diff options
-rw-r--r-- | etc/inc/filter.inc | 2 | ||||
-rw-r--r-- | etc/inc/gwlb.inc | 2 | ||||
-rw-r--r-- | etc/inc/pfsense-utils.inc | 4 | ||||
-rw-r--r-- | etc/inc/system.inc | 139 | ||||
-rw-r--r-- | etc/inc/upgrade_config.inc | 8 | ||||
-rw-r--r-- | etc/phpshellsessions/gitsync | 58 | ||||
-rwxr-xr-x | usr/local/www/firewall_nat_out.php | 71 | ||||
-rwxr-xr-x | usr/local/www/pkg_edit.php | 2 | ||||
-rw-r--r-- | usr/local/www/system_advanced_firewall.php | 3 | ||||
-rwxr-xr-x | usr/local/www/system_routes.php | 15 | ||||
-rwxr-xr-x | usr/local/www/system_routes_edit.php | 30 | ||||
-rwxr-xr-x | usr/local/www/system_usermanager_settings.php | 2 | ||||
-rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 20 | ||||
-rw-r--r-- | usr/local/www/wizards/openvpn_wizard.inc | 2 | ||||
-rw-r--r-- | usr/local/www/wizards/openvpn_wizard.xml | 8 |
15 files changed, 216 insertions, 150 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index b229e7d..cba2ae2 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1101,7 +1101,7 @@ function filter_nat_rules_generate() { // Open inetd.conf write handle $inetd_fd = fopen("/var/etc/inetd.conf","w"); /* add tftp protocol helper */ - fwrite($inetd_fd, "tftp-proxy\tdgram\tudp\twait\t\troot\t/usr/local/sbin/tftp-proxy\ttftp-proxy -v\n"); + fwrite($inetd_fd, "tftp-proxy\tdgram\tudp\twait\t\troot\t/usr/libexec/tftp-proxy\ttftp-proxy -v\n"); if(isset($config['nat']['rule'])) { if(!isset($config['system']['disablenatreflection'])) { diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 24193d6..30640b3 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -299,7 +299,7 @@ function return_gateways_array($disabled = false) { $gateway['gateway'] = get_interface_gateway($ifname, $gateway['dynamic']); $gateway['interface'] = get_real_interface($ifname); $gateway['friendlyiface'] = $ifname; - $gateway['name'] = "{$ifname}"; + $gateway['name'] = "{$friendly}_GW"; $gateway['attribute'] = "system"; /* Loopback dummy for dynamic interfaces without a IP */ diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index df11107..0995a92 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -1096,9 +1096,9 @@ function setup_serial_port() { foreach($ttys_split as $tty) { if(stristr($tty, "ttyd0") or stristr($tty, "ttyu0")) { if(isset($config['system']['enableserial'])) { - fwrite($fd, "ttyu0 \"/usr/libexec/getty bootupcli\" dialup on secure\n"); + fwrite($fd, "ttyu0 \"/usr/libexec/getty bootupcli\" cons25 on secure\n"); } else { - fwrite($fd, "ttyu0 \"/usr/libexec/getty bootupcli\" dialup off secure\n"); + fwrite($fd, "ttyu0 \"/usr/libexec/getty bootupcli\" cons25 off secure\n"); } } else { fwrite($fd, $tty . "\n"); diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 7a01513..fed4598 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -245,51 +245,24 @@ function system_routing_configure() { } /* Enable fast routing, if enabled */ + /* XXX: More checks need to be done for subsystems that are not compatibel with fast routing. */ if(isset($config['staticroutes']['enablefastrouting']) && !isset($config['ipsec']['enable'])) mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1"); - $route_str = exec_command("/usr/bin/netstat -rnf inet"); - - /* clear out old routes, if necessary */ - if (file_exists("{$g['vardb_path']}/routes.db")) { - $fd = fopen("{$g['vardb_path']}/routes.db", "r"); - if (!$fd) { - printf("Error: cannot open routes DB file in system_routing_configure().\n"); - return 1; - } - while (!feof($fd)) { - $oldrt = trim(fgets($fd)); - if (($oldrt) && (stristr($route_str, $oldrt))) - mwexec("/sbin/route delete " . escapeshellarg($oldrt)); - } - fclose($fd); - unlink("{$g['vardb_path']}/routes.db"); - } - - if (false) { - /* if list */ - $iflist = get_configured_interface_list(); - - $dont_remove_route = false; - foreach ($iflist as $ifent => $ifname) { - /* - * XXX: The value of this is really when this function can take - * an interface as parameter. - */ - /* do not process interfaces that will end up with gateways */ - if (interface_has_gateway($ifent) || - $config['interfaces'][$ifent]['ipaddr'] == "carpdev-dhcp") { - $dont_remove_route = true; - break; + $gatewayip = ""; + $interfacegw = ""; + /* tack on all the hard defined gateways as well */ + if (is_array($config['gateways']['gateway_item'])) { + foreach ($config['gateways']['gateway_item'] as $gateway) { + if (isset($gateway['defaultgw'])) { + if ($gateway['gateway'] == "dynamic") + $gateway['gateway'] = get_interface_gateway($gateway['interface']); + $gatewayip = $gateway['gateway']; + $interfacegw = $gateway['interface']; + break; + } } } - - if ($dont_remove_route == false) { - /* remove default route */ - mwexec("/sbin/route delete default", true); - } - } - $dont_add_route = false; /* if OLSRD is enabled, allow WAN to house DHCP. */ if($config['installedpackages']['olsrd']) { @@ -300,33 +273,15 @@ function system_routing_configure() { } } } - if($dont_add_route == false) { - if(is_array($config['gateways']['gateway_item'])) { - foreach($config['gateways']['gateway_item'] as $gateway) { - if(isset($gateway['defaultgw'])) { - $gatewayip = $gateway['gateway']; - $interfacegw = $gateway['interface']; - /* This handles the case where a dynamic gateway is choosen as default. */ - if (!is_ipaddr($gatewayip)) - $gatewayip = get_interface_gateway($interfacegw); - break; - } - } - if(($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) { - preg_match("/default[ ]+([0-9].*?)[ ]+/i", $route_str, $elements); - if(trim($elements[1]) != "$gatewayip") { - mwexec("/sbin/route delete default " . escapeshellarg($gatewayip), true); - } - mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true); - } - } else { - log_error("SYSTEM: We do not have a gateways array in our XML. Is this configuration damaged?"); - /* adding gateway for 1.2-style configs without the new - gateway setup configured. - Force WAN to be default gateway because that is the - 1.2 behavior. - */ + if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) + mwexec("/sbin/route delete default; /sbin/route add default " . escapeshellarg($gatewayip), true); + else { + /* Adding gateway for 1.2-style configs without the new + * gateway setup configured. + * Force WAN to be default gateway because that is the 1.2 behavior. + */ + log_error("SYSTEM: We do not have a default gateway in our config. Is this configuration damaged?"); if (is_ipaddr($config['interfaces']['wan']['gateway'])) { $gatewayip = $config['interfaces']['wan']['gateway']; mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true); @@ -335,43 +290,35 @@ function system_routing_configure() { } if (is_array($config['staticroutes']['route'])) { - - $fd = fopen("{$g['vardb_path']}/routes.db", "w"); - if (!$fd) { - printf("Error: cannot open routes DB file in system_routing_configure().\n"); - return 1; - } + $route_str = array(); + exec("/usr/bin/netstat -rnf inet | /usr/bin/cut -d \" \" -f 1", $route_str); + $route_str = array_flip($route_str); + $gateways_arr = return_gateways_array(); foreach ($config['staticroutes']['route'] as $rtent) { - unset($gatewayip); - unset($interfacegw); - if(is_array($config['gateways']['gateway_item'])) { - foreach($config['gateways']['gateway_item'] as $gateway) { - if($rtent['gateway'] == $gateway['name']) { - $gatewayip = $gateway['gateway']; - $interfacegw = $gateway['interface']; - /* This handles the case where a dynamic gateway is choosen. */ - if (!is_ipaddr($gatewayip)) - $gatewayip = get_interface_gateway($interfacegw); - break; - } - } - } - if((is_ipaddr($rtent['gateway'])) && empty($gatewayip)) { + $gatewayip = ""; + if (isset($gateways_arr[$rtent['gateway']])) { + $gatewayip = $gateways_arr[$rtent['gateway']]['gateway']; + $interfacegw = get_real_interface($rtent['interface']); + } else if (is_ipaddr($rtent['gateway'])) { $gatewayip = $rtent['gateway']; - $interfacegw = $rtent['interface']; - } - if((isset($rtent['interfacegateway'])) && (! is_ipaddr($gatewayip))) { - mwexec("/sbin/route add " . escapeshellarg($rtent['network']) . - " -iface " . escapeshellarg(convert_friendly_interface_to_real_interface_name($interfacegw))); } else { - mwexec("/sbin/route add " . escapeshellarg($rtent['network']) . + log_error("Static Routes: Gateway ip could not be found for {$rtent['network']}"); + continue; + } + + $action = "add"; + if (isset($route_str[$rtent['network']])) + $action = "change"; + + if (is_ipaddr($gatewayip)) { + mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) . " " . escapeshellarg($gatewayip)); + } else if (!empty($interfacegw)) { + mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) . + " -iface " . escapeshellarg($interfacegw)); } - /* record route so it can be easily removed later (if necessary) */ - fwrite($fd, $rtent['network'] . "\n"); } - fclose($fd); } return 0; diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index 7640df4..f5a5493 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -921,9 +921,9 @@ function upgrade_046_to_047() { $ph1ent['myid_type'] = "fqdn"; $ph1ent['myid_data'] = $tunnel['p1']['myident']['fqdn']; } - if (isset($tunnel['p1']['myident']['user_fqdn'])) { + if (isset($tunnel['p1']['myident']['ufqdn'])) { $ph1ent['myid_type'] = "user_fqdn"; - $ph1ent['myid_data'] = $tunnel['p1']['myident']['user_fqdn']; + $ph1ent['myid_data'] = $tunnel['p1']['myident']['ufqdn']; } if (isset($tunnel['p1']['myident']['asn1dn'])) { $ph1ent['myid_type'] = "asn1dn"; @@ -1343,7 +1343,7 @@ function upgrade_051_to_052() { $server['tunnel_network'] = $server['addresspool']; unset($server['addresspool']); if (isset($server['use_lzo'])) { - $server['compress'] = true; + $server['compression'] = "on"; unset($server['use_lzo']); } if ($server['nopool']) @@ -1439,7 +1439,7 @@ function upgrade_051_to_052() { $client['proxy_addr'] = $client['poxy_hostname']; unset($client['proxy_addr']); if (isset($client['use_lzo'])) { - $client['compress'] = true; + $client['compression'] = "on"; unset($client['use_lzo']); } $client['resolve_retry'] = $client['infiniteresolvretry']; diff --git a/etc/phpshellsessions/gitsync b/etc/phpshellsessions/gitsync index 6491851..4176dfe 100644 --- a/etc/phpshellsessions/gitsync +++ b/etc/phpshellsessions/gitsync @@ -48,10 +48,18 @@ if(file_exists("/root/cvssync_backup.tgz")) { $branches = array_merge($branches, $tmp); } +if(is_dir("$CODIR/pfSenseGITREPO/pfSenseGITREPO")) { + exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git config remote.origin.url", $output_str, $ret); + if(is_array($output_str) && !empty($output_str[0])) + $GIT_REPO = $output_str[0]; + unset($output_str); +} + if($command_split[2]) { $branch = $command_split[2]; } else { if(!$argv[3]) { + echo "\nCurrent repository is $GIT_REPO\n"; echo "\nPlease select which branch you would like to sync against:\n\n"; foreach($branches as $branchname => $branchdesc) { echo "{$branchname} \t {$branchdesc}\n"; @@ -97,6 +105,21 @@ if(!$found) { } } +$merge_repos = array(); +if(!$command_split[2] && !$argv[3]) { + do { + echo "\nAdd a custom RCS branch URL (HTTP) to merge in or press enter for none.\n\n"; + $merge_repo = readline("> "); + if(!empty($merge_repo)) { + $merge_branch = readline("Merge which branch [master]? "); + if($merge_branch == "") + $merge_repos[] = array('repo' => $merge_repo, 'branch' => 'master'); + else if($merge_branch) + $merge_repos[] = array('repo' => $merge_repo, 'branch' => $merge_branch); + } + } while(!empty($merge_repo)); +} + if($branch == "RESTORE" && $g['platform'] == "pfSense") { if(!file_exists("/root/cvssync_backup.tgz")) { echo "Sorry, we could not find a previous CVSSync backup file.\n"; @@ -125,25 +148,15 @@ exec("mkdir -p /root/pfsense/$branch"); // Git 'er done! if(is_dir("$CODIR/pfSenseGITREPO/pfSenseGITREPO")) { echo "===> Fetching updates...