diff options
57 files changed, 2330 insertions, 1132 deletions
diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index a1397b8..8df3e5d 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -293,6 +293,14 @@ function cert_create(& $cert, $caref, $keylen, $lifetime, $dn, $type="user", $di break; } + // in case of using Subject Alternative Names use other sections (with postfix '_san') + // pass subjectAltName over environment variable 'SAN' + if ($dn['subjectAltName']) { + putenv("SAN={$dn['subjectAltName']}"); // subjectAltName can be set _only_ via configuration file + $cert_type .= '_san'; + unset($dn['subjectAltName']); + } + $args = array( "x509_extensions" => $cert_type, "digest_alg" => $digest_alg, diff --git a/etc/inc/config.console.inc b/etc/inc/config.console.inc index 256486c..2d15dc2 100644 --- a/etc/inc/config.console.inc +++ b/etc/inc/config.console.inc @@ -85,7 +85,7 @@ EOD; $iflist = array(); } else { foreach ($iflist as $iface => $ifa) { - echo sprintf("% -6s%s %s %s\n", $iface, $ifa['mac'], + echo sprintf("% -7s%s %s %s\n", $iface, $ifa['mac'], $ifa['up'] ? " (up)" : "(down)", $ifa['dmesg']); } } diff --git a/etc/inc/dyndns.class b/etc/inc/dyndns.class index 73f55ad..2177360 100644 --- a/etc/inc/dyndns.class +++ b/etc/inc/dyndns.class @@ -620,7 +620,7 @@ $needsIP = TRUE; $dnsServer ='www.cloudflare.com'; $dnsHost = str_replace(' ','', $this->_dnsHost); - $URL = "https://{$dnsServer}/api.html?a=DIUP&email={$this->_dnsUser}&tkn={$this->_dnsPass}&ip={$this->dnsIP}&hosts={$dnsHost}"; + $URL = "https://{$dnsServer}/api.html?a=DIUP&email={$this->_dnsUser}&tkn={$this->_dnsPass}&ip={$this->_dnsIP}&hosts={$dnsHost}"; curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_URL, $URL); break; diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 711dae4..38680f7 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -506,7 +506,7 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr else if(!isset($aliasnesting[$address])) $tmpline = filter_generate_nested_alias($name, $aliastable[$address], $aliasnesting, $aliasaddrnesting); } else if(!isset($aliasaddrnesting[$address])) { - if (!is_ipaddr($address) && !is_subnet($address) && !is_port($address) && is_hostname($address)) { + if (!is_ipaddr($address) && !is_subnet($address) && !is_port($address) && !is_portrange($address) && is_hostname($address)) { if (!isset($filterdns["{$address}{$name}"])) $filterdns["{$address}{$name}"] = "pf {$address} {$name}\n"; continue; @@ -1366,6 +1366,24 @@ function filter_nat_rules_automatic_tonathosts($with_descr = false) { if($oc['sa']) { $tonathosts[] = "{$oc['sa']}/{$oc['sn']}"; $descriptions[] = $oc['descr']; + if (isset($oc['vips']) && is_array($oc['vips'])) { + $if_subnets = array("{$oc['sa']}/{$oc['sn']}"); + foreach ($oc['vips'] as $vip) { + if (!is_ipaddrv4($vip['ip'])) + continue; + + foreach ($if_subnets as $subnet) + if (ip_in_subnet($vip['ip'], $subnet)) + continue 2; + + $network = gen_subnet($vip['ip'], $vip['sn']); + array_unshift($tonathosts, $network . '/' . $vip['sn']); + array_unshift($descriptions, "Virtual IP ({$oc['descr']})"); + $if_subnets[] = $network . '/' . $vip['sn']; + unset($network); + } + unset($if_subnets); + } } } diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index f9b0da5..a51d8be 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -1242,10 +1242,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = } break; case "dhcp": - $pid = find_dhclient_process($realif); - if($pid) - posix_kill($pid, SIGTERM); - sleep(1); + kill_dhclient_process($realif); unlink_if_exists("{$g['varetc_path']}/dhclient_{$interface}.conf"); if(does_interface_exist("$realif")) { mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true); @@ -2801,6 +2798,21 @@ function find_dhclient_process($interface) { return intval($pid); } +function kill_dhclient_process($interface) { + if (empty($interface) || !does_interface_exist($interface)) + return; + + $i = 0; + while ((($pid = find_dhclient_process($interface)) != 0) && ($i < 3)) { + /* 3rd time make it die for sure */ + $sig = ($i == 2 ? SIGKILL : SIGTERM); + posix_kill($pid, $sig); + sleep(1); + $i++; + } + unset($i); +} + function find_dhcp6c_process($interface) { global $g; @@ -3897,6 +3909,9 @@ EOD; else log_error(printf(gettext("Could not bring up %s interface in interface_dhcp_configure()"), $wanif)); + /* Make sure dhclient is not running */ + kill_dhclient_process($wanif); + /* fire up dhclient */ mwexec("/sbin/dhclient -c {$g['varetc_path']}/dhclient_{$interface}.conf {$wanif} > {$g['tmp_path']}/{$wanif}_output 2> {$g['tmp_path']}/{$wanif}_error_output"); @@ -4142,6 +4157,7 @@ function convert_friendly_interface_to_friendly_descr($interface) { break; case "enc0": case "ipsec": + case "IPsec": $ifdesc = "IPsec"; break; default: @@ -4175,14 +4191,11 @@ function convert_friendly_interface_to_friendly_descr($interface) { } function convert_real_interface_to_friendly_descr($interface) { - global $config; $ifdesc = convert_real_interface_to_friendly_interface_name("{$interface}"); - if ($ifdesc) { - $iflist = get_configured_interface_with_descr(false, true); - return $iflist[$ifdesc]; - } + if (!empty($ifdesc)) + return convert_friendly_interface_to_friendly_descr($ifdesc); return $interface; } @@ -4374,12 +4387,12 @@ function guess_interface_from_ip($ipaddress) { } if(is_ipaddrv4($ipaddress)) { /* create a route table we can search */ - exec("netstat -rnWf inet", $output, $ret); + exec("/usr/bin/netstat -rnWf inet", $output, $ret); foreach($output as $line) { if(preg_match("/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\/[0-9]+[ ]+link[#]/", $line)) { $fields = preg_split("/[ ]+/", $line); if(ip_in_subnet($ipaddress, $fields[0])) { - return $fields[6]; + return $fields[5]; } } } @@ -4387,12 +4400,12 @@ function guess_interface_from_ip($ipaddress) { /* FIXME: This works from cursory testing, regexp might need fine tuning */ if(is_ipaddrv6($ipaddress)) { /* create a route table we can search */ - exec("netstat -rnWf inet6", $output, $ret); + exec("/usr/bin/netstat -rnWf inet6", $output, $ret); foreach($output as $line) { if(preg_match("/[0-9a-f]+[:]+[0-9a-f]+[:]+[\/][0-9]+/", $line)) { $fields = preg_split("/[ ]+/", $line); if(ip_in_subnet($ipaddress, $fields[0])) { - return $fields[6]; + return $fields[5]; } } } diff --git a/etc/inc/ipsec.auth-user.php b/etc/inc/ipsec.auth-user.php index 7d114d4..1171735 100755 --- a/etc/inc/ipsec.auth-user.php +++ b/etc/inc/ipsec.auth-user.php @@ -35,7 +35,7 @@ pfSense_MODULE: openvpn */ /* - * racoon calls this script to authenticate a user + * ipsec calls this script to authenticate a user * based on a username and password. We lookup these * in our config.xml file and check the credentials. */ @@ -79,9 +79,9 @@ function getNasIP() } } /* setup syslog logging */ -openlog("racoon", LOG_ODELAY, LOG_AUTH); +openlog("charon", LOG_ODELAY, LOG_AUTH); -if (isset($_GET)) { +if (isset($_GET['username'])) { $authmodes = explode(",", $_GET['authcfg']); $username = $_GET['username']; $password = $_GET['password']; @@ -96,7 +96,7 @@ if (isset($_GET)) { if (!$username || !$password) { syslog(LOG_ERR, "invalid user authentication environment"); - if (isset($_GET)) { + if (isset($_GET['username'])) { echo "FAILED"; closelog(); return; @@ -110,7 +110,7 @@ $authenticated = false; if (($strictusercn === true) && ($common_name != $username)) { syslog(LOG_WARNING, "Username does not match certificate common name ({$username} != {$common_name}), access denied.\n"); - if (isset($_GET)) { + if (isset($_GET['username'])) { echo "FAILED"; closelog(); return; @@ -142,7 +142,7 @@ foreach ($authmodes as $authmode) { if ($authenticated == false) { syslog(LOG_WARNING, "user '{$username}' could not authenticate.\n"); - if (isset($_GET)) { + if (isset($_GET['username'])) { echo "FAILED"; closelog(); return; @@ -158,7 +158,7 @@ if (file_exists("/etc/inc/ipsec.attributes.php")) syslog(LOG_NOTICE, "user '{$username}' authenticated\n"); closelog(); -if (isset($_GET)) +if (isset($_GET['username'])) echo "OK"; else exit(0); diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index dd2f033..e03259b 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -485,7 +485,7 @@ function ipsec_smp_dump_status() { @file_put_contents("{$g['tmp_path']}/smp_status.xml", $response); unset($response, $sread); - $custom_listtags = array('ikesa', 'childsa', 'network'); + $custom_listtags = array('ikesa', 'childsa', 'network', 'auth'); $response = parse_xml_config("{$g['tmp_path']}/smp_status.xml", "message"); @unlink("{$g['tmp_path']}/smp_status.xml"); unset($custom_listtags); @@ -601,32 +601,21 @@ function ipsec_dump_sad() * Return dump of mobile user list */ function ipsec_dump_mobile() { - $command = "/usr/local/sbin/racoonctl show-users"; - $fd = @popen($command, "r"); - $mobile = array(); - if ($fd) { - while (!feof($fd)) { - $user = array(); - $line = chop(fgets($fd)); - if (!