7 @@ include("head.inc"); </select> <br/> <span class="vexpl"> - Select the location closest to you + <?=gettext("Select the location closest to you"); ?> </span> </td> </tr> @@ -375,14 +374,14 @@ include("head.inc"); </tr> --> <tr> - <td width="22%" valign="top" class="vncell">NTP time server</td> + <td width="22%" valign="top" class="vncell"><?=gettext("NTP time server"); ?></td> <td width="78%" class="vtable"> <input name="timeservers" type="text" class="formfld unknown" id="timeservers" size="40" value="<?=htmlspecialchars($pconfig['timeservers']);?>"> <br/> <span class="vexpl"> - Use a space to separate multiple hosts (only one - required). Remember to set up at least one DNS server - if you enter a host name here! + <?=gettext("Use a space to separate multiple hosts (only one " . + "required). Remember to set up at least one DNS server " . + "if you enter a host name here!"); ?> </span> </td> </tr> @@ -391,7 +390,7 @@ include("head.inc"); </tr> <?php if (! $g['disablethemeselection']): ?> <tr> - <td colspan="2" valign="top" class="listtopic">Theme</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Theme"); ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"> </td> @@ -415,7 +414,7 @@ include("head.inc"); <?php endforeach; ?> </select> <strong> - This will change the look and feel of + <?=gettext("This will change the look and feel of"); ?> <?=$g['product_name'];?>. </strong> </td> @@ -427,7 +426,7 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> </td> </tr> </table> diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index 954b625..2dd53cb 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -76,11 +76,11 @@ if ($_POST) { /* input validation */ if ($_POST['webguiport']) if(!is_port($_POST['webguiport'])) - $input_errors[] = "You must specify a valid webConfigurator port number"; + $input_errors[] = gettext("You must specify a valid webConfigurator port number"); if ($_POST['sshport']) if(!is_port($_POST['sshport'])) - $input_errors[] = "You must specify a valid port number"; + $input_errors[] = gettext("You must specify a valid port number"); if($_POST['sshdkeyonly'] == "yes") $config['system']['ssh']['sshdkeyonly'] = "enabled"; @@ -157,7 +157,7 @@ if ($_POST) { $savemsg = get_std_save_message($retval); if ($restart_webgui) - $savemsg .= "<br />One moment...redirecting to {$url} in 20 seconds."; + $savemsg .= sprintf("<br />" . gettext("One moment...redirecting to %s in 20 seconds."),$url); conf_mount_rw(); setup_serial_port(); @@ -165,7 +165,7 @@ if ($_POST) { } } -$pgtitle = array("System","Advanced: Admin Access"); +$pgtitle = array(gettext("System"),gettext("Advanced: Admin Access")); include("head.inc"); ?> @@ -197,12 +197,12 @@ function prot_change() { <td> <?php $tab_array = array(); - $tab_array[] = array("Admin Access", true, "system_advanced_admin.php"); - $tab_array[] = array("Firewall / NAT", false, "system_advanced_firewall.php"); - $tab_array[] = array("Networking", false, "system_advanced_network.php"); - $tab_array[] = array("Miscellaneous", false, "system_advanced_misc.php"); - $tab_array[] = array("System Tunables", false, "system_advanced_sysctl.php"); - $tab_array[] = array("Notifications", false, "system_advanced_notifications.php"); + $tab_array[] = array(gettext("Admin Access"), true, "system_advanced_admin.php"); + $tab_array[] = array(gettext("Firewall / NAT"), false, "system_advanced_firewall.php"); + $tab_array[] = array(gettext("Networking"), false, "system_advanced_network.php"); + $tab_array[] = array(gettext("Miscellaneous"), false, "system_advanced_misc.php"); + $tab_array[] = array(gettext("System Tunables"), false, "system_advanced_sysctl.php"); + $tab_array[] = array(gettext("Notifications"), false, "system_advanced_notifications.php"); display_top_tabs($tab_array); ?> </td> @@ -212,18 +212,18 @@ function prot_change() { <div class="tabcont"> <span class="vexpl"> <span class="red"> - <strong>NOTE: </strong> + <strong><?=gettext("NOTE"); ?>: </strong> </span> - The options on this page are intended for use by advanced users only. + <?=gettext("The options on this page are intended for use by advanced users only."); ?> <br/> </span> <br/> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">webConfigurator</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("webConfigurator"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Protocol</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Protocol"); ?></td> <td width="78%" class="vtable"> <?php if ($pconfig['webguiproto'] == "http") @@ -240,14 +240,14 @@ function prot_change() { HTTPS <?php if (!$certs_available): ?> <br/> - No Certificates have been defined. You must - <a href="system_certmanager.php">Create or Import</a> - a Certificate before SSL can be enabled. + <?=gettext("No Certificates have been defined. You must"); ?> + <a href="system_certmanager.php"><?=gettext("Create or Import"); ?></a> + <?=gettext("a Certificate before SSL can be enabled."); ?> <?php endif; ?> </td> </tr> <tr id="ssl_opts"> - <td width="22%" valign="top" class="vncell">SSL Certificate</td> + <td width="22%" valign="top" class="vncell"><?=gettext("SSL Certificate"); ?></td> <td width="78%" class="vtable"> <select name="ssl-certref" id="ssl-certref" class="formselect"> <?php @@ -262,19 +262,19 @@ function prot_change() { </td> </tr> <tr> - <td valign="top" class="vncell">TCP port</td> + <td valign="top" class="vncell"><?=gettext("TCP port"); ?></td> <td class="vtable"> <input name="webguiport" type="text" class="formfld unknown" id="webguiport" "size="5" value="<?=htmlspecialchars($config['system']['webgui']['port']);?>"> <br> <span class="vexpl"> - Enter a custom port number for the webConfigurator - above if you want to override the default (80 for HTTP, 443 - for HTTPS). Changes will take effect immediately after save. + <?=gettext("Enter a custom port number for the webConfigurator " . + "above if you want to override the default (80 for HTTP, 443 " . + "for HTTPS). Changes will take effect immediately after save."); ?> </span> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Anti-lockout</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Anti-lockout"); ?></td> <td width="78%" class="vtable"> <?php if($config['interfaces']['lan']) @@ -283,47 +283,47 @@ function prot_change() { $lockout_interface = "WAN"; ?> <input name="noantilockout" type="checkbox" id="noantilockout" value="yes" <?php if ($pconfig['noantilockout']) echo "checked"; ?> /> - <strong>Disable webConfigurator anti-lockout rule</strong> + <strong><?=gettext("Disable webConfigurator anti-lockout rule"); ?></strong> <br/> - When this is unchecked, access to the webConfigurator on the <?=$lockout_interface;?> - interface is always permitted, regardless of the user-defined firewall - rule set. Check this box to disable this automatically added rule, so access - to the webConfigurator is controlled by the user-defined firewall rules - (ensure you have a firewall rule in place that allows you in, or you will - lock yourself out!). <em> Hint: the "Set interface(s) IP address" - option in the console menu resets this setting as well. </em> + <?php sprintf(gettext("When this is unchecked, access to the webConfigurator " . + "on the %s interface is always permitted, regardless of the user-defined firewall " . + "rule set. Check this box to disable this automatically added rule, so access " . + "to the webConfigurator is controlled by the user-defined firewall rules " . + "(ensure you have a firewall rule in place that allows you in, or you will " . + "lock yourself out!)"), $lockout_interface); ?> + <em> <?=gettext("Hint: the "Set interface(s) IP address" option in the console menu resets this setting as well."); ?> </em> </td> </tr> <tr> <td colspan="2" class="list" height="12"> </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Secure Shell</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Secure Shell"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Secure Shell Server</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Secure Shell Server"); ?></td> <td width="78%" class="vtable"> <input name="enablesshd" type="checkbox" id="enablesshd" value="yes" <?php if (isset($pconfig['enablesshd'])) echo "checked"; ?> /> - <strong>Enable Secure Shell</strong> + <strong><?=gettext("Enable Secure Shell"); ?></strong> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Authentication Method</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Authentication Method"); ?></td> <td width="78%" class="vtable"> <input name="sshdkeyonly" type="checkbox" id="sshdkeyonly" value="yes" <?php if ($pconfig['sshdkeyonly']) echo "checked"; ?> /> - <strong>Disable Password login for Secure Shell (rsa key only)</strong> + <strong><?=gettext("Disable Password login for Secure Shell (rsa key only)"); ?></strong> <br/> - When enabled, authorized keys need to be configured for each - <a href="system_usermanager.php">user</a> - that has been granted secure shell access. + <?=gettext("When enabled, authorized keys need to be configured for each"); ?> + <a href="system_usermanager.php"><?=gettext("user"); ?></a> + <?=gettext("that has been granted secure shell access."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">SSH port</td> + <td width="22%" valign="top" class="vncell"><?=gettext("SSH port"); ?></td> <td width="78%" class="vtable"> <input name="sshport" type="text" id="sshport" value="<?php echo $pconfig['sshport']; ?>" /> <br/> - <span class="vexpl">Note: Leave this blank for the default of 22</span> + <span class="vexpl"><?=gettext("Note: Leave this blank for the default of 22"); ?></span> </td> </tr> <tr> @@ -331,15 +331,15 @@ function prot_change() { </tr> <?php if($g['platform'] == "pfSense" || $g['platform'] == "cdrom"): ?> <tr> - <td colspan="2" valign="top" class="listtopic">Serial Communcations</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Serial Communcations"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Serial Terminal</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Serial Terminal"); ?></td> <td width="78%" class="vtable"> <input name="enableserial" type="checkbox" id="enableserial" value="yes" <?php if (isset($pconfig['enableserial'])) echo "checked"; ?> /> - <strong>This will enable the first serial port with 9600/8/N/1</strong> + <strong><?=gettext("This will enable the first serial port with 9600/8/N/1"); ?></strong> <br> - <span class="vexpl">Note: This will disable the internal video card/keyboard</span> + <span class="vexpl"><?=gettext("Note: This will disable the internal video card/keyboard"); ?></span> </td> </tr> <tr> @@ -347,15 +347,15 @@ function prot_change() { </tr> <?php endif; ?> <tr> - <td colspan="2" valign="top" class="listtopic">Console Options</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Console Options"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Console menu</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Console menu"); ?></td> <td width="78%" class="vtable"> <input name="disableconsolemenu" type="checkbox" id="disableconsolemenu" value="yes" <?php if ($pconfig['disableconsolemenu']) echo "checked"; ?> /> - <strong>Password protect the console menu</strong> + <strong><?=gettext("Password protect the console menu"); ?></strong> <br/> - <span class="vexpl">Changes to this option will take effect after a reboot.</span> + <span class="vexpl"><?=gettext("Changes to this option will take effect after a reboot."); ?></span> </td> </tr> <tr> @@ -363,7 +363,7 @@ function prot_change() { </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"><input name="Submit" type="submit" class="formbtn" value="Save" /></td> + <td width="78%"><input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /></td> </tr> <tr> <td colspan="2" class="list" height="12"> </td> @@ -392,17 +392,17 @@ function prot_change() { if ($restart_sshd) { mwexec("/usr/bin/killall sshd"); - log_error("secure shell configuration has changed. Stopping sshd."); + log_error(gettext("secure shell configuration has changed. Stopping sshd.")); if ($config['system']['enablesshd']) { - log_error("secure shell configuration has changed. Restarting sshd."); + log_error(gettext("secure shell configuration has changed. Restarting sshd.")); touch("{$g['tmp_path']}/start_sshd"); } } if ($restart_webgui) { ob_flush(); flush(); - log_error("webConfigurator configuration has changed. Restarting webConfigurator."); + log_error(gettext("webConfigurator configuration has changed. Restarting webConfigurator.")); touch("{$g['tmp_path']}/restart_webgui"); } diff --git a/usr/local/www/system_advanced_firewall.php b/usr/local/www/system_advanced_firewall.php index e3d2e1e..742cc5d 100644 --- a/usr/local/www/system_advanced_firewall.php +++ b/usr/local/www/system_advanced_firewall.php @@ -56,6 +56,10 @@ $pconfig['tcpidletimeout'] = $config['filter']['tcpidletimeout']; $pconfig['optimization'] = $config['filter']['optimization']; $pconfig['maximumstates'] = $config['system']['maximumstates']; $pconfig['disablenatreflection'] = $config['system']['disablenatreflection']; +if (!isset($config['system']['enablebinatreflection'])) + $pconfig['disablebinatreflection'] = "yes"; +else + $pconfig['disablebinatreflection'] = ""; $pconfig['reflectiontimeout'] = $config['system']['reflectiontimeout']; $pconfig['bypassstaticroutes'] = isset($config['filter']['bypassstaticroutes']); $pconfig['disablescrub'] = isset($config['system']['disablescrub']); @@ -68,13 +72,13 @@ if ($_POST) { /* input validation */ if ($_POST['maximumstates'] && !is_numericint($_POST['maximumstates'])) { - $input_errors[] = "The Firewall Maximum States value must be an integer."; + $input_errors[] = gettext("The Firewall Maximum States value must be an integer."); } if ($_POST['tcpidletimeout'] && !is_numericint($_POST['tcpidletimeout'])) { - $input_errors[] = "The TCP idle timeout must be an integer."; + $input_errors[] = gettext("The TCP idle timeout must be an integer."); } if ($_POST['reflectiontimeout'] && !is_numericint($_POST['reflectiontimeout'])) { - $input_errors[] = "The Reflection timeout must be an integer."; + $input_errors[] = gettext("The Reflection timeout must be an integer."); } ob_flush(); @@ -109,7 +113,12 @@ if ($_POST) { $config['system']['disablenatreflection'] = $_POST['disablenatreflection']; else unset($config['system']['disablenatreflection']); - + + if($_POST['disablebinatreflection'] == "yes") + unset($config['system']['enablebinatreflection']); + else + $config['system']['enablebinatreflection'] = "yes"; + $config['system']['reflectiontimeout'] = $_POST['reflectiontimeout']; if($_POST['bypassstaticroutes'] == "yes") @@ -145,7 +154,7 @@ if ($_POST) { } } -$pgtitle = array("System","Advanced: Firewall and NAT"); +$pgtitle = array(gettext("System"),gettext("Advanced: Firewall and NAT")); include("head.inc"); ?> @@ -157,10 +166,10 @@ include("head.inc"); <!-- var descs=new Array(5); -descs[0]="as the name says, it's the normal optimization algorithm"; -descs[1]="used for high latency links, such as satellite links. Expires idle connections later than default"; -descs[2]="expires idle connections quicker. More efficient use of CPU and memory but can drop legitimate connections"; -descs[3]="tries to avoid dropping any legitimate connections at the expense of increased memory usage and CPU utilization."; +descs[0]="<?=gettext("as the name says, it's the normal optimization algorithm");?>"; +descs[1]="<?=gettext("used for high latency links, such as satellite links. Expires idle connections later than default");?>"; +descs[2]="<?=gettext("expires idle connections quicker. More efficient use of CPU and memory but can drop legitimate connections");?>"; +descs[3]="<?=gettext("tries to avoid dropping any legitimate connections at the expense of increased memory usage and CPU utilization.");?>"; function update_description(itemnum) { document.forms[0].info.value=descs[itemnum]; @@ -182,12 +191,12 @@ function update_description(itemnum) { <td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array("Admin Access", false, "system_advanced_admin.php"); - $tab_array[] = array("Firewall / NAT", true, "system_advanced_firewall.php"); - $tab_array[] = array("Networking", false, "system_advanced_network.php"); - $tab_array[] = array("Miscellaneous", false, "system_advanced_misc.php"); - $tab_array[] = array("System Tunables", false, "system_advanced_sysctl.php"); - $tab_array[] = array("Notifications", false, "system_advanced_notifications.php"); + $tab_array[] = array(gettext("Admin Access"), false, "system_advanced_admin.php"); + $tab_array[] = array(gettext("Firewall / NAT"), true, "system_advanced_firewall.php"); + $tab_array[] = array(gettext("Networking"), false, "system_advanced_network.php"); + $tab_array[] = array(gettext("Miscellaneous"), false, "system_advanced_misc.php"); + $tab_array[] = array(gettext("System Tunables"), false, "system_advanced_sysctl.php"); + $tab_array[] = array(gettext("Notifications"), false, "system_advanced_notifications.php"); display_top_tabs($tab_array); ?> </ul> @@ -198,46 +207,46 @@ function update_description(itemnum) { <div class="tabcont"> <span class="vexpl"> <span class="red"> - <strong>NOTE: </strong> + <strong><?=gettext("NOTE");?>: </strong> </span> - The options on this page are intended for use by advanced users only. + <?=gettext("The options on this page are intended for use by advanced users only.");?> <br/> </span> <br/> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">Firewall Advanced</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Firewall Advanced");?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">IP Do-Not-Fragment compatibility</td> + <td width="22%" valign="top" class="vncell"><?=gettext("IP Do-Not-Fragment compatibility");?></td> <td width="78%" class="vtable"> <input name="scrubnodf" type="checkbox" id="scrubnodf" value="yes" <?php if (isset($config['system']['scrubnodf'])) echo "checked"; ?> /> - <strong>Clear invalid DF bits instead of dropping the packets</strong><br/> - This allows for communications with hosts that generate fragmented - packets with the don't fragment (DF) bit set. Linux NFS is known to - do this. This will cause the filter to not drop such packets but - instead clear the don't fragment bit. + <strong><?=gettext("Clear invalid DF bits instead of dropping the packets");?></strong><br/> + <?=gettext("This allows for communications with hosts that generate fragmented " . + "packets with the don't fragment (DF) bit set. Linux NFS is known to " . + "do this. This will cause the filter to not drop such packets but " . + "instead clear the don't fragment bit.");?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">IP Random id generation</td> + <td width="22%" valign="top" class="vncell"><?=gettext("IP Random id generation");?></td> <td width="78%" class="vtable"> <input name="scrubrnid" type="checkbox" id="scrubnodf" value="yes" <?php if (isset($config['system']['scrubrnid'])) echo "checked"; ?> /> - <strong>Insert a stronger id into IP header of packets passing through the filter.</strong><br/> - Replaces the IP identification field of packets with random values to - compensate for operating systems that use predicatable values. - This option only applies to packets that are not fragmented after the - optional packet reassembly. + <strong><?=gettext("Insert a stronger id into IP header of packets passing through the filter.");?></strong><br/> + <?=gettext("Replaces the IP identification field of packets with random values to " . + "compensate for operating systems that use predicatable values. " . + "This option only applies to packets that are not fragmented after the " . + "optional packet reassembly.");?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Firewall Optimization Options</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Firewall Optimization Options");?></td> <td width="78%" class="vtable"> <select onChange="update_description(this.selectedIndex);" name="optimization" id="optimization"> - <option value="normal"<?php if($config['system']['optimization']=="normal") echo " selected"; ?>>normal</option> - <option value="high-latency"<?php if($config['system']['optimization']=="high-latency") echo " selected"; ?>>high-latency</option> - <option value="aggressive"<?php if($config['system']['optimization']=="aggressive") echo " selected"; ?>>aggressive</option> - <option value="conservative"<?php if($config['system']['optimization']=="conservative") echo " selected"; ?>>conservative</option> + <option value="normal"<?php if($config['system']['optimization']=="normal") echo " selected"; ?>><?=gettext("normal");?></option> + <option value="high-latency"<?php if($config['system']['optimization']=="high-latency") echo " selected"; ?>><?=gettext("high-latency");?></option> + <option value="aggressive"<?php if($config['system']['optimization']=="aggressive") echo " selected"; ?>><?=gettext("aggressive");?></option> + <option value="conservative"<?php if($config['system']['optimization']=="conservative") echo " selected"; ?>><?=gettext("conservative");?></option> </select> <br/> <textarea readonly="yes" cols="60" rows="1" id="info" name="info"style="padding:5px; border:1px dashed #990000; background-color: #ffffff; color: #000000; font-size: 8pt;"></textarea> @@ -245,48 +254,48 @@ function update_description(itemnum) { update_description(document.forms[0].optimization.selectedIndex); </script> <br/> - Select the type of state table optimization to use + <?=gettext("Select the type of state table optimization to use");?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Disable Firewall</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable Firewall");?></td> <td width="78%" class="vtable"> <input name="disablefilter" type="checkbox" id="disablefilter" value="yes" <?php if (isset($config['system']['disablefilter'])) echo "checked"; ?> /> - <strong>Disable all packet filtering.</strong> + <strong><?=gettext("Disable all packet filtering.");?></strong> <br/> - <span class="vexpl">Note: This converts <?= $g['product_name'] ?> into a routing only platform!<br> - Note: This will turn off NAT! + <span class="vexpl"><?php printf(gettext("Note: This converts %s into a routing only platform!"), $g['product_name']);?><br> + <?=gettext("Note: This will turn off NAT!");?> </span> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Disable Firewall Scrub</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable Firewall Scrub");?></td> <td width="78%" class="vtable"> <input name="disablescrub" type="checkbox" id="disablescrub" value="yes" <?php if (isset($config['system']['disablescrub'])) echo "checked"; ?> /> - <strong>Disables the PF scrubbing option which can sometimes interfere with NFS and PPTP traffic.</strong> + <strong><?=gettext("Disables the PF scrubbing option which can sometimes interfere with NFS and PPTP traffic.");?></strong> <br/> - Click <a href='http://www.openbsd.org/faq/pf/scrub.html' target='_new'>here</a> for more information. + <?=gettext("Click")?> <a href='http://www.openbsd.org/faq/pf/scrub.html' target='_new'><?=gettext("here");?></a> <?=gettext("for more information.");?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Firewall Maximum States</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Firewall Maximum States");?></td> <td width="78%" class="vtable"> <input name="maximumstates" type="text" id="maximumstates" value="<?php echo $pconfig['maximumstates']; ?>" /> <br/> - <strong>Maximum number of connections to hold in the firewall state table.</strong> + <strong><?=gettext("Maximum number of connections to hold in the firewall state table.");?></strong> <br/> - <span class="vexpl">Note: Leave this blank for the default. On your system the default size is: <?= pfsense_default_state_size() ?></span> + <span class="vexpl"><?=gettext("Note: Leave this blank for the default. On your system the default size is");?>: <?= pfsense_default_state_size() ?></span> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Static route filtering</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Static route filtering");?></td> <td width="78%" class="vtable"> <input name="bypassstaticroutes" type="checkbox" id="bypassstaticroutes" value="yes" <?php if ($pconfig['bypassstaticroutes']) echo "checked"; ?> /> - <strong>Bypass firewall rules for traffic on the same interface</strong> + <strong><?=gettext("Bypass firewall rules for traffic on the same interface");?></strong> <br/> - This option only applies if you have defined one or more static routes. If it is enabled, traffic that enters and - leaves through the same interface will not be checked by the firewall. This may be desirable in some situations where - multiple subnets are connected to the same interface. + <?=gettext("This option only applies if you have defined one or more static routes. If it is enabled, traffic that enters and " . + "leaves through the same interface will not be checked by the firewall. This may be desirable in some situations where " . + "multiple subnets are connected to the same interface.");?> <br/> </td> </tr> @@ -295,34 +304,41 @@ function update_description(itemnum) { </tr> <?php if(count($config['interfaces']) > 1): ?> <tr> - <td colspan="2" valign="top" class="listtopic">Network Address Translation</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Network Address Translation");?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Disable NAT Reflection</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable NAT Reflection for port forwards");?></td> <td width="78%" class="vtable"> <input name="disablenatreflection" type="checkbox" id="disablenatreflection" value="yes" <?php if (isset($config['system']['disablenatreflection'])) echo "checked"; ?> /> - <strong>Disables the automatic creation of NAT redirect rules for access to your public IP addresses from within your internal networks. Note: Reflection is only enabled for port forward entries and is skipped for ranges larger than 500 ports.</strong> + <strong><?=gettext("Disables the automatic creation of additional NAT redirect rules for access to port forwards on your external IP addresses from within your internal networks. Note: Reflection for port forward entries is skipped for ranges larger than 500 ports.");?></strong> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Reflection Timeout</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Reflection Timeout");?></td> <td width="78%" class="vtable"> <input name="reflectiontimeout" id="reflectiontimeout" value="<?php echo $config['system']['reflectiontimeout']; ?>" /><br/> - <strong>Enter value for Reflection timeout in seconds.</strong> + <strong><?=gettext("Enter value for Reflection timeout in seconds. Note: Only applies to Reflection on port forwards.");?></strong> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable NAT Reflection for 1:1 NAT");?></td> + <td width="78%" class="vtable"> + <input name="disablebinatreflection" type="checkbox" id="disablebinatreflection" value="yes" <?php if (!isset($config['system']['enablebinatreflection'])) echo "checked"; ?> /> + <strong><?