\n"; + exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git config remote.origin.url $GIT_REPO"); exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git fetch"); exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git clean -f -f -x -d"); - if($branch == "master") { - $git_cmd = array( - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git reset HEAD --hard", - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git rebase origin" - ); - run_cmds($git_cmd); - } else { - $git_cmd = array( - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git reset HEAD --hard", - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout master", - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git branch -D $branch", - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git fetch", - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git rebase origin", - "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout -b $branch origin/$branch" - ); - run_cmds($git_cmd); - } + $git_cmd = array( + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git branch $branch origin/$branch 2>/dev/null", + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git checkout -f $branch 2>/dev/null", + "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git reset --hard origin/$branch" + ); + run_cmds($git_cmd); } else { exec("mkdir -p $CODIR/pfSenseGITREPO"); echo "Executing cd $CODIR/pfSenseGITREPO && git clone $GIT_REPO pfSenseGITREPO\n"; @@ -159,6 +172,17 @@ if(is_dir("$CODIR/pfSenseGITREPO/pfSenseGITREPO")) { } } +foreach($merge_repos as $merge_repo) { + echo "===> Merging branch {$merge_repo['branch']} from {$merge_repo['repo']}\n"; + exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && git pull {$merge_repo['repo']} {$merge_repo['branch']}", $output_str, $ret); + unset($output_str); + if($ret <> 0) { + echo "\nMerge failed. Aborting sync.\n\n"; + run_cmds($git_cmd); + exit; + } +} + exec("mkdir -p /tmp/lighttpd/cache/compress/"); // Nuke CVS and pfSense tarballs diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index 90ffe43..07d696e 100755 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -136,6 +136,77 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { $a_out[] = $natent; } } + /* PPTP subnet */ + if($config['pptpd']['mode'] == "server") { + if (is_ipaddr($config['pptpd']['localip'])) { + if($config['pptpd']['pptp_subnet'] <> "") + $ossubnet = $config['pptpd']['pptp_subnet']; + else + $ossubnet = "32"; + $osn = gen_subnet($config['pptpd']['localip'], $osn); + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for PPTP server"; + $natent['target'] = ""; + $natent['interface'] = "pptp"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + } + /* PPPoE subnet */ + if($config['pppoe']['mode'] == "server") { + if (is_ipaddr($config['pppoe']['localip'])) { + if($config['pppoe']['pppoe_subnet'] <> "") + $ossubnet = $config['pppoe']['pptp_subnet']; + else + $ossubnet = "32"; + $osn = gen_subnet($config['pppoe']['localip'], $osn); + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for PPPoE server"; + $natent['target'] = ""; + $natent['interface'] = "pppoe"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + } + /* L2TP subnet */ + if($config['l2tp']['mode'] == "server") { + if (is_ipaddr($config['l2tp']['localip'])) { + if($config['l2tp']['l2tp_subnet'] <> "") + $ossubnet = $config['l2tp']['pptp_subnet']; + else + $ossubnet = "32"; + $osn = gen_subnet($config['l2tp']['localip'], $osn); + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for L2TP server"; + $natent['target'] = ""; + $natent['interface'] = "l2tp"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + } + /* add openvpn interfaces */ + if($config['openvpn']['openvpn-server']) { + foreach ($config['openvpn']['openvpn-server'] as $ovpnsrv) { + $natent = array(); + $natent['source']['network'] = $ovpnsrv['tunnel_network']; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for OpenVPN server"; + $natent['target'] = ""; + $natent['interface'] = "openvpn"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + } $savemsg = "Default rules for each interface have been created."; } break; diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 0ad4d4f..65e1e41 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -728,7 +728,7 @@ function display_row($trc, $value, $fieldname, $type, $rowhelper, $size) { } else { $source_value = $opt[$rowhelper['value']]; } - if($opt['value'] == $value) + if($source_value == $value) $selected = " SELECTED"; $text .