$line) - continue; - if ($line == "User|Source|Destination|CreatedOn|SPI") - continue; + global $g; - // jim|192.168.20.243:4500|192.168.20.5:24146|2012-05-25 09:54:39|989d10e1e2d4eca4:7243830d5fd2afe7 - $linea = explode("|", trim($line)); - $user['username'] = $linea[0]; - $user['local'] = $linea[1]; - $user['remote'] = $linea[2]; - $user['logintime'] = $linea[3]; - $user['spi'] = $linea[4]; - if (!empty($user['username'])) - $mobile[] = $user; - } - pclose($fd); + $_gb = exec("/usr/local/sbin/ipsec stroke leases > {$g['tmp_path']}/strongswan_leases.xml"); + + if (!file_exists("{$g['varrun_path']}/strongswan_leases.xml")) { + log_error(gettext("IPSec daemon seems to have issues or not running! Could not display mobile user stats!")); + return array(); } - return $mobile; + $custom_listtags = array('lease', 'pool'); + $response = parse_xml_config("{$g['tmp_path']}/strongswan_leases.xml", "leases"); + @unlink("{$g['tmp_path']}/strongswan_leases.xml"); + unset($custom_listtags, $_gb); + + return $response; } function ipsec_mobilekey_sort() { @@ -676,12 +665,6 @@ function ipsec_get_descr($ikeid) { return $descr; } -function ipsec_disconnect_mobile($username) { - if (empty($username)) - return false; - exec("/usr/local/sbin/racoonctl logout-user " . escapeshellarg($username)); -} - function ipsec_fixup_ip($ipaddr) { if (is_ipaddrv6($ipaddr) || is_subnetv6($ipaddr)) return Net_IPv6::compress(Net_IPv6::uncompress($ipaddr)); @@ -742,4 +725,20 @@ function ipsec_find_id(& $ph1ent, $side = "local", $rgmap = array()) { } return array($thisid_type, $thisid_data); } + +function ipsec_fixup_network($network) { + if (substr($network, -3) == '|/0') + $result = substr($network, 0, -3); + else { + $tmp = explode('|', $network); + if (isset($tmp[1])) + $result = $tmp[1]; + else + $result = $tmp[0]; + unset($tmp); + } + + return $result; +} + ?> diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 5b5c1dc..3892ba6 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -1250,7 +1250,7 @@ function get_interface_info($ifdescr) { /* DHCP? -> see if dhclient is up */ case "dhcp": /* see if dhclient is up */ - if (find_dhclient_process($ifinfo['if']) <> "") + if (find_dhclient_process($ifinfo['if']) != 0) $ifinfo['dhcplink'] = "up"; else $ifinfo['dhcplink'] = "down"; diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 417d6b3..923d130 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -293,6 +293,7 @@ function get_pkg_depends($pkg_name, $filetype = ".xml", $format = "files", $retu $depend_file = substr(strrchr($item['item']['0'], '/'),1); // Strip URLs down to filenames. $depend_name = substr(substr($depend_file,0,strpos($depend_file,".")+1),0,-1); // Strip filename down to dependency name. if (($filetype != "all") && (!preg_match("/{$filetype}/i", $depend_file))) + if (($filetype != "all") && (strtolower(substr($depend_file, -strlen($filetype))) != strtolower($filetype))) continue; if ($item['prefix'] != "") $prefix = $item['prefix']; diff --git a/etc/inc/priv/user.priv.inc b/etc/inc/priv/user.priv.inc index 0b94688..5cd5680 100644 --- a/etc/inc/priv/user.priv.inc +++ b/etc/inc/priv/user.priv.inc @@ -10,7 +10,7 @@ $priv_list['page-help-all'] = array(); $priv_list['page-help-all']['name'] = "WebCfg - Help pages"; $priv_list['page-help-all']['descr'] = "Show all items on help menu"; $priv_list['page-help-all']['match'] = array(); -$priv_list['page-help-all']['match'][] = "*www.pfsense.org*"; +$priv_list['page-help-all']['match'][] = "*help.php"; $priv_list['page-dashboard-all'] = array(); $priv_list['page-dashboard-all']['name'] = "WebCfg - Dashboard (all)"; diff --git a/etc/inc/service-utils.inc b/etc/inc/service-utils.inc index 600682f..297a283 100644 --- a/etc/inc/service-utils.inc +++ b/etc/inc/service-utils.inc @@ -171,7 +171,7 @@ function is_pid_running($pidfile) { function is_dhcp_running($interface) { $status = find_dhclient_process($interface); - if($status <> "") + if($status != 0) return true; return false; } diff --git a/etc/inc/services.inc b/etc/inc/services.inc index b3c6d33..2f2fc83 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -893,6 +893,10 @@ EOD; if (!file_exists("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases")) @touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases"); + /* make sure there isn't a stale dhcpd.pid file, which can make dhcpd fail to start. */ + /* if we get here, dhcpd has been killed and is not started yet */ + unlink_if_exists("{$g['dhcpd_chroot_path']}{$g['varrun_path']}/dhcpd.pid"); + /* fire up dhcpd in a chroot */ if (count($dhcpdifs) > 0) { mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf -pf {$g['varrun_path']}/dhcpd.pid " . @@ -1300,6 +1304,10 @@ EOD; if (!file_exists("{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases")) @touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases"); + /* make sure there isn't a stale dhcpdv6.pid file, which may make dhcpdv6 fail to start. */ + /* if we get here, dhcpdv6 has been killed and is not started yet */ + unlink_if_exists("{$g['dhcpd_chroot_path']}{$g['varrun_path']}/dhcpdv6.pid"); + /* fire up dhcpd in a chroot */ if (count($dhcpdv6ifs) > 0) { mwexec("/usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpdv6.conf -pf {$g['varrun_path']}/dhcpdv6.pid " . @@ -1363,8 +1371,8 @@ EOD; fclose($igmpfl); unset($igmpconf); - /* NOTE: -d 4 means everything LOG_WARNING and smaller */ - mwexec("/usr/local/sbin/igmpproxy -d 4 -c {$g['tmp_path']}/igmpproxy.conf"); + /* NOTE: -d4 means everything LOG_WARNING and smaller */ + mwexec("/usr/local/sbin/igmpproxy -d4 -c {$g['tmp_path']}/igmpproxy.conf"); log_error(gettext("Started IGMP proxy service.")); return 0; diff --git a/etc/inc/util.inc b/etc/inc/util.inc index 402ef3e..e672970 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -677,15 +677,12 @@ function is_validaliasname($name) { /* returns true if $port is a valid TCP/UDP port */ function is_port($port) { - $tmpports = explode(":", $port); - foreach($tmpports as $tmpport) { - if (getservbyname($tmpport, "tcp") || getservbyname($tmpport, "udp")) - continue; - if (!ctype_digit($tmpport)) - return false; - else if ((intval($tmpport) < 1) || (intval($tmpport) > 65535)) - return false; - } + if (getservbyname($port, "tcp") || getservbyname($port, "udp")) + return true; + if (!ctype_digit($port)) + return false; + else if ((intval($port) < 1) || (intval($port) > 65535)) + return false; return true; } @@ -1255,7 +1252,7 @@ function alias_expand($name) { if (isset($aliastable[$name])) return "\${$name}"; - else if (is_ipaddr($name) || is_subnet($name) || is_port($name)) + else if (is_ipaddr($name) || is_subnet($name) || is_port($name) || is_portrange($name)) return "{$name}"; else return null; diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 0a9ce06..6600f84 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -48,8 +48,8 @@ function vpn_ipsec_configure_loglevels($forconfig = false) $cfgtext = array(); foreach ($ipsec_loglevels as $lkey => $ldescr) { - if (!isset($config['ipsec']["ipsec_{$lkey}"])) - $forconfig ? $cfgtext[] = "{$lkey} = -1" : mwexec("/usr/local/sbin/ipsec stroke loglevel {$lkey} -1", false); + if (!isset($config['ipsec']["ipsec_{$lkey}"]) && !$forconfig) + mwexec("/usr/local/sbin/ipsec stroke loglevel {$lkey} -1", false); else if (is_numeric($config['ipsec']["ipsec_{$lkey}"]) && intval($config['ipsec']["ipsec_{$lkey}"]) >= 1 && intval($config['ipsec']["ipsec_{$lkey}"]) <= 5) $forconfig ? $cfgtext[] = "${lkey} = " . (intval($config['ipsec']["ipsec_{$lkey}"]) - 1) : @@ -279,6 +279,9 @@ charon { # number of worker threads in charon threads = 16 + ikesa_table_size = 32 + ikesa_table_segments = 4 + init_limit_half_open = 1000; # XXX: There is not much choice here really users win their security! i_dont_care_about_security_and_use_aggressive_mode_psk=yes @@ -586,8 +589,11 @@ EOD; if ($ph1ent['lifetime']) $ikelifeline = "ikelifetime = {$ph1ent['lifetime']}s"; - $authentication = ""; $rightsourceip = NULL; + if (!empty($a_client['pool_address'])) + $rightsourceip = "\trightsourceip = {$a_client['pool_address']}/{$a_client['pool_netbits']}\n"; + + $authentication = ""; switch ($ph1ent['authentication_method']) { case 'xauth_rsa_server': $authentication = "leftauth = pubkey\n\trightauth = pubkey"; @@ -596,8 +602,6 @@ EOD; case 'xauth_psk_server': $authentication = "leftauth = psk\n\trightauth = psk"; $authentication .