=gettext("Disables the automatic creation of additional NAT 1:1 mappings for access to 1:1 mappings of your external IP addresses from within your internal networks. Note: Reflection for 1:1 NAT might not fully work in certain complex routing scenarios.");?></strong> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">TFTP Proxy</td> + <td width="22%" valign="top" class="vncell"><?=gettext("TFTP Proxy");?></td> <td width="78%" class="vtable"> <select name="tftpinterface[]" multiple="true" class="formselect" size="3"> <?php - $ifdescs = get_configured_interface_with_descr(); - foreach ($ifdescs as $ifent => $ifdesc): + $ifdescs = get_configured_interface_with_descr(); + foreach ($ifdescs as $ifent => $ifdesc): ?> - <option value="<?=$ifent;?>" <?php if (stristr($pconfig['tftpinterface'], $ifent)) echo "selected"; ?>><?=gettext($ifdesc);?></option> -<?php endforeach; ?> - </select> - <strong>Choose the interfaces where you want TFTP proxy helper to be enabled.</strong> + <option value="<?=$ifent;?>" <?php if (stristr($pconfig['tftpinterface'], $ifent)) echo "selected"; ?>><?=gettext($ifdesc);?></option> +<?php endforeach; ?> + </select> + <strong><?=gettext("Choose the interfaces where you want TFTP proxy helper to be enabled.");?></strong> </td> </tr> <tr> @@ -331,7 +347,7 @@ function update_description(itemnum) { <?php endif; ?> <tr> <td width="22%" valign="top"> </td> - <td width="78%"><input name="Submit" type="submit" class="formbtn" value="Save" /></td> + <td width="78%"><input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /></td> </tr> </table> </td> diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php index 6bd5d3a..41f0979 100644 --- a/usr/local/www/system_advanced_misc.php +++ b/usr/local/www/system_advanced_misc.php @@ -101,16 +101,16 @@ if ($_POST) { $retval = 0; $retval = filter_configure(); if(stristr($retval, "error") <> true) - $savemsg = get_std_save_message($retval); + $savemsg = get_std_save_message(gettext($retval)); else - $savemsg = $retval; + $savemsg = gettext($retval); activate_powerd(); load_glxsb(); } } -$pgtitle = array("System","Advanced: Miscellaneous"); +$pgtitle = array(gettext("System"),gettext("Advanced: Miscellaneous")); include("head.inc"); ?> @@ -129,12 +129,12 @@ include("head.inc"); <td> <?php $tab_array = array(); - $tab_array[] = array("Admin Access", false, "system_advanced_admin.php"); - $tab_array[] = array("Firewall / NAT", false, "system_advanced_firewall.php"); - $tab_array[] = array("Networking", false, "system_advanced_network.php"); - $tab_array[] = array("Miscellaneous", true, "system_advanced_misc.php"); - $tab_array[] = array("System Tunables", false, "system_advanced_sysctl.php"); - $tab_array[] = array("Notifications", false, "system_advanced_notifications.php"); + $tab_array[] = array(gettext("Admin Access"), false, "system_advanced_admin.php"); + $tab_array[] = array(gettext("Firewall / NAT"), false, "system_advanced_firewall.php"); + $tab_array[] = array(gettext("Networking"), false, "system_advanced_network.php"); + $tab_array[] = array(gettext("Miscellaneous"), true, "system_advanced_misc.php"); + $tab_array[] = array(gettext("System Tunables"), false, "system_advanced_sysctl.php"); + $tab_array[] = array(gettext("Notifications"), false, "system_advanced_notifications.php"); display_top_tabs($tab_array); ?> </td> @@ -144,107 +144,107 @@ include("head.inc"); <div class="tabcont"> <span class="vexpl"> <span class="red"> - <strong>NOTE: </strong> + <strong><?=gettext("NOTE"); ?>: </strong> </span> - The options on this page are intended for use by advanced users only. + <?=gettext("The options on this page are intended for use by advanced users only."); ?> <br/> </span> <br/> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">Load Balancing</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Load Balancing"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Load Balancing</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Load Balancing"); ?></td> <td width="78%" class="vtable"> <input name="lb_use_sticky" type="checkbox" id="lb_use_sticky" value="yes" <?php if ($pconfig['lb_use_sticky']) echo "checked=\"checked\""; ?> /> - <strong>Use sticky connections</strong><br/> - Successive connections will be redirected to the servers - in a round-robin manner with connections from the same - source being sent to the same web server. This "sticky - connection" will exist as long as there are states that - refer to this connection. Once the states expire, so will - the sticky connection. Further connections from that host - will be redirected to the next web server in the round - robin. + <strong><?=gettext("Use sticky connections"); ?></strong><br/> + <?=gettext("Successive connections will be redirected to the servers " . + "in a round-robin manner with connections from the same " . + "source being sent to the same web server. This 'sticky " . + "connection' will exist as long as there are states that " . + "refer to this connection. Once the states expire, so will " . + "the sticky connection. Further connections from that host " . + "will be redirected to the next web server in the round " . + "robin."); ?> </td> </tr> <tr> <td colspan="2" class="list" height="12"> </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Power savings</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Power savings"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">PowerD</td> + <td width="22%" valign="top" class="vncell"><?=gettext("PowerD"); ?></td> <td width="78%" class="vtable"> <input name="powerd_enable" type="checkbox" id="powerd_enable" value="yes" <?php if ($pconfig['powerd_enable']) echo "checked"; ?> /> - <strong>Use PowerD</strong><br/> + <strong><?=gettext("Use PowerD"); ?></strong><br/> <br /> - The powerd utility monitors the system state and sets various power control - options accordingly. It offers three modes (maximum, minimum, and - adaptive) that can be individually selected while on AC power or batteries. - The modes maximum, minimum, and adaptive may be abbreviated max, - min, adp. Maximum mode chooses the highest performance values. Minimum - mode selects the lowest performance values to get the most power savings. - Adaptive mode attempts to strike a balance by degrading performance when - the system appears idle and increasing it when the system is busy. It - offers a good balance between a small performance loss for greatly - increased power savings. The default mode for pfSense is adaptive. + <?=gettext("The powerd utility monitors the system state and sets various power control " . + "options accordingly. It offers three modes (maximum, minimum, and " . + "adaptive) that can be individually selected while on AC power or batteries. " . + "The modes maximum, minimum, and adaptive may be abbreviated max, " . + "min, adp. Maximum mode chooses the highest performance values. Minimum " . + "mode selects the lowest performance values to get the most power savings. " . + "Adaptive mode attempts to strike a balance by degrading performance when " . + "the system appears idle and increasing it when the system is busy. It " . + "offers a good balance between a small performance loss for greatly " . + "increased power savings. The default mode for pfSense is adaptive."); ?> </td> </tr> <tr> <td colspan="2" class="list" height="12"> </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">glxsb Crypto Acceleration</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("glxsb Crypto Acceleration"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">glxsb</td> + <td width="22%" valign="top" class="vncell"><?=gettext("glxsb"); ?></td> <td width="78%" class="vtable"> <input name="glxsb_enable" type="checkbox" id="glxsb_enable" value="yes" <?php if ($pconfig['glxsb_enable']) echo "checked"; ?> /> - <strong>Use glxsb</strong><br/> + <strong><?=gettext("Use glxsb"); ?></strong><br/> <br /> - The AMD Geode LX Security Block will accelerate some cryptographic functions - on systems which have the chip. Do not enable this option if you have a - Hifn cryptographic acceleration card, as this will take precedence and the - Hifn card will not be used. Acceleration should be automatic for IPsec - when using Rijndael (AES). OpenVPN should be set for AES-128-CBC. + <?=gettext("The AMD Geode LX Security Block will accelerate some cryptographic functions " . + "on systems which have the chip. Do not enable this option if you have a " . + "Hifn cryptographic acceleration card, as this will take precedence and the " . + "Hifn card will not be used. Acceleration should be automatic for IPsec " . + "when using Rijndael (AES). OpenVPN should be set for AES-128-CBC."); ?> <br/><br/> - If you do not have a glxsb chip in your system, this option will have no - effect. To unload the module, uncheck this option and then reboot. + <?=gettext("If you do not have a glxsb chip in your system, this option will have no " . + "effect. To unload the module, uncheck this option and then reboot."); ?> </td> </tr> <tr> <td colspan="2" class="list" height="12"> </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">IP Security</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("IP Security"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Security Assocications</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Security Assocications"); ?></td> <td width="78%" class="vtable"> <input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked"; ?> /> - <strong>Prefer older IPsec SAs</strong> + <strong><?=gettext("Prefer older IPsec SAs"); ?></strong> <br /> - By default, if several SAs match, the newest one is - preferred if it's at least 30 seconds old. Select this - option to always prefer old SAs over new ones. + <?=gettext("By default, if several SAs match, the newest one is " . + "preferred if it's at least 30 seconds old. Select this " . + "option to always prefer old SAs over new ones."); ?> </td> </tr> <tr> <td colspan="2" class="list" height="12"> </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Schedules</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Schedules"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Schedule States</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Schedule States"); ?></td> <td width="78%" class="vtable"> <input name="schedule_states" type="checkbox" id="schedule_states" value="yes" <?php if ($pconfig['schedule_states']) echo "checked"; ?> /> <br /> - By default schedules clear the states of existing connections when expiry time has come. - This option allows to override this setting by not clearing states for existing connections. + <?=gettext("By default schedules clear the states of existing connections when expiry time has come. ". + "This option allows to override this setting by not clearing states for existing connections."); ?> </td> </tr> <tr> @@ -252,27 +252,27 @@ include("head.inc"); </tr> <?php if($g['platform'] == "pfSenseDISABLED"): ?> <tr> - <td colspan="2" valign="top" class="listtopic">Hardware Settings</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Hardware Settings"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Hard disk standby time </td> + <td width="22%" valign="top" class="vncell"><?=gettext("Hard disk standby time "); ?></td> <td width="78%" class="vtable"> <select name="harddiskstandby" class="formselect"> <?php ## Values from ATA-2 http://www.t13.org/project/d0948r3-ATA-2.pdf (Page 66) $sbvals = explode(" ", "0.5,6 1,12 2,24 3,36 4,48 5,60 7.5,90 10,120 15,180 20,240 30,241 60,242"); ?> - <option value="" <?php if(!$pconfig['harddiskstandby']) echo('selected');?>>Always on</option> + <option value="" <?php if(!$pconfig['harddiskstandby']) echo('selected');?>><?=gettext("Always on"); ?></option> <?php foreach ($sbvals as $sbval): list($min,$val) = explode(",", $sbval); ?> - <option value="<?=$val;?>" <?php if($pconfig['harddiskstandby'] == $val) echo('selected');?>><?=$min;?> minutes</option> + <option value="<?=$val;?>" <?php if($pconfig['harddiskstandby'] == $val) echo('selected');?>><?=$min;?> <?=gettext("minutes"); ?></option> <?php endforeach; ?> </select> <br/> - Puts the hard disk into standby mode when the selected amount of time after the last - access has elapsed. <em>Do not set this for CF cards.</em> + <?=gettext("Puts the hard disk into standby mode when the selected amount of time after the last ". + "access has elapsed."); ?> <em><?=gettext("Do not set this for CF cards."); ?></em> </td> </tr> <tr> @@ -283,7 +283,7 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" /> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> </td> </tr> </table> diff --git a/usr/local/www/system_advanced_network.php b/usr/local/www/system_advanced_network.php index b6ba121..d744a47 100644 --- a/usr/local/www/system_advanced_network.php +++ b/usr/local/www/system_advanced_network.php @@ -63,7 +63,7 @@ if ($_POST) { $pconfig = $_POST; if ($_POST['ipv6nat_enable'] && !is_ipaddr($_POST['ipv6nat_ipaddr'])) - $input_errors[] = "You must specify an IP address to NAT IPv6 packets."; + $input_errors[] = gettext("You must specify an IP address to NAT IPv6 packets."); ob_flush(); flush(); @@ -125,13 +125,13 @@ if ($_POST) { $retval = filter_configure(); if(stristr($retval, "error") <> true) - $savemsg = get_std_save_message($retval); + $savemsg = get_std_save_message(gettext($retval)); else - $savemsg = $retval; + $savemsg = gettext($retval); } } -$pgtitle = array("System","Advanced: Networking"); +$pgtitle = array(gettext("System"),gettext("Advanced: Networking")); include("head.inc"); ?> @@ -165,12 +165,12 @@ function enable_change(enable_over) { <td> <?php $tab_array = array(); - $tab_array[] = array("Admin Access", false, "system_advanced_admin.php"); - $tab_array[] = array("Firewall / NAT", false, "system_advanced_firewall.php"); - $tab_array[] = array("Networking", true, "system_advanced_network.php"); - $tab_array[] = array("Miscellaneous", false, "system_advanced_misc.php"); - $tab_array[] = array("System Tunables", false, "system_advanced_sysctl.php"); - $tab_array[] = array("Notifications", false, "system_advanced_notifications.php"); + $tab_array[] = array(gettext("Admin Access"), false, "system_advanced_admin.php"); + $tab_array[] = array(gettext("Firewall / NAT"), false, "system_advanced_firewall.php"); + $tab_array[] = array(gettext("Networking"), true, "system_advanced_network.php"); + $tab_array[] = array(gettext("Miscellaneous"), false, "system_advanced_misc.php"); + $tab_array[] = array(gettext("System Tunables"), false, "system_advanced_sysctl.php"); + $tab_array[] = array(gettext("Notifications"), false, "system_advanced_notifications.php"); display_top_tabs($tab_array); ?> </td> @@ -180,36 +180,36 @@ function enable_change(enable_over) { <div class="tabcont"> <span class="vexpl"> <span class="red"> - <strong>NOTE: </strong> + <strong><?=gettext("NOTE"); ?>: </strong> </span> - The options on this page are intended for use by advanced users only. + <?=gettext("The options on this page are intended for use by advanced users only."); ?> <br/> </span> <br/> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">IPv6 Options</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("IPv6 Options"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Allow IPv6</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Allow IPv6"); ?></td> <td width="78%" class="vtable"> <input name="ipv6allow" type="checkbox" id="ipv6allow" value="yes" <?php if ($pconfig['ipv6allow']) echo "checked"; ?> onclick="enable_change(false)" /> - <strong>Allow IPv6</strong><br/> - All IPv6 will be blocked unless this box is checked.<br/> + <strong><?=gettext("Allow IPv6"); ?></strong><br/> + <?=gettext("All IPv6 will be blocked unless this box is checked."); ?><br/> <br/> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">IPv6 over IPv4 Tunneling</td> + <td width="22%" valign="top" class="vncell"><?=gettext("IPv6 over IPv4 Tunneling"); ?></td> <td width="78%" class="vtable"> <input name="ipv6nat_enable" type="checkbox" id="ipv6nat_enable" value="yes" <?php if ($pconfig['ipv6nat_enable']) echo "checked"; ?> onclick="enable_change(false)" /> - <strong>Enable IPv4 NAT encapsulation of IPv6 packets</strong><br/> - This provides an RFC 2893 compatibility mechanism - that can be used to tunneling IPv6 packets over IPv4 - routing infrastructures. If enabled, don't forget to - add a firewall rule to permit IPv6 packets.<br/> + <strong><?=gettext("Enable IPv4 NAT encapsulation of IPv6 packets"); ?></strong><br/> + <?=gettext("This provides an RFC 2893 compatibility mechanism ". + "that can be used to tunneling IPv6 packets over IPv4 ". + "routing infrastructures. If enabled, don't forget to ". + "add a firewall rule to permit IPv6 packets."); ?><br/> <br/> - IP address : + <?=gettext("IP address"); ?> : <input name="ipv6nat_ipaddr" type="text" class="formfld unknown" id="ipv6nat_ipaddr" size="20" value="<?=htmlspecialchars($pconfig['ipv6nat_ipaddr']);?>" /> </td> </tr> @@ -217,31 +217,30 @@ function enable_change(enable_over) { <td colspan="2" class="list" height="12"> </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Network Interfaces</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Network Interfaces"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Device polling</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Device polling"); ?></td> <td width="78%" class="vtable"> <input name="polling_enable" type="checkbox" id="polling_enable" value="yes" <?php if ($pconfig['polling_enable']) echo "checked"; ?>> - <strong>Enable device polling</strong><br> - Device polling is a technique that lets the system periodically poll network devices for new data instead of relying on interrupts. This prevents your webConfigurator, SSH, etc. from being inaccessible due to interrupt floods when under extreme load. Generally this is not recommended. - Not all NICs support polling; see the <?= $g['product_name'] ?> homepage for a list of supported cards. + <strong><?=gettext("Enable device polling"); ?></strong><br> + <?php printf(gettext("Device polling is a technique that lets the system periodically poll network devices for new data instead of relying on interrupts. This prevents your webConfigurator, SSH, etc. from being inaccessible due to interrupt floods when under extreme load. Generally this is not recommended. Not all NICs support polling; see the %s homepage for a list of supported cards."), $g['product_name']); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Hardware Checksum Offloading</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Hardware Checksum Offloading"); ?></td> <td width="78%" class="vtable"> <input name="disablechecksumoffloading" type="checkbox" id="disablechecksumoffloading" value="yes" <?php if (isset($config['system']['disablechecksumoffloading'])) echo "checked"; ?> /> - <strong>Disable hardware checksum offload</strong><br> - Checking this option will disable hardware checksum offloading. Checksum offloading is broken in some hardware, particularly some Realtek cards. Rarely, drivers may have problems with checksum offloading and some specific NICs. + <strong><?=gettext("Disable hardware checksum offload"); ?></strong><br> + <?=gettext("Checking this option will disable hardware checksum offloading. Checksum offloading is broken in some hardware, particularly some Realtek cards. Rarely, drivers may have problems with checksum offloading and some specific NICs."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">ARP Handling</td> + <td width="22%" valign="top" class="vncell"><?=gettext("ARP Handling"); ?></td> <td width="78%" class="vtable"> <input name="sharednet" type="checkbox" id="sharednet" value="yes" <?php if (isset($pconfig['sharednet'])) echo "checked"; ?> /> - <strong>Suppress ARP messages</strong><br> - This option will suppress ARP log messages when multiple interfaces reside on the same broadcast domain</strong> + <strong><?=gettext("Suppress ARP messages"); ?></strong><br> + <?=gettext("This option will suppress ARP log messages when multiple interfaces reside on the same broadcast domain"); ?></strong> </td> </tr> <?php @@ -272,7 +271,7 @@ function enable_change(enable_over) { </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"><input name="Submit" type="submit" class="formbtn" value="Save" /></td> + <td width="78%"><input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /></td> </tr> </table> </div> diff --git a/usr/local/www/system_advanced_notifications.php b/usr/local/www/system_advanced_notifications.php index 6b8b121..80fecce 100644 --- a/usr/local/www/system_advanced_notifications.php +++ b/usr/local/www/system_advanced_notifications.php @@ -86,7 +86,7 @@ if ($_POST) { $savemsg = get_std_save_message($retval); } - if ($_POST['Submit'] == "Save") { + if ($_POST['Submit'] == gettext("Save")) { $tunableent = array(); // Growl @@ -108,20 +108,20 @@ if ($_POST) { if($config['notifications']['growl']['ipaddress'] && $config['notifications']['growl']['password'] = $_POST['password']) { register_via_growl(); - notify_via_growl("This is a test message form pfSense. It is safe to ignore this message."); + notify_via_growl(gettext("This is a test message form pfSense. It is safe to ignore this message.")); } // Send test message via smtp if(file_exists("/var/db/notices_lastmsg.txt")) unlink("/var/db/notices_lastmsg.txt"); - $savemsg = notify_via_smtp("This is a test message form pfSense. It is safe to ignore this message."); + $savemsg = notify_via_smtp(gettext("This is a test message form pfSense. It is safe to ignore this message.")); pfSenseHeader("system_advanced_notifications.php"); exit; } } -$pgtitle = array("System","Advanced: Notifications"); +$pgtitle = array(gettext("System"),gettext("Advanced: Notifications")); include("head.inc"); ?> @@ -141,12 +141,12 @@ include("head.inc"); <td> <?php $tab_array = array(); - $tab_array[] = array("Admin Access", false, "system_advanced_admin.php"); - $tab_array[] = array("Firewall / NAT", false, "system_advanced_firewall.php"); - $tab_array[] = array("Networking", false, "system_advanced_network.php"); - $tab_array[] = array("Miscellaneous", false, "system_advanced_misc.php"); - $tab_array[] = array("System Tunables", false, "system_advanced_sysctl.php"); - $tab_array[] = array("Notifications", true, "system_advanced_notifications.php"); + $tab_array[] = array(gettext("Admin Access"), false, "system_advanced_admin.php"); + $tab_array[] = array(gettext("Firewall / NAT"), false, "system_advanced_firewall.php"); + $tab_array[] = array(gettext("Networking"), false, "system_advanced_network.php"); + $tab_array[] = array(gettext("Miscellaneous"), false, "system_advanced_misc.php"); + $tab_array[] = array(gettext("System Tunables"), false, "system_advanced_sysctl.php"); + $tab_array[] = array(gettext("Notifications"), true, "system_advanced_notifications.php"); display_top_tabs($tab_array); ?> </td> @@ -158,34 +158,34 @@ include("head.inc"); <table width="100%" border="0" cellpadding="6" cellspacing="0"> <!-- GROWL --> <tr> - <td colspan="2" valign="top" class="listtopic">Growl</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Growl"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Registration Name</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Registration Name"); ?></td> <td width="78%" class="vtable"> <input name='name' value='<?php echo $pconfig['name']; ?>'><br/> - Enter the name to register with the Growl server (default: PHP-Growl). + <?=gettext("Enter the name to register with the Growl server (default: PHP-Growl)."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Notification Name</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Notification Name"); ?></td> <td width="78%" class="vtable"> <input name='notification_name' value='<?php echo $pconfig['notification_name']; ?>'><br/> - Enter a name for the Growl notifications (default: pfSense growl alert). + <?=gettext("Enter a name for the Growl notifications (default: pfSense growl alert)."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">IP Address</td> + <td width="22%" valign="top" class="vncell"><?=gettext("IP Address"); ?></td> <td width="78%" class="vtable"> <input name='ipaddress' value='<?php echo $pconfig['ipaddress']; ?>'><br/> - This is the IP address that you would like to send growl notifications to. + <?=gettext("This is the IP address that you would like to send growl notifications to."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Password</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Password"); ?></td> <td width="78%" class="vtable"> <input name='password' type='password' value='<?php echo $pconfig['password']; ?>'><br/> - Enter the password of the remote growl notification device. + <?=gettext("Enter the password of the remote growl notification device."); ?> </td> </tr> <tr> @@ -193,41 +193,41 @@ include("head.inc"); </tr> <!-- SMTP --> <tr> - <td colspan="2" valign="top" class="listtopic">SMTP E-Mail</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("SMTP E-Mail"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">IP Address of E-Mail server</td> + <td width="22%" valign="top" class="vncell"><?=gettext("IP Address of E-Mail server"); ?></td> <td width="78%" class="vtable"> <input name='smtpipaddress' value='<?php echo $pconfig['smtpipaddress']; ?>'><br/> - This is the IP address of the SMTP E-Mail server that will be used to send notifications to. + <?=gettext("This is the IP address of the SMTP E-Mail server that will be used to send notifications to."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">From e-mail address</td> + <td width="22%" valign="top" class="vncell"><?=gettext("From e-mail address"); ?></td> <td width="78%" class="vtable"> <input name='smtpfromaddress' type='input' value='<?php echo $pconfig['smtpfromaddress']; ?>'><br/> - This is the e-mail address that will appear in the from field. + <?=gettext("This is the e-mail address that will appear in the from field."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Notification E-Mail address</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Notification E-Mail address"); ?></td> <td width="78%" class="vtable"> <input name='smtpnotifyemailaddress' type='input' value='<?php echo $pconfig['smtpnotifyemailaddress']; ?>'><br/> - Enter the e-mail address that you would like email notifications sent to. + <?=gettext("Enter the e-mail address that you would like email notifications sent to."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Notification E-Mail auth username (optional)</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Notification E-Mail auth username (optional)"); ?></td> <td width="78%" class="vtable"> <input name='smtpusername' type='input' value='<?php echo $pconfig['smtpusername']; ?>'><br/> - Enter the e-mail address username for SMTP authentication. + <?=gettext("Enter the e-mail address username for SMTP authentication."); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Notification E-Mail auth password</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Notification E-Mail auth password"); ?></td> <td width="78%" class="vtable"> <input name='smtppassword' type='password' value='<?php echo $pconfig['smtppassword']; ?>'><br/> - Enter the e-mail address password for SMTP authentication. + <?