= "<option value='" . $source_value . "'" . $selected . ">" . $source_name . "</option>"; echo "<option value='" . $source_value . "'" . $selected . ">" . $source_name . "</option>\n"; diff --git a/usr/local/www/system_advanced_firewall.php b/usr/local/www/system_advanced_firewall.php index c6fcd1d..e3d2e1e 100644 --- a/usr/local/www/system_advanced_firewall.php +++ b/usr/local/www/system_advanced_firewall.php @@ -59,6 +59,7 @@ $pconfig['disablenatreflection'] = $config['system']['disablenatreflection']; $pconfig['reflectiontimeout'] = $config['system']['reflectiontimeout']; $pconfig['bypassstaticroutes'] = isset($config['filter']['bypassstaticroutes']); $pconfig['disablescrub'] = isset($config['system']['disablescrub']); +$pconfig['tftpinterface'] = $config['system']['tftpinterface']; if ($_POST) { @@ -321,7 +322,7 @@ function update_description(itemnum) { <option value="<?=$ifent;?>" <?php if (stristr($pconfig['tftpinterface'], $ifent)) echo "selected"; ?>><?=gettext($ifdesc);?></option> <?php endforeach; ?> </select> - <strong>Choose the interfaces where you want TFTP proxy help to be enabled.</strong> + <strong>Choose the interfaces where you want TFTP proxy helper to be enabled.</strong> </td> </tr> <tr> diff --git a/usr/local/www/system_routes.php b/usr/local/www/system_routes.php index a9160c5..fc24962 100755 --- a/usr/local/www/system_routes.php +++ b/usr/local/www/system_routes.php @@ -47,11 +47,8 @@ require_once("shaper.inc"); if (!is_array($config['staticroutes']['route'])) $config['staticroutes']['route'] = array(); -if (!is_array($config['gateways']['gateway_item'])) - $config['gateways']['gateway_item'] = array(); - $a_routes = &$config['staticroutes']['route']; -$a_gateways = &$config['gateways']['gateway_item']; +$a_gateways = return_gateways_array(true); $changedesc = "Static Routes: "; if ($_POST) { @@ -92,6 +89,7 @@ if ($_POST) { if ($_GET['act'] == "del") { if ($a_routes[$_GET['id']]) { $changedesc .= "removed route to " . $a_routes[$_GET['id']['route']]; + mwexec("/sbin/route delete " . escapeshellarg($a_routes[$_GET['id']]['network'])); unset($a_routes[$_GET['id']]); write_config($changedesc); mark_subsystem_dirty('staticroutes'); @@ -160,17 +158,12 @@ include("head.inc"); </td> <td class="listr" ondblclick="document.location='system_routes_edit.php?id=<?=$i;?>';"> <?php - echo $route['gateway'] . " "; + echo $a_gateways[$route['gateway']]['name'] . " "; ?> </td> <td class="listr" ondblclick="document.location='system_routes_edit.php?id=<?=$i;?>';"> <?php - foreach($a_gateways as $gateway) { - if($gateway['name'] == $route['gateway']) { - echo strtoupper($gateway['interface']) . " "; - } - } - + echo convert_friendly_interface_to_friendly_descr($a_gateways[$route['gateway']]['friendlyiface']) . " "; ?> </td> <td class="listbg" ondblclick="document.location='system_routes_edit.php?id=<?=$i;?>';"> diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index 434bbbc..7a46e5a 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -57,11 +57,9 @@ require("guiconfig.inc"); if (!is_array($config['staticroutes']['route'])) $config['staticroutes']['route'] = array(); -if (!is_array($config['gateways']['gateway_item'])) - $config['gateways']['gateway_item'] = array(); $a_routes = &$config['staticroutes']['route']; -$a_gateways = &$config['gateways']['gateway_item']; +$a_gateways = return_gateways_array(true); $id = $_GET['id']; if (isset($_POST['id'])) @@ -99,13 +97,7 @@ if ($_POST) { $input_errors[] = "A valid destination network bit count must be specified."; } if ($_POST['gateway']) { - $match = false; - foreach($a_gateways as $gateway) { - if(in_array($_POST['gateway'], $gateway)) { - $match = true; - } - } - if(!$match) + if (!isset($a_gateways[$_POST['gateway']])) $input_errors[] = "A valid gateway must be specified."; } @@ -174,11 +166,19 @@ include("head.inc"); <td width="78%" class="vtable"> <select name="gateway" id="gateway" class="formselect"> <?php - foreach ($a_gateways as $gateway): ?> - <option value="<?=$gateway['name'];?>" <?php if ($gateway['name'] == $pconfig['gateway']) echo "selected"; ?>> - <?=htmlspecialchars($gateway['name']);?> - </option> - <?php endforeach; ?