= "\n\trightauth2 = xauth-generic"; - if (!empty($a_client['pool_address'])) - $rightsourceip = "\trightsourceip = {$a_client['pool_address']}/{$a_client['pool_netbits']}\n"; break; case 'pre_shared_key': $authentication = "leftauth = psk\n\trightauth = psk"; diff --git a/etc/inc/wizardapp.inc b/etc/inc/wizardapp.inc index aaf4d34..53bd7ac 100644 --- a/etc/inc/wizardapp.inc +++ b/etc/inc/wizardapp.inc @@ -31,16 +31,90 @@ $gamesplist = array(); -$gamesplist['arma2'] = array(); - /* ARMA 2 */ - $gamesplist['arma2'][] = array('arma2', 'udp', '2302', '2310', 'both'); - +/* Game Consoles and Game Clients */ + +$gamesplist['playstationconsoles'] = array(); + /* Playstation 3, Playstation 4 and PS Vita */ + $gamesplist['playstationconsoles'][] = array('PS-Network-TCP', 'tcp', '10040', '10060', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-Network-UDP', 'udp', '50000', '60000', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-Home-TCP-1', 'tcp', '3478', '3480', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-Home-TCP-2', 'tcp', '8080', '8080', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-TCP-1', 'tcp', '5223', '5223', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-TCP-2', 'tcp', '10070', '10080', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-UDP-1', 'udp', '3478', '3479', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-UDP-2', 'udp', '3658', '3658', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-UDP-3', 'udp', '10070', '10070', 'both'); + $gamesplist['playstationconsoles'][] = array('PS-RemotePlay', 'tcp', '9293', '9293', 'both'); + +$gamesplist['wiiconsoles'] = array(); + /* XBox Consoles */ + $gamesplist['wiiconsoles'][] = array('Wii-Consoles-TCP-1', 'tcp', '6667', '6667', 'both'); + $gamesplist['wiiconsoles'][] = array('Wii-Consoles-TCP-2', 'tcp', '12400', '12400', 'both'); + $gamesplist['wiiconsoles'][] = array('Wii-Consoles-TCP-3', 'tcp', '28910', '28910', 'both'); + $gamesplist['wiiconsoles'][] = array('Wii-Consoles-TCP-4', 'tcp', '29900', '29901', 'both'); + $gamesplist['wiiconsoles'][] = array('Wii-Consoles-TCP-5', 'tcp', '29920', '29920', 'both'); + +$gamesplist['xboxconsoles'] = array(); + /* XBox Consoles */ + $gamesplist['xboxconsoles'][] = array('xbox-Consoles-UDP-1', 'udp', '88', '88', 'both'); + $gamesplist['xboxconsoles'][] = array('xbox-Consoles-UDP-2', 'udp', '3074', '3074', 'both'); + $gamesplist['xboxconsoles'][] = array('xbox-Consoles-TCP-1', 'tcp', '3074', '3074', 'both'); + $gamesplist['xboxconsoles'][] = array('xbox-Consoles-TCP-2', 'tcp', '3659', '3659', 'both'); + $gamesplist['xboxconsoles'][] = array('xbox-Consoles-TCP-3', 'tcp', '500', '500', 'both'); + $gamesplist['xboxconsoles'][] = array('xbox-Consoles-TCP-4', 'tcp', '3544', '3544', 'both'); + $gamesplist['xboxconsoles'][] = array('xbox-Consoles-TCP-5', 'tcp', '4500', '4500', 'both'); + $gamesplist['battlenet'] = array(); /* Blizzard Publishing games */ $gamesplist['battlenet'][] = array('Battle.NET-game1-tcp', 'tcp', '6112', '6119', 'both'); //diablo, diablo2, starcraft, warcraft 2, warcraft 3 $gamesplist['battlenet'][] = array('Battle.NET-game1-udp', 'udp', '6112', '6119', 'both'); //diablo, diablo2, starcraft, warcraft 2 $gamesplist['battlenet'][] = array('Battle.NET-diablo2', 'tcp', '4000', '4000', 'both'); //diablo2 $gamesplist['battlenet'][] = array('Battle.NET-game2', 'tcp', '1119', '1119', 'both'); //diablo3, starcraft 2 + $gamesplist['battlenet'][] = array('Battle.NET-game3', 'tcp', '3724', '3724', 'both'); //starcraft2 + +$gamesplist['eaorigin'] = array(); + /* EA Origin Client */ + $gamesplist['eaorigin'][] = array('EA-Origin-TCP-1', 'tcp', '1024', '1124', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-TCP-2', 'tcp', '9960', '9969', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-TCP-3', 'tcp', '18000', '18000', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-TCP-4', 'tcp', '18120', '18120', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-TCP-5', 'tcp', '18060', '18060', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-TCP-6', 'tcp', '27900', '27900', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-TCP-7', 'tcp', '28910', '28910', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-TCP-8', 'tcp', '29900', '29900', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-UDP-1', 'udp', '1024', '1124', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-UDP-2', 'udp', '18000', '18000', 'both'); + $gamesplist['eaorigin'][] = array('EA-Origin-UDP-3', 'udp', '29900', '29900', 'both'); + +$gamesplist['steam'] = array(); + /* Steam Games */ + $gamesplist['steam'][] = array('Steam-game-udp', 'udp', '27000', '27030', 'both'); //america's army 3, cs:s, cs:go, HL2, COD: Black Ops, COD: Black Ops 2, Natural Selection 2 + $gamesplist['steam'][] = array('Steam-game-tcp', 'tcp', '27000', '27030', 'both'); //america's army 3, cs:s, cs:go, HL2, COD: Black Ops, COD: Black Ops 2, Natural Selection 2 + $gamesplist['steam'][] = array('Steam-hltv', 'udp', '27015', '27030', 'both'); + $gamesplist['steam'][] = array('Steam-1', 'udp', '4380', '4380', 'both'); + $gamesplist['steam'][] = array('Steam-2', 'udp', '1200', '1200', 'both'); + $gamesplist['steam'][] = array('Steam-voice', 'udp', '3478', '3480', 'both'); + +$gamesplist['gamesforwindowslive'] = array(); + /* Games for Windows Live */ + $gamesplist['gamesforwindowslive'][] = array('Games4WinLive-1', 'udp', '88', '88', 'both'); + $gamesplist['gamesforwindowslive'][] = array('Games4WinLive-2', 'udp', '3074', '3074', 'both'); + $gamesplist['gamesforwindowslive'][] = array('Games4WinLive-3', 'tcp', '3074', '3074', 'both'); + +/* Games */ + +$gamesplist['arma2'] = array(); + /* ARMA 2 */ + $gamesplist['arma2'][] = array('arma2', 'udp', '2302', '2310', 'both'); + +$gamesplist['arma3'] = array(); + /* ARMA 3 */ + $gamesplist['arma3'][] = array('arma3-game-traffic', 'udp', '2302', '2302', 'both'); + $gamesplist['arma3'][] = array('arma3-steam-query', 'udp', '2303', '2303', 'both'); + $gamesplist['arma3'][] = array('arma3-steam-port', 'udp', '2304', '2304', 'both'); + $gamesplist['arma3'][] = array('arma3-BattleEye-1', 'tcp', '2345', '2345', 'both'); + $gamesplist['arma3'][] = array('arma3-BattleEye-2', 'tcp', '2344', '2344', 'both'); + $gamesplist['arma3'][] = array('arma3-BattleEye-2', 'udp', '2344', '2344', 'both'); $gamesplist['battlefield2'] = array(); /* Battlefield 2 */ @@ -55,7 +129,7 @@ $gamesplist['battlefield2'] = array(); $gamesplist['battlefield2'][] = array('BF2-55123-55125', 'udp', '55123', '55125', 'both'); $gamesplist['battlefield3'] = array(); - /* Battlefield 3 */ + /* Battlefield 3 and Battlefield 4 */ $gamesplist['battlefield3'][] = array('BF3-1', 'tcp', '9988', '9988', 'both'); $gamesplist['battlefield3'][] = array('BF3-2', 'tcp', '20000', '20100', 'both'); $gamesplist['battlefield3'][] = array('BF3-3', 'tcp', '22990', '22990', 'both'); @@ -65,6 +139,9 @@ $gamesplist['battlefield3'] = array(); $gamesplist['battlefield3'][] = array('BF3-7', 'udp', '14000', '14016', 'both'); $gamesplist['battlefield3'][] = array('BF3-8', 'udp', '22990', '23006', 'both'); $gamesplist['battlefield3'][] = array('BF3-9', 'udp', '25200', '25300', 'both'); + $gamesplist['battlefield3'][] = array('BF3-PS-1', 'tcp', '10000', '10100', 'both'); + $gamesplist['battlefield3'][] = array('BF3-PS-2', 'tcp', '1935', '1935', 'both'); + $gamesplist['battlefieldbc2'] = array(); /* Battlefield Bad Company 2 */ @@ -99,6 +176,38 @@ $gamesplist['crysis2'] = array(); /* Crysis 2 */ $gamesplist['crysis2'][] = array('Crysis2', 'udp', '64100', '64100', 'both'); +$gamesplist['crysis3'] = array(); + /* Crysis 3 */ + $gamesplist['crysis3'][] = array('Crysis3-TCP-1', 'tcp', '9988', '9988', 'both'); + $gamesplist['crysis3'][] = array('Crysis3-TCP-2', 'tcp', '17502', '17502', 'both'); + $gamesplist['crysis3'][] = array('Crysis3-TCP-3', 'tcp', '25650', '25780', 'both'); + $gamesplist['crysis3'][] = array('Crysis3-TCP-4', 'tcp', '42127', '42127', 'both'); + $gamesplist['crysis3'][] = array('Crysis3-TCP-5', 'tcp', '64100', '64110', 'both'); + $gamesplist['crysis3'][] = array('Crysis3-UDP-1', 'udp', '3659', '3659', 'both'); + $gamesplist['crysis3'][] = array('Crysis3-UDP-2', 'udp', '10000', '10100', 'both'); + $gamesplist['crysis3'][] = array('Crysis3-UDP-3', 'udp', '25650', '25780', 'both'); + $gamesplist['crysis3'][] = array('Crysis3-UDP-4', 'udp', '64100', '64110', 'both'); + +$gamesplist['deadspace2'] = array(); + /* Dead Space 2 */ + $gamesplist['deadspace2'][] = array('DeadSpace2-TCP-1', 'tcp', '28910', '28910', 'both'); + $gamesplist['deadspace2'][] = array('DeadSpace2-TCP-2', 'tcp', '29900', '29901', 'both'); + $gamesplist['deadspace2'][] = array('DeadSpace2-UDP-1', 'udp', '8088', '28088', 'both'); + +$gamesplist['deadspace3'] = array(); + /* Dead Space 3 */ + $gamesplist['deadspace3'][] = array('DeadSpace3-TCP-1', 'tcp', '1024', '1124', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-TCP-2', 'tcp', '9960', '9969', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-TCP-3', 'tcp', '18000', '18000', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-TCP-4', 'tcp', '18120', '18120', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-TCP-5', 'tcp', '18060', '18060', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-TCP-6', 'tcp', '27900', '27900', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-TCP-7', 'tcp', '28910', '28910', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-TCP-8', 'tcp', '29900', '29900', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-UDP-1', 'udp', '1024', '1124', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-UDP-2', 'udp', '18000', '18000', 'both'); + $gamesplist['deadspace3'][] = array('DeadSpace3-UDP-3', 'udp', '29900', '29900', 'both'); + $gamesplist['deltaforce'] = array(); /* delta force */ $gamesplist['deltaforce'][] = array('Delta1', 'udp', '17478', '17488', 'both'); @@ -115,6 +224,22 @@ $gamesplist['doom3'] = array(); $gamesplist['doom3'][] = array('DOOM3-1', 'udp', '27650', '27650', 'both'); $gamesplist['doom3'][] = array('DOOM3-2', 'udp', '27666', '27666', 'both'); +$gamesplist['dragonage2'] = array(); + /* Dragon Age 2 */ + $gamesplist['dragonage2'][] = array('DragonAge2-TCP-1', 'tcp', '8000', '8000', 'both'); + $gamesplist['dragonage2'][] = array('DragonAge2-TCP-2', 'tcp', '12025', '12025', 'both'); + $gamesplist['dragonage2'][] = array('DragonAge2-TCP-3', 'tcp', '15101', '15325', 'both'); + $gamesplist['dragonage2'][] = array('DragonAge2-TCP-4', 'tcp', '18081', '18081', 'both'); + $gamesplist['dragonage2'][] = array('DragonAge2-TCP-5', 'tcp', '42127', '42127', 'both'); + $gamesplist['dragonage2'][] = array('DragonAge2-UDP-1', 