=gettext("Enter the e-mail address password for SMTP authentication."); ?> </td> </tr> <tr> @@ -236,7 +236,7 @@ include("head.inc"); </td> <td> <br/> - <input type='submit' id='Submit' name='Submit' value='Save'></form> + <input type='submit' id='Submit' name='Submit' value='<?=gettext("Save"); ?>'></form> </td> </tr> </table> diff --git a/usr/local/www/system_advanced_sysctl.php b/usr/local/www/system_advanced_sysctl.php index 0215d0e..4e097ca 100644 --- a/usr/local/www/system_advanced_sysctl.php +++ b/usr/local/www/system_advanced_sysctl.php @@ -101,7 +101,7 @@ if ($_POST) { clear_subsystem_dirty('sysctl'); } - if ($_POST['Submit'] == "Save") { + if ($_POST['Submit'] == gettext("Save")) { $tunableent = array(); $tunableent['tunable'] = $_POST['tunable']; @@ -124,7 +124,7 @@ if ($_POST) { include("head.inc"); -$pgtitle = array("System","Advanced: Miscellaneous"); +$pgtitle = array(gettext("System"),gettext("Advanced: Miscellaneous")); include("head.inc"); ?> @@ -138,7 +138,7 @@ include("head.inc"); if ($savemsg) print_info_box($savemsg); if (is_subsystem_dirty('sysctl') && ($act != "edit" )) - print_info_box_np("The firewall tunables have changed. You must apply the configuration to take affect."); + print_info_box_np(gettext("The firewall tunables have changed. You must apply the configuration to take affect.")); ?> </form> <table width="100%" border="0" cellpadding="0" cellspacing="0"> @@ -146,12 +146,12 @@ include("head.inc"); <td> <?php $tab_array = array(); - $tab_array[] = array("Admin Access", false, "system_advanced_admin.php"); - $tab_array[] = array("Firewall / NAT", false, "system_advanced_firewall.php"); - $tab_array[] = array("Networking", false, "system_advanced_network.php"); - $tab_array[] = array("Miscellaneous", false, "system_advanced_misc.php"); - $tab_array[] = array("System Tunables", true, "system_advanced_sysctl.php"); - $tab_array[] = array("Notifications", false, "system_advanced_notifications.php"); + $tab_array[] = array(gettext("Admin Access"), false, "system_advanced_admin.php"); + $tab_array[] = array(gettext("Firewall / NAT"), false, "system_advanced_firewall.php"); + $tab_array[] = array(gettext("Networking"), false, "system_advanced_network.php"); + $tab_array[] = array(gettext("Miscellaneous"), false, "system_advanced_misc.php"); + $tab_array[] = array(gettext("System Tunables"), true, "system_advanced_sysctl.php"); + $tab_array[] = array(gettext("Notifications"), false, "system_advanced_notifications.php"); display_top_tabs($tab_array); ?> </td> @@ -162,27 +162,27 @@ include("head.inc"); <div class="tabcont"> <span class="vexpl"> <span class="red"> - <strong>NOTE: </strong> + <strong><?=gettext("NOTE"); ?>: </strong> </span> - The options on this page are intended for use by advanced users only. + <?=gettext("The options on this page are intended for use by advanced users only."); ?> <br/> </span> <br/> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td width="20%" class="listhdrr">Tunable Name</td> - <td width="60%" class="listhdrr">Description</td> - <td width="20%" class="listhdrr">Value</td> + <td width="20%" class="listhdrr"><?=gettext("Tunable Name"); ?></td> + <td width="60%" class="listhdrr"><?=gettext("Description"); ?></td> + <td width="20%" class="listhdrr"><?=gettext("Value"); ?></td> </tr> <?php $i = 0; foreach ($config['sysctl']['item'] as $tunable): ?> <tr> - <td class="listlr" ondblclick="document.location='system_advanced_sysctl.php?id=<?=$i;?>';"> + <td class="listlr" ondblclick="document.location='system_advanced_sysctl.php?act=edit&id=<?=$i;?>';"> <?php echo $tunable['tunable']; ?> </td> - <td class="listr" align="left" ondblclick="document.location='system_advanced_sysctl.php?id=<?=$i;?>';"> + <td class="listr" align="left" ondblclick="document.location='system_advanced_sysctl.php?act=edit&id=<?=$i;?>';"> <?php echo $tunable['desc']; ?> </td> - <td class="listr" align="left" ondblclick="document.location='system_advanced_sysctl.php?id=<?=$i;?>';"> + <td class="listr" align="left" ondblclick="document.location='system_advanced_sysctl.php?act=edit&id=<?=$i;?>';"> <?php echo $tunable['value']; ?> <?php if($tunable['value'] == "default") @@ -198,7 +198,7 @@ include("head.inc"); </a> </td> <td valign="middle"> - <a href="system_advanced_sysctl.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"> + <a href="system_advanced_sysctl.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this entry?"); ?>')"> <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" /> </a> </td> @@ -233,22 +233,22 @@ include("head.inc"); <form action="system_advanced_sysctl.php" method="post" name="iform" id="iform"> <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">Edit system tunable</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit system tunable"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Tunable</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Tunable"); ?></td> <td width="78%" class="vtable"> <input size="65" name="tunable" value="<?php echo $pconfig['tunable']; ?>"> </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Description</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Description"); ?></td> <td width="78%" class="vtable"> <textarea rows="7" cols="50" name="desc"><?php echo $pconfig['desc']; ?></textarea> </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Value</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Value"); ?></td> <td width="78%" class="vtable"> <input size="65" name="value" value="<?php echo $pconfig['value']; ?>"> </td> @@ -256,8 +256,8 @@ include("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input id="submit" name="Submit" type="submit" class="formbtn" value="Save" /> - <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" /> + <input id="submit" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> + <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()" /> <?php if (isset($id) && $a_tunable[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>" /> <?php endif; ?> diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index ca47289..984f0ab 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -41,7 +41,7 @@ require("guiconfig.inc"); require_once("auth.inc"); -$pgtitle = array("System", "Authentication Servers"); +$pgtitle = array(gettext("System"), gettext("Authentication Servers")); $id = $_GET['id']; if (isset($_POST['id'])) @@ -141,40 +141,52 @@ if ($_POST) { $reqdfields = explode(" ", "name type ldap_host ldap_port ". "ldap_urltype ldap_protver ldap_scope ldap_basedn ". "ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers"); - $reqdfieldsn = explode(",", "Descriptive name,Type,Hostname or IP,". - "Port value,Transport,Protocol version,Search level,". - "Search Base DN,User naming Attribute,". - "Group naming Attribute,Group member attribute,Authentication container"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Type"), + gettext("Hostname or IP"), + gettext("Port value"), + gettext("Transport"), + gettext("Protocol version"), + gettext("Search level"), + gettext("Search Base DN"), + gettext("User naming Attribute"), + gettext("Group naming Attribute"), + gettext("Group member attribute"), + gettext("Authentication container")); if (!$pconfig['ldap_anon']) { $reqdfields[] = "ldap_binddn"; $reqdfields[] = "ldap_bindpw"; - $reqdfieldsn[] = "Bind user DN"; - $reqdfieldsn[] = "Bind Password"; + $reqdfieldsn[] = gettext("Bind user DN"); + $reqdfieldsn[] = gettext("Bind Password"); } } if ($pconfig['type'] == "radius") { $reqdfields = explode(" ", "name type radius_host radius_srvcs"); - $reqdfieldsn = explode(",", "Descriptive name,Type,Hostname or IP,". - "Services"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Type"), + gettext("Hostname or IP"), + gettext("Services")); if ($pconfig['radisu_srvcs'] == "both" || $pconfig['radisu_srvcs'] == "auth") { $reqdfields[] = "radius_auth_port"; - $reqdfieldsn[] = "Authentication port value"; + $reqdfieldsn[] = gettext("Authentication port value"); } if ($pconfig['radisu_srvcs'] == "both" || $pconfig['radisu_srvcs'] == "acct") { $reqdfields[] = "radius_acct_port"; - $reqdfieldsn[] = "Accounting port value"; + $reqdfieldsn[] = gettext("Accounting port value"); } if (!isset($id)) { $reqdfields[] = "radius_secret"; - $reqdfieldsn[] = "Shared Secret"; + $reqdfieldsn[] = gettext("Shared Secret"); } } @@ -184,7 +196,7 @@ if ($_POST) { $input_errors[] = gettext("The host name contains invalid characters."); if (auth_get_authserver($pconfig['name']) && !isset($id)) - $input_errors[] = "A authentication server with the same name already exists."; + $input_errors[] = gettext("An authentication server with the same name already exists."); /* if this is an AJAX caller then handle via JSON */ if (isAjax() && is_array($input_errors)) { @@ -350,13 +362,13 @@ function select_clicked() { document.getElementById("ldap_scope").value == '' || document.getElementById("ldap_basedn").value == '' || document.getElementById("ldapauthcontainers").value == '') { - alert("Please fill the required values."); + alert("<?=gettext("Please fill the required values.");?>"); return; } if (!document.getElementById("ldap_anon").checked) { if (document.getElementById("ldap_binddn").value == '' || document.getElementById("ldap_bindpw").value == '') { - alert("Please fill the bind username/password."); + alert("<?=gettext("Please fill the bind username/password.");?>"); return; } } @@ -373,7 +385,7 @@ function select_clicked() { var oWin = window.open(url,"pfSensePop","width=620,height=400,top=150,left=150"); if (oWin==null || typeof(oWin)=="undefined") - alert('Popup blocker detected. Action aborted.'); + alert("<?=gettext('Popup blocker detected. Action aborted.');?>"); } //--> </script> @@ -442,7 +454,7 @@ function select_clicked() { <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">LDAP Server Settings</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("LDAP Server Settings");?></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP address");?></td> @@ -491,7 +503,7 @@ function select_clicked() { <td width="78%" class="vtable"> <table border="0" cellspacing="0" cellpadding="2"> <tr> - <td>Level: </td> + <td><?=gettext("Level");?>: </td> <td> <select name='ldap_scope' id='ldap_scope' class="formselect"> <?php @@ -506,7 +518,7 @@ function select_clicked() { </td> </tr> <tr> - <td>Base DN: </td> + <td><?=gettext("Base DN");?>: </td> <td> <input name="ldap_basedn" type="text" class="formfld unknown" id="ldap_basedn" size="40" value="<?=htmlspecialchars($pconfig['ldap_basedn']);?>"/> </td> @@ -516,23 +528,22 @@ function select_clicked() { </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication containers");?></td> - <td width="78%" class="vtable"> - <table border="0" cellspacing="0" cellpadding="2"> - <tr> - <td>Containers: </td> - <td> - <input name="ldapauthcontainers" type="text" class="formfld unknown" id="ldapauthcontainers" size="40" value="<?=htmlspecialchars($pconfig['ldap_authcn']);?>"/> - <input type="button" onClick="select_clicked();" value="Select"> - <br />NOTE: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path. - <br />EXAMPLE: CN=Users;DC=example - <br />EXAMPLE: CN=Users,DC=example,DC=com;OU=OtherUsers,DC=example,DC=com - </td> - </tr> - </table> - - </td> - </tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication containers");?></td> + <td width="78%" class="vtable"> + <table border="0" cellspacing="0" cellpadding="2"> + <tr> + <td><?=gettext("Containers");?>: </td> + <td> + <input name="ldapauthcontainers" type="text" class="formfld unknown" id="ldapauthcontainers" size="40" value="<?=htmlspecialchars($pconfig['ldap_authcn']);?>"/> + <input type="button" onClick="select_clicked();" value="<?=gettext("Select");?>"> + <br /><?=gettext("NOTE: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path.");?> + <br /><?=gettext("EXAMPLE: CN=Users;DC=example");?> + <br /><?=gettext("EXAMPLE: CN=Users,DC=example,DC=com;OU=OtherUsers,DC=example,DC=com ");?> + </td> + </tr> + </table> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Bind credentials");?></td> <td width="78%" class="vtable"> @@ -542,7 +553,7 @@ function select_clicked() { <input name="ldap_anon" type="checkbox" id="ldap_anon" value="yes" <?php if ($pconfig['ldap_anon']) echo "checked"; ?> onClick="ldap_bindchange()"> </td> <td> - Use anonymous binds to resolve distinguished names + <?=gettext("Use anonymous binds to resolve distinguished names");?> </td> </tr> </table> @@ -551,13 +562,13 @@ function select_clicked() { <td colspan="2"></td> </tr> <tr> - <td>User DN: </td> + <td><?=gettext("User DN");?>: </td> <td> <input name="ldap_binddn" type="text" class="formfld unknown" id="ldap_binddn" size="40" value="<?=htmlspecialchars($pconfig['ldap_binddn']);?>"/><br/> </td> </tr> <tr> - <td>Password: </td> + <td><?=gettext("Password");?>: </td> <td> <input name="ldap_bindpw" type="password" class="formfld pwd" id="ldap_bindpw" size="20" value="<?=htmlspecialchars($pconfig['ldap_bindpw']);?>"/><br/> </td> @@ -607,7 +618,7 @@ function select_clicked() { <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Radius Server Settings</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Radius Server Settings");?></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP address");?></td> @@ -654,7 +665,7 @@ function select_clicked() { <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input id="submit" name="save" type="submit" class="formbtn" value="Save" /> + <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> <?php if (isset($id) && $a_server[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>" /> <?php endif;?> @@ -667,9 +678,9 @@ function select_clicked() { <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="25%" class="listhdrr">Server Name</td> - <td width="25%" class="listhdrr">Type</td> - <td width="35%" class="listhdrr">Host Name</td> + <td width="25%" class="listhdrr"><?=gettext("Server Name");?></td> + <td width="25%" class="listhdrr"><?=gettext("Type");?></td> + <td width="35%" class="listhdrr"><?=gettext("Host Name");?></td> <td width="10%" class="list"></td> </tr> <?php @@ -686,11 +697,11 @@ function select_clicked() { <td valign="middle" nowrap class="list"> <?php if ($i < (count($a_server) - 1)): ?> <a href="system_authservers.php?act=edit&id=<?=$i;?>"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="edit server" alt="edit server" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit server");?>" alt="<?=gettext("edit server");?>" width="17" height="17" border="0" /> </a> <a href="system_authservers.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Server?");?>')"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete server" alt="delete server" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete server");?>" alt="<?=gettext("delete server");?>" width="17" height="17" border="0" /> </a> <?php endif; ?> </td> @@ -702,7 +713,7 @@ function select_clicked() { <td class="list" colspan="3"></td> <td class="list"> <a href="system_authservers.php?act=new"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add server" alt="add server" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add server");?>" alt="<?=gettext("add server");?>" width="17" height="17" border="0" /> </a> </td> </tr> diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index 19f338d..8c0417c 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -41,12 +41,12 @@ require("guiconfig.inc"); require_once("certs.inc"); $ca_methods = array( - "existing" => "Import an existing Certificate Authority", - "internal" => "Create an internal Certificate Authority"); + "existing" => gettext("Import an existing Certificate Authority"), + "internal" => gettext("Create an internal Certificate Authority")); $ca_keylens = array( "512", "1024", "2048", "4096"); -$pgtitle = array("System", "Certificate Authority Manager"); +$pgtitle = array(gettext("System"), gettext("Certificate Authority Manager")); $id = $_GET['id']; if (isset($_POST['id'])) @@ -118,20 +118,24 @@ if ($_POST) { /* input validation */ if ($pconfig['method'] == "existing") { $reqdfields = explode(" ", "name cert"); - $reqdfieldsn = explode(",", "Descriptive name,Certificate data"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Certificate data")); } if ($pconfig['method'] == "internal") { $reqdfields = explode(" ", "name keylen lifetime dn_country dn_state dn_city ". "dn_organization dn_email dn_commonname"); - $reqdfieldsn = explode(",", - "Descriptive name,Key length,Lifetime,". - "Distinguished name Country Code,". - "Distinguished name State or Province,". - "Distinguished name City,". - "Distinguished name Organization,". - "Distinguished name Email Address,". - "Distinguished name Common Name"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Key length"), + gettext("Lifetime"), + gettext("Distinguished name Country Code"), + gettext("Distinguished name State or Province"), + gettext("Distinguished name City"), + gettext("Distinguished name Organization"), + gettext("Distinguished name Email Address"), + gettext("Distinguished name Common Name")); } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -226,7 +230,7 @@ function method_change() { <td id="mainarea"> <div class="tabcont"> - <?php if ($act == "new" || $act == "save" || $input_errors): ?> + <?php if ($act == "new" || $act == gettext("save") || $input_errors): ?> <form action="system_camanager.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> @@ -260,15 +264,15 @@ function method_change() { <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Existing Certificate Authority</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate Authority");?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Certificate data</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td> <td width="78%" class="vtable"> <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea> <br> - Paste a certificate in X.509 PEM format here.</td> + <?=gettext("Paste a certificate in X.509 PEM format here.");?></td> </td> </tr> </table> @@ -278,7 +282,7 @@ function method_change() { <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Internal Certificate Authority</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate Authority");?></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td> @@ -293,14 +297,14 @@ function method_change() { <option value="<?=$len;?>"<?=$selected;?>><?=$len;?></option> <?php endforeach; ?> </select> - bits + <?=gettext(bits);?> </td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td> <td width="78%" class="vtable"> <input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/> - days + <?=gettext(days);?> </td> </tr> <tr> @@ -308,64 +312,64 @@ function method_change() { <td width="78%" class="vtable"> <table border="0" cellspacing="0" cellpadding="2"> <tr> - <td align="right">Country Code : </td> + <td align="right"><?=gettext("Country Code");?> : </td> <td align="left"> <input name="dn_country" type="text" class="formfld unknown" maxlength="2" size="2" value="<?=htmlspecialchars($pconfig['dn_country']);?>"/> <em>ex:</em> - US - <em>( two letters )</em> + <?=gettext("US");?> + <em><?=gettext("( two letters )");?></em> </td> </tr> <tr> - <td align="right">State or Province : </td> + <td align="right"><?=gettext("State or Province");?> : </td> <td align="left"> <input name="dn_state" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_state']);?>"/> <em>ex:</em> - Texas + <?=gettext("Texas");?> </td> </tr> <tr> - <td align="right">City : </td> + <td align="right"><?=gettext("City");?> : </td> <td align="left"> <input name="dn_city" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_city']);?>"/> <em>ex:</em> - Austin + <?=gettext("Austin");?> </td> </tr> <tr> - <td align="right">Organization : </td> + <td align="right"><?=gettext("Organization");?> : </td> <td align="left"> <input name="dn_organization" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_organization']);?>"/> <em>ex:</em> - My Company Inc. + <?=gettext("My Company Inc.");?> </td> </tr> <tr> - <td align="right">Email Address : </td> + <td align="right"><?=gettext("Email Address");?> : </td> <td align="left"> <input name="dn_email" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_email']);?>"/> <em>ex:</em> - admin@mycompany.com + <?=gettext("admin@mycompany.com");?> </td> </tr> <tr> - <td align="right">Common Name : </td> + <td align="right"><?=gettext("Common Name");?> : </td> <td align="left"> <input name="dn_commonname" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_commonname']);?>"/> <em>ex:</em> - internal-ca + <?=gettext("internal-ca");?> </td> </tr> </table> @@ -377,7 +381,7 @@ function method_change() { <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input id="submit" name="save" type="submit" class="formbtn" value="Save" /> + <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> <?php if (isset($id) && $a_ca[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>" /> <?php endif;?> @@ -390,11 +394,11 @@ function method_change() { <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="20%" class="listhdrr">Name</td> - <td width="10%" class="listhdrr">Internal</td> - <td width="10%" class="listhdrr">Issuer</td> - <td width="10%" class="listhdrr">Certificates</td> - <td width="40%" class="listhdrr">Distinguished Name</td> + <td width="20%" class="listhdrr"><?=gettext("Name");?></td> + <td width="10%" class="listhdrr"><?=gettext("Internal");?></td> + <td width="10%" class="listhdrr"><?=gettext("Issuer");?></td> + <td width="10%" class="listhdrr"><?=gettext("Certificates");?></td> + <td width="40%" class="listhdrr"><?=gettext("Distinguished Name");?></td> <td width="10%" class="list"></td> </tr> <?php @@ -404,9 +408,9 @@ function method_change() { $subj = cert_get_subject($ca['crt']); $issuer = cert_get_issuer($ca['crt']); if($subj == $issuer) - $issuer_name = "<em>self-signed</em>"; + $issuer_name = "<em>" . gettext("self-signed") . "</em>"; else - $issuer_name = "<em>external</em>"; + $issuer_name = "<em>" . gettext("external") . "</em>"; $subj = htmlspecialchars($subj); $issuer = htmlspecialchars($issuer); $certcount = 0; @@ -451,10 +455,10 @@ function method_change() { <td class="listr"><?=$subj;?> </td> <td valign="middle" nowrap class="list"> <a href="system_camanager.php?act=exp&id=<?=$i;?>")"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export ca" alt="export ca" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export ca");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" /> </a> <a href="system_camanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Authority and all associated Certificates?");?>')"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete ca" alt="delete ca" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete ca");?>" alt="<?=gettext("delete ca"); ?>" width="17" height="17" border="0" /> </a> </td> </tr> @@ -466,7 +470,7 @@ function method_change() { <td class="list" colspan="5"></td> <td class="list"> <a href="system_camanager.php?act=new"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add or import ca" alt="add ca" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add or import ca");?>" alt="<?=gettext("add ca");?>" width="17" height="17" border="0" /> </a> </td> </tr> diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 03458e9..683bdeb 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -41,13 +41,13 @@ require("guiconfig.inc"); require_once("certs.inc"); $cert_methods = array( - "existing" => "Import an existing Certificate", - "internal" => "Create an internal Certificate", - "external" => "Create a Certificate Signing Request"); + "existing" => gettext("Import an existing Certificate"), + "internal" => gettext("Create an internal Certificate"), + "external" => gettext("Create a Certificate Signing Request")); $cert_keylens = array( "512", "1024", "2048", "4096"); -$pgtitle = array("System", "Certificate Manager"); +$pgtitle = array(gettext("System"), gettext("Certificate Manager")); $id = $_GET['id']; if (isset($_POST['id'])) @@ -141,7 +141,7 @@ if ($act == "csr") { if ($_POST) { - if ($_POST['save'] == "Save") { + if ($_POST['save'] == gettext("Save")) { unset($input_errors); $pconfig = $_POST; @@ -150,36 +150,42 @@ if ($_POST) { if ($pconfig['method'] == "existing") { $reqdfields = explode(" ", "name cert key"); - $reqdfieldsn = explode(",", - "Descriptive name,Certificate data,Key data"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Certificate data"), + gettext("Key data")); } if ($pconfig['method'] == "internal") { $reqdfields = explode(" ", "name caref keylen lifetime dn_country dn_state dn_city ". "dn_organization dn_email dn_commonname"); - $reqdfieldsn = explode(",", - "Descriptive name,Certificate authority,Key length,Lifetime,". - "Distinguished name Country Code,". - "Distinguished name State or Province,". - "Distinguished name City,". - "Distinguished name Organization,". - "Distinguished name Email Address,". - "Distinguished name Common Name"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Certificate authority"), + gettext("Key length"), + gettext("Lifetime"), + gettext("Distinguished name Country Code"), + gettext("Distinguished name State or Province"), + gettext("Distinguished name City"), + gettext("Distinguished name Organization"), + gettext("Distinguished name Email Address"), + gettext("Distinguished name Common Name")); } if ($pconfig['method'] == "external") { $reqdfields = explode(" ", "name csr_keylen csr_dn_country csr_dn_state csr_dn_city ". "csr_dn_organization csr_dn_email csr_dn_commonname"); - $reqdfieldsn = explode(",", - "Descriptive name,Key length,". - "Distinguished name Country Code,". - "Distinguished name State or Province,". - "Distinguished name City,". - "Distinguished name Organization,". - "Distinguished name Email Address,". - "Distinguished name Common Name"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Key length"), + gettext("Distinguished name Country Code"), + gettext("Distinguished name State or Province"), + gettext("Distinguished name City"), + gettext("Distinguished name Organization"), + gettext("Distinguished name Email Address"), + gettext("Distinguished name Common Name")); } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -239,13 +245,15 @@ if ($_POST) { } } - if ($_POST['save'] == "Update") { + if ($_POST['save'] == gettext("Update")) { unset($input_errors); $pconfig = $_POST; /* input validation */ $reqdfields = explode(" ", "name cert"); - $reqdfieldsn = explode(",", "Descriptive name,Final Certificate data"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Final Certificate data")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -254,7 +262,7 @@ if ($_POST) { $subj_cert = cert_get_subject($pconfig['cert'], false); if (strcmp($subj_csr,$subj_cert)) - $input_errors[] = gettext("The certificate subject '{$subj_cert}' does not match the signing request subject."); + $input_errors[] = sprintf(gettext("The certificate subject '%s' does not match the signing request subject."),$subj_cert); /* if this is an AJAX caller then handle via JSON */ if (isAjax() && is_array($input_errors)) { @@ -368,7 +376,7 @@ function internalca_change() { <td id="mainarea"> <div class="tabcont"> - <?php if ($act == "new" || (($_POST['save'] == "Save") && $input_errors)): ?