> + foreach ($a_gateways as $gateway) { + if ($gateway['attribute'] == "system") { + echo "<option value='{$gateway['friendlyiface']}' "; + if ($gateway['friendlyiface'] == $pconfig['gateway']) + echo "selected"; + } else { + echo "<option value='{$gateway['name']}' "; + if ($gateway['name'] == $pconfig['gateway']) + echo "selected"; + } + echo ">" . htmlspecialchars($gateway['name']) . "</option>\n"; + } + ?> </select> <br /> <div id='addgwbox'> Choose which gateway this route applies to or <a OnClick="show_add_gateway();" href="#">add a new one</a>. diff --git a/usr/local/www/system_usermanager_settings.php b/usr/local/www/system_usermanager_settings.php index 8fa652c..c961dd4 100755 --- a/usr/local/www/system_usermanager_settings.php +++ b/usr/local/www/system_usermanager_settings.php @@ -125,7 +125,7 @@ if(!$pconfig['backend']) <td width="78%" class="vtable"> <input name="session_timeout" id="session_timeout" type="text" size="8" value="<?=htmlspecialchars($pconfig['session_timeout']);?>" /> <br /> - <?=gettext("Time in minutes to expire idle management sessions. The default is 4 hours (240 minutes). <br/> 0 means to never expire sessions. NOTE: This is a security risk!");?><br /> + <?=gettext("Time in minutes to expire idle management sessions. The default is 4 hours (240 minutes). <br/> Enter 0 to never expire sessions. NOTE: This is a security risk!");?><br /> </td> </tr> <tr> diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index fdf4af4..4f0d59d 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -112,6 +112,7 @@ if($_GET['act']=="edit"){ $pconfig['passtos'] = $a_server[$id]['passtos']; $pconfig['client2client'] = $a_server[$id]['client2client']; + $pconfig['dynamic_ip'] = $a_server[$id]['dynamic_ip']; $pconfig['pool_enable'] = $a_server[$id]['pool_enable']; $pconfig['dns_domain'] = $a_server[$id]['dns_domain']; @@ -299,6 +300,7 @@ if ($_POST) { $server['passtos'] = $pconfig['passtos']; $server['client2client'] = $pconfig['client2client']; + $server['dynamic_ip'] = $pconfig['dynamic_ip']; $server['pool_enable'] = $pconfig['pool_enable']; if ($pconfig['dns_domain_enable']) @@ -906,6 +908,24 @@ function netbios_change() { <td colspan="2" valign="top" class="listtopic">Client Settings</td> </tr> <tr> + <td width="22%" valign="top" class="vncell">Dynamic IP</td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0"> + <tr> + <td> + <?php set_checked($pconfig['dynamic_ip'],$chk); ?> + <input name="dynamic_ip" type="checkbox" id="dynamic_ip" value="yes" <?=$chk;?>"> + </td> + <td> + <span class="vexpl"> + Allow connected clients to retain their connections if their IP address changes.<br> + </span> + </td> + </tr> + </table> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell">Address Pool</td> <td width="78%" class="vtable"> <table border="0" cellpadding="2" cellspacing="0"> diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc index eea1a85..9be787c 100644 --- a/usr/local/www/wizards/openvpn_wizard.inc +++ b/usr/local/www/wizards/openvpn_wizard.inc @@ -538,6 +538,8 @@ function step12_submitphpaction() { $server['passtos'] = $pconfig['step10']['tos']; if (isset($pconfig['step10']['interclient'])) $server['client2client'] = $pconfig['step10']['interclient']; + if (isset($pconfig['step10']['dynip'])) + $server['dynamic_ip'] = $pconfig['step10']['dynip']; if (isset($pconfig['step10']['addrpool'])) $server['pool_enable'] = $pconfig['step10']['addrpool']; if (isset($pconfig['step10']['defaultdomain'])) diff --git a/usr/local/www/wizards/openvpn_wizard.xml b/usr/local/www/wizards/openvpn_wizard.xml index 2bc6db1..bba38c8 100644 --- a/usr/local/www/wizards/openvpn_wizard.xml +++ b/usr/local/www/wizards/openvpn_wizard.xml @@ -757,6 +757,14 @@ <name>Client Settings</name> </field> <field> + <displayname>Dynamic IP</displayname> + <name>dynip</name> + <type>checkbox</type> + <value>on</value> + <description>Allow connected clients to retain their connections if their IP address changes.</description> + <bindstofield>ovpnserver->step10->dynip</bindstofield> + </field> + <field> <displayname>Address Pool</displayname> <name>addrpool</name> <type>checkbox</type> |