'udp', '1900', '1900', 'both'); + $gamesplist['dragonage2'][] = array('DragonAge2-UDP-2', 'udp', '5355', '5355', 'both'); + $gamesplist['dragonage2'][] = array('DragonAge2-UDP-3', 'udp', '8001', '8001', 'both'); + +$gamesplist['empireearth'] = array(); + /* empire earth */ + $gamesplist['empireearth'][] = array('EmpireEarth-1', 'tcp', '33335', '33336', 'both'); + $gamesplist['empireearth'][] = array('EmpireEarth-2', 'udp', '33334', '33334', 'both'); + $gamesplist['eveonline'] = array(); /* EVE Online */ $gamesplist['eveonline'][] = array('EVEOnline-tcp', 'tcp', '26000', '26000', 'both'); @@ -122,11 +247,6 @@ $gamesplist['eveonline'] = array(); $gamesplist['eveonline'][] = array('EVEOnline-alternate-tcp', 'tcp', '3724', '3724', 'both'); $gamesplist['eveonline'][] = array('EVEOnline-alternate-udp', 'udp', '3724', '3724', 'both'); -$gamesplist['empireearth'] = array(); - /* empire earth */ - $gamesplist['empireearth'][] = array('EmpireEarth-1', 'tcp', '33335', '33336', 'both'); - $gamesplist['empireearth'][] = array('EmpireEarth-2', 'udp', '33334', '33334', 'both'); - $gamesplist['everquest'] = array(); /* everquest */ $gamesplist['everquest'][] = array('Everquest-1', 'tcp', '1024', '6000', 'both'); @@ -167,12 +287,6 @@ $gamesplist['halflife'] = array(); $gamesplist['halflife'][] = array('HL-2', 'udp', '27650', '27650', 'both'); $gamesplist['halflife'][] = array('HL-3', 'udp', '27666', '27666', 'both'); -$gamesplist['halo2'] = array(); - /* Halo2 + XBOX Live */ - $gamesplist['halo2'][] = array('Halo2-1', 'udp', '88', '88', 'both'); - $gamesplist['halo2'][] = array('Halo2-2', 'udp', '3074', '3074', 'both'); - $gamesplist['halo2'][] = array('Halo2-3', 'tcp', '3074', '3074', 'both'); - $gamesplist['leagueoflegends'] = array(); /* League of Legends */ $gamesplist['leagueoflegends'][] = array('LeagueofLegends-1', 'udp', '5000', '5500', 'both'); @@ -185,6 +299,11 @@ $gamesplist['lineage2'] = array(); $gamesplist['lineage2'][] = array('Lineage2-2106', 'tcp', '2106', '2106', 'both'); $gamesplist['lineage2'][] = array('Lineage2-7777', 'tcp', '7777', '7777', 'both'); +$gamesplist['masseffect3'] = array(); + /* MassEffect 3 */ + $gamesplist['masseffect3'][] = array('MassEffect3-UDP-1', 'udp', '5659', '5659', 'both'); + $gamesplist['masseffect3'][] = array('MassEffect3-UDP-1', 'udp', '6000', '6000', 'both'); + $gamesplist['mechwarrioronline'] = array(); /* MechWarrior: Online */ $gamesplist['mechwarrioronline'][] = array('MechWarriorOnline-tcp1', 'tcp', '45461', '45461', 'both'); @@ -198,7 +317,7 @@ $gamesplist['minecraft'] = array(); $gamesplist['operationflashpoint-dr'] = array(); /* Operation Flashpoint: Dragon Rising */ - $gamesplist['operationflashpoint-dr'][] = array('operationflashpoint-dr-game', 'udp', '9105', '9105', 'both'); + $gamesplist['operationflashpoint-dr'][] = array('OperationFlashpoint-DR', 'udp', '9105', '9105', 'both'); $gamesplist['planetside'] = array(); /* PlanetSide */ @@ -212,28 +331,18 @@ $gamesplist['planetside2'] = array(); /* PlanetSide 2 */ $gamesplist['planetside2'][] = array('PlanetSide2-game', 'udp', '20040', '20199', 'both'); $gamesplist['planetside2'][] = array('PlanetSide2-voice', 'udp', '5062', '5062', 'both'); - -$gamesplist['playstation3'] = array(); - /* PlayStation 2 */ - $gamesplist['playstation3'][] = array('PS3-pshome1', 'tcp', '3478', '3480', 'both'); - $gamesplist['playstation3'][] = array('PS3-pshome2', 'tcp', '8080', '8080', 'both'); - $gamesplist['playstation3'][] = array('PS3-tcp1', 'tcp', '5223', '5223', 'both'); - $gamesplist['playstation3'][] = array('PS3-tcp2', 'tcp', '10070', '10080', 'both'); - $gamesplist['playstation3'][] = array('PS3-udp1', 'udp', '3478', '3479', 'both'); - $gamesplist['playstation3'][] = array('PS3-udp2', 'udp', '3658', '3658', 'both'); - $gamesplist['playstation3'][] = array('PS3-udp3', 'udp', '10070', '10070', 'both'); - $gamesplist['playstation3'][] = array('PS3-remoteplay', 'tcp', '9293', '9293', 'both'); - + + $gamesplist['quakeiii'] = array(); /* quake3 */ - $gamesplist['quakeiii'][] = array('quakeiii', 'udp', '27910', '27919', 'both'); + $gamesplist['quakeiii'][] = array('Quake3', 'udp', '27910', '27919', 'both'); $gamesplist['quakeiv'] = array(); /* quake4 */ - $gamesplist['quakeiv'][] = array('quakeiv-server-udp', 'udp', '27650', '27650', 'both'); - $gamesplist['quakeiv'][] = array('quakeiv-server-tcp', 'tcp', '27650', '27650', 'both'); - $gamesplist['quakeiv'][] = array('quakeiv-client-udp', 'udp', '28004', '28004', 'both'); - $gamesplist['quakeiv'][] = array('quakeiv-client-tcp', 'tcp', '28004', '28004', 'both'); + $gamesplist['quakeiv'][] = array('QuakeIV-server-udp', 'udp', '27650', '27650', 'both'); + $gamesplist['quakeiv'][] = array('QuakeIV-server-tcp', 'tcp', '27650', '27650', 'both'); + $gamesplist['quakeiv'][] = array('QuakeIV-client-udp', 'udp', '28004', '28004', 'both'); + $gamesplist['quakeiv'][] = array('QuakeIV-client-tcp', 'tcp', '28004', '28004', 'both'); $gamesplist['starwarstor'] = array(); /* quake3 */ @@ -241,17 +350,6 @@ $gamesplist['starwarstor'] = array(); $gamesplist['starwarstor'][] = array('StarWarsTOR-2', 'tcp', '12000', '12999', 'both'); $gamesplist['starwarstor'][] = array('StarWarsTOR-2', 'tcp', '20000', '30000', 'both'); -$gamesplist['steam'] = array(); - /* Steam Games */ - $gamesplist['steam'][] = array('steam-game-udp', 'udp', '27000', '27030', 'both'); //america's army 3, cs:s, cs:go, HL2, COD: Black Ops, COD: Black Ops 2, Natural Selection 2 - $gamesplist['steam'][] = array('steam-game-tcp', 'tcp', '27000', '27030', 'both'); //america's army 3, cs:s, cs:go, HL2, COD: Black Ops, COD: Black Ops 2, Natural Selection 2 - $gamesplist['steam'][] = array('steam-hltv', 'udp', '27015', '27030', 'both'); - $gamesplist['steam'][] = array('steam-1', 'udp', '4380', '4380', 'both'); - $gamesplist['steam'][] = array('steam-2', 'udp', '1200', '1200', 'both'); - $gamesplist['steam'][] = array('steam-voice', 'udp', '3478', '3480', 'both'); - //NOTE: steam downloads, probably don't want this in the game que - //$gamesplist['steam'][] = array('steam-downloads', 'tcp', '27014', '27050', 'both'); - $gamesplist['tigerwoods2004ps2'] = array(); /* tiger woods 2004 ps2 */ $gamesplist['tigerwoods2004ps2'][] = array('TigerWoods2004-Player', 'udp', '3658', '3658', 'both'); @@ -260,8 +358,8 @@ $gamesplist['tigerwoods2004ps2'] = array(); $gamesplist['tribesascend'] = array(); /* Tribes Ascend */ - $gamesplist['tribesascend'][] = array('tribesascend-tcp', 'tcp', '9000', '9001', 'both'); - $gamesplist['tribesascend'][] = array('tribesascend-udp', 'udp', '9002', '9999', 'both'); + $gamesplist['tribesascend'][] = array('TribesAscend-tcp', 'tcp', '9000', '9001', 'both'); + $gamesplist['tribesascend'][] = array('TribesAscend-udp', 'udp', '9002', '9999', 'both'); $gamesplist['unrealtournament'] = array(); /* Unreal Tournament */ @@ -279,13 +377,6 @@ $gamesplist['wow'] = array(); $gamesplist['wow'][] = array('WoW-voice', 'udp', '1119', '1119', 'both'); $gamesplist['wow'][] = array('WoW-voice', 'udp', '3724', '3724', 'both'); -$gamesplist['xbox360'] = array(); - /* XBox360 and Games for Windows Live*/ - $gamesplist['xbox360'][] = array('xbox360-1', 'udp', '88', '88', 'both'); - $gamesplist['xbox360'][] = array('xbox360-2', 'udp', '3074', '3074', 'both'); - $gamesplist['xbox360'][] = array('xbox360-3', 'tcp', '3074', '3074', 'both'); - - $voiplist = array(); /* asterisk server / same as vonage */ @@ -357,111 +448,216 @@ $p2plist = array(); $othersplist = array(); /* Unlike other areas we are posting the queue H or L or BLANK */ + /* Remote Service / Terminal emulation */ + + $othersplist['appleremotedesktop'] = array(); + /* apple remote desktop */ + $othersplist['appleremotedesktop'][] = array('AppleRemoteDesktop1', 'tcp', '3283', '3283', 'both'); + $othersplist['appleremotedesktop'][] = array('AppleRemoteDesktop2', 'tcp', '5900', '5900', 'both'); + $othersplist['appleremotedesktop'][] = array('AppleRemoteDesktop3', 'udp', '3283', '3283', 'both'); + $othersplist['appleremotedesktop'][] = array('AppleRemoteDesktop4', 'udp', '5900', '5900', 'both'); + $othersplist['msrdp'] = array(); /* MSRDP */ $othersplist['msrdp'][] = array('MSRDP', 'tcp', '3389', '3389', 'both'); + + $othersplist['pcanywhere'] = array(); + /* symantec pc anywhere */ + $othersplist['pcanywhere'][] = array('PCAnywhere-1', 'tcp', '5631', '5631', 'both'); + $othersplist['pcanywhere'][] = array('PCAnywhere-2', 'udp', '5632', '5632', 'both'); + + $othersplist['vnc'] = array(); + /* virtual network control */ + $othersplist['vnc'][] = array('VNC', 'tcp', '5900', '5930', 'both'); + + /* Messanger Clients */ + + $othersplist['aolinstantmessenger'] = array(); + /* AIM */ + $othersplist['aolinstantmessenger'][] = array('AIM', 'tcp', '5190', '5190', 'both'); + + $othersplist['facetime'] = array(); + /* Facetime */ + $othersplist['facetime'][] = array('Facetime-UDP-1', 'udp', '3478', '3479', 'both'); + $othersplist['facetime'][] = array('Facetime-TCP-1', 'tcp', '16384', '16387', 'both'); + $othersplist['facetime'][] = array('Facetime-TCP-2', 'tcp', '16393', '16402', 'both'); + + $othersplist['googlehangouts'] = array(); + /* Google Hangouts */ + $othersplist['googlehangouts'][] = array('GoogleHangouts-UDP', 'udp', '19302', '19309', 'both'); + $othersplist['googlehangouts'][] = array('GoogleHangouts-TCP', 