> + <?php if ($act == "new" || (($_POST['save'] == gettext("Save")) && $input_errors)): ?> <form action="system_certmanager.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> @@ -402,23 +410,23 @@ function internalca_change() { <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Existing Certificate</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate");?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Certificate data</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td> <td width="78%" class="vtable"> <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea> <br> - Paste a certificate in X.509 PEM format here.</td> + <?=gettext("Paste a certificate in X.509 PEM format here.");?></td> </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Private key data</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Private key data");?></td> <td width="78%" class="vtable"> <textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=$pconfig['key'];?></textarea> <br> - Paste a private key in X.509 PEM format here.</td> + <?=gettext("Paste a private key in X.509 PEM format here.");?></td> </td> </tr> </table> @@ -428,16 +436,16 @@ function internalca_change() { <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Internal Certificate</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate");?></td> </tr> <?php if (!$internal_ca_count): ?> <tr> <td colspan="2" align="center" class="vtable"> - No internal Certificate Authorities have been defined. You must - <a href="system_camanager.php?act=new&method=internal">create</a> - an internal CA before creating an internal certificate. + <?=gettext("No internal Certificate Authorities have been defined. You must");?> + <a href="system_camanager.php?act=new&method=internal"><?=gettext("create");?></a> + <?=gettext("an internal CA before creating an internal certificate.");?> </td> </tr> @@ -473,14 +481,14 @@ function internalca_change() { <option value="<?=$len;?>"<?=$selected;?>><?=$len;?></option> <?php endforeach; ?> </select> - bits + <?=gettext("bits");?> </td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td> <td width="78%" class="vtable"> <input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/> - days + <?=gettext("days");?> </td> </tr> <tr> @@ -488,47 +496,47 @@ function internalca_change() { <td width="78%" class="vtable"> <table border="0" cellspacing="0" cellpadding="2"> <tr> - <td align="right">Country Code : </td> + <td align="right"><?=gettext("Country Code");?> : </td> <td align="left"> <input name="dn_country" type="text" class="formfld unknown" maxlength="2" size="2" value="<?=htmlspecialchars($pconfig['dn_country']);?>" readonly/> </td> </tr> <tr> - <td align="right">State or Province : </td> + <td align="right"><?=gettext("State or Province");?> : </td> <td align="left"> <input name="dn_state" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_state']);?>" readonly/> </td> </tr> <tr> - <td align="right">City : </td> + <td align="right"><?=gettext("City");?> : </td> <td align="left"> <input name="dn_city" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_city']);?>" readonly/> </td> </tr> <tr> - <td align="right">Organization : </td> + <td align="right"><?=gettext("Organization");?> : </td> <td align="left"> <input name="dn_organization" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_organization']);?>" readonly/> </td> </tr> <tr> - <td align="right">Email Address : </td> + <td align="right"><?=gettext("Email Address");?> : </td> <td align="left"> <input name="dn_email" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_email']);?>"/> <em>ex:</em> - webadmin@mycompany.com + <?=gettext("webadmin@mycompany.com");?> </td> </tr> <tr> - <td align="right">Common Name : </td> + <td align="right"><?=gettext("Common Name");?> : </td> <td align="left"> <input name="dn_commonname" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_commonname']);?>"/> <em>ex:</em> - www.example.com + <?=gettext("www.example.com");?> </td> </tr> </table> @@ -544,7 +552,7 @@ function internalca_change() { <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">External Signing Request</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("External Signing Request");?></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td> @@ -567,7 +575,7 @@ function internalca_change() { <td width="78%" class="vtable"> <table border="0" cellspacing="0" cellpadding="2"> <tr> - <td align="right">Country Code : </td> + <td align="right"><?=gettext("Country Code");?> : </td> <td align="left"> <input name="csr_dn_country" type="text" class="formfld unknown" size="2" value="<?=htmlspecialchars($pconfig['csr_dn_country']);?>" /> @@ -575,57 +583,57 @@ function internalca_change() { US - <em>( two letters )</em> + <em><?=gettext("( two letters )");?></em> </td> </tr> <tr> - <td align="right">State or Province : </td> + <td align="right"><?=gettext("State or Province");?> : </td> <td align="left"> <input name="csr_dn_state" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_state']);?>" /> <em>ex:</em> - Texas + <?=gettext("Texas");?> </td> </tr> <tr> - <td align="right">City : </td> + <td align="right"><?=gettext("City");?> : </td> <td align="left"> <input name="csr_dn_city" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_city']);?>" /> <em>ex:</em> - Austin + <?=gettext("Austin");?> </td> </tr> <tr> - <td align="right">Organization : </td> + <td align="right"><?=gettext("Organization");?> : </td> <td align="left"> <input name="csr_dn_organization" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_organization']);?>" /> <em>ex:</em> - My Company Inc. + <?=gettext("My Company Inc.");?> </td> </tr> <tr> - <td align="right">Email Address : </td> + <td align="right"><?=gettext("Email Address");?> : </td> <td align="left"> <input name="csr_dn_email" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['csr_dn_email']);?>"/> <em>ex:</em> - webadmin@mycompany.com + <?=gettext("webadmin@mycompany.com");?> </td> </tr> <tr> - <td align="right">Common Name : </td> + <td align="right"><?=gettext("Common Name");?> : </td> <td align="left"> <input name="csr_dn_commonname" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['csr_dn_commonname']);?>"/> <em>ex:</em> - www.example.com + <?=gettext("www.example.com");?> </td> </tr> </table> @@ -637,7 +645,7 @@ function internalca_change() { <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input id="submit" name="save" type="submit" class="formbtn" value="Save" /> + <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> <?php if (isset($id) && $a_cert[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>" /> <?php endif;?> @@ -646,7 +654,7 @@ function internalca_change() { </table> </form> - <?php elseif ($act == "csr" || (($_POST['save'] == "Update") && $input_errors)):?> + <?php elseif ($act == "csr" || (($_POST['save'] == gettext("Update")) && $input_errors)):?> <form action="system_certmanager.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> @@ -660,29 +668,29 @@ function internalca_change() { <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Complete Signing Request</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Complete Signing Request");?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Signing Request data</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Signing Request data");?></td> <td width="78%" class="vtable"> <textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly><?=$pconfig['csr'];?></textarea> <br> - Copy the certificate signing data from here and forward it to your certificate authority for signing.</td> + <?=gettext("Copy the certificate signing data from here and forward it to your certificate authority for signing.");?></td> </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Final Certificate data</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Final Certificate data");?></td> <td width="78%" class="vtable"> <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea> <br> - Paste the certificate received from your cerificate authority here.</td> + <?=gettext("Paste the certificate received from your cerificate authority here.");?></td> </td> </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input id="submit" name="save" type="submit" class="formbtn" value="Update" /> + <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Update");?>" /> <?php if (isset($id) && $a_cert[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>" /> <input name="act" type="hidden" value="csr" /> @@ -696,9 +704,9 @@ function internalca_change() { <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="20%" class="listhdrr">Name</td> - <td width="20%" class="listhdrr">Issuer</td> - <td width="40%" class="listhdrr">Distinguished Name</td> + <td width="20%" class="listhdrr"><?=gettext("Name");?></td> + <td width="20%" class="listhdrr"><?=gettext("Issuer");?></td> + <td width="40%" class="listhdrr"><?=gettext("Distinguished Name");?></td> <td width="10%" class="list"></td> </tr> <?php @@ -710,15 +718,15 @@ function internalca_change() { $subj = cert_get_subject($cert['crt']); $issuer = cert_get_issuer($cert['crt']); if($subj==$issuer) - $caname = "<em>self-signed</em>"; + $caname = "<em>" . gettext("self-signed") . "</em>"; else - $caname = "<em>external</em>"; + $caname = "<em>" . gettext("external"). "</em>"; $subj = htmlspecialchars($subj); } if ($cert['csr']) { $subj = htmlspecialchars(csr_get_subject($cert['csr'])); - $caname = "<em>external - signature pending</em>"; + $caname = "<em>" . gettext("external - signature pending") . "</em>"; } $ca = lookup_ca($cert['caref']); @@ -747,18 +755,18 @@ function internalca_change() { <td class="listr"><?=$subj;?> </td> <td valign="middle" nowrap class="list"> <a href="system_certmanager.php?act=exp&id=<?=$i;?>")"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export cert" alt="export ca" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export cert");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" /> </a> <a href="system_certmanager.php?act=key&id=<?=$i;?>")"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export key" alt="export ca" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export key");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" /> </a> <a href="system_certmanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate?");?>')"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete cert" alt="delete cert" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete cert");?>" alt="<?=gettext("delete cert");?>" width="17" height="17" border="0" /> </a> <?php if ($cert['csr']): ?> <a href="system_certmanager.php?act=csr&id=<?=$i;?>"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="update csr" alt="update csr" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("update csr");?>" alt="<?=gettext("update csr");?>" width="17" height="17" border="0" /> </a> <?php endif; ?> </td> @@ -771,7 +779,7 @@ function internalca_change() { <td class="list" colspan="3"></td> <td class="list"> <a href="system_certmanager.php?act=new"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add or import ca" alt="add ca" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add or import ca");?>" alt="<?=gettext("add ca");?>" width="17" height="17" border="0" /> </a> </td> </tr> diff --git a/usr/local/www/system_firmware.php b/usr/local/www/system_firmware.php index ed40a97..58c1caa 100755 --- a/usr/local/www/system_firmware.php +++ b/usr/local/www/system_firmware.php @@ -76,32 +76,32 @@ function file_is_for_platform($filename, $ul_name) { function file_upload_error_message($error_code) { switch ($error_code) { case UPLOAD_ERR_INI_SIZE: - return 'The uploaded file exceeds the upload_max_filesize directive in php.ini'; + return gettext('The uploaded file exceeds the upload_max_filesize directive in php.ini'); case UPLOAD_ERR_FORM_SIZE: - return 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'; + return gettext('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'); case UPLOAD_ERR_PARTIAL: - return 'The uploaded file was only partially uploaded'; + return gettext('The uploaded file was only partially uploaded'); case UPLOAD_ERR_NO_FILE: - return 'No file was uploaded'; + return gettext('No file was uploaded'); case UPLOAD_ERR_NO_TMP_DIR: - return 'Missing a temporary folder'; + return gettext('Missing a temporary folder'); case UPLOAD_ERR_CANT_WRITE: - return 'Failed to write file to disk'; + return gettext('Failed to write file to disk'); case UPLOAD_ERR_EXTENSION: - return 'File upload stopped by extension'; + return gettext('File upload stopped by extension'); default: - return 'Unknown upload error'; + return gettext('Unknown upload error'); } } /* if upgrade in progress, alert user */ if(is_subsystem_dirty('firmwarelock')) { - $pgtitle = array("System","Firmware","Manual Update"); + $pgtitle = array(gettext("System"),gettext("Firmware"),gettext("Manual Update")); include("head.inc"); echo "<body link=\"#0000CC\" vlink=\"#0000CC\" alink=\"#0000CC\">\n"; include("fbegin.inc"); echo "<div>\n"; - print_info_box("An upgrade is currently in progress.<p>The firewall will reboot when the operation is complete.<p><center><img src='/themes/{$g['theme']}/images/icons/icon_fw-update.gif'>"); + print_info_box(gettext("An upgrade is currently in progress.<p>The firewall will reboot when the operation is complete.") . "<p><center><img src='/themes/{$g['theme']}/images/icons/icon_fw-update.gif'>"); echo "</div>\n"; include("fend.inc"); echo "</body>"; @@ -122,11 +122,11 @@ if ($_POST && !is_subsystem_dirty('firmwarelock')) { unset($input_errors); unset($sig_warning); - if (stristr($_POST['Submit'], "Enable")) + if (stristr($_POST['Submit'], gettext("Enable"))) $mode = "enable"; - else if (stristr($_POST['Submit'], "Disable")) + else if (stristr($_POST['Submit'], gettext("Disable"))) $mode = "disable"; - else if (stristr($_POST['Submit'], "Upgrade") || $_POST['sig_override']) + else if (stristr($_POST['Submit'], gettext("Upgrade")) || $_POST['sig_override']) $mode = "upgrade"; else if ($_POST['sig_no']) { if(file_exists("{$g['upload_path']}/firmware.tgz")) @@ -145,10 +145,10 @@ if ($_POST && !is_subsystem_dirty('firmwarelock')) { if (is_uploaded_file($_FILES['ulfile']['tmp_name'])) { /* verify firmware image(s) */ if (file_is_for_platform($_FILES['ulfile']['tmp_name'], $_FILES['ulfile']['name']) == false && !$_POST['sig_override']) - $input_errors[] = "The uploaded image file is not for this platform ({$g['platform']})."; + $input_errors[] = gettext("The uploaded image file is not for this platform") . " ({$g['platform']})"; else if (!file_exists($_FILES['ulfile']['tmp_name'])) { /* probably out of memory for the MFS */ - $input_errors[] = "Image upload failed (out of memory?)"; + $input_errors[] = gettext("Image upload failed (out of memory?)"); mwexec("/etc/rc.firmware disable"); clear_subsystem_dirty('firmware'); } else { @@ -159,14 +159,14 @@ if ($_POST && !is_subsystem_dirty('firmwarelock')) { $sigchk = verify_digital_signature("{$g['upload_path']}/firmware.tgz"); if ($sigchk == 1) - $sig_warning = "The digital signature on this image is invalid."; + $sig_warning = gettext("The digital signature on this image is invalid."); else if ($sigchk == 2 && !isset($config['system']['firmware']['allowinvalidsig'])) - $sig_warning = "This image is not digitally signed."; + $sig_warning = gettext("This image is not digitally signed."); else if (($sigchk >= 3)) - $sig_warning = "There has been an error verifying the signature on this image."; + $sig_warning = gettext("There has been an error verifying the signature on this image."); if (!verify_gzip_file("{$g['upload_path']}/firmware.tgz")) { - $input_errors[] = "The image file is corrupt."; + $input_errors[] = gettext("The image file is corrupt."); unlink("{$g['upload_path']}/firmware.tgz"); } } @@ -179,7 +179,7 @@ if ($_POST && !is_subsystem_dirty('firmwarelock')) { if (file_exists("{$g['upload_path']}/firmware.tgz")) { /* fire up the update script in the background */ mark_subsystem_dirty('firmwarelock'); - $savemsg = "The firmware is now being updated. The firewall will reboot automatically."; + $savemsg = gettext("The firmware is now being updated. The firewall will reboot automatically."); if(stristr($_FILES['ulfile']['name'],"nanobsd") or $_POST['isnano'] == "yes") mwexec_bg("/etc/rc.firmware pfSenseNanoBSDupgrade {$g['upload_path']}/firmware.tgz"); else if(stristr($_FILES['ulfile']['name'],"bdiff")) @@ -187,14 +187,14 @@ if ($_POST && !is_subsystem_dirty('firmwarelock')) { else mwexec_bg("/etc/rc.firmware pfSenseupgrade {$g['upload_path']}/firmware.tgz"); } else { - $savemsg = "Firmware image missing or other error, please try again {$errortext}."; + $savemsg = sprintf(gettext("Firmware image missing or other error, please try again %s."),$errortext); } } } } } -$pgtitle = array("Diagnostics","Firmware"); +$pgtitle = array(gettext("Diagnostics"),gettext("Firmware")); include("head.inc"); ?> @@ -211,17 +211,17 @@ include("head.inc"); <?php if ($fwinfo <> "") print_info_box($fwinfo); ?> <?php if ($sig_warning && !$input_errors): ?> <?php - $sig_warning = "<strong>" . $sig_warning . "</strong><br>This means that the image you uploaded " . + $sig_warning = "<strong>" . $sig_warning . "</strong><br>" . gettext("This means that the image you uploaded " . "is not an official/supported image and may lead to unexpected behavior or security " . "compromises. Only install images that come from sources that you trust, and make sure ". - "that the image has not been tampered with.<br><br>". - "Do you want to install this image anyway (on your own risk)?"; + "that the image has not been tampered with.") . "<br><br>". + gettext("Do you want to install this image anyway (on your own risk)?"); print_info_box($sig_warning); if(stristr($_FILES['ulfile']['name'],"nanobsd")) echo "<input type='hidden' name='isnano' id='isnano' value='yes'>\n"; ?> -<input name="sig_override" type="submit" class="formbtn" id="sig_override" value=" Yes "> -<input name="sig_no" type="submit" class="formbtn" id="sig_no" value=" No "> +<input name="sig_override" type="submit" class="formbtn" id="sig_override" value=" <?=gettext("Yes");?> "> +<input name="sig_no" type="submit" class="formbtn" id="sig_no" value=" <?=gettext("No"); ?> "> <?php else: ?> <?php if (!is_subsystem_dirty('firmwarelock')): ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> @@ -229,9 +229,9 @@ if(stristr($_FILES['ulfile']['name'],"nanobsd")) <td> <?php $tab_array = array(); - $tab_array[0] = array("Manual Update", true, "system_firmware.php"); - $tab_array[1] = array("Auto Update", false, "system_firmware_check.php"); - $tab_array[2] = array("Updater Settings", false, "system_firmware_settings.php"); + $tab_array[0] = array(gettext("Manual Update"), true, "system_firmware.php"); + $tab_array[1] = array(gettext("Auto Update"), false, "system_firmware_check.php"); + $tab_array[2] = array(gettext("Updater Settings"), false, "system_firmware_settings.php"); display_top_tabs($tab_array); ?> </td> @@ -241,42 +241,42 @@ if(stristr($_FILES['ulfile']['name'],"nanobsd")) <div id="mainarea"> <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" class="listtopic">Invoke <?=$g['product_name']?> Manual Upgrade</td> + <td colspan="2" class="listtopic"><?=gettext("Invoke") ." ". $g['product_name'] ." ". gettext("Manual Upgrade"); ?></td> </tr> <tr> <td width="22%" valign="baseline" class="vncell"> </td> <td width="78%" class="vtable"> <p> - Click "Enable firmware - upload" below, then choose the image file (<?=$g['firmware_update_text'];?>) - to be uploaded. + <?php printf(gettext('Click "Enable firmware '. + 'upload" below, then choose the image file (%s) '. + 'to be uploaded.'),$g['firmware_update_text']);?> <br> - Click "Upgrade firmware" to start the upgrade process. + <?=gettext('Click "Upgrade firmware" to start the upgrade process.');?> </p> <?php if (!is_subsystem_dirty('rebootreq')): ?> <?php if (!is_subsystem_dirty('firmware')): ?> - <input name="Submit" type="submit" class="formbtn" value="Enable firmware upload"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Enable firmware upload");?>"> <?php else: ?> - <input name="Submit" type="submit" class="formbtn" value="Disable firmware upload"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Disable firmware upload");?>"> <br><br> - <strong>Firmware image file: </strong> + <strong><?=gettext("Firmware image file");?>: </strong> <input name="ulfile" type="file" class="formfld"> <br><br> <?php if ($g['platform'] == "nanobsd"): ?> - <b>NOTE: You must upload a .img.gz image, not an uncompressed image!</b> + <b><?=gettext("NOTE: You must upload a .img.gz image, not an uncompressed image!");?></b> <?php else: ?> - <b>NOTE: You must upload a .tgz image, not an uncompressed image!</b> + <b><?=gettext("NOTE: You must upload a .tgz image, not an uncompressed image!");?></b> <?php endif; ?> <br><br> <?php if(!file_exists("/boot/kernel/pfsense_kernel.txt")) { if($g['platform'] == "pfSense") { - echo "Please select kernel type: "; + echo gettext("Please select kernel type") , ": "; echo "<select name='kerneltype'>"; - echo "<option value='SMP'>Multiprocessor kernel</option>"; - echo "<option value='single'>Uniprocessor kernel</option>"; - echo "<option value='wrap'>Embedded kernel</option>"; - echo "<option value='Developers'>Developers kernel</option>"; + echo "<option value='SMP'>" . gettext("Multiprocessor kernel") . "</option>"; + echo "<option value='single'>". gettext("Uniprocessor kernel") . "</option>"; + echo "<option value='wrap'>" . gettext("Embedded kernel") . "</option>"; + echo "<option value='Developers'>" . gettext("Developers kernel") . "</option>"; echo "</select>"; echo "<br><br>"; } @@ -287,19 +287,19 @@ if(stristr($_FILES['ulfile']['name'],"nanobsd")) <input name="Submit" type="submit" class="formbtn" value="Upgrade firmware" onClick="window.open('upload_progress.php?upload_id=<?=$upload_id?>','UploadMeter','width=370,height=115', true); return true;"> */ ?> - <input name="Submit" type="submit" class="formbtn" value="Upgrade firmware"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Upgrade firmware");?>"> <?php endif; else: ?> - <strong>You must reboot the system before you can upgrade the firmware.</strong> + <strong><?=gettext("You must reboot the system before you can upgrade the firmware.");?></strong> <?php endif; ?> </td> </td> </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"><span class="vexpl"><span class="red"><strong>Warning:<br> - </strong></span>DO NOT abort the firmware upgrade once it - has started. The firewall will reboot automatically after - storing the new firmware. The configuration will be maintained.</span></td> + <td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Warning");?>:<br> + </strong></span><?=gettext("DO NOT abort the firmware upgrade once it " . + "has started. The firewall will reboot automatically after " . + "storing the new firmware. The configuration will be maintained.");?></span></td> </table> </div> </tr> diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php index 6a9a609..57e1bf6 100755 --- a/usr/local/www/system_firmware_auto.php +++ b/usr/local/www/system_firmware_auto.php @@ -51,7 +51,7 @@ if(isset($curcfg['alturl']['enable'])) else $updater_url = $g['update_url']; -$pgtitle = array("Diagnostics","Firmware","Auto Update"); +$pgtitle = array(gettext("Diagnostics"),gettext("Firmware"),gettext("Auto Update")); include("head.inc"); ?> @@ -70,9 +70,9 @@ include("head.inc"); <td> <?php $tab_array = array(); - $tab_array[0] = array("Manual Update", false, "system_firmware.php"); - $tab_array[1] = array("Auto Update", true, "system_firmware_check.php"); - $tab_array[2] = array("Updater Settings", false, "system_firmware_settings.php"); + $tab_array[0] = array(gettext("Manual Update"), false, "system_firmware.php"); + $tab_array[1] = array(gettext("Auto Update"), true, "system_firmware_check.php"); + $tab_array[2] = array(gettext("Updater Settings"), false, "system_firmware_settings.php"); display_top_tabs($tab_array); ?> </td> @@ -104,7 +104,7 @@ include("head.inc"); </table> <br> <!-- status box --> - <textarea cols="60" rows="1" name="status" id="status" wrap="hard">Beginning firmware upgrade.</textarea> + <textarea cols="60" rows="1" name="status" id="status" wrap="hard"><?=gettext("Beginning firmware upgrade"); ?>.</textarea> <!-- command output box --> <textarea cols="60" rows="25" name="output" id="output" wrap="hard"></textarea> </center> @@ -122,11 +122,11 @@ include("head.inc"); <?php -update_status("Downloading current version information..."); +update_status(gettext("Downloading current version information") . "..."); download_file_with_progress_bar("{$updater_url}/version", "/tmp/{$g['product_name']}_version"); $latest_version = str_replace("\n", "", @file_get_contents("/tmp/{$g['product_name']}_version")); if(!$latest_version) { - update_output_window("Unable to check for updates."); + update_output_window(gettext("Unable to check for updates.")); require("fend.inc"); exit; } else { @@ -135,20 +135,20 @@ if(!$latest_version) { $latest_version = str_replace("\n", "", @file_get_contents("/tmp/{$g['product_name']}_version")); $latest_version_pfsense = strtotime($latest_version); if(!$latest_version) { - update_output_window("Unable to check for updates."); + update_output_window(gettext("Unable to check for updates.")); require("fend.inc"); exit; } else { $needs_system_upgrade = false; if($current_installed_pfsense_version < $latest_version_pfsense) { - update_status("Downloading updates ..."); + update_status(gettext("Downloading updates") . "..."); conf_mount_rw(); $status = download_file_with_progress_bar("{$updater_url}/latest.tgz", "{$g['upload_path']}/latest.tgz", "read_body_firmware"); $status = download_file_with_progress_bar("{$updater_url}/latest.tgz.sha256", "{$g['upload_path']}/latest.tgz.sha256"); conf_mount_ro(); - update_output_window("{$g['product_name']} download complete."); + update_output_window("{$g['product_name']} " . gettext("download complete.")); } else { - update_output_window("You are on the latest version."); + update_output_window(gettext("You are on the latest version.")); require("fend.inc"); exit; } @@ -176,28 +176,28 @@ if(!isset($curcfg['alturl']['enable'])) $exitstatus = 0; if ($sigchk == 1) { - $sig_warning = "The digital signature on this image is invalid."; + $sig_warning = gettext("The digital signature on this image is invalid."); $exitstatus = 1; } else if ($sigchk == 2) { - $sig_warning = "This image is not digitally signed."; + $sig_warning = gettext("This image is not digitally signed."); if (!isset($config['system']['firmware']['allowinvalidsig'])) $exitstatus = 1; } else if (($sigchk >= 3)) { - $sig_warning = "There has been an error verifying the signature on this image."; + $sig_warning = gettext("There has been an error verifying the signature on this image."); $exitstatus = 1; } if ($exitstatus) { update_status($sig_warning); - update_output_window("Update cannot continue"); + update_output_window(gettext("Update cannot continue")); require("fend.inc"); exit; } else if ($sigchk == 2) - update_output_window("\nrImage has no signature but the system configured to allow unsigned images.