'tcp', '19305', '19309', 'both'); + + $othersplist['icq'] = array(); + /* icq */ + $othersplist['icq'][] = array('ICQ1', 'tcp', '5190', '5190', 'both'); + $othersplist['icq'][] = array('ICQ2', 'udp', '5190', '5190', 'both'); + + $othersplist['irc'] = array(); + /* internet relay chat */ + $othersplist['irc'][] = array('IRC', 'tcp', '6667', '6670', 'both'); + + $othersplist['jabber'] = array(); + /* jabber */ + $othersplist['jabber'][] = array('IRC', 'tcp', '5222', '5222', 'both'); + $othersplist['jabber'][] = array('IRC', 'tcp', '5223', '5223', 'both'); + $othersplist['jabber'][] = array('IRC', 'tcp', '5269', '5269', 'both'); + + $othersplist['msnmessenger'] = array(); + /* msn messenger */ + $othersplist['msnmessenger'][] = array('MSN1', 'tcp', '1863', '1863', 'both'); + $othersplist['msnmessenger'][] = array('MSN2', 'tcp', '6891', '6900', 'both'); + $othersplist['msnmessenger'][] = array('MSN3', 'tcp', '6901', '6901', 'both'); + $othersplist['msnmessenger'][] = array('MSN4', 'udp', '6901', '6901', 'both'); + + $othersplist['teamspeak'] = array(); + /* teamspeak */ + $othersplist['teamspeak'][] = array('TeamSpeak-1', 'tcp', '14534', '14534', 'both'); + $othersplist['teamspeak'][] = array('TeamSpeak-2', 'tcp', '51234', '51234', 'both'); + $othersplist['teamspeak'][] = array('TeamSpeak-3', 'udp', '8767', '8768', 'both'); + + $othersplist['teamspeak3'] = array(); + /* teamspeak 3 */ + $othersplist['teamspeak3'][] = array('TeamSpeak3-FileTransfer', 'tcp', '30033', '30033', 'both'); + $othersplist['teamspeak3'][] = array('TeamSpeak3-ServerQuery', 'tcp', '10011', '10011', 'both'); + $othersplist['teamspeak3'][] = array('TeamSpeak3-Voice', 'udp', '9987', '9987', 'both'); + $othersplist['teamspeak3'][] = array('TeamSpeak3-TSDNS', 'tcp', '41144', '41144', 'both'); + + $othersplist['ventrilo'] = array(); + /* ventrilo */ + $othersplist['ventrilo'][] = array('Ventrilo-TCP', 'tcp', '3784', '3784', 'both'); + $othersplist['ventrilo'][] = array('Ventrilo-UDP', 'udp', '3784', '3784', 'both'); + $othersplist['ventrilo'][] = array('Ventrilo-Voice', 'udp', '6100', '6100', 'both'); + + /* VPN */ + $othersplist['pptp'] = array(); /* PPTP */ $othersplist['pptp'][] = array('PPTP', 'tcp', '1723', '1723', 'both'); $othersplist['pptp'][] = array('PPTPGRE', 'gre', '', '', 'both'); + $othersplist['ipsec'] = array(); /* IPSEC */ $othersplist['ipsec'][] = array('IPSEC', 'udp', '500', '500', 'both'); $othersplist['ipsec'][] = array('IPSEC', 'ah', '', '', 'both'); $othersplist['ipsec'][] = array('IPSEC', 'esp', '', '', 'both'); + + /* Multimedia/Streaming */ + + $othersplist['itunesradio'] = array(); + /* Apple iTunes Radio Stream */ + $othersplist['itunesradio'][] = array('iTunesRadio', 'tcp', '42000', '42999', 'both'); + $othersplist['streamingmp3'] = array(); /* streaming mp3 media aka shoutcast */ $othersplist['streamingmp3'][] = array('STREAMINGMP3', 'tcp', '8000', '8100', 'both'); - $othersplist['irc'] = array(); - /* internet relay chat */ - $othersplist['irc'][] = array('IRC', 'tcp', '6667', '6670', 'both'); - $othersplist['jabber'] = array(); - /* jabber */ - $othersplist['jabber'][] = array('IRC', 'tcp', '5222', '5222', 'both'); - $othersplist['jabber'][] = array('IRC', 'tcp', '5223', '5223', 'both'); - $othersplist['jabber'][] = array('IRC', 'tcp', '5269', '5269', 'both'); - $othersplist['dns'] = array(); - /* domain name system */ - $othersplist['dns'][] = array('DNS1', 'tcp', '53', '53', 'both'); - $othersplist['dns'][] = array('DNS2', 'udp', '53', '53', 'both'); + + $othersplist['rtsp'] = array(); + /* realtime streaming protocol */ + $othersplist['rtsp'][] = array('RTSP1', 'tcp', '554', '554', 'both'); + + /* Web */ + $othersplist['http'] = array(); /* HTTP aka Web Traffic */ $othersplist['http'][] = array('HTTP', 'tcp', '80', '80', 'both'); $othersplist['http'][] = array('HTTPS', 'tcp', '443', '443', 'both'); - $othersplist['smtp'] = array(); - /* Secure shell traffic */ - $othersplist['smtp'][] = array('SMTP', 'tcp', '25', '25', 'both'); - $othersplist['pop3'] = array(); - /* Post Office Protocol - POP3 */ - $othersplist['pop3'][] = array('POP3', 'tcp', '110', '110', 'both'); - $othersplist['icmp'] = array(); - /* ICMP */ - $othersplist['icmp'][] = array('ICMP', 'icmp', '', '', 'both'); + + /* Mail */ + $othersplist['imap'] = array(); /* IMAP */ $othersplist['imap'][] = array('IMAP', 'tcp', '143', '143', 'both'); - $othersplist['smb'] = array(); - /* Microsoft SMB and friends */ - $othersplist['smb'][] = array('SMB1', 'tcp', '445', '445', 'both'); - $othersplist['smb'][] = array('SMB2', 'tcp', '137-139', '137-139', 'both'); - $othersplist['rtsp'] = array(); - /* realtime streaming protocol */ - $othersplist['rtsp'][] = array('RTSP1', 'tcp', '554', '554', 'both'); - $othersplist['snmp'] = array(); - /* Simple network management protocol */ - $othersplist['snmp'][] = array('SNMP', 'tcp', '161', '161', 'both'); - $othersplist['snmp'][] = array('SNMP2', 'udp', '161', '161', 'both'); - $othersplist['vnc'] = array(); - /* virtual network control */ - $othersplist['vnc'][] = array('VNC', 'tcp', '5900', '5930', 'both'); - $othersplist['appleremotedesktop'] = array(); - /* apple remote desktop */ - $othersplist['appleremotedesktop'][] = array('AppleRemoteDesktop1', 'tcp', '3283', '3283', 'both'); - $othersplist['appleremotedesktop'][] = array('AppleRemoteDesktop2', 'tcp', '5900', '5900', 'both'); - $othersplist['appleremotedesktop'][] = array('AppleRemoteDesktop3', 'udp', '3283', '3283', 'both'); - $othersplist['appleremotedesktop'][] = array('AppleRemoteDesktop4', 'udp', '5900', '5900', 'both'); - $othersplist['icq'] = array(); - /* icq */ - $othersplist['icq'][] = array('ICQ1', 'tcp', '5190', '5190', 'both'); - $othersplist['icq'][] = array('ICQ2', 'udp', '5190', '5190', 'both'); + $othersplist['imap'][] = array('IMAP-Secure', 'tcp', '993', '993', 'both'); + $othersplist['lotusnotes'] = array(); /* lotus notes */ $othersplist['lotusnotes'][] = array('LotusNotes1', 'tcp', '1352', '1352', 'both'); $othersplist['lotusnotes'][] = array('LotusNotes2', 'udp', '1352', '1352', 'both'); - $othersplist['aolinstantmessenger'] = array(); - /* AIM */ - $othersplist['aolinstantmessenger'][] = array('AIM', 'tcp', '5190', '5190', 'both'); - $othersplist['msnmessenger'] = array(); - /* msn messenger */ - $othersplist['msnmessenger'][] = array('MSN1', 'tcp', '1863', '1863', 'both'); - $othersplist['msnmessenger'][] = array('MSN2', 'tcp', '6891', '6900', 'both'); - $othersplist['msnmessenger'][] = array('MSN3', 'tcp', '6901', '6901', 'both'); - $othersplist['msnmessenger'][] = array('MSN4', 'udp', '6901', '6901', 'both'); + + $othersplist['pop3'] = array(); + /* Post Office Protocol - POP3 */ + $othersplist['pop3'][] = array('POP3', 'tcp', '110', '110', 'both'); + $othersplist['pop3'][] = array('POP3-Secure', 'tcp', '995', '995', 'both'); + + $othersplist['smtp'] = array(); + /* SMTP */ + $othersplist['smtp'][] = array('SMTP', 'tcp', '25', '25', 'both'); + $othersplist['smtp'][] = array('SMTP-Secure-1', 'tcp', '465', '465', 'both'); + $othersplist['smtp'][] = array('SMTP-Secure-2', 'tcp', '587', '587', 'both'); + + /* Game Downloader */ + + //NOTE: Battle.net-Downloader runs on this port range. Don't want that up with the game que. + $othersplist['battlenetdownloader'] = array(); + $othersplist['battlenetdownloader'][] = array('Battle.NET-Downloader', 'tcp', '6881', '6999', 'both'); + + //NOTE: steam downloads, probably don't want this in the game que + $othersplist['steamdownloader'] = array(); + $othersplist['steamdownloader'][] = array('Steam-Downloader', 'tcp', '27014', '27050', 'both'); + + /* Miscellaneous */ + + $othersplist['apns'] = array(); + /* Apple Push Notification Service */ + $othersplist['apns'][] = array('APNS', 'tcp', '5223', '5223', 'both'); + $othersplist['apns'][] = array('APNS', 'tcp', '2195', '2196', 'both'); + + $othersplist['applemobilesync'] = array(); + /* Apple Mobile Sync */ + $othersplist['applemobilesync'][] = array('AppleMobileSync', 'tcp', '2336', '2336', 'both'); + + $othersplist['crashplan'] = array(); + /* crashplan */ + $othersplist['crashplan'][] = array('CrashPlan-1', 'tcp', '4282', '4282', 'both'); + $othersplist['crashplan'][] = array('CrashPlan-2', 'tcp', '4285', '4285', 'both'); + + $othersplist['cvsup'] = array(); + /* cvs */ + $othersplist['cvsup'][] = array('cvsup', 'tcp', '5999', '5999', 'both'); + + $othersplist['dns'] = array(); + /* domain name system */ + $othersplist['dns'][] = array('DNS1', 'tcp', '53', '53', 'both'); + $othersplist['dns'][] = array('DNS2', 'udp', '53', '53', 'both'); + + $othersplist['git'] = array(); + /* GIT */ + $othersplist['git'][] = array('git', 'tcp', '9418', '9418', 'both'); + + $othersplist['hbci'] = array(); + /* HBCI */ + $othersplist['hbci'][] = array('HBCI', 'tcp', '3000', '3000', 'both'); + + $othersplist['icmp'] = array(); + /* ICMP */ + $othersplist['icmp'][] = array('ICMP', 'icmp', '', '', 'both'); + $othersplist['mysqlserver'] = array(); /* mysql server */ $othersplist['mysqlserver'][] = array('MySQL1', 'tcp', '3306', '3306', 'both'); + $othersplist['nntp'] = array(); /* nntp */ $othersplist['nntp'][] = array('NNTP1', 'tcp', '119', '119', 'both'); $othersplist['nntp'][] = array('NNTP2', 'udp', '119', '119', 'both'); - $othersplist['pcanywhere'] = array(); - /* symantec