\n"); + update_output_window("\n" . gettext("Image has no signature but the system configured to allow unsigned images.") . "\n"); if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) { - update_status("The image file is corrupt."); - update_output_window("Update cannot continue"); + update_status(gettext("The image file is corrupt.")); + update_output_window(gettext("Update cannot continue")); if (file_exists("{$g['upload_path']}/latest.tgz")) { conf_mount_rw(); unlink("{$g['upload_path']}/latest.tgz"); @@ -208,10 +208,10 @@ if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) { } if($downloaded_latest_tgz_sha256 <> $upgrade_latest_tgz_sha256) { - update_status("Downloading complete but sha256 does not match."); - update_output_window("Auto upgrade aborted. \n\nDownloaded SHA256: $downloaded_latest_tgz_sha256 \n\nNeeded SHA256: $upgrade_latest_tgz_sha256"); + update_status(gettext("Downloading complete but sha256 does not match.")); + update_output_window(gettext("Auto upgrade aborted.") . " \n\n" . gettext("Downloaded SHA256") . ": " . $downloaded_latest_tgz_sha256 . "\n\n" . gettext("Needed SHA256") . ": " . $upgrade_latest_tgz_sha256); } else { - update_output_window("{$g['product_name']} is now upgrading.\\n\\nThe firewall will reboot once the operation is completed."); + update_output_window($g['product_name'] . " " . gettext("is now upgrading.") . "\\n\\n" . gettext("The firewall will reboot once the operation is completed.")); echo "\n<script language=\"JavaScript\">document.progressbar.style.visibility='hidden';\n</script>"; mwexec_bg("/usr/bin/nohup {$external_upgrade_helper_text}"); } @@ -229,13 +229,13 @@ function read_body_firmware($ch, $string) { $a = $file_size; $b = $downloaded; $c = $downloadProgress; - $text = " Auto Update Download Status\\n"; + $text = " " . gettext("Auto Update Download Status") . "\\n"; $text .= "----------------------------------------------------\\n"; - $text .= " Current Version : {$current_installed_pfsense_version}\\n"; - $text .= " Latest Version : {$latest_version}\\n"; - $text .= " File size : {$a}\\n"; - $text .= " Downloaded : {$b}\\n"; - $text .= " Percent : {$c}%\\n"; + $text .= " " . gettext("Current Version") . " : {$current_installed_pfsense_version}\\n"; + $text .= " " . gettext("Latest Version") . " : {$latest_version}\\n"; + $text .= " " . gettext("File size") . " : {$a}\\n"; + $text .= " " . gettext("Downloaded") . " : {$b}\\n"; + $text .= " " . gettext("Percent") . " : {$c}%\\n"; $text .= "----------------------------------------------------\\n"; $counter++; if($counter > 150) { diff --git a/usr/local/www/system_firmware_check.php b/usr/local/www/system_firmware_check.php index 8d342ae..9eabe26 100755 --- a/usr/local/www/system_firmware_check.php +++ b/usr/local/www/system_firmware_check.php @@ -46,7 +46,7 @@ require("guiconfig.inc"); require_once("pfsense-utils.inc"); $curcfg = $config['system']['firmware']; -$pgtitle=array("System", "Firmware", "Auto Update"); +$pgtitle=array(gettext("System"), gettext("Firmware"), gettext("Auto Update")); include("head.inc"); ?> @@ -65,9 +65,9 @@ include("head.inc"); <td> <?php $tab_array = array(); - $tab_array[0] = array("Manual Update", false, "system_firmware.php"); - $tab_array[1] = array("Auto Update", true, "system_firmware_check.php"); - $tab_array[2] = array("Updater Settings", false, "system_firmware_settings.php"); + $tab_array[0] = array(gettext("Manual Update"), false, "system_firmware.php"); + $tab_array[1] = array(gettext("Auto Update"), true, "system_firmware_check.php"); + $tab_array[2] = array(gettext("Updater Settings"), false, "system_firmware_settings.php"); display_top_tabs($tab_array); ?> </td> @@ -101,7 +101,7 @@ include("head.inc"); </textarea> </center> <p> - <center><input id='invokeupgrade' style='visibility:hidden' type="submit" value="Invoke Auto Upgrade"> + <center><input id='invokeupgrade' style='visibility:hidden' type="submit" value="<?=gettext("Invoke Auto Upgrade"); ?>"> </td> </tr> </table> @@ -119,18 +119,18 @@ if(isset($curcfg['alturl']['enable'])) else $updater_url = $g['update_url']; $needs_system_upgrade = false; -$static_text .= "Downloading new version information..."; +$static_text .= gettext("Downloading new version information..."); download_file_with_progress_bar("{$updater_url}/version", "/tmp/{$g['product_name']}_version"); $remote_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version")); -$static_text .= "done.\\n"; +$static_text .= gettext("done") . "\\n"; if (!$remote_version) { - $static_text .= "Unable to check for updates.\\n"; + $static_text .= gettext("Unable to check for updates.") . "\\n"; if(isset($curcfg['alturl']['enable'])) - $static_text .= "Could not contact custom update server.\\n"; + $static_text .= gettext("Could not contact custom update server.") . "\\n"; else - $static_text .= "Could not contact {$g['product_name']} update server {$updater_url}.\\n"; + $static_text .= sprintf(gettext("Could not contact %s update server %s%s"), $g['product_name'], $updater_url, "\\n"); } else { - $static_text .= "Obtaining current version information..."; + $static_text .= gettext("Obtaining current version information..."); update_output_window($static_text); $current_installed_buildtime = trim(file_get_contents("/etc/version.buildtime")); @@ -142,7 +142,7 @@ if (!$remote_version) { if (pfs_version_compare($current_installed_buildtime, $current_installed_version, $remote_version) == -1) { $needs_system_upgrade = true; } else { - $static_text .= "\\nYou are on the latest version.\\n"; + $static_text .= "\\n" . gettext("You are on the latest version.") . "\\n"; } } @@ -153,11 +153,11 @@ if ($needs_system_upgrade == false) { } echo "\n<script>$('invokeupgrade').style.visibility = 'visible';</script>"; -$txt = "A new version is now available \\n\\n"; -$txt .= "Current version: {$current_installed_version}\\n"; -$txt .= " Built On: {$current_installed_buildtime}\\n"; -$txt .= " New version: {$remote_version}\\n\\n"; -$txt .= " Update source: {$updater_url}\\n"; +$txt = gettext("A new version is now available") . "\\n\\n"; +$txt .= gettext("Current version") .": ". $current_installed_version . "\\n"; +$txt .= " " . gettext("Built On") .": ". $current_installed_buildtime . "\\n"; +$txt .= " " . gettext("New version") .": ". $remote_version . "\\n\\n"; +$txt .= " " . gettext("Update source") .": ". $updater_url . "\\n"; update_output_window($txt); ?> </form> diff --git a/usr/local/www/system_firmware_settings.php b/usr/local/www/system_firmware_settings.php index 8fa06ec..12cf3f8 100755 --- a/usr/local/www/system_firmware_settings.php +++ b/usr/local/www/system_firmware_settings.php @@ -63,7 +63,7 @@ if ($_POST) { $curcfg = $config['system']['firmware']; -$pgtitle = array("System","Firmware","Settings"); +$pgtitle = array(gettext("System"),gettext("Firmware"),gettext("Settings")); include("head.inc"); exec("/usr/bin/fetch -q -o /tmp/manifest \"{$g['update_manifest']}\""); @@ -99,9 +99,9 @@ function enable_altfirmwareurl(enable_over) { <td> <?php $tab_array = array(); - $tab_array[0] = array("Manual Update", false, "system_firmware.php"); - $tab_array[1] = array("Auto Update", false, "system_firmware_check.php"); - $tab_array[2] = array("Updater Settings", true, "system_firmware_settings.php"); + $tab_array[0] = array(gettext("Manual Update"), false, "system_firmware.php"); + $tab_array[1] = array(gettext("Auto Update"), false, "system_firmware_check.php"); + $tab_array[2] = array(gettext("Updater Settings"), true, "system_firmware_settings.php"); display_top_tabs($tab_array); ?> </td> @@ -109,11 +109,11 @@ function enable_altfirmwareurl(enable_over) { <tr><td><div id=mainarea> <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">Firmware Branch</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Firmware Branch"); ?></td> </tr> <?php if(is_array($preset_urls_split)): ?> <tr> - <td valign="top" class="vncell">Default Auto Update URLs</td> + <td valign="top" class="vncell"><?=gettext("Default Auto Update URLs"); ?></td> <td class="vtable"> <select name='preseturls' id='preseturls' onChange="firmwareurl.value = preseturls.value; document.iform.firmwareurl.disabled = 0; alturlenable.checked=true; new Effect.Highlight(this.parentNode, { startcolor: '#ffff99', endcolor: '#fffffff' });"> <option></option> @@ -129,16 +129,16 @@ function enable_altfirmwareurl(enable_over) { </tr> <?php endif; ?> <tr> - <td valign="top" class="vncell">Firmware Auto Update URL</td> + <td valign="top" class="vncell"><?=gettext("Firmware Auto Update URL"); ?></td> <td class="vtable"> - <input name="alturlenable" type="checkbox" id="alturlenable" value="yes" onClick="enable_altfirmwareurl()" <?php if(isset($curcfg['alturl']['enable'])) echo "checked"; ?>> Use a different URL server for firmware upgrades other than <?php echo $g['product_website']; ?><br> + <input name="alturlenable" type="checkbox" id="alturlenable" value="yes" onClick="enable_altfirmwareurl()" <?php if(isset($curcfg['alturl']['enable'])) echo "checked"; ?>> <?=gettext("Use a different URL server for firmware upgrades other than") . $g['product_website']; ?><br> <table> - <tr><td>Base URL:</td><td><input name="firmwareurl" type="input" class="formfld url" id="firmwareurl" size="64" value="<?php if($curcfg['alturl']['firmwareurl']) echo $curcfg['alturl']['firmwareurl']; else echo $g['']; ?>"></td></tr> + <tr><td><?=gettext("Base URL"); ?>:</td><td><input name="firmwareurl" type="input" class="formfld url" id="firmwareurl" size="64" value="<?php if($curcfg['alturl']['firmwareurl']) echo $curcfg['alturl']['firmwareurl']; else echo $g['']; ?>"></td></tr> </table> <span class="vexpl"> - This is where <?php echo $g['product_name'] ?> will check for newer firmware versions when the <a href="system_firmware_check.php">System: Firmware: Auto Update</a> page is viewed. + <?=gettext("This is where"); ?> <?php echo $g['product_name'] ?> <?=gettext("will check for newer firmware versions when the"); ?> <a href="system_firmware_check.php"><?=gettext("System: Firmware: Auto Update"); ?></a> <?=gettext("page is viewed."); ?> <p/> - <b>NOTE:</b> When a custom URL is enabled the system will not verify the digital signature from <?php echo $g['product_website'] ?>. + <b><?=gettext("NOTE"); ?>:</b> <?=gettext("When a custom URL is enabled the system will not verify the digital signature from"); ?> <?php echo $g['product_website'] ?>. </span> </td> </tr> @@ -146,21 +146,21 @@ function enable_altfirmwareurl(enable_over) { <td colspan="2" class="list" height="12"> </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Updates</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Updates"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Not signed images.</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Not signed images."); ?></td> <td width="78%" class="vtable"> <input name="allowinvalidsig" type="checkbox" id="allowinvalidsig" value="yes" <?php if (isset($curcfg['allowinvalidsig'])) echo "checked"; ?> /> <br /> - Allow to update the system with auto-updater and images with no signature. + <?=gettext("Allow to update the system with auto-updater and images with no signature."); ?> </td> </tr> <script>enable_altfirmwareurl();</script> <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> </td> </tr> </table></div></td></tr></table> diff --git a/usr/local/www/system_gateway_groups.php b/usr/local/www/system_gateway_groups.php index a7c5e2b..d79627f 100755 --- a/usr/local/www/system_gateway_groups.php +++ b/usr/local/www/system_gateway_groups.php @@ -49,7 +49,7 @@ if (!is_array($config['gateways']['gateway_group'])) $a_gateway_groups = &$config['gateways']['gateway_group']; $a_gateways = &$config['gateways']['gateway_item']; -$changedesc = "Gateway Groups: "; +$changedesc = gettext("Gateway Groups") . ": "; if ($_POST) { @@ -72,7 +72,7 @@ if ($_POST) { if ($_GET['act'] == "del") { if ($a_gateway_groups[$_GET['id']]) { - $changedesc .= "removed gateway group {$_GET['id']}"; + $changedesc .= gettext("removed gateway group") . " {$_GET['id']}"; foreach ($config['filter']['rule'] as $idx => $rule) { if ($rule['gateway'] == $a_gateway_groups[$_GET['id']]['name']) unset($config['filter']['rule'][$idx]['gateway']); @@ -85,7 +85,7 @@ if ($_GET['act'] == "del") { } } -$pgtitle = array("System","Gateway Groups"); +$pgtitle = array(gettext("System"),gettext("Gateway Groups")); include("head.inc"); ?> @@ -96,18 +96,16 @@ include("head.inc"); <input type="hidden" name="y1" value="1"> <?php if ($savemsg) print_info_box($savemsg); ?> <?php if (is_subsystem_dirty('staticroutes')): ?><p> -<?php print_info_box_np("The gateway configuration has been changed.<br>You must apply the changes in order for them to take -effect.");?><br> +<?php print_info_box_np(sprintf(gettext("The gateway configuration has been changed.%sYou must apply the changes in order for them to take effect."), "<br>"));?><br> <?php endif; ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td> <?php $tab_array = array(); - $tab_array[0] = array("Gateways", false, "system_gateways.php"); - $tab_array[1] = array("Routes", false, "system_routes.php"); - $tab_array[2] = array("Groups", true, "system_gateway_groups.php"); - $tab_array[3] = array("Settings", false, "system_gateways_settings.php"); + $tab_array[0] = array(gettext("Gateways"), false, "system_gateways.php"); + $tab_array[1] = array(gettext("Routes"), false, "system_routes.php"); + $tab_array[2] = array(gettext("Groups"), true, "system_gateway_groups.php"); display_top_tabs($tab_array); ?> </td></tr> @@ -116,10 +114,10 @@ effect.");?><br> <div id="mainarea"> <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="15%" class="listhdrr">Group Name</td> - <td width="15%" class="listhdrr">Gateways</td> - <td width="20%" class="listhdrr">Priority</td> - <td width="30%" class="listhdr">Description</td> + <td width="15%" class="listhdrr"><?=gettext("Group Name");?></td> + <td width="15%" class="listhdrr"><?=gettext("Gateways");?></td> + <td width="20%" class="listhdrr"><?=gettext("Priority");?></td> + <td width="30%" class="listhdr"><?=gettext("Description");?></td> <td width="10%" class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> @@ -160,7 +158,7 @@ effect.");?><br> <table border="0" cellspacing="0" cellpadding="1"> <tr> <td><a href="system_gateway_groups_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> - <td><a href="system_gateway_groups.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this gateway group?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + <td><a href="system_gateway_groups.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this gateway group?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> </tr> <tr> <td width="17"></td> diff --git a/usr/local/www/system_gateway_groups_edit.php b/usr/local/www/system_gateway_groups_edit.php index 5e5ee11..d5076c1 100755 --- a/usr/local/www/system_gateway_groups_edit.php +++ b/usr/local/www/system_gateway_groups_edit.php @@ -47,10 +47,10 @@ if (!is_array($config['gateways']['gateway_group'])) $a_gateway_groups = &$config['gateways']['gateway_group']; $a_gateways = return_gateways_array(); -$categories = array('down' => 'Member Down', - 'downloss' => 'Packet Loss', - 'downlatency' => 'High Latency', - 'downlosslatency' => 'Packet Loss or High Latency'); +$categories = array('down' => gettext("Member Down"), + 'downloss' => gettext("Packet Loss"), + 'downlatency' => gettext("High Latency"), + 'downlosslatency' => gettext("Packet Loss or High Latency")); $id = $_GET['id']; if (isset($_POST['id'])) @@ -82,10 +82,10 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if (! isset($_POST['name'])) { - $input_errors[] = "A valid gateway group name must be specified."; + $input_errors[] = gettext("A valid gateway group name must be specified."); } if (! is_validaliasname($_POST['name'])) { - $input_errors[] = "The gateway name must not contain invalid characters."; + $input_errors[] = gettext("The gateway name must not contain invalid characters."); } if (isset($_POST['name'])) { @@ -96,7 +96,7 @@ if ($_POST) { continue; if ($gateway_group['name'] == $_POST['name']) { - $input_errors[] = "A gateway group with this name \"{$_POST['name']}\" already exists."; + $input_errors[] = sprintf(gettext('A gateway group with this name "%s" already exists.'), $_POST['name']); break; } } @@ -110,10 +110,13 @@ if ($_POST) { /* we have a priority above 0 (disabled), add item to list */ $pconfig['item'][] = "{$gwname}|{$_POST[$gwname]}"; } + /* check for overlaps */ + if ($_POST['name'] == $gwname) + $input_errors[] = sprintf(gettext('A gateway group cannot have the same name with a gateway "%s" please choose another name.'), $_POST['name']); } if(count($pconfig['item']) == 0) { - $input_errors[] = "No gateway(s) have been selected to be used in this group"; + $input_errors[] = gettext("No gateway(s) have been selected to be used in this group"); } if (!$input_errors) { @@ -137,7 +140,7 @@ if ($_POST) { } } -$pgtitle = array("System","Gateways","Edit gateway"); +$pgtitle = array(gettext("System"),gettext("Gateways"),gettext("Edit gateway")); include("head.inc"); ?> @@ -148,16 +151,16 @@ include("head.inc"); <form action="system_gateway_groups_edit.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">Edit gateway entry</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit gateway entry"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Group Name</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Group Name"); ?></td> <td width="78%" class="vtable"> <input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"> - <br> <span class="vexpl">Group Name</span></td> + <br> <span class="vexpl"><?=gettext("Group Name"); ?></span></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Gateway Priority</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Gateway Priority"); ?></td> <td width="78%" class="vtable"> <?php foreach($a_gateways as $gwname => $gateway) { @@ -173,27 +176,27 @@ include("head.inc"); } } echo "<select name='{$gwname}' class='formfldselect' id='{$gwname}'>"; - echo "<option value='0' $selected[0] >Never</option>"; - echo "<option value='1' $selected[1] >Tier 1</option>"; - echo "<option value='2' $selected[2] >Tier 2</option>"; - echo "<option value='3' $selected[3] >Tier 3</option>"; - echo "<option value='4' $selected[4] >Tier 4</option>"; - echo "<option value='5' $selected[5] >Tier 5</option>"; + echo "<option value='0' $selected[0] >" . gettext("Never") . "</option>"; + echo "<option value='1' $selected[1] >" . gettext("Tier 1") . "</option>"; + echo "<option value='2' $selected[2] >" . gettext("Tier 2") . "</option>"; + echo "<option value='3' $selected[3] >" . gettext("Tier 3") . "</option>"; + echo "<option value='4' $selected[4] >" . gettext("Tier 4") . "</option>"; + echo "<option value='5' $selected[5] >" . gettext("Tier 5") . "</option>"; echo "</select> <strong>{$gateway['name']} - {$gateway['descr']}</strong><br />"; } ?> <br/><span class="vexpl"> - <strong>Link Priority</strong> <br /> - The priority selected here defines in what order failover and balancing of links will be done. - Multiple links of the same priority will balance connections until all links in the priority will be exhausted. - If all links in a priority level are exhausted we will use the next available link(s) in the next priority level. + <strong><?=gettext("Link Priority"); ?></strong> <br /> + <?=gettext("The priority selected here defines in what order failover and balancing of links will be done. " . + "Multiple links of the same priority will balance connections until all links in the priority will be exhausted. " . + "If all links in a priority level are exhausted we will use the next available link(s) in the next priority level.") ?> </span><br /> </td> </tr> </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Trigger Level</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Trigger Level"); ?></td> <td width="78%" class="vtable"> <select name='trigger' class='formfldselect' id='trigger'> <?php @@ -204,21 +207,19 @@ include("head.inc"); } ?> </select> - <br> <span class="vexpl">When to trigger exclusion of a member</span></td> + <br> <span class="vexpl"><?=gettext("When to trigger exclusion of a member"); ?></span></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Description</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> <td width="78%" class="vtable"> <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> - <br> <span class="vexpl">You may enter a description here - for your reference (not parsed).</span></td> + <br> <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)."); ?></span></td> </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save"> - <a href="system_gateway_groups.php"><input type="button" value="Cancel" class="formbtn" ></a> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input type="button" value="<?=gettext("Cancel"); ?>" class="formbtn" onclick="history.back()"> <?php if (isset($id) && $a_gateway_groups[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>"> <?php endif; ?> diff --git a/usr/local/www/system_gateways.php b/usr/local/www/system_gateways.php index c324569..6f38012 100755 --- a/usr/local/www/system_gateways.php +++ b/usr/local/www/system_gateways.php @@ -117,7 +117,7 @@ if ($_GET['act'] == "del") { } -$pgtitle = array("System","Gateways"); +$pgtitle = array(gettext("System"),gettext("Gateways")); include("head.inc"); ?> @@ -129,18 +129,16 @@ include("head.inc"); <input type="hidden" name="y1" value="1"> <?php if ($savemsg) print_info_box($savemsg); ?> <?php if (is_subsystem_dirty('staticroutes')): ?><p> -<?php print_info_box_np("The gateway configuration has been changed.<br>You must apply the changes in order for them to take -effect.");?><br> +<?php print_info_box_np(gettext("The gateway configuration has been changed.") . "<br>" . gettext("You must apply the changes in order for them to take effect."));?><br> <?php endif; ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td> <?php $tab_array = array(); - $tab_array[0] = array("Gateways", true, "system_gateways.php"); - $tab_array[1] = array("Routes", false, "system_routes.php"); - $tab_array[2] = array("Groups", false, "system_gateway_groups.php"); - $tab_array[3] = array("Settings", false, "system_gateways_settings.php"); + $tab_array[0] = array(gettext("Gateways"), true, "system_gateways.php"); + $tab_array[1] = array(gettext("Routes"), false, "system_routes.php"); + $tab_array[2] = array(gettext("Groups"), false, "system_gateway_groups.php"); display_top_tabs($tab_array); ?> </td></tr> @@ -149,11 +147,11 @@ effect.");?><br> <div id="mainarea"> <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="15%" class="listhdrr">Name</td> - <td width="15%" class="listhdrr">Interface</td> - <td width="20%" class="listhdrr">Gateway</td> - <td width="20%" class="listhdrr">Monitor IP</td> - <td width="30%" class="listhdr">Description</td> + <td width="15%" class="listhdrr"><?=gettext("Name"); ?></td> + <td width="15%" class="listhdrr"><?=gettext("Interface"); ?></td> + <td width="20%" class="listhdrr"><?=gettext("Gateway"); ?></td> + <td width="20%" class="listhdrr"><?=gettext("Monitor IP"); ?></td> + <td width="30%" class="listhdr"><?=gettext("Description"); ?></td> <td width="10%" class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> @@ -215,8 +213,11 @@ effect.");?><br> <td><a href="system_gateways_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> <?php if ($gateway['attribute'] != "system") : ?> - <td><a href="system_gateways.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this -gateway?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + <td> + <a href="system_gateways.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this gateway?"); ?>')"> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"> + </a> + </td> <?php else : ?> <td width='17'></td> <?php endif; ?> diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php index aab9204..5c14f17 100755 --- a/usr/local/www/system_gateways_edit.php +++ b/usr/local/www/system_gateways_edit.php @@ -69,6 +69,11 @@ if (isset($id) && $a_gateways[$id]) { $pconfig['friendlyiface'] = $a_gateways[$id]['friendlyiface']; $pconfig['gateway'] = $a_gateways[$id]['gateway']; $pconfig['defaultgw'] = isset($a_gateways[$id]['defaultgw']); + $pconfig['latencylow'] = $a_gateway_item[$id]['latencylow']; + $pconfig['latencyhigh'] = $a_gateway_item[$id]['latencyhigh']; + $pconfig['losslow'] = $a_gateway_item[$id]['losslow']; + $pconfig['losshigh'] = $a_gateway_item[$id]['losshigh']; + $pconfig['down'] = $a_gateway_item[$id]['down']; if (isset($a_gateways[$id]['dynamic'])) $pconfig['dynamic'] = true; if($a_gateways[$id]['monitor'] <> "") { @@ -91,7 +96,7 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "name"); - $reqdfieldsn = explode(",", "Name"); + $reqdfieldsn = array(gettext("Name")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -99,11 +104,11 @@ if ($_POST) { $input_errors[] = "A valid gateway name must be specified."; } if (! is_validaliasname($_POST['name'])) { - $input_errors[] = "The gateway name must not contain invalid characters."; + $input_errors[] = gettext("The gateway name must not contain invalid characters."); } /* skip system gateways which have been automatically added */ if (($_POST['gateway'] && (!is_ipaddr($_POST['gateway'])) && ($_POST['attribute'] != "system")) && ($_POST['gateway'] != "dynamic")) { - $input_errors[] = "A valid gateway IP address must be specified."; + $input_errors[] = gettext("A valid gateway IP address must be specified."); } if ($_POST['gateway'] && (is_ipaddr($_POST['gateway'])) && ($pconfig['attribute'] != "system") && !$_REQUEST['isAjax']) { @@ -111,12 +116,12 @@ if ($_POST) { if (is_ipaddr($parent_ip)) { $parent_sn = get_interface_subnet($_POST['interface']); if(!ip_in_subnet($_POST['gateway'], gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn)) { - $input_errors[] = "The gateway address {$_POST['gateway']} does not lie within the chosen interface's subnet."; + $input_errors[] = sprintf(gettext("The gateway address %s does not lie within the chosen interface's subnet."), $_POST['gateway']); } } } if (($_POST['monitor'] <> "") && !is_ipaddr($_POST['monitor']) && $_POST['monitor'] != "dynamic") { - $input_errors[] = "A valid monitor IP address must be specified."; + $input_errors[] = gettext("A valid monitor IP address must be specified."); } if (isset($_POST['name'])) { @@ -127,25 +132,65 @@ if ($_POST) { } if($_POST['name'] <> "") { if (($gateway['name'] <> "") && ($_POST['name'] == $gateway['name']) && ($gateway['attribute'] != "system")) { - $input_errors[] = "The gateway name \"{$_POST['name']}\" already exists."; + $input_errors[] = sprintf(gettext('The gateway name "%s" already exists.'), $_POST['name']); break; } } if(is_ipaddr($_POST['gateway'])) { if (($gateway['gateway'] <> "") && ($_POST['gateway'] == $gateway['gateway']) && ($gateway['attribute'] != "system")) { - $input_errors[] = "The gateway IP address \"{$_POST['gateway']}\" already exists."; + $input_errors[] = sprintf(gettext('The gateway IP address "%s" already exists.'), $_POST['gateway']); break; } } if(is_ipaddr($_POST['monitor'])) { if (($gateway['monitor'] <> "") && ($_POST['monitor'] == $gateway['monitor']) && ($gateway['attribute'] != "system")) { - $input_errors[] = "The monitor IP address \"{$_POST['monitor']}\" is already in use. You must choose a different monitor IP."; + $input_errors[] = sprintf(gettext('The monitor IP address "%s" is already in use. You must choose a different monitor IP.'), $_POST['monitor']); break; } } } } + /* input validation */ + if($_POST['latencylow']) { + if (! is_numeric($_POST['latencylow'])) { + $input_errors[] = gettext("The low latency watermark needs to be a numeric value."); + } + } + + if($_POST['latencyhigh']) { + if (! is_numeric($_POST['latencyhigh'])) { + $input_errors[] = gettext("The high latency watermark needs to be a numeric value."); + } + } + if($_POST['losslow']) { + if (! is_numeric($_POST['losslow'])) { + $input_errors[] = gettext("The low loss watermark needs to be a numeric value."); + } + } + if($_POST['losshigh']) { + if (! is_numeric($_POST['losshigh'])) { + $input_errors[] = gettext("The high loss watermark needs to be a numeric value."); + } + } + + if(($_POST['latencylow']) && ($_POST['latencyhigh'])){ + if(($_POST['latencylow'] > $_POST['latencyhigh'])) { + $input_errors[] = gettext("The High latency watermark needs to be higher then the low latency watermark"); + } + } + + if(($_POST['losslow']) && ($_POST['losshigh'])){ + if($_POST['losslow'] > $_POST['losshigh']) { + $input_errors[] = gettext("The High packet loss watermark needs to be higher then the low packet loss watermark"); + } + } + if($_POST['down']) { + if (! is_numeric($_POST['down']) || $_POST['down'] < 1) { + $input_errors[] = gettext("The low latency watermark needs to be a numeric value."); + } + } + if (!$input_errors) { $reloadif = false; /* if we are processing a system gateway only save the monitorip */ @@ -194,6 +239,17 @@ if ($_POST) { unset($gateway['defaultgw']); } + if ($_POST['latencylow']) + $gateway['latencylow'] = $_POST['latencylow']; + if ($_POST['latencyhigh']) + $gateway['latencyhigh'] = $_POST['latencyhigh']; + if ($_POST['losslow']) + $gateway['losslow'] = $_POST['losslow']; + if ($_POST['losshigh']) + $gateway['losshigh'] = $_POST['losshigh']; + if ($_POST['down']) + $gateway['down'] = $_POST['down']; + /* when saving the manual gateway we use the attribute which has the corresponding id */ if (isset($id) && $a_gateway_item[$id]) { $a_gateway_item[$id] = $gateway; @@ -222,7 +278,7 @@ if ($_POST) { } -$pgtitle = array("System","Gateways","Edit gateway"); +$pgtitle = array(gettext("System"),gettext("Gateways"),gettext("Edit gateway")); include("head.inc"); ?> @@ -239,6 +295,11 @@ function enable_change(obj) { } } +function show_advanced_gateway() { + document.getElementById("showadvgatewaybox").innerHTML=''; + aodiv = document.getElementById('showgatewayadv'); + aodiv.style.display = "block"; +} </script> <?php if ($input_errors) print_input_errors($input_errors); ?> <form action="system_gateways_edit.php" method="post" name="iform" id="iform"> @@ -252,10 +313,10 @@ function enable_change(obj) { ?> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">Edit gateway</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit gateway"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Interface</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td> <td width="78%" class="vtable"> <select name="interface" class="formselect" <?php if ($pconfig['dynamic'] == true && $pconfig['attribute'] == "system") echo "disabled"; ?>> <?php @@ -270,34 +331,34 @@ function enable_change(obj) { echo "<option value=\"bgpd\""; if ($pconfig['interface'] == "bgpd") echo " selected"; - echo ">Use BGPD</option>"; + echo ">" . gettext("Use BGPD") . "</option>"; } ?> </select> <br> - <span class="vexpl">Choose which interface this gateway applies to.</span></td> + <span class="vexpl"><?=gettext("Choose which interface this gateway applies to."); ?></span></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Name</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Name"); ?></td> <td width="78%" class="vtable"> <input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"> - <br> <span class="vexpl">Gateway name</span></td> + <br> <span class="vexpl"><?=gettext("Gateway name"); ?></span></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Gateway</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Gateway"); ?></td> <td width="78%" class="vtable"> <input name="gateway" type="text" class="formfld host" id="gateway" size="40" value="<?php echo $pconfig['gateway']; ?>" <?php if ($pconfig['dynamic'] == true && $pconfig['attribute'] == "system") echo "disabled"; ?>> - <br> <span class="vexpl">Gateway IP address</span></td> + <br> <span class="vexpl"><?=gettext("Gateway IP address"); ?></span></td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Default Gateway</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Default Gateway"); ?></td> <td width="78%" class="vtable"> <input name="defaultgw" type="checkbox" id="defaultgw" value="yes" <?php if ($pconfig['defaultgw'] == true) echo "checked"; ?> onclick="enable_change(this)" /> - <strong>Default Gateway</strong><br /> - This will select the above gateway as the default gateway + <strong><?=gettext("Default Gateway"); ?></strong><br /> + <?=gettext("This will select the above gateway as the default gateway"); ?> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Monitor IP</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Monitor IP"); ?></td> <td width="78%" class="vtable"> <?php if(is_numeric($pconfig['attribute']) && ($pconfig['gateway'] == dynamic) && ($pconfig['monitor'] == "")) { @@ -307,40 +368,83 @@ function enable_change(obj) { } ?> <input name="monitor" type="text" id="monitor" value="<?php echo $monitor; ?>" /> - <strong>Alternative monitor IP</strong> <br /> - Enter an alternative address here to be used to monitor the link. This is used for the - quality RRD graphs as well as the load balancer entries. Use this if the gateway does not respond - to ICMP echo requests (pings).</strong> + <strong><?=gettext("Alternative monitor IP"); ?></strong> <br /> + <?gettext("Enter an alternative address here to be used to monitor the link. This is used for the " . + "quality RRD graphs as well as the load balancer entries. Use this if the gateway does not respond " . + "to ICMP echo requests (pings)"); ?>.</strong> <br /> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Weight</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Advanced");?></td> <td width="78%" class="vtable"> - <select name='weight' class='formfldselect' id='weight'> - <?php - for ($i = 1; $i < 6; $i++) { - $selected = ""; - if ($pconfig['weight'] == $i) - $selected = "selected"; - echo "<option value='{$i}' {$selected} >{$i}</option>"; - } - ?> - </select> - <strong>Weight for this gateway when used in a Gateway Group.</strong> <br /> + <div id="showadvgatewaybox" <? if (!empty($pconfig['latencylow']) || !empty($pconfig['latencyhigh']) || !empty($pconfig['losslow']) || !empty($pconfig['losshigh']) || (isset($pconfig['weight']) && $pconfig['weight'] > 1)) echo "style='display:none'"; ?>> + <input type="button" onClick="show_advanced_gateway()" value="Advanced"></input> - Show advanced option</a> + </div> + <div id="showgatewayadv" <? if (empty($pconfig['latencylow']) && empty($pconfig['latencyhigh']) && empty($pconfig['losslow']) && empty($pconfig['losshigh']) && (empty($pconfig['weight']) || $pconfig['weight'] == 1)) echo "style='display:none'"; ?>> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="6"> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Weight");?></td> + <td width="78%" class="vtable"> + <select name='weight' class='formfldselect' id='weight'> + <?php + for ($i = 1; $i < 6; $i++) { + $selected = ""; + if ($pconfig['weight'] == $i) + $selected = "selected"; + echo "<option value='{$i}' {$selected} >{$i}</option>"; + } + ?> + </select> + <br /><?=gettext("Weight for this gateway when used in a Gateway Group.");?> <br /> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Latency thresholds");?></td> + <td width="78%" class="vtable"> + <?=gettext("From");?> + <input name="latencylow" type="text" class="formfld unknown" id="latencylow" size="2" + value="<?=htmlspecialchars($pconfig['latencylow']);?>"> + <?=gettext("To");?> + <input name="latencyhigh" type="text" class="formfld unknown" id="latencyhigh" size="2" + value="<?=htmlspecialchars($pconfig['latencyhigh']);?>"> + <br> <span class="vexpl"><?=gettext("These define the low and high water marks for latency in milliseconds.");?></span></td> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Packet Loss thresholds");?></td> + <td width="78%" class="vtable"> + <?=gettext("From");?> + <input name="losslow" type="text" class="formfld unknown" id="losslow" size="2" + value="<?=htmlspecialchars($pconfig['losslow']);?>"> + <?=gettext("To");?> + <input name="losshigh" type="text" class="formfld unknown" id="losshigh" size="2" + value="<?=htmlspecialchars($pconfig['losshigh']);?>"> + <br> <span class="vexpl"><?=gettext("These define the low and high water marks for packet loss in %.");?></span></td> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Down");?></td> + <td width="78%" class="vtable"> + <input name="down" type="text" class="formfld unknown" id="down" size="2" + value="<?=htmlspecialchars($pconfig['down']);?>"> + <br> <span class="vexpl"><?=gettext("This defines the down time for the alarm to fire, in seconds.");?></span></td> + </td> + </tr> + </table> + </div> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Description</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> <td width="78%" class="vtable"> <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> - <br> <span class="vexpl">You may enter a description here - for your reference (not parsed).</span></td> + <br> <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)"); ?>.</span></td> </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save"> <input type="button" value="Cancel" class="formbtn" onclick="history.back()"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input type="button" value="<?=gettext("Cancel");?>" class="formbtn" onclick="history.back()"> <?php if (isset($id) && $a_gateways[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>"> <?php endif; ?> diff --git a/usr/local/www/system_gateways_settings.php b/usr/local/www/system_gateways_settings.php deleted file mode 100755 index 7983956..0000000 --- a/usr/local/www/system_gateways_settings.php +++ /dev/null @@ -1,187 +0,0 @@ -<?php -/* $Id$ */ -/* - status_rrd_graph.php - Part of pfSense - Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl> - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ -/* - pfSense_MODULE: routing -*/ - -##|+PRIV -##|*IDENT=page-status-rrdgraphs -##|*NAME=Status: RRD Graphs page -##|*DESCR=Allow access to the 'Status: RRD Graphs' page. -##|*MATCH=status_rrd_graph_settings.php* -##|-PRIV - -require("guiconfig.inc"); - -if (!is_array($config['gateways']['settings'])) - $config['gateways']['settings'] = array(); - -$a_settings = &$config['gateways']['settings']; - -$changedesc = "Gateways: "; -$input_errors = array(); - -if (empty($a_settings)) { - $pconfig['latencylow'] = "100"; - $pconfig['latencyhigh'] = "500"; - $pconfig['losslow'] = "10"; - $pconfig['losshigh'] = "20"; -} else { - $pconfig['latencylow'] = $a_settings['latencylow']; - $pconfig['latencyhigh'] = $a_settings['latencyhigh']; - $pconfig['losslow'] = $a_settings['losslow']; - $pconfig['losshigh'] = $a_settings['losshigh']; -} - -if ($_POST) { - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - if($_POST['latencylow']) { - if (! is_numeric($_POST['latencylow'])) { - $input_errors[] = "The low latency watermark needs to be a numeric value."; - } - } - - if($_POST['latencyhigh']) { - if (! is_numeric($_POST['latencyhigh'])) { - $input_errors[] = "The high latency watermark needs to be a numeric value."; - } - } - if($_POST['losslow']) { - if (! is_numeric($_POST['losslow'])) { - $input_errors[] = "The low loss watermark needs to be a numeric value."; - } - } - if($_POST['losshigh']) { - if (! is_numeric($_POST['losshigh'])) { - $input_errors[] = "The high loss watermark needs to be a numeric value."; - } - } - - if(($_POST['latencylow']) && ($_POST['latencyhigh'])){ - if(($_POST['latencylow'] > $_POST['latencyhigh'])) { - $input_errors[] = "The High latency watermark needs to be higher then the low latency watermark"; - } - } - - if(($_POST['losslow']) && ($_POST['losshigh'])){ - if($_POST['losslow'] > $_POST['losshigh']) { - $input_errors[] = "The High packet loss watermark needs to be higher then the low packet loss watermark"; - } - } - - - - if (!$input_errors) { - $a_settings['latencylow'] = $_POST['latencylow']; - $a_settings['latencyhigh'] = $_POST['latencyhigh']; - $a_settings['losslow'] = $_POST['losslow']; - $a_settings['losshigh'] = $_POST['losshigh']; - - - $config['gateways']['settings'] = $a_settings; - - $retval = 0; - $retval = setup_gateways_monitor(); - write_config(); - - $savemsg = get_std_save_message($retval); - } -} - -$pgtitle = array("Gateways","Settings"); -include("head.inc"); - -?> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<?php if ($savemsg) print_info_box($savemsg); ?> -<form action="system_gateways_settings.php" method="post" name="iform" id="iform"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> - <?php - $tab_array = array(); - $tab_array[0] = array("Gateways", false, "system_gateways.php"); - $tab_array[1] = array("Routes", false, "system_routes.php"); - $tab_array[2] = array("Groups", false, "system_gateway_groups.php"); - $tab_array[3] = array("Settings", true, "system_gateways_settings.php"); - display_top_tabs($tab_array); - ?> - </td> - </tr> - <tr> - <td> - <div id="mainarea"> - <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="6"> - <tr> - <td width="22%" valign="top" class="vncellreq">Latency thresholds</td> - <td width="78%" class="vtable"> - From - <input name="latencylow" type="text" class="formfld unknown" id="latencylow" size="2" - value="<?=htmlspecialchars($pconfig['latencylow']);?>"> - To - <input name="latencyhigh" type="text" class="formfld unknown" id="latencyhigh" size="2" - value="<?=htmlspecialchars($pconfig['latencyhigh']);?>"> - <br> <span class="vexpl">These define the low and high water marks for latency in milliseconds.</span></td> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq">Packet Loss thresholds</td> - <td width="78%" class="vtable"> - From - <input name="losslow" type="text" class="formfld unknown" id="losslow" size="2" - value="<?=htmlspecialchars($pconfig['losslow']);?>"> - To - <input name="losshigh" type="text" class="formfld unknown" id="losshigh" size="2" - value="<?=htmlspecialchars($pconfig['losshigh']);?>"> - <br> <span class="vexpl">These define the low and high water marks for packet loss in %.</span></td> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - </table> - </div> - </td> - </tr> -</table> - -</form> -<?php include("fend.inc"); ?> -</body> -</html> diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php index 74ead6d..579a735 100644 --- a/usr/local/www/system_groupmanager.php +++ b/usr/local/www/system_groupmanager.php @@ -46,7 +46,7 @@ require("guiconfig.inc"); -$pgtitle = array("System", "Group manager"); +$pgtitle = array(gettext("System"), gettext("Group manager")); if (!is_array($config['system']['group'])) $config['system']['group'] = array(); @@ -112,18 +112,18 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "groupname"); - $reqdfieldsn = explode(",", "Group Name"); + $reqdfieldsn = array(gettext("Group Name")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_ ]/", $_POST['groupname'])) - $input_errors[] = "The group name contains invalid characters."; + $input_errors[] = gettext("The group name contains invalid characters."); if (!$input_errors && !(isset($id) && $a_group[$id])) { /* make sure there are no dupes */ foreach ($a_group as $group) { if ($group['name'] == $_POST['groupname']) { - $input_errors[] = "Another entry with the same group name already exists."; + $input_errors[] = gettext("Another entry with the same group name already exists."); break; } } @@ -252,17 +252,17 @@ function presubmit() { </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Group name</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Group name");?></td> <td width="78%" class="vtable"> <input name="groupname" type="text" class="formfld group" id="groupname" size="20" value="<?=htmlspecialchars($pconfig['name']);?>" <?=$ro;?>> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Description</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> <td width="78%" class="vtable"> <input name="description" type="text" class="formfld unknown" id="description" size="20" value="<?=htmlspecialchars($pconfig['description']);?>"> <br> - Group description, for your own information only + <?=gettext("Group description, for your own information only");?> </td> </tr> @@ -274,7 +274,7 @@ function presubmit() { <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center" width="50%"> - <strong>Not Members</strong><br/> + <strong><?=gettext("Not Members");?></strong><br/> <br/> <select size="10" style="width: 75%" name="notmembers[]" class="formselect" id="notmembers" onChange="clear_selected('members')" multiple> <?php @@ -292,15 +292,15 @@ function presubmit() { <td> <br/> <a href="javascript:move_selected('notmembers','members')"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="Add Members" alt="Add Members" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="<?=gettext("Add Members");?>" alt="<?=gettext("Add Members");?>" width="17" height="17" border="0" /> </a> <br/><br/> <a href="javascript:move_selected('members','notmembers')"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="Remove Members" alt="Remove Members" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="<?=gettext("Remove Members");?>" alt="<?=gettext("Remove Members");?>" width="17" height="17" border="0" /> </a> </td> <td align="center" width="50%"> - <strong>Members</strong><br/> + <strong><?=gettext("Members");?></strong><br/> <br/> <select size="10" style="width: 75%" name="members[]" class="formselect" id="members" onChange="clear_selected('notmembers')" multiple> <?php @@ -373,7 +373,7 @@ function presubmit() { <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="save" type="submit" class="formbtn" value="Save"> + <input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <?php if (isset($id) && $a_group[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>"> <input name="gid" type="hidden" value="<?=$pconfig['gid'];?>"> @@ -387,9 +387,9 @@ function presubmit() { <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="25%" class="listhdrr">Group name</td> - <td width="25%" class="listhdrr">Description</td> - <td width="30%" class="listhdrr">Member Count</td> + <td width="25%" class="listhdrr"><?=gettext("Group name");?></td> + <td width="25%" class="listhdrr"><?=gettext("Description");?></td> + <td width="30%" class="listhdrr"><?=gettext("Member Count");?></td> <td width="10%" class="list"></td> </tr> <?php @@ -406,7 +406,7 @@ function presubmit() { <table border="0" cellpadding="0" cellspacing="0"> <tr> <td align="left" valign="center"> - <img src="<?=$grpimg;?>" alt="User" title="User" border="0" height="16" width="16" /> + <img src="<?=$grpimg;?>" alt="<?=gettext("User");?>" title="<?=gettext("User");?>" border="0" height="16" width="16" /> </td> </td> <td align="left" valign="middle"> @@ -423,12 +423,12 @@ function presubmit() { </td> <td valign="middle" nowrap class="list"> <a href="system_groupmanager.php?act=edit&id=<?=$i;?>"> - <img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="edit group" width="17" height="17" border="0"> + <img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit group");?>" width="17" height="17" border="0"> </a> <?php if($group['scope'] != "system"): ?> - <a href="system_groupmanager.php?act=delgroup&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this group?')"> - <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="delete group" width="17" height="17" border="0"> + <a href="system_groupmanager.php?act=delgroup&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this group?"); ?>')"> + <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete group"); ?>" width="17" height="17" border="0"> </a> <?php endif; ?> </td> @@ -440,17 +440,17 @@ function presubmit() { <tr> <td class="list" colspan="3"></td> <td class="list"> - <a href="system_groupmanager.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="add group" width="17" height="17" border="0"> + <a href="system_groupmanager.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add group");?>" width="17" height="17" border="0"> </a> </td> </tr> <tr> <td colspan="3"> <p> - <?=gettext("Additional webConfigurator groups can be added here.");?> - <?=gettext("Group permissions can be assigned which are inherited by users who are members of the group.");?> - <?=gettext("An icon that appears grey indicates that it is a system defined object.");?> - <?=gettext("Some system object properties can be modified but they cannot be deleted.");?> + <?=gettext("Additional webConfigurator groups can be added here. + Group permissions can be assigned which are inherited by users who are members of the group. + An icon that appears grey indicates that it is a system defined object. + Some system object properties can be modified but they cannot be deleted.");?> </p> </td> </tr> diff --git a/usr/local/www/system_groupmanager_addprivs.php b/usr/local/www/system_groupmanager_addprivs.php index 9bec9f0..63642b6 100644 --- a/usr/local/www/system_groupmanager_addprivs.php +++ b/usr/local/www/system_groupmanager_addprivs.php @@ -53,7 +53,7 @@ function admin_groups_sort() { require("guiconfig.inc"); -$pgtitle = array("System","Group manager","Add privileges"); +$pgtitle = array(gettext("System"),gettext("Group manager"),gettext("Add privileges")); $groupid = $_GET['groupid']; if (isset($_POST['groupid'])) @@ -76,7 +76,7 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "sysprivs"); - $reqdfieldsn = explode(",", "Selected priveleges"); + $reqdfieldsn = array(gettext("Selected priveleges")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -213,7 +213,7 @@ function update_description() { <tr height="60"> <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> <td width="78%" valign="top" class="vtable" id="pdesc"> - <em>Select a privilege from the list above for a description</em> + <em><?=gettext("Select a privilege from the list above for a description");?></em> </td> </tr> <tr> diff --git a/usr/local/www/system_routes.php b/usr/local/www/system_routes.php index 8786577..df80023 100755 --- a/usr/local/www/system_routes.php +++ b/usr/local/www/system_routes.php @@ -49,7 +49,7 @@ if (!is_array($config['staticroutes']['route'])) $a_routes = &$config['staticroutes']['route']; $a_gateways = return_gateways_array(true); -$changedesc = "Static Routes: "; +$changedesc = gettext("Static Routes") . ": "; if ($_POST) { @@ -71,14 +71,14 @@ if ($_POST) { if ($_POST['enablefastrouting'] == "") { /* Only update config if something changed */ if (isset($config['staticroutes']['enablefastrouting'])) { - $changedesc .= " disable fast routing"; + $changedesc .= " " . gettext("disable fast routing"); unset($config['staticroutes']['enablefastrouting']); write_config($changedesc); } } else { /* Only update config if something changed */ if (!isset($config['staticroutes']['enablefastrouting'])) { - $changedesc .= " enable fast routing"; + $changedesc .= " " . gettext("enable fast routing"); $config['staticroutes']['enablefastrouting'] = "enabled"; write_config($changedesc); } @@ -88,7 +88,7 @@ if ($_POST) { if ($_GET['act'] == "del") { if ($a_routes[$_GET['id']]) { - $changedesc .= "removed route to " . $a_routes[$_GET['id']['route']]; + $changedesc .= gettext("removed route to") . " " . $a_routes[$_GET['id']['route']]; mwexec("/sbin/route delete " . escapeshellarg($a_routes[$_GET['id']]['network'])); unset($a_routes[$_GET['id']]); write_config($changedesc); @@ -98,7 +98,7 @@ if ($_GET['act'] == "del") { } } -$pgtitle = array("System","Static Routes"); +$pgtitle = array(gettext("System"),gettext("Static Routes")); include("head.inc"); ?> @@ -109,15 +109,15 @@ include("head.inc"); <input type="hidden" name="y1" value="1"> <?php if ($savemsg) print_info_box($savemsg); ?> <?php if (is_subsystem_dirty('staticroutes')): ?><p> -<?php print_info_box_np("The static route configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br> +<?php print_info_box_np(sprintf(gettext("The static route configuration has been changed.%sYou must apply the changes in order for them to take effect."), "<br>"));?><br> <?php endif; ?> <?php if($config['system']['disablefilter'] <> "") :?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr><td width="2%"><input type="checkbox" name="enablefastrouting" id="enablefastrouting" <?php if($config['staticroutes']['enablefastrouting'] == "enabled") echo " checked"; ?>></td><td><b>Enable fast routing</td></tr> + <tr><td width="2%"><input type="checkbox" name="enablefastrouting" id="enablefastrouting" <?php if($config['staticroutes']['enablefastrouting'] == "enabled") echo " checked"; ?>></td><td><b><?=gettext("Enable fast routing");?></td></tr> - <tr><td colspan=2><hr><input type="submit" value="Save"></td></tr> + <tr><td colspan=2><hr><input type="submit" value="<?=gettext("Save"); ?>"></td></tr> </table><br> <?php endif; ?> @@ -126,10 +126,9 @@ include("head.inc"); <td> <?php $tab_array = array(); - $tab_array[0] = array("Gateways", false, "system_gateways.php"); - $tab_array[1] = array("Routes", true, "system_routes.php"); - $tab_array[2] = array("Groups", false, "system_gateway_groups.php"); - $tab_array[3] = array("Settings", false, "system_gateways_settings.php"); + $tab_array[0] = array(gettext("Gateways"), false, "system_gateways.php"); + $tab_array[1] = array(gettext("Routes"), true, "system_routes.php"); + $tab_array[2] = array(gettext("Groups"), false, "system_gateway_groups.php"); display_top_tabs($tab_array); ?> </td></tr> @@ -138,10 +137,10 @@ include("head.inc"); <div id="mainarea"> <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="25%" class="listhdrr">Network</td> - <td width="20%" class="listhdrr">Gateway</td> - <td width="15%" class="listhdrr">Interface</td> - <td width="30%" class="listhdr">Description</td> + <td width="25%" class="listhdrr"><?=gettext("Network");?></td> + <td width="20%" class="listhdrr"><?=gettext("Gateway");?></td> + <td width="15%" class="listhdrr"><?=gettext("Interface");?></td> + <td width="30%" class="listhdr"><?=gettext("Description");?></td> <td width="10%" class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> @@ -173,7 +172,7 @@ include("head.inc"); <table border="0" cellspacing="0" cellpadding="1"> <tr> <td><a href="system_routes_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> - <td><a href="system_routes.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this route?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + <td><a href="system_routes.