pc anywhere */ - $othersplist['pcanywhere'][] = array('pcany1', 'tcp', '5631', '5631', 'both'); - $othersplist['pcanywhere'][] = array('pcany2', 'udp', '5632', '5632', 'both'); - $othersplist['teamspeak'] = array(); - /* teamspeak */ - $othersplist['teamspeak'][] = array('teamspeak1', 'tcp', '14534', '14534', 'both'); - $othersplist['teamspeak'][] = array('teamspeak2', 'tcp', '51234', '51234', 'both'); - $othersplist['teamspeak'][] = array('teamspeak3', 'udp', '8767', '8768', 'both'); - $othersplist['cvsup'] = array(); - /* cvs */ - $othersplist['cvsup'][] = array('cvsup', 'tcp', '5999', '5999', 'both'); - $othersplist['hbci'] = array(); - /* HBCI */ - $othersplist['hbci'][] = array('HBCI', 'tcp', '3000', '3000', 'both'); + $othersplist['slingbox'] = array(); + /* slingbox */ $othersplist['slingbox'][] = array('Slingbox1', 'tcp', '5001', '5001', 'both'); $othersplist['slingbox'][] = array('Slingbox2', 'udp', '5001', '5001', 'both'); + $othersplist['smb'] = array(); + /* Microsoft SMB and friends */ + $othersplist['smb'][] = array('SMB1', 'tcp', '445', '445', 'both'); + $othersplist['smb'][] = array('SMB2', 'tcp', '137-139', '137-139', 'both'); + + $othersplist['snmp'] = array(); + /* Simple network management protocol */ + $othersplist['snmp'][] = array('SNMP', 'tcp', '161', '161', 'both'); + $othersplist['snmp'][] = array('SNMP2', 'udp', '161', '161', 'both'); + + $othersplist['subversion'] = array(); + /* subversion */ + $othersplist['subversion'][] = array('subversion', 'tcp', '3690', '3690', 'both'); ?> diff --git a/etc/phpshellsessions/gitsync b/etc/phpshellsessions/gitsync index e943ffa..0d6ac07 100644 --- a/etc/phpshellsessions/gitsync +++ b/etc/phpshellsessions/gitsync @@ -249,7 +249,7 @@ if($branch == "RESTORE" && $g['platform'] == "pfSense") { if($nobackup == false) { echo "===> Backing up current pfSense information...\n"; echo "===> Please wait... "; - exec("tar czPf /root/cvssync_backup.tgz --exclude /root --exclude /dev --exclude /var/db/racoon/racoon.sock --exclude /tmp --exclude /var/run --exclude /var/empty /"); + exec("tar czPf /root/cvssync_backup.tgz --exclude /root --exclude /dev --exclude /tmp --exclude /var/run --exclude /var/empty /"); $size = filesize("/root/cvssync_backup.tgz"); echo "{$size} bytes.\n\n"; sleep(5); diff --git a/etc/rc.initial b/etc/rc.initial index 03d9131..2277280 100755 --- a/etc/rc.initial +++ b/etc/rc.initial @@ -61,9 +61,8 @@ fi product=`grep product_name /etc/inc/globals.inc | cut -d'"' -f4` hidebanner=`grep hidebanner /etc/inc/globals.inc | cut -d'"' -f4` -# Check to see if SSH is listening. -SSHD=`/usr/bin/sockstat -4l | grep "*.22" | wc -l` -if [ "$SSHD" -gt 0 ]; then +# Check to see if SSH is running. +if pgrep -q -a -F /var/run/sshd.pid sshd >/dev/null 2>&1; then sshd_option="14) Disable Secure Shell (sshd)"; else sshd_option="14) Enable Secure Shell (sshd)"; @@ -120,6 +120,8 @@ $sshconf .= "Protocol 2\n"; /* Run the server on another port if we have one defined */ $sshconf .= "Port $sshport\n"; + /* Hide FreeBSD version */ + $sshconf .= "VersionAddendum \n"; /* Apply package SSHDCond settings if config file exists */ if (file_exists("/etc/sshd_extra")) { diff --git a/etc/ssl/openssl.cnf b/etc/ssl/openssl.cnf index 08b3758..5f612fb 100644 --- a/etc/ssl/openssl.cnf +++ b/etc/ssl/openssl.cnf @@ -9,6 +9,10 @@ HOME = . RANDFILE = $ENV::HOME/.rnd +# default SAN value if $ENV::SAN is not defined +# +SAN = + # Extra OBJECT IDENTIFIER info: #oid_file = $ENV::HOME/.oid oid_section = new_oids @@ -212,6 +216,15 @@ authorityKeyIdentifier=keyid,issuer:always #nsCaPolicyUrl #nsSslServerName +[ usr_cert_san ] + +# copy of [ usr_cert ] plus nonempty Subject Alternative Names +basicConstraints=CA:FALSE +nsComment = "OpenSSL Generated User Certificate" +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer:always +subjectAltName=$ENV::SAN + [ server ] # Make a cert with nsCertType=server @@ -223,6 +236,18 @@ authorityKeyIdentifier=keyid,issuer:always extendedKeyUsage=serverAuth keyUsage = digitalSignature, keyEncipherment +[ server_san ] + +# copy of [ server ] plus nonempty Subject Alternative Names +basicConstraints=CA:FALSE +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer:always +extendedKeyUsage=serverAuth +keyUsage = digitalSignature, keyEncipherment +subjectAltName=$ENV::SAN + [ v3_req ] # Extensions to add to a certificate request @@ -267,6 +292,14 @@ basicConstraints = CA:true # You can even override a supported extension: # basicConstraints= critical, DER:30:03:01:01:FF +[ v3_ca_san ] + +# copy of [ v3_ca ] plus nonempty Subject Alternative Names +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = CA:true +subjectAltName=$ENV::SAN + [ crl_ext ] # CRL extensions. diff --git a/usr/local/bin/ping_hosts.sh b/usr/local/bin/ping_hosts.sh index 30782b8..7126c99 100755 --- a/usr/local/bin/ping_hosts.sh +++ b/usr/local/bin/ping_hosts.sh @@ -85,23 +85,23 @@ for TOPING in $PINGHOSTS ; do # Host is up if [ "$PREVIOUSSTATUS" != "UP" ]; then # Service restored + echo "UP" > /var/db/pingstatus/$DSTIP if [ "$SERVICERESTOREDSCRIPT" != "" ]; then echo "$DSTIP is UP, previous state was DOWN .. Running $SERVICERESTOREDSCRIPT" echo "$DSTIP is UP, previous state was DOWN .. Running $SERVICERESTOREDSCRIPT" | logger -p daemon.info -i -t PingMonitor sh -c $SERVICERESTOREDSCRIPT fi - echo "UP" > /var/db/pingstatus/$DSTIP fi else # Host is down if [ "$PREVIOUSSTATUS" != "DOWN" ]; then # Service is down + echo "DOWN" > /var/db/pingstatus/$DSTIP if [ "$FAILURESCRIPT" != "" ]; then echo "$DSTIP is DOWN, previous state was UP .. Running $FAILURESCRIPT" echo "$DSTIP is DOWN, previous state was UP .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor sh -c $FAILURESCRIPT fi - echo "DOWN" > /var/db/pingstatus/$DSTIP fi fi echo "Checking ping time $DSTIP" diff --git a/usr/local/share/locale/en/LC_MESSAGES/pfSense.pot b/usr/local/share/locale/en/LC_MESSAGES/pfSense.pot index a49e8f6..6c078b4 100644 --- a/usr/local/share/locale/en/LC_MESSAGES/pfSense.pot +++ b/usr/local/share/locale/en/LC_MESSAGES/pfSense.pot @@ -35128,7 +35128,7 @@ msgstr "" #: usr/local/www/services_igmpproxy_edit.php:213 msgid "" "Defines the TTL threshold for the network interface. Packets with a " -"lower TTL than the threshols value will be ignored. This setting is " +"lower TTL than the threshold value will be ignored. This setting is " "optional, and by default the threshold is 1." msgstr "" diff --git a/usr/local/share/locale/ja/LC_MESSAGES/pfSense.po b/usr/local/share/locale/ja/LC_MESSAGES/pfSense.po index 21d02f3..2160422 100644 --- a/usr/local/share/locale/ja/LC_MESSAGES/pfSense.po +++ b/usr/local/share/locale/ja/LC_MESSAGES/pfSense.po @@ -35138,7 +35138,7 @@ msgstr "ã—ãã„値" #: usr/local/www/services_igmpproxy_edit.php:213 msgid "" "Defines the TTL threshold for the network interface. Packets with a " -"lower TTL than the threshols value will be ignored. This setting is " +"lower TTL than the threshold value will be ignored. This setting is " "optional, and by default the threshold is 1." msgstr "「ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯Â·ã‚¤ãƒ³ã‚¿ãƒ•ã‚§ãƒ¼ã‚¹ã®TTLã—ãã„値を定義ã—ã¾ã™ã€‚æŒã¤ãƒ‘ケット〠threshols値よりも低ã„TTLã¯ç„¡è¦–ã•ã‚Œã¾ã™ã€‚ã“ã®è¨å®šã¯ã€ 「オプションã§ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ã€ã—ãã„値ã¯1ã§ã™ã€‚" diff --git a/usr/local/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.po b/usr/local/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.po index f3c8b02..0fbea14 100644 --- a/usr/local/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.po +++ b/usr/local/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.po @@ -29655,7 +29655,7 @@ msgstr "Threshold" #: usr/local/www/services_igmpproxy_edit.php:211 #: usr/local/www/services_igmpproxy_edit.php:213 -msgid "Defines the TTL threshold for the network interface. Packets with a lower TTL than the threshols value will be ignored. This setting is optional, and by default the threshold is 1." +msgid "Defines the TTL threshold for the network interface. Packets with a lower TTL than the threshold value will be ignored. This setting is optional, and by default the threshold is 1." msgstr "Define o threshold TTL para a interface de rede. Pacotes com um TTL mais baixo que os valores de thresholds serão ignorados. Essa configuração é opcional e, por padrão, o threshold é 1." #: usr/local/www/services_igmpproxy_edit.php:218 diff --git a/usr/local/share/locale/tr/LC_MESSAGES/pfSense.po b/usr/local/share/locale/tr/LC_MESSAGES/pfSense.po index 37763b2..8c70885 100644 --- a/usr/local/share/locale/tr/LC_MESSAGES/pfSense.po +++ b/usr/local/share/locale/tr/LC_MESSAGES/pfSense.po @@ -31167,7 +31167,7 @@ msgstr "EÅŸik" #: usr/local/www/services_igmpproxy_edit.php:213 msgid "" "Defines the TTL threshold for the network interface. Packets with a " -"lower TTL than the threshols value will be ignored. This setting is " +"lower TTL than the threshold value will be ignored. This setting is " "optional, and by default the threshold is 1." msgstr "" "AÄŸ arabiriminin TTL eÅŸiÄŸini tanımlar. Belirtilen eÅŸiÄŸin altında TTLsi olan " diff --git a/usr/local/www/diag_confbak.php b/usr/local/www/diag_confbak.php index 5fd6796..4d631a3 100644 --- a/usr/local/www/diag_confbak.php +++ b/usr/local/www/diag_confbak.php @@ -210,7 +210,7 @@ include("head.inc"); <?php if (is_array($confvers)): ?