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this route?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> </tr> <tr> <td width="17"></td> @@ -200,7 +199,7 @@ include("head.inc"); </tr> </table> </form> - <p><b>Note:</b> Do not enter static routes for networks assigned on any interface of this firewall. Static routes are only used for networks reachable via a different router, and not reachable via your default gateway.</p> + <p><b><?=gettext("Note");?>:</b> <?=gettext("Do not enter static routes for networks assigned on any interface of this firewall. Static routes are only used for networks reachable via a different router, and not reachable via your default gateway.");?></p> <?php include("fend.inc"); ?> </body> </html> diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index a779009..313e7e1 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -86,19 +86,22 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "network network_subnet gateway"); - $reqdfieldsn = explode(",", "Destination network,Destination network bit count,Gateway"); + $reqdfieldsn = explode(",", + gettext("Destination network") . "," . + gettext("Destination network bit count") . "," . + gettext("Gateway")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if (($_POST['network'] && !is_ipaddr($_POST['network']))) { - $input_errors[] = "A valid destination network must be specified."; + $input_errors[] = gettext("A valid destination network must be specified."); } if (($_POST['network_subnet'] && !is_numeric($_POST['network_subnet']))) { - $input_errors[] = "A valid destination network bit count must be specified."; + $input_errors[] = gettext("A valid destination network bit count must be specified."); } if ($_POST['gateway']) { if (!isset($a_gateways[$_POST['gateway']])) - $input_errors[] = "A valid gateway must be specified."; + $input_errors[] = gettext("A valid gateway must be specified."); } /* check for overlaps */ @@ -108,7 +111,7 @@ if ($_POST) { continue; if ($route['network'] == $osn) { - $input_errors[] = "A route to this destination network already exists."; + $input_errors[] = gettext("A route to this destination network already exists."); break; } } @@ -134,7 +137,7 @@ if ($_POST) { } } -$pgtitle = array("System","Static Routes","Edit route"); +$pgtitle = array(gettext("System"),gettext("Static Routes"),gettext("Edit route")); include("head.inc"); ?> @@ -145,10 +148,10 @@ include("head.inc"); <form action="system_routes_edit.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic">Edit route entry</td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit route entry"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Destination network</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Destination network"); ?></td> <td width="78%" class="vtable"> <input name="network" type="text" class="formfld unknown" id="network" size="20" value="<?=htmlspecialchars($pconfig['network']);?>"> / @@ -159,10 +162,10 @@ include("head.inc"); </option> <?php endfor; ?> </select> - <br> <span class="vexpl">Destination network for this static route</span></td> + <br> <span class="vexpl"><?=gettext("Destination network for this static route"); ?></span></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq">Gateway</td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Gateway"); ?></td> <td width="78%" class="vtable"> <select name="gateway" id="gateway" class="formselect"> <?php @@ -181,7 +184,7 @@ include("head.inc"); ?> </select> <br /> <div id='addgwbox'> - Choose which gateway this route applies to or <a OnClick="show_add_gateway();" href="#">add a new one</a>. + <?=gettext("Choose which gateway this route applies to or"); ?> <a OnClick="show_add_gateway();" href="#"><?=gettext("add a new one");?></a>. </div> <div id='notebox'> </div> @@ -193,14 +196,14 @@ include("head.inc"); <table bgcolor="#990000" cellpadding="1" cellspacing="1"> <tr><td> </td> <tr> - <td colspan="2"><center><b><font color="white">Add new gateway:</b></center></td> + <td colspan="2"><center><b><font color="white"><?=gettext("Add new gateway"); ?>:</b></center></td> </tr> <tr><td> </td> <tr> - <td width="45%" align="right"><font color="white">Default gateway:</td><td><input type="checkbox" id="defaultgw" name="defaultgw"<?=$checked?>></td> + <td width="45%" align="right"><font color="white"><?=gettext("Default gateway"); ?>:</td><td><input type="checkbox" id="defaultgw" name="defaultgw"<?=$checked?>></td> </tr> <tr> - <td width="45%" align="right"><font color="white">Interface:</td> + <td width="45%" align="right"><font color="white"><?=gettext("Interface"); ?>:</td> <td><select name="addinterfacegw" id="addinterfacegw"> <?php $gwifs = get_configured_interface_with_descr(); foreach($gwifs as $fif => $dif) @@ -209,13 +212,13 @@ include("head.inc"); </select></td> </tr> <tr> - <td align="right"><font color="white">Gateway Name:</td><td><input id="name" name="name" value="GW"></td> + <td align="right"><font color="white"><?=gettext("Gateway Name"); ?>:</td><td><input id="name" name="name" value="GW"></td> </tr> <tr> - <td align="right"><font color="white">Gateway IP:</td><td><input id="gatewayip" name="gatewayip"></td> + <td align="right"><font color="white"><?=gettext("Gateway IP"); ?>:</td><td><input id="gatewayip" name="gatewayip"></td> </tr> <tr> - <td align="right"><font color="white">Description:</td><td><input id="gatewaydescr" name="gatewaydescr"></td> + <td align="right"><font color="white"><?=gettext("Description"); ?>:</td><td><input id="gatewaydescr" name="gatewaydescr"></td> </tr> <tr><td> </td> <tr> @@ -223,8 +226,8 @@ include("head.inc"); <center> <div id='savebuttondiv'> <input type="hidden" name="addrtype" id="addrtype" value="IPv4" /> - <input id="gwsave" type="Button" value="Save Gateway" onClick='hide_add_gatewaysave();'> - <input id="gwcancel" type="Button" value="Cancel" onClick='hide_add_gateway();'> + <input id="gwsave" type="Button" value="<?=gettext("Save Gateway"); ?>" onClick='hide_add_gatewaysave();'> + <input id="gwcancel" type="Button" value="<?=gettext("Cancel"); ?>" onClick='hide_add_gateway();'> </div> </center> </td> @@ -236,16 +239,15 @@ include("head.inc"); </div> </tr> <tr> - <td width="22%" valign="top" class="vncell">Description</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> <td width="78%" class="vtable"> <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> - <br> <span class="vexpl">You may enter a description here - for your reference (not parsed).</span></td> + <br> <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)"); ?>.</span></td> </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input id="save" name="Submit" type="submit" class="formbtn" value="Save"> <input id="cancel" type="button" value="Cancel" class="formbtn" onclick="history.back()"> + <input id="save" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> <input id="cancel" type="button" value="<?=gettext("Cancel"); ?>" class="formbtn" onclick="history.back()"> <?php if (isset($id) && $a_routes[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>"> <?php endif; ?> @@ -277,7 +279,7 @@ include("head.inc"); } function hide_add_gatewaysave() { document.getElementById("addgateway").style.display = 'none'; - $('status').innerHTML = '<img src="/themes/metallic/images/misc/loader.gif"> One moment please...'; + $('status').innerHTML = '<img src="/themes/metallic/images/misc/loader.gif"> <?=gettext("One moment please..."); ?>'; var iface = $('addinterfacegw').getValue(); name = $('name').getValue(); var descr = $('gatewaydescr').getValue(); @@ -302,10 +304,10 @@ include("head.inc"); optn.value = value; selectbox.options.add(optn); selectbox.selectedIndex = (selectbox.options.length-1); - $('notebox').innerHTML="<p/><strong>NOTE:</strong> You can manage Gateways <a target='_new' href='system_gateways.php'>here</a>."; + $('notebox').innerHTML="<p/><strong>NOTE:</strong> <?=gettext("You can manage Gateways"); ?> <a target='_new' href='system_gateways.php'>here</a>."; } function report_failure() { - alert("Sorry, we could not create your gateway at this time."); + alert("<?=gettext("Sorry, we could not create your gateway at this time"); ?>."); hide_add_gateway(); } function save_callback(transport) { diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index c98f1cb..1224f6a 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -52,7 +52,7 @@ require("guiconfig.inc"); if (isAllowedPage("system_usermanager")) { // start admin user code - $pgtitle = array("System","User Manager"); + $pgtitle = array(gettext("System"),gettext("User Manager")); $id = $_GET['id']; if (isset($_POST['id'])) @@ -180,15 +180,22 @@ if (isAllowedPage("system_usermanager")) { /* input validation */ if (isset($id) && ($a_user[$id])) { $reqdfields = explode(" ", "usernamefld"); - $reqdfieldsn = explode(",", "Username"); + $reqdfieldsn = array(gettext("Username")); } else { if (empty($_POST['name'])) { $reqdfields = explode(" ", "usernamefld passwordfld1"); - $reqdfieldsn = explode(",", "Username,Password"); + $reqdfieldsn = array( + gettext("Username"), + gettext("Password")); } else { $reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime"); - $reqdfieldsn = explode(",", "Username,Password,Descriptive name,Certificate authority,Key length,Lifetime"); - + $reqdfieldsn = array( + gettext("Username"), + gettext("Password"), + gettext("Descriptive name"), + gettext("Certificate authority"), + gettext("Key length"), + gettext("Lifetime")); } } @@ -228,14 +235,14 @@ if (isAllowedPage("system_usermanager")) { $_POST['expires'] = date("m/d/Y",$expdate); } } else { - $input_errors[] = "Invalid expiration date format; use MM/DD/YYYY instead."; + $input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead."); } } if (!empty($_POST['name'])) { $ca = lookup_ca($_POST['caref']); if (!$ca) - $input_errors[] = "Invalid internal Certificate Authority\n"; + $input_errors[] = gettext("Invalid internal Certificate Authority") . "\n"; } /* if this is an AJAX caller then handle via JSON */ @@ -463,14 +470,14 @@ function sshkeyClicked(obj) { </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Expiration date</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Expiration date"); ?></td> <td width="78%" class="vtable"> <input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=$pconfig['expires'];?>"> <a href="javascript:NewCal('expires','mmddyyyy')"> - <img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_cal.gif" width="16" height="16" border="0" alt="Pick a date"> + <img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_cal.gif" width="16" height="16" border="0" alt="<?=gettext("Pick a date");?>"> </a> <br> - <span class="vexpl">Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy</span></td> + <span class="vexpl"><?=gettext("Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy"); ?></span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td> @@ -478,7 +485,7 @@ function sshkeyClicked(obj) { <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center" width="50%"> - <strong>Not Member Of</strong><br/> + <strong><?=gettext("Not Member Of"); ?></strong><br/> <br/> <select size="10" style="width: 75%" name="notgroups[]" class="formselect" id="notgroups" onChange="clear_selected('groups')" multiple> <?php @@ -498,15 +505,15 @@ function sshkeyClicked(obj) { <td> <br/> <a href="javascript:move_selected('notgroups','groups')"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="Add Groups" alt="Add Groups" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="<?=gettext("Add Groups"); ?>" alt="<?=gettext("Add Groups"); ?>" width="17" height="17" border="0" /> </a> <br/><br/> <a href="javascript:move_selected('groups','notgroups')"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="Remove Groups" alt="Remove Groups" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="<?=gettext("Remove Groups"); ?>" alt="<?=gettext("Remove Groups"); ?>" width="17" height="17" border="0" /> </a> </td> <td align="center" width="50%"> - <strong>Member Of</strong><br/> + <strong><?=gettext("Member Of"); ?></strong><br/> <br/> <select size="10" style="width: 75%" name="groups[]" class="formselect" id="groups" onChange="clear_selected('nogroups')" multiple> <?php @@ -611,13 +618,13 @@ function sshkeyClicked(obj) { </td> <td valign="middle" nowrap class="list"> <a href="system_usermanager.php?act=expckey&id=<?=$id;?>&certid=<?=$i;?>"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export private key" alt="export private key" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export private key"); ?>" alt="<?=gettext("export private key"); ?>" width="17" height="17" border="0" /> </a> <a href="system_usermanager.php?act=expcert&id=<?=$id;?>&certid=<?=$i;?>"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="export cert" alt="export cert" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export cert"); ?>" alt="<?=gettext("export cert"); ?>" width="17" height="17" border="0" /> </a> <a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this certificate?");?>')"> - <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete cert" /> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="<?=gettext("delete cert");?>" /> </a> </td> </tr> @@ -650,7 +657,7 @@ function sshkeyClicked(obj) { <tr id="usercertchck" name="usercertchck" > <td width="22%" valign="top" class="vncell"><?=gettext("Certificate");?></td> <td width="78%" class="vtable"> - <input type="checkbox" onClick="javascript:usercertClicked(this)"> Click to create a user certificate. + <input type="checkbox" onClick="javascript:usercertClicked(this)"> <?=gettext("Click to create a user certificate."); ?> </td> </tr> @@ -710,7 +717,7 @@ function sshkeyClicked(obj) { <tr id="sshkeychck" name="sshkeychck" > <td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td> <td width="78%" class="vtable"> - <input type="checkbox" onClick="javascript:sshkeyClicked(this)"> Click to paste an authorized key. + <input type="checkbox" onClick="javascript:sshkeyClicked(this)"> <?=gettext("Click to paste an authorized key."); ?> </td> </tr> <tr id="sshkey" name="sshkey" style="display:none"> @@ -724,7 +731,7 @@ function sshkeyClicked(obj) { <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input id="submit" name="save" type="submit" class="formbtn" value="Save" /> + <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> <?php if (isset($id) && $a_user[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>" /> <?php endif;?> @@ -737,10 +744,10 @@ function sshkeyClicked(obj) { <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="25%" class="listhdrr">Username</td> - <td width="25%" class="listhdrr">Full name</td> - <td width="5%" class="listhdrr">Disabled</td> - <td width="25%" class="listhdrr">Groups</td> + <td width="25%" class="listhdrr"><?=gettext("Username"); ?></td> + <td width="25%" class="listhdrr"><?=gettext("Full name"); ?></td> + <td width="5%" class="listhdrr"><?=gettext("Disabled"); ?></td> + <td width="25%" class="listhdrr"><?=gettext("Groups"); ?></td> <td width="10%" class="list"></td> </tr> <?php @@ -758,7 +765,7 @@ function sshkeyClicked(obj) { else $usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png"; ?> - <img src="<?=$usrimg;?>" alt="User" title="User" border="0" height="16" width="16" /> + <img src="<?=$usrimg;?>" alt="<?=gettext("User"); ?>" title="<?=gettext("User"); ?>" border="0" height="16" width="16" /> </td> <td align="left" valign="middle"> <?=htmlspecialchars($userent['name']);?> @@ -774,12 +781,12 @@ function sshkeyClicked(obj) { </td> <td valign="middle" nowrap class="list"> <a href="system_usermanager.php?act=edit&id=<?=$i;?>"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="edit user" alt="edit user" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit user"); ?>" alt="<?=gettext("edit user"); ?>" width="17" height="17" border="0" /> </a> <?php if($userent['scope'] != "system"): ?> <a href="system_usermanager.php?act=deluser&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete user" alt="delete user" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete user"); ?>" alt="<?=gettext("delete user"); ?>" width="17" height="17" border="0" /> </a> <?php endif; ?> </td> @@ -792,17 +799,17 @@ function sshkeyClicked(obj) { <td class="list" colspan="4"></td> <td class="list"> <a href="system_usermanager.php?act=new"> - <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="add user" alt="add user" width="17" height="17" border="0" /> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add user"); ?>" alt="<?=gettext("add user"); ?>" width="17" height="17" border="0" /> </a> </td> </tr> <tr> <td colspan="4"> <p> - <?=gettext("Additional webConfigurator users can be added here.");?> - <?=gettext("User permissions can be assigned directly or inherited from group memberships.");?> - <?=gettext("An icon that appears grey indicates that it is a system defined object.");?> - <?=gettext("Some system object properties can be modified but they cannot be deleted.");?> + <?=gettext("Additional webConfigurator users can be added here. + User permissions can be assigned directly or inherited from group memberships. + An icon that appears grey indicates that it is a system defined object. + Some system object properties can be modified but they cannot be deleted."); ?> </p> </td> </tr> @@ -825,26 +832,26 @@ function sshkeyClicked(obj) { // start normal user code - $pgtitle = array("System","User Password"); + $pgtitle = array(gettext("System"),gettext("User Password")); if (isset($_POST['save'])) { unset($input_errors); /* input validation */ $reqdfields = explode(" ", "passwordfld1"); - $reqdfieldsn = explode(",", "Password"); + $reqdfieldsn = array(gettext("Password")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if ($_POST['passwordfld1'] != $_POST['passwordfld2']) - $input_errors[] = "The passwords do not match."; + $input_errors[] = gettext("The passwords do not match."); if (!$input_errors) { // all values are okay --> saving changes $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1'])); write_config(); - $savemsg = "Password successfully changed<br />"; + $savemsg = gettext("Password successfully changed") . "<br />"; } } @@ -865,7 +872,7 @@ function sshkeyClicked(obj) { print_info_box($savemsg); if($islocal == false) { - echo "Sorry, you cannot change the password for a LDAP user."; + echo gettext("Sorry, you cannot change the password for a LDAP user."); include("fend.inc"); exit; } @@ -875,10 +882,10 @@ function sshkeyClicked(obj) { <form action="system_usermanager.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="top" class="listtopic"><?=$HTTP_SERVER_VARS['AUTH_USER']?>'s Password</td> + <td colspan="2" valign="top" class="listtopic"><?=$HTTP_SERVER_VARS['AUTH_USER']?>'s <?=gettext("Password"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell" rowspan="2">Password</td> + <td width="22%" valign="top" class="vncell" rowspan="2"><?=gettext("Password"); ?></td> <td width="78%" class="vtable"> <input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" /> </td> diff --git a/usr/local/www/system_usermanager_addcert.php b/usr/local/www/system_usermanager_addcert.php index 29af55a..d48e4ad 100644 --- a/usr/local/www/system_usermanager_addcert.php +++ b/usr/local/www/system_usermanager_addcert.php @@ -42,7 +42,7 @@ require("certs.inc"); $cert_keylens = array( "512", "1024", "2048", "4096"); -$pgtitle = array("System", "User Manager: Add Certificate"); +$pgtitle = array(gettext("System"), gettext("User Manager: Add Certificate")); $userid = $_GET['userid']; if (isset($_POST['userid'])) @@ -78,22 +78,27 @@ if ($_POST) { if ($pconfig['method'] == "existing") { $reqdfields = explode(" ", "name cert key"); - $reqdfieldsn = explode(",", - "Descriptive name,Certificate data,Key data"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Certificate data"), + gettext("Key data")); } if ($pconfig['method'] == "internal") { $reqdfields = explode(" ", "name caref keylen lifetime"); - $reqdfieldsn = explode(",", - "Descriptive name,Certificate authority,Key length,Lifetime"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Certificate authority"), + gettext("Key length"), + gettext("Lifetime")); } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); $ca = lookup_ca($pconfig['caref']); if (!$ca) - $input_errors[] = "Invalid internal Certificate Authority\n"; + $input_errors[] = sprintf(gettext("Invalid internal Certificate Authority%s"),"\n"); /* if this is an AJAX caller then handle via JSON */ if (isAjax() && is_array($input_errors)) { @@ -197,9 +202,9 @@ function internalca_change() { <tr> <td colspan="2" align="center" class="vtable"> - No internal Certificate Authorities have been defined. You must - <a href="system_camanager.php?act=new&method=internal">create</a> - an internal CA before creating an internal certificate. + <?=gettext("No internal Certificate Authorities have been defined. You must");?> + <a href="system_camanager.php?act=new&method=internal"><?=gettext("create");?></a> + <?=gettext("an internal CA before creating an internal certificate.");?> </td> </tr> @@ -241,14 +246,14 @@ function internalca_change() { <option value="<?=$len;?>"<?=$selected;?>><?=$len;?></option> <?php endforeach; ?> </select> - bits + <?=gettext("bits");?> </td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td> <td width="78%" class="vtable"> <input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/> - days + <?=gettext("days");?> </td> </tr> @@ -258,7 +263,7 @@ function internalca_change() { <td width="22%" valign="top"> </td> <td width="78%"> <?php if ($internal_ca_count): ?> - <input id="submit" name="save" type="submit" class="formbtn" value="Save" /> + <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> <input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" /> <?php endif; ?> <?php if (isset($userid) && $a_user[$userid]): ?> diff --git a/usr/local/www/system_usermanager_addprivs.php b/usr/local/www/system_usermanager_addprivs.php index 8f13c55..1a3ef2c 100644 --- a/usr/local/www/system_usermanager_addprivs.php +++ b/usr/local/www/system_usermanager_addprivs.php @@ -81,7 +81,7 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "sysprivs"); - $reqdfieldsn = explode(",", "Selected priveleges"); + $reqdfieldsn = array(gettext("Selected priveleges")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -195,7 +195,7 @@ function update_description() { <tr height="60"> <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> <td width="78%" valign="top" class="vtable" id="pdesc"> - <em>Select a privilege from the list above for a description</em> + <em><?=gettext("Select a privilege from the list above for a description"); ?></em> </td> </tr> <tr> diff --git a/usr/local/www/system_usermanager_settings.php b/usr/local/www/system_usermanager_settings.php index c961dd4..352d5cc 100755 --- a/usr/local/www/system_usermanager_settings.php +++ b/usr/local/www/system_usermanager_settings.php @@ -51,7 +51,7 @@ $pconfig['authmode'] = &$config['system']['webgui']['authmode']; $pconfig['backend'] = &$config['system']['webgui']['backend']; // Page title for main admin -$pgtitle = array("System","User manager settings"); +$pgtitle = array(gettext("System"),gettext("User manager settings")); if ($_POST) { unset($input_errors); @@ -65,7 +65,7 @@ if ($_POST) { if (!$input_errors) { - if(isset($_POST['session_timeout'])) + if(isset($_POST['session_timeout']) && $_POST['session_timeout'] != "") $config['system']['webgui']['session_timeout'] = intval($_POST['session_timeout']); else unset($config['system']['webgui']['session_timeout']); @@ -93,7 +93,7 @@ include("head.inc"); echo "<script language='javascript'>\n"; echo "myRef = window.open('system_usermanager_settings_test.php?authserver={$pconfig['authmode']}','mywin', "; echo "'left=20,top=20,width=700,height=550,toolbar=1,resizable=0');\n"; - echo "if (myRef==null || typeof(myRef)=='undefined') aleart('Popup blocker detected. Action aborted.');\n"; + echo "if (myRef==null || typeof(myRef)=='undefined') alert('" . gettext("Popup blocker detected. Action aborted.") ."');\n"; echo "</script>\n"; } ?> @@ -121,15 +121,16 @@ if(!$pconfig['backend']) <form id="iform" name="iform" action="system_usermanager_settings.php" method="post"> <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="6"> <tr> - <td width="22%" valign="top" class="vncell">Session Timeout</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Session Timeout"); ?></td> <td width="78%" class="vtable"> <input name="session_timeout" id="session_timeout" type="text" size="8" value="<?=htmlspecialchars($pconfig['session_timeout']);?>" /> <br /> - <?=gettext("Time in minutes to expire idle management sessions. The default is 4 hours (240 minutes). <br/> Enter 0 to never expire sessions. NOTE: This is a security risk!");?><br /> + <?=gettext("Time in minutes to expire idle management sessions. The default is 4 hours (240 minutes).");?><br/> + <?=gettext("Enter 0 to never expire sessions. NOTE: This is a security risk!");?><br /> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Authentication Server</td> + <td width="22%" valign="top" class="vncell"><?=gettext("Authentication Server"); ?></td> <td width="78%" class="vtable"> <select name='authmode' id='authmode' class="formselect" > <?php diff --git a/usr/local/www/system_usermanager_settings_ldapacpicker.php b/usr/local/www/system_usermanager_settings_ldapacpicker.php index 40212b1..5e76fce 100644 --- a/usr/local/www/system_usermanager_settings_ldapacpicker.php +++ b/usr/local/www/system_usermanager_settings_ldapacpicker.php @@ -93,10 +93,10 @@ function post_choices() { <body link="#000000" vlink="#000000" alink="#000000" > <form method="post" action="system_usermanager_settings_ldapacpicker.php"> <?php if (empty($ous)): ?> - <p>Sorry, we could not connect to the LDAP server. Please try later.</p> - <input type='button' value='Close' onClick="window.close();"> + <p><?=gettext("Sorry, we could not connect to the LDAP server. Please try later.");?></p> + <input type='button' value='<?=gettext("Close"); ?>' onClick="window.close();"> <?php else: ?> - <b>Please select which containers to Authenticate against:</b> + <b><?=gettext("Please select which containers to Authenticate against");?>:</b> <p/> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> @@ -120,7 +120,7 @@ function post_choices() { <p/> - <input type='button' value='Save' onClick="post_choices();"> + <input type='button' value='<?=gettext("Save");?>' onClick="post_choices();"> <?php endif; ?> </form> </body> diff --git a/usr/local/www/system_usermanager_settings_test.php b/usr/local/www/system_usermanager_settings_test.php index 34fb172..4a437b7 100755 --- a/usr/local/www/system_usermanager_settings_test.php +++ b/usr/local/www/system_usermanager_settings_test.php @@ -73,50 +73,50 @@ $authcfg = auth_get_authserver($authserver); <?php if (!$authcfg) { - echo "Could not find settings for {$authserver}<p/>"; + printf(gettext("Could not find settings for %s%s"), $authserver, "<p/>"); } else { - echo "Testing pfSense LDAP settings... One moment please...