> <tr> <td colspan="7" class="list"> - <?= gettext("To view the differences between an older configuration and a newer configuration, select the older configuration using the left column of radio options and select the newer configuration in the right colomn, then press the Diff button."); ?> + <?= gettext("To view the differences between an older configuration and a newer configuration, select the older configuration using the left column of radio options and select the newer configuration in the right column, then press the Diff button."); ?> <br /><br /> </td> </tr> diff --git a/usr/local/www/diag_ipsec.php b/usr/local/www/diag_ipsec.php index 33b0c85..1317e51 100644 --- a/usr/local/www/diag_ipsec.php +++ b/usr/local/www/diag_ipsec.php @@ -59,20 +59,22 @@ if ($_GET['act'] == 'connect') { } } else if ($_GET['act'] == 'ikedisconnect') { if (ctype_digit($_GET['ikeid'])) { - mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid'])); + if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid'])) + mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "[" . escapeshellarg($_GET['ikesaid']) . "]"); + else + mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid'])); } -} else if ($_GET['act'] == 'disconnect') { - if (!empty($_GET['user'])) { - ipsec_disconnect_mobile($_GET['user']); - sleep(1); - $savemsg = gettext("Disconnected user") . " " . $_GET['user']; +} else if ($_GET['act'] == 'childdisconnect') { + if (ctype_digit($_GET['ikeid'])) { + if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid'])) + mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "{" . escapeshellarg($_GET['ikesaid']) . "}"); } } -if (!is_array($config['ipsec']['phase2'])) - $config['ipsec']['phase2'] = array(); +if (!is_array($config['ipsec']['phase1'])) + $config['ipsec']['phase1'] = array(); -$a_phase2 = &$config['ipsec']['phase2']; +$a_phase1 = &$config['ipsec']['phase1']; $status = ipsec_smp_dump_status(); @@ -106,14 +108,19 @@ $status = ipsec_smp_dump_status(); <th class="listhdrr nowrap"><?php echo gettext("Remote ID");?></th> <th class="listhdrr nowrap"><?php echo gettext("Remote IP");?></th> <th class="listhdrr nowrap"><?php echo gettext("Role");?></th> + <th class="listhdrr nowrap"><?php echo gettext("Reauth");?></th> <th class="listhdrr nowrap"><?php echo gettext("Status");?></th> <td class="list nowrap"></td> </tr> </thead> <tbody> <?php + $ipsecconnected = array(); if (is_array($status['query']) && is_array($status['query']['ikesalist']) && is_array($status['query']['ikesalist']['ikesa'])) { foreach ($status['query']['ikesalist']['ikesa'] as $ikeid => $ikesa) { + $con_id = substr($ikesa['peerconfig'], 3); + $ipsecconnected[$con_id] = $con_id; + if (ipsec_phase1_status($status['query']['ikesalist']['ikesa'], $ikesa['id'])) { $icon = "pass"; } elseif(!isset($config['ipsec']['enable'])) { @@ -124,15 +131,18 @@ $status = ipsec_smp_dump_status(); ?> <tr> <td class="listlr"> - <?php echo "({$ikesa['id']}) " . htmlspecialchars(ipsec_get_descr($ikesa['id']));?> + <?php echo htmlspecialchars(ipsec_get_descr($con_id));?> </td> <td class="listr"> <?php if (!is_array($ikesa['local'])) echo "Unknown"; else { - if (!empty($ikesa['local']['identification'])) - echo htmlspecialchars($ikesa['local']['identification']); - else + if (!empty($ikesa['local']['identification'])) { + if ($ikesa['local']['identification'] == '%any') + echo 'Any identifier'; + else + echo htmlspecialchars($ikesa['local']['identification']); + } else echo 'Unknown'; } ?> @@ -154,10 +164,17 @@ $status = ipsec_smp_dump_status(); <?php if (!is_array($ikesa['remote'])) echo "Unknown"; else { - if (!empty($ikesa['remote']['identification'])) - echo htmlspecialchars($ikesa['remote']['identification']); - else + if (!empty($ikesa['remote']['identification'])) { + if ($ikesa['remote']['identification'] == '%any') + echo 'Any identifier'; + else + echo htmlspecialchars($ikesa['remote']['identification']); + } else echo 'Unknown'; + + if (is_array($ikesa['remote']['auth']) && !empty($ikesa['remote']['auth']['identity'])) { + echo "<br/> {$ikesa['remote']['auth']['identity']}"; + } } ?> </td> @@ -178,6 +195,9 @@ $status = ipsec_smp_dump_status(); <?php echo htmlspecialchars($ikesa['role']);?> </td> <td class="listr"> + <?php echo htmlspecialchars($ikesa['reauth']);?> + </td> + <td class="listr"> <center> <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_<?php echo $icon; ?>.gif" title="<?php echo $ikesa['status']; ?>" alt=""/> <br/><?php echo htmlspecialchars($ikesa['status']);?> @@ -186,15 +206,18 @@ $status = ipsec_smp_dump_status(); <td > <?php if ($icon != "pass"): ?> <center> - <a href="diag_ipsec.php?act=connect&ikeid=<?php echo $ikesa['id']; ?>"> + <a href="diag_ipsec.php?act=connect&ikeid=<?php echo $con_id; ?>"> <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_service_start.gif" alt="Connect VPN" title="Connect VPN" border="0"/> </a> </center> <?php else: ?> <center> - <a href="diag_ipsec.php?act=ikedisconnect&ikeid=<?php echo $ikesa['id']; ?>"> + <a href="diag_ipsec.php?act=ikedisconnect&ikeid=<?php echo $con_id; ?>"> <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_service_stop.gif" alt="Disconnect VPN" title="Disconnect VPN" border="0"/> </a> + <a href="diag_ipsec.php?act=ikedisconnect&ikeid=<?php echo $con_id; ?>&ikesaid=<?php echo $ikesa['id']; ?>"> + <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" alt="Disconnect VPN Connection" title="Disconnect VPN Connection" border="0"/> + </a> </center> <?php endif; ?> </td> @@ -205,7 +228,7 @@ $status = ipsec_smp_dump_status(); </tr> <?php if (is_array($ikesa['childsalist'])): ?> <tr> - <td class="listrborder" colspan="7"> + <td class="listrborder" colspan="8"> <div id="btnchildsa-<?=$ikeid;?>"> <input type="button" onclick="show_childsa('childsa-<?=$ikeid;?>','btnchildsa-<?=$ikeid;?>');" value="+" /> - Show child SA entries </div> @@ -216,6 +239,9 @@ $status = ipsec_smp_dump_status(); <th class="listhdrr nowrap"><?php echo gettext("Local SPI");?></th> <th class="listhdrr nowrap"><?php echo gettext("Remote SPI");?></th> <th class="listhdrr nowrap"><?php echo gettext("Remote subnets");?></th> + <th class="listhdrr nowrap"><?php echo gettext("Rekey");?></th> + <th class="listhdrr nowrap"><?php echo gettext("Algo");?></th> + <th class="listhdrr nowrap"><?php echo gettext("Stats");?></th> </tr> </thead> <tbody> @@ -227,7 +253,7 @@ $status = ipsec_smp_dump_status(); <td class="listlr nowrap"> <?php if (is_array($childsa['local']) && is_array($childsa['local']['networks']) && is_array($childsa['local']['networks']['network'])) { foreach ($childsa['local']['networks']['network'] as $lnets) { - echo htmlspecialchars($lnets) . "<br />"; + echo htmlspecialchars(ipsec_fixup_network($lnets)) . "<br />"; } } else echo "Unknown"; @@ -246,12 +272,41 @@ $status = ipsec_smp_dump_status(); <td class="listr nowrap"> <?php if (is_array($childsa['remote']) && is_array($childsa['remote']['networks']) && is_array($childsa['remote']['networks']['network'])) { foreach ($childsa['remote']['networks']['network'] as $rnets) { - echo htmlspecialchars($rnets) . "<br />"; + echo htmlspecialchars(ipsec_fixup_network($rnets)) . "<br />"; } } else echo "Unknown"; ?> </td> + <td class="listr nowrap"> + <?php echo htmlspecialchars($childsa['rekey']); ?> + </td> + <td class="listr nowrap"> + <?php + echo htmlspecialchars($childsa['encalg']); + echo "<br/>"; + echo htmlspecialchars($childsa['intalg']); + echo "<br/>"; + if (!empty($childsa['esn'])) + echo htmlspecialchars($childsa['rekey']); + ?> + </td> + <td class="listr nowrap"> + <?php + echo "IPComp: " . htmlspecialchars($childsa['ipcomp']); + echo "<br/>"; + echo "Bytes-In: " . htmlspecialchars($childsa['bytesin']) . "/Packets-In: " . htmlspecialchars($childsa['packetsin']);; + echo "<br/>"; + echo "Bytes-Out: " . htmlspecialchars($childsa['bytesout']) . "/Packets-Out: " . htmlspecialchars($childsa['packetsout']);; + ?> + </td> + <td class="listr nowrap"> + <center> + <a href="diag_ipsec.php?act=childdisconnect&ikeid=<?php echo $con_id; ?>&ikesaid=<?php echo $childsa['reqid']; ?>"> + <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" alt="Disconnect Child SA" title="Disconnect Child SA" border="0"/> + </a> + </center> + </td> <td class="list nowrap"> </td> @@ -263,8 +318,80 @@ $status = ipsec_smp_dump_status(); </td> </tr> <?php endif; + + unset($con_id); } } + + $rgmap = array(); + foreach ($a_phase1 as $ph1ent): + $rgmap[$ph1ent['remote-gateway']] = $ph1ent['remote-gateway']; + if ($ipsecconnected[$ph1ent['ikeid']]) + continue; +?> + <tr> + <td class="listlr"> + <?php echo htmlspecialchars($ph1ent['descr']);?> + </td> + <td class="listr"> + <?php + list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, "local"); + if (empty($myid_data)) + echo "Unknown"; + else + echo htmlspecialchars($myid_data); + ?> + </td> + <td class="listr"> + <?php + $ph1src = ipsec_get_phase1_src($ph1ent); + if (empty($ph1src)) + echo "Unknown"; + else + echo htmlspecialchars($ph1src); + ?> + </td> + <td class="listr"> + <?php + list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, "peer", $rgmap); + if (empty($peerid_data)) + echo "Unknown"; + else + echo htmlspecialchars($peerid_data); + ?> + </td> + <td class="listr"> + <?php + $ph1src = ipsec_get_phase1_dst($ph1ent); + if (empty($ph1src)) + echo "Unknown"; + else + echo htmlspecialchars($ph1src); + ?