<p/>"; + echo gettext("Testing pfSense LDAP settings... One moment please...") . "<p/>"; echo "<table width='100%'>"; - echo "<tr><td>Attempting connection to {$ldapserver}</td><td>"; + echo "<tr><td>" . gettext("Attempting connection to") . " " . $ldapserver . "</td><td>"; if(ldap_test_connection($authcfg)) { echo "<td><font color=green>OK</td></tr>"; - echo "<tr><td>Attempting bind to {$ldapserver}</td><td>"; + echo "<tr><td>" . gettext("Attempting bind to") . " " . $ldapserver . "</td><td>"; if(ldap_test_bind($authcfg)) { echo "<td><font color=green>OK</td></tr>"; - echo "<tr><td>Attempting to fetch Organizational Units from {$ldapserver}</td><td>"; + echo "<tr><td>" . gettext("Attempting to fetch Organizational Units from") . " " . $ldapserver . "</td><td>"; $ous = ldap_get_user_ous(true, $authcfg); if(count($ous)>1) { echo "<td><font color=green>OK</td></tr>"; echo "</table>"; if(is_array($ous)) { - echo "Organization units found:<p/>"; + echo gettext("Organization units found") . ":<p/>"; echo "<table width='100%'>"; foreach($ous as $ou) { echo "<tr><td>" . $ou . "</td></tr>"; } } } else - echo "<td><font color=red>failed</td></tr>"; + echo "<td><font color=red>" . gettext("failed") . "</td></tr>"; echo "</table><p/>"; } else { - echo "<td><font color=red>failed</td></tr>"; + echo "<td><font color=red>" . gettext("failed") . "</td></tr>"; echo "</table><p/>"; } } else { - echo "<td><font color=red>failed</td></tr>"; + echo "<td><font color=red>" . gettext("failed") . "</td></tr>"; echo "</table><p/>"; } } ?> <p/> - <input type="Button" value="Close" onClick='Javascript:window.close();'> + <input type="Button" value="<?=gettext("Close"); ?>" onClick='Javascript:window.close();'> </form> </body> diff --git a/usr/local/www/vpn_ipsec_keys.php b/usr/local/www/vpn_ipsec_keys.php new file mode 100644 index 0000000..59bb57c --- /dev/null +++ b/usr/local/www/vpn_ipsec_keys.php @@ -0,0 +1,132 @@ +<?php +/* + vpn_ipsec_keys.php + part of m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +##|+PRIV +##|*IDENT=page-vpn-ipsec-listkeys +##|*NAME=VPN: IPsec: Pre-Shared Keys List +##|*DESCR=Allow access to the 'VPN: IPsec: Pre-Shared Keys List' page. +##|*MATCH=vpn_ipsec_keys.php* +##|-PRIV + +require("functions.inc"); +require("guiconfig.inc"); +require_once("ipsec.inc"); +require_once("vpn.inc"); + +if (!is_array($config['ipsec']['mobilekey'])) { + $config['ipsec']['mobilekey'] = array(); +} +ipsec_mobilekey_sort(); +$a_secret = &$config['ipsec']['mobilekey']; + +if ($_GET['act'] == "del") { + if ($a_secret[$_GET['id']]) { + unset($a_secret[$_GET['id']]); + write_config("Deleted IPsec Pre-Shared Key"); + mark_subsystem_dirty('ipsec'); + header("Location: vpn_ipsec_keys.php"); + exit; + } +} + +$pgtitle = "VPN: IPsec: Keys"; +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<form action="vpn_ipsec.php" method="post"> +<?php +if ($savemsg) + print_info_box($savemsg); +if (is_subsystem_dirty('ipsec')) + print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect."); + +?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td class="tabnavtbl"> +<?php + $tab_array = array(); + $tab_array[0] = array("Tunnels", false, "vpn_ipsec.php"); + $tab_array[1] = array("Mobile clients", false, "vpn_ipsec_mobile.php"); + $tab_array[2] = array("Pre-shared keys", true, "vpn_ipsec_keys.php"); + $tab_array[3] = array("Logs", false, "diag_logs_ipsec.php"); + display_top_tabs($tab_array); +?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td class="listhdrr">Identifier</td> + <td class="listhdr">Pre-shared key</td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td width="20" heigth="17"></td> + <td><a href="vpn_ipsec_keys_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add key" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + <?php $i = 0; foreach ($a_secret as $secretent): ?> + <tr> + <td class="listlr"> + <?=htmlspecialchars($secretent['ident']);?> + </td> + <td class="listr"> + <?=htmlspecialchars($secretent['pre-shared-key']);?> + </td> + <td class="list" nowrap> <a href="vpn_ipsec_keys_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit key" width="17" height="17" border="0"></a> + <a href="vpn_ipsec_keys.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pre-shared key?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" title="delete key" width="17" height="17" border="0"></a></td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="2"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td width="20" heigth="17"></td> + <td><a href="vpn_ipsec_keys_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add key" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + </table> + </div> + </td> + </tr> +</table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/vpn_ipsec_keys_edit.php b/usr/local/www/vpn_ipsec_keys_edit.php new file mode 100644 index 0000000..6e0db5b --- /dev/null +++ b/usr/local/www/vpn_ipsec_keys_edit.php @@ -0,0 +1,142 @@ +<?php +/* + vpn_ipsec_keys_edit.php + part of m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +##|+PRIV +##|*IDENT=page-vpn-ipsec-editkeys +##|*NAME=VPN: IPsec: Edit Pre-Shared Keys +##|*DESCR=Allow access to the 'VPN: IPsec: Edit Pre-Shared Keys' page. +##|*MATCH=vpn_ipsec_keys_edit.php* +##|-PRIV + +require("functions.inc"); +require("guiconfig.inc"); +require_once("ipsec.inc"); +require_once("vpn.inc"); + +if (!is_array($config['ipsec']['mobilekey'])) { + $config['ipsec']['mobilekey'] = array(); +} +ipsec_mobilekey_sort(); +$a_secret = &$config['ipsec']['mobilekey']; + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (isset($id) && $a_secret[$id]) { + $pconfig['ident'] = $a_secret[$id]['ident']; + $pconfig['psk'] = $a_secret[$id]['pre-shared-key']; +} + +if ($_POST) { + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "ident psk"); + $reqdfieldsn = explode(",", "Identifier,Pre-shared key"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (preg_match("/[^a-zA-Z0-9@\.\-]/", $_POST['ident'])) + $input_errors[] = "The identifier contains invalid characters."; + + if (!$input_errors && !(isset($id) && $a_secret[$id])) { + /* make sure there are no dupes */ + foreach ($a_secret as $secretent) { + if ($secretent['ident'] == $_POST['ident']) { + $input_errors[] = "Another entry with the same identifier already exists."; + break; + } + } + } + + if (!$input_errors) { + + if (isset($id) && $a_secret[$id]) + $secretent = $a_secret[$id]; + + $secretent['ident'] = $_POST['ident']; + $secretent['pre-shared-key'] = $_POST['psk']; + $text = ""; + + if (isset($id) && $a_secret[$id]) { + $a_secret[$id] = $secretent; + $text = "Edited"; + } else { + $a_secret[] = $secretent; + $text = "Added"; + } + + write_config("{$text} IPsec Pre-Shared Keys"); + mark_subsystem_dirty('ipsec'); + + header("Location: vpn_ipsec_keys.php"); + exit; + } +} + +$pgtitle = "VPN: IPsec: Edit pre-shared key"; +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> + <form action="vpn_ipsec_keys_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td valign="top" class="vncellreq">Identifier</td> + <td class="vtable"> + <?=$mandfldhtml;?><input name="ident" type="text" class="formfld" id="ident" size="30" value="<?=$pconfig['ident'];?>"> + <br> +This can be either an IP address, fully qualified domain name or an e-mail address. + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq">Pre-shared key</td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="psk" type="text" class="formfld" id="psk" size="40" value="<?=htmlspecialchars($pconfig['psk']);?>"> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save"> + <?php if (isset($id) && $a_secret[$id]): ?> + <input name="id" type="hidden" value="<?=$id;?>"> + <?php endif; ?> + </td> + </tr> + </table> +</form> +<?php include("fend.inc"); ?> diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index 6f15b6c..4bf8d61 100755 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -307,7 +307,8 @@ function login_banner_change() { $tab_array = array(); $tab_array[0] = array("Tunnels", false, "vpn_ipsec.php"); $tab_array[1] = array("Mobile clients", true, "vpn_ipsec_mobile.php"); - $tab_array[2] = array("Logs", false, "diag_logs_ipsec.php"); + $tab_array[2] = array("Pre-shared keys", false, "vpn_ipsec_keys.php"); + $tab_array[3] = array("Logs", false, "diag_logs_ipsec.php"); display_top_tabs($tab_array); ?> </td> diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php index 7348cad..be3414c 100644 --- a/usr/local/www/vpn_ipsec_phase1.php +++ b/usr/local/www/vpn_ipsec_phase1.php @@ -136,7 +136,8 @@ if ($_POST) { /* input validation */ $method = $pconfig['authentication_method']; - if (($method == "pre_shared_key")||($method == "xauth_psk_server")) { + // Only require PSK here for normal PSK tunnels (not mobile) or xauth. + if ((($method == "pre_shared_key") && (!$pconfig['mobile']))||($method == "xauth_psk_server")) { $reqdfields = explode(" ", "pskey"); $reqdfieldsn = explode(",", "Pre-Shared Key"); } else { @@ -214,32 +215,35 @@ if ($_POST) { if ($pconfig['myid_type'] == "peeraddress") $pconfig['peerid_data'] = ""; - if ($pconfig['peerid_type'] == "address" and $pconfig['peerid_data'] == "") - $input_errors[] = gettext("Please enter an address for 'Peer Identifier'"); + // Only enforce peer ID if we are not dealing with a pure-psk mobile config. + if (!(($pconfig['authentication_method'] == "pre_shared_key") && ($pconfig['mobile']))) { + if ($pconfig['peerid_type'] == "address" and $pconfig['peerid_data'] == "") + $input_errors[] = gettext("Please enter an address for 'Peer Identifier'"); - if ($pconfig['peerid_type'] == "keyid tag" and $pconfig['peerid_data'] == "") - $input_errors[] = gettext("Please enter a keyid tag for 'Peer Identifier'"); + if ($pconfig['peerid_type'] == "keyid tag" and $pconfig['peerid_data'] == "") + $input_errors[] = gettext("Please enter a keyid tag for 'Peer Identifier'"); - if ($pconfig['peerid_type'] == "fqdn" and $pconfig['peerid_data'] == "") - $input_errors[] = gettext("Please enter a fully qualified domain name for 'Peer Identifier'"); + if ($pconfig['peerid_type'] == "fqdn" and $pconfig['peerid_data'] == "") + $input_errors[] = gettext("Please enter a fully qualified domain name for 'Peer Identifier'"); - if ($pconfig['peerid_type'] == "user_fqdn" and $pconfig['peerid_data'] == "") - $input_errors[] = gettext("Please enter a user and fully qualified domain name for 'Peer Identifier'"); + if ($pconfig['peerid_type'] == "user_fqdn" and $pconfig['peerid_data'] == "") + $input_errors[] = gettext("Please enter a user and fully qualified domain name for 'Peer Identifier'"); - if ((($pconfig['peerid_type'] == "address") && !is_ipaddr($pconfig['peerid_data']))) - $input_errors[] = "A valid IP address for 'Peer identifier' must be specified."; + if ((($pconfig['peerid_type'] == "address") && !is_ipaddr($pconfig['peerid_data']))) + $input_errors[] = "A valid IP address for 'Peer identifier' must be specified."; - if ((($pconfig['peerid_type'] == "fqdn") && !is_domain($pconfig['peerid_data']))) - $input_errors[] = "A valid domain name for 'Peer identifier' must be specified."; + if ((($pconfig['peerid_type'] == "fqdn") && !is_domain($pconfig['peerid_data']))) + $input_errors[] = "A valid domain name for 'Peer identifier' must be specified."; - if ($pconfig['peerid_type'] == "fqdn") - if (is_domain($pconfig['peerid_data']) == false) - $input_errors[] = "A valid FQDN for 'Peer identifier' must be specified."; + if ($pconfig['peerid_type'] == "fqdn") + if (is_domain($pconfig['peerid_data']) == false) + $input_errors[] = "A valid FQDN for 'Peer identifier' must be specified."; - if ($pconfig['peerid_type'] == "user_fqdn") { - $user_fqdn = explode("@",$pconfig['peerid_data']); - if (is_domain($user_fqdn[1]) == false) - $input_errors[] = "A valid User FQDN in the form of user@my.domain.com for 'Peer identifier' must be specified."; + if ($pconfig['peerid_type'] == "user_fqdn") { + $user_fqdn = explode("@",$pconfig['peerid_data']); + if (is_domain($user_fqdn[1]) == false) + $input_errors[] = "A valid User FQDN in the form of user@my.domain.com for 'Peer identifier' must be specified."; + } } if ($pconfig['dpd_enable']) { @@ -364,15 +368,25 @@ function methodsel_change() { switch (value) { case 'hybrid_rsa_server': document.getElementById('opt_psk').style.display = 'none'; + document.getElementById('opt_peerid').style.display = ''; document.getElementById('opt_cert').style.display = ''; break; case 'xauth_rsa_server': case 'rsasig': document.getElementById('opt_psk').style.display = 'none'; + document.getElementById('opt_peerid').style.display = ''; document.getElementById('opt_cert').style.display = ''; break; +<?php if ($pconfig['mobile']) { ?> + case 'pre_shared_key': + document.getElementById('opt_psk').style.display = 'none'; + document.getElementById('opt_peerid').style.display = 'none'; + document.getElementById('opt_cert').style.display = 'none'; + break; +<?php } ?> default: /* psk modes*/ document.getElementById('opt_psk').style.display = ''; + document.getElementById('opt_peerid').style.display = ''; document.getElementById('opt_cert').style.display = 'none'; break; } @@ -442,7 +456,8 @@ function dpdchkbox_change() { $tab_array = array(); $tab_array[0] = array("Tunnels", true, "vpn_ipsec.php"); $tab_array[1] = array("Mobile clients", false, "vpn_ipsec_mobile.php"); - $tab_array[2] = array("Logs", false, "diag_logs_ipsec.php"); + $tab_array[2] = array("Pre-shared keys", false, "vpn_ipsec_keys.php"); + $tab_array[3] = array("Logs", false, "diag_logs_ipsec.php"); display_top_tabs($tab_array); ?> </td> @@ -519,6 +534,26 @@ function dpdchkbox_change() { </td> </tr> <tr> + <td width="22%" valign="top" class="vncellreq">Authentication method</td> + <td width="78%" class="vtable"> + <select name="authentication_method" class="formselect" onChange="methodsel_change()"> + <?php + foreach ($p1_authentication_methods as $method_type => $method_params): + if (!$pconfig['mobile'] && $method_params['mobile']) + continue; + ?> + <option value="<?=$method_type;?>" <?php if ($method_type == $pconfig['authentication_method']) echo "selected"; ?>> + <?=htmlspecialchars($method_params['name']);?> + </option> + <?php endforeach; ?> + </select> + <br> + <span class="vexpl"> + Must match the setting chosen on the remote side. + </span> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncellreq">Negotiation mode</td> <td width="78%" class="vtable"> <select name="mode" class="formselect"> @@ -546,7 +581,7 @@ function dpdchkbox_change() { <input name="myid_data" type="text" class="formfld unknown" id="myid_data" size="30" value="<?=$pconfig['myid_data'];?>"> </td> </tr> - <tr> + <tr id="opt_peerid"> <td width="22%" valign="top" class="vncellreq">Peer identifier</td> <td width="78%" class="vtable"> <select name="peerid_type" class="formselect" onChange="peeridsel_change()"> @@ -561,6 +596,20 @@ function dpdchkbox_change() { <?php endforeach; ?> </select> <input name="peerid_data" type="text" class="formfld unknown" id="peerid_data" size="30" value="<?=$pconfig['peerid_data'];?>"> + <?php if ($pconfig['mobile']) { ?> + <br/><br/>NOTE: This is known as the "group" setting on some VPN client implementations. + <?php } ?> + </td> + </tr> + <tr id="opt_psk"> + <td width="22%" valign="top" class="vncellreq">Pre-Shared Key</td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?> + <input name="pskey" type="text" class="formfld unknown" id="pskey" size="40" value="<?=htmlspecialchars($pconfig['pskey']);?>"> + <span class="vexpl"> + <br> + Input your pre-shared key string. + </span> </td> </tr> <tr> @@ -623,37 +672,6 @@ function dpdchkbox_change() { seconds </td> </tr> - <tr> - <td width="22%" valign="top" class="vncellreq">Authentication method</td> - <td width="78%" class="vtable"> - <select name="authentication_method" class="formselect" onChange="methodsel_change()"> - <?php - foreach ($p1_authentication_methods as $method_type => $method_params): - if (!$pconfig['mobile'] && $method_params['mobile']) - continue; - ?> - <option value="<?=$method_type;?>" <?php if ($method_type == $pconfig['authentication_method']) echo "selected"; ?>> - <?=htmlspecialchars($method_params['name']);?> - </option> - <?php endforeach; ?> - </select> - <br> - <span class="vexpl"> - Must match the setting chosen on the remote side. - </span> - </td> - </tr> - <tr id="opt_psk"> - <td width="22%" valign="top" class="vncellreq">Pre-Shared Key</td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?> - <input name="pskey" type="text" class="formfld unknown" id="pskey" size="40" value="<?=htmlspecialchars($pconfig['pskey']);?>"> - <span class="vexpl"> - <br> - Input your pre-shared key string. - </span> - </td> - </tr> <tr id="opt_cert"> <td width="22%" valign="top" class="vncellreq">My Certificate</td> <td width="78%" class="vtable"> diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 14a4af6..2d7197d 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -186,12 +186,14 @@ if ($_POST) { !strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----")) $input_errors[] = "The field 'TLS Authentication Key' does not appear to be valid"; - if (!$tls_mode && !$pconfig['autokey_enable']) { - $reqdfields = array('shared_key'); - $reqdfieldsn = array('Shared key'); - } else { + /* If we are not in shared key mode, then we need the CA/Cert. */ + if ($pconfig['mode'] != "p2p_shared_key") { $reqdfields = explode(" ", "caref certref"); $reqdfieldsn = explode(",", "Certificate Authority,Certificate");; + } elseif (!$pconfig['autokey_enable']) { + /* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */ + $reqdfields = array('shared_key'); + $reqdfieldsn = array('Shared key'); } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -341,6 +343,7 @@ function autotls_change() { $tab_array[] = array(gettext("Client"), true, "vpn_openvpn_client.php"); $tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php"); $tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml"); + $tab_array[] = array(gettext("Logs"), false, "diag_logs_openvpn.php"); add_package_tabs("OpenVPN", $tab_array); display_top_tabs($tab_array); ?> diff --git a/usr/local/www/vpn_openvpn_csc.php b/usr/local/www/vpn_openvpn_csc.php index 2408af0..b70404f 100644 --- a/usr/local/www/vpn_openvpn_csc.php +++ b/usr/local/www/vpn_openvpn_csc.php @@ -291,6 +291,7 @@ function netbios_change() { $tab_array[] = array(gettext("Client"), false, "vpn_openvpn_client.php"); $tab_array[] = array(gettext("Client Specific Overrides"), true, "vpn_openvpn_csc.php"); $tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml"); + $tab_array[] = array(gettext("Logs"), false, "diag_logs_openvpn.php"); add_package_tabs("OpenVPN", $tab_array); display_top_tabs($tab_array); ?> diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 4f0d59d..f221b6b 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -244,12 +244,14 @@ if ($_POST) { if ($pconfig['maxclients'] && !is_numeric($pconfig['maxclients'])) $input_errors[] = "The field 'Concurrent connections' must be numeric."; - if (!$tls_mode && !$pconfig['autokey_enable']) { - $reqdfields = array('shared_key'); - $reqdfieldsn = array('Shared key'); - } else { + /* If we are not in shared key mode, then we need the CA/Cert. */ + if ($pconfig['mode'] != "p2p_shared_key") { $reqdfields = explode(" ", "caref certref"); $reqdfieldsn = explode(",", "Certificate Authority,Certificate");; + } elseif (!$pconfig['autokey_enable']) { + /* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */ + $reqdfields = array('shared_key'); + $reqdfieldsn = array('Shared key'); } $reqdfields[] = 'tunnel_network'; @@ -380,10 +382,16 @@ function mode_change() { break; } switch(value) { - case "p2p_tls": case "p2p_shared_key": document.getElementById("client_opts").style.display="none"; document.getElementById("remote_opts").style.display=""; + document.getElementById("local_opts").style.display="none"; + document.getElementById("authmodetr").style.display="none"; + break; + case "p2p_tls": + document.getElementById("client_opts").style.display="none"; + document.getElementById("remote_opts").style.display=""; + document.getElementById("local_opts").style.display=""; document.getElementById("authmodetr").style.display="none"; break; case "server_user": @@ -391,12 +399,14 @@ function mode_change() { document.getElementById("authmodetr").style.display=""; document.getElementById("client_opts").style.display=""; document.getElementById("remote_opts").style.display="none"; + document.getElementById("local_opts").style.display=""; break; case "server_tls": document.getElementById("authmodetr").style.display="none"; default: document.getElementById("client_opts").style.display=""; document.getElementById("remote_opts").style.display="none"; + document.getElementById("local_opts").style.display=""; break; } } @@ -504,6 +514,7 @@ function netbios_change() { $tab_array[] = array(gettext("Client"), false, "vpn_openvpn_client.php"); $tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php"); $tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml"); + $tab_array[] = array(gettext("Logs"), false, "diag_logs_openvpn.php"); add_package_tabs("OpenVPN", $tab_array); display_top_tabs($tab_array); ?> diff --git a/usr/local/www/widgets/widgets/traffic_graphs.widget.php b/usr/local/www/widgets/widgets/traffic_graphs.widget.php index ab4456d..dcc8b77 100644 --- a/usr/local/www/widgets/widgets/traffic_graphs.widget.php +++ b/usr/local/www/widgets/widgets/traffic_graphs.widget.php @@ -99,10 +99,17 @@ Refresh Interval: $interfacevalue = "hide"; } } else { + if(!$firstgraphshown) { $mingraphbutton = "inline"; $showgraphbutton = "none"; $graphdisplay = "inline"; $interfacevalue = "show"; + } else { + $mingraphbutton = "none"; + $showgraphbutton = "inline"; + $graphdisplay = "none"; + $interfacevalue = "hide"; + } } @@ -115,10 +122,8 @@ Refresh Interval: <span onClick="location.href='/status_graph.php?if=<?=$ifdescr;?>'" style="cursor:pointer">Current <?=$ifname;?> Traffic</span> </div> <div align="right" style="float:right;width:49%"> -<!-- <div id="<?=$ifname;?>graphdiv-min" onclick='return trafficminimizeDiv("<?php echo $ifname;?>",true)' style="display:<?php echo $mingraphbutton;?>; cursor:pointer" ><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_minus.gif" alt="Minimize <?=$ifname;?> traffic graph" /></div> <div id="<?=$ifname;?>graphdiv-open" onclick='return trafficshowDiv("<?php echo $ifname;?>",true)' style="display:<?php echo $showgraphbutton;?>; cursor:pointer" ><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_open.gif" alt="Show <?=$ifname;?> traffic graph" /></div> ---> </div> <div style="clear:both;"></div> </div> diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc index 41189e1..0ccae60 100644 --- a/usr/local/www/wizards/openvpn_wizard.inc +++ b/usr/local/www/wizards/openvpn_wizard.inc @@ -337,9 +337,6 @@ function step10_submitphpaction() { if ($result = openvpn_validate_cidr($_POST['tunnelnet'], 'Tunnel network')) $input_errors[] = $result; - if ($result = openvpn_validate_cidr($_POST['remotenet'], 'Remote network')) - $input_errors[] = $result; - if ($result = openvpn_validate_cidr($_POST['localnet'], 'Local network')) $input_errors[] = $result; @@ -530,8 +527,6 @@ function step12_submitphpaction() { $server['gwredir'] = $pconfig['step10']['rdrgw']; if (isset($pconfig['step10']['localnet'])) $server['local_network'] = $pconfig['step10']['localnet']; - if (isset($pconfig['step10']['remotenet'])) - $server['remote_network'] = $pconfig['step10']['remotenet']; if (isset($pconfig['step10']['concurrentcon'])) $server['maxclients'] = $pconfig['step10']['concurrentcon']; if (isset($pconfig['step10']['compression'])) diff --git a/usr/local/www/wizards/openvpn_wizard.xml b/usr/local/www/wizards/openvpn_wizard.xml index bba38c8..f790f7b 100644 --- a/usr/local/www/wizards/openvpn_wizard.xml +++ b/usr/local/www/wizards/openvpn_wizard.xml @@ -204,21 +204,21 @@ </field> <field> <name>nameattr</name> - <displayname>User naming attribute</displayname> + <displayname>User Naming Attribute</displayname> <type>input</type> <bindstofield>ovpnserver->step2->nameattr</bindstofield> - <description>Typically "cn" (OpenLDAP, Novell eDirectory), "samAccountName" (Microsoft AD), </description> + <description>Typically "cn" (OpenLDAP, Novell eDirectory), "samAccountName" (Microsoft AD)</description> </field> <field> <name>groupattr</name> - <displayname>Group naming attribute</displayname> + <displayname>Group Naming Attribute</displayname> <type>input</type> <bindstofield>ovpnserver->step2->groupattr</bindstofield> <description>Typically "cn" (OpenLDAP, Microsoft AD, and Novell eDirectory)</description> </field> <field> <name>memberattr</name> - <displayname>Member naming attribute</displayname> + <displayname>Member Naming Attribute</displayname> <type>input</type> <bindstofield>ovpnserver->step2->memberattr</bindstofield> <description>Typically "member" (OpenLDAP), "memberOf" (Microsoft AD), "uniqueMember" (Novell eDirectory)</description> @@ -611,7 +611,7 @@ </field> <field> <name>localport</name> - <displayname>Local port</displayname> + <displayname>Local Port</displayname> <description>Local port upon which OpenVPN will listen for connections. The default port is 1194. Leave this blank unless you need to use a different port.</description> <type>input</type> <size>10</size> @@ -678,7 +678,7 @@ <field> <name>crypto</name> <type>select</type> - <displayname>Encryption algorithm</displayname> + <displayname>Encryption Algorithm</displayname> <bindstofield>ovpnserver->step10->crypto</bindstofield> <options> <option> @@ -693,7 +693,7 @@ <name>Tunnel Settings</name> </field> <field> - <displayname>Tunnel network</displayname> + <displayname>Tunnel Network</displayname> <name>tunnelnet</name> <type>input</type> <size>20</size> @@ -708,7 +708,7 @@ <bindstofield>ovpnserver->step10->rdrgw</bindstofield> </field> <field> - <displayname>Local network</displayname> + <displayname>Local Network</displayname> <name>localnet</name> <type>input</type> <size>20</size> @@ -716,14 +716,6 @@ <description>This is the network that will be accessible from the remote endpoint, expressed as a CIDR range. You may leave this blank if you don't want to add a route to the local network through this tunnel on the remote machine. This is generally set to your LAN network.</description> </field> <field> - <displayname>Remote network</displayname> - <name>remotenet</name> - <type>input</type> - <size>20</size> - <bindstofield>ovpnserver->step10->remotenet</bindstofield> - <description>This is a network that will be routed through the tunnel, so that a site-to-site VPN can be established without manually changing the routing tables. Expressed as a CIDR range. If this is a site-to-site VPN, enter the remote LAN here. You may leave this blank if you don't want a site-to-site VPN.</description> - </field> - <field> <displayname>Concurrent Connections</displayname> <name>concurrentcon</name> <description>Specify the maximum number of clients allowed to concurrently connect to this server.</description> @@ -746,7 +738,7 @@ <bindstofield>ovpnserver->step10->tos</bindstofield> </field> <field> - <displayname>Inter-client communication</displayname> + <displayname>Inter-Client Communication</displayname> <name>interclient</name> <type>checkbox</type> <description>Allow communication between clients connected to this server.</description> |