> + </td> + <td class="listr"> + </td> + <td class="listr"> + <center> + <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_reject.gif" title="Disconnected" alt=""/> + <br/>Disconnected + </center> + </td> + <td > + <center> + <a href="diag_ipsec.php?act=connect&ikeid=<?php echo $ph1ent['ikeid']; ?>"> + <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_service_start.gif" alt="Connect VPN" title="Connect VPN" border="0"/> + </a> + </center> + </td> + <td valign="middle" class="list nowrap"> + <table border="0" cellspacing="0" cellpadding="1" summary=""> + </table> + </td> + </tr> +<?php + endforeach; + unset($ipsecconnected, $phase1, $rgmap); ?> <tr style="display:none;"><td></td></tr> </tbody> diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index d12ad43..5595fc6 100644 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -91,9 +91,8 @@ if ($filterlogentries_submit) { $actpass = getGETPOSTsettingvalue('actpass', null); $actblock = getGETPOSTsettingvalue('actblock', null); - $actreject = getGETPOSTsettingvalue('actreject', null); - $filterfieldsarray['act'] = str_replace(" ", " ", trim($actpass . " " . $actblock . " " . $actreject)); + $filterfieldsarray['act'] = str_replace(" ", " ", trim($actpass . " " . $actblock)); $filterfieldsarray['act'] = $filterfieldsarray['act'] != "" ? $filterfieldsarray['act'] : 'All'; $filterfieldsarray['time'] = getGETPOSTsettingvalue('filterlogentries_time', null); $filterfieldsarray['interface'] = getGETPOSTsettingvalue('filterlogentries_interfaces', null); @@ -175,7 +174,6 @@ include("head.inc"); <div align="left"> <input id="actpass" name="actpass" type="checkbox" value="Pass" <?php if (in_arrayi('Pass', $Include_Act)) echo "checked=\"checked\""; ?> /> Pass<br /> <input id="actblock" name="actblock" type="checkbox" value="Block" <?php if (in_arrayi('Block', $Include_Act)) echo "checked=\"checked\""; ?> /> Block<br /> - <input id="actreject" name="actreject" type="checkbox" value="Reject" <?php if (in_arrayi('Reject', $Include_Act)) echo "checked=\"checked\""; ?> /> Reject<br /> </div> </td> <td> diff --git a/usr/local/www/diag_logs_ipsec.php b/usr/local/www/diag_logs_ipsec.php index 7add782..79b63a9 100644 --- a/usr/local/www/diag_logs_ipsec.php +++ b/usr/local/www/diag_logs_ipsec.php @@ -48,37 +48,6 @@ require("ipsec.inc"); $ipsec_logfile = "{$g['varlog_path']}/ipsec.log"; -/* Create array with all IPsec tunnel descriptions */ -$search = array(); -$replace = array(); -if(is_array($config['ipsec']['phase1'])) - foreach($config['ipsec']['phase1'] as $ph1ent) { - $gateway = ipsec_get_phase1_dst($ph1ent); - if(!is_ipaddr($gateway)) - continue; - $search[] = "/(racoon: )(INFO[:].*?)({$gateway}\[[0-9].+\]|{$gateway})(.*)/i"; - $search[] = "/(racoon: )(\[{$gateway}\]|{$gateway})(.*)/i"; - $replace[] = "$1<strong>[{$ph1ent['descr']}]</strong>: $2$3$4"; - $replace[] = "$1<strong>[{$ph1ent['descr']}]</strong>: $2$3$4"; - } -/* collect all our own ip addresses */ -exec("/sbin/ifconfig | /usr/bin/awk '/inet/ {print $2}'", $ip_address_list); -foreach($ip_address_list as $address) { - $search[] = "/(racoon: )(INFO[:].*?)({$address}\[[0-9].+\])/i"; - $search[] = "/(racoon: )(\[{$address}\]|{$address})(.*)/i"; - $replace[] = "$1<strong>[Self]</strong>: $2$3$4"; - $replace[] = "$1<strong>[Self]</strong>: $2$3$4"; -} - -$search[] = "/(time up waiting for phase1)/i"; -$search[] = "/(failed to pre-process ph1 packet)/i"; -$search[] = "/(failed to pre-process ph2 packet)/i"; -$search[] = "/(no proposal chosen)/i"; -$replace[] = "$1 <strong>[Remote Side not responding]</strong>"; -$replace[] = "$1 <strong>[Check Phase 1 settings, lifetime, algorithm]</strong>"; -$replace[] = "$1 <strong>[Check Phase 2 settings, networks]</strong>"; -$replace[] = "$1 <strong>[Check Phase 2 settings, algorithm]</strong>"; - $nentries = $config['syslog']['nentries']; if (!$nentries) $nentries = 50; @@ -125,17 +94,6 @@ include("head.inc"); <?php foreach($ipsec_logarr as $logent){ $logent = htmlspecialchars($logent); - foreach($search as $string) { - if(preg_match($string, $logent)) - $match = true; - } - if(isset($match)) { - $logent = preg_replace($search, $replace, $logent); - } else { - $searchs = "/(racoon: )([A-Z:].*?)([0-9].+\.[0-9].+.[0-9].+.[0-9].+\[[0-9].+\])(.*)/i"; - $replaces = "$1<strong><font color=\"red\">[".gettext("Unknown Gateway/Dynamic")."]</font></strong>: $2$3$4"; - $logent = preg_replace($searchs, $replaces, $logent); - } $logent = preg_split("/\s+/", $logent, 6); echo "<tr valign=\"top\">\n"; $entry_date_time = htmlspecialchars(join(" ", array_slice($logent, 0, 3))); diff --git a/usr/local/www/diag_nanobsd.php b/usr/local/www/diag_nanobsd.php index 2d5998a..61bcfa7 100644 --- a/usr/local/www/diag_nanobsd.php +++ b/usr/local/www/diag_nanobsd.php @@ -217,12 +217,11 @@ if ($savemsg) </select> <br /> <?=gettext("This will duplicate the bootup slice to the alternate slice. Use this if you would like to duplicate the known good working boot partition to the alternate.");?> + <br /><input type='submit' name='duplicateslice' value='<?php echo gettext("Duplicate slice") ?>'> + </form> </td> </tr> <tr> - <td valign="top" class=""> </td><td><br /><input type='submit' value='Duplicate slice'></form></td> - </tr> - <tr> <td colspan="2" valign="top" class=""> </td> </tr> <tr> diff --git a/usr/local/www/diag_states_summary.php b/usr/local/www/diag_states_summary.php index 9259912..3c5e297 100644 --- a/usr/local/www/diag_states_summary.php +++ b/usr/local/www/diag_states_summary.php @@ -1,7 +1,7 @@ <?php /* diag_states_summary.php - Copyright (C) 2010 Jim Pingle + Copyright (C) 2010-2014 Jim Pingle Portions borrowed from diag_dump_states.php: Copyright (C) 2005-2009 Scott Ullrich @@ -64,11 +64,21 @@ $row = 0; if(count($states) > 0) { foreach($states as $line) { $line_split = preg_split("/\s+/", $line); - $type = array_shift($line_split); + $iface = array_shift($line_split); $proto = array_shift($line_split); $state = array_pop($line_split); $info = implode(" ", $line_split); + /* Handle NAT cases + Replaces an external IP + NAT by the internal IP */ + if (strpos($info, ') ->') !== FALSE) { + /* Outbound NAT */ + $info = preg_replace('/(\S+) \((\S+)\)/U', "$2", $info); + } elseif (strpos($info, ') <-') !== FALSE) { + /* Inbound NAT/Port Forward */ + $info = preg_replace('/(\S+) \((\S+)\)/U', "$1", $info); + } + /* break up info and extract $srcip and $dstip */ $ends = preg_split("/\<?-\>?/", $info); @@ -82,7 +92,7 @@ if(count($states) > 0) { /* Handle IPv6 */ $parts = explode(":", $srcinfo); - $partcount = count($parts); + $partcount = count($parts); if ($partcount <= 2) { $srcip = trim($parts[0]); $srcport = trim($parts[1]); @@ -91,9 +101,9 @@ if(count($states) > 0) { $srcip = $matches[1]; $srcport = trim($matches[3]); } - + $parts = explode(":", $dstinfo); - $partcount = count($parts); + $partcount = count($parts); if ($partcount <= 2) { $dstip = trim($parts[0]); $dstport = trim($parts[1]); diff --git a/usr/local/www/filebrowser/browser.php b/usr/local/www/filebrowser/browser.php index 4a456be..d8cbea3 100644 --- a/usr/local/www/filebrowser/browser.php +++ b/usr/local/www/filebrowser/browser.php @@ -91,25 +91,44 @@ endforeach; foreach($files as $file): $ext = strrchr($file, "."); - if($ext == ".css" ) $type = "code"; - elseif($ext == ".html") $type = "code"; - elseif($ext == ".xml" ) $type = "code"; - elseif($ext == ".rrd" ) $type = "database"; - elseif($ext == ".gif" ) $type = "image"; - elseif($ext == ".jpg" ) $type = "image"; - elseif($ext == ".png" ) $type = "image"; - elseif($ext == ".js" ) $type = "js"; - elseif($ext == ".pdf" ) $type = "pdf"; - elseif($ext == ".inc" ) $type = "php"; - elseif($ext == ".php" ) $type = "php"; - elseif($ext == ".conf") $type = "system"; - elseif($ext == ".pid" ) $type = "system"; - elseif($ext == ".sh" ) $type = "system"; - elseif($ext == ".bz2" ) $type = "zip"; - elseif($ext == ".gz" ) $type = "zip"; - elseif($ext == ".tgz" ) $type = "zip"; - elseif($ext == ".zip" ) $type = "zip"; - else $type = "generic"; + switch ($ext) { + case ".css": + case ".html": + case ".xml": + $type = "code"; + break; + case ".rrd": + $type = "database"; + break; + case ".gif": + case ".jpg": + case ".png": + $type = "image"; + break; + case ".js": + $type = "js"; + break; + case ".pdf": + $type = "pdf"; + break; + case ".inc": + case ".php": + $type = "php"; + break; + case ".conf": + case ".pid": + case ".sh": + $type = "system"; + break; + case ".bz2": + case ".gz": + case ".tgz": + case ".zip": + $type = "zip"; + break; + default: + $type = "generic"; + } $fqpn = "{$path}/{$file}"; diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index e3c0471..fc35612 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -294,7 +294,7 @@ if ($_POST) { preg_match("/urltable/i", alias_get_type($_POST["address{$x}"])))) $wrongaliases .= " " . $_POST["address{$x}"]; } else if ($_POST['type'] == "port") { - if (!is_port($_POST["address{$x}"])) + if (!is_port($_POST["address{$x}"]) && !is_portrange($_POST["address{$x}"])) $input_errors[] = $_POST["address{$x}"] . " " . gettext("is not a valid port or alias."); } else if ($_POST['type'] == "host" || $_POST['type'] == "network") { if (is_subnet($_POST["address{$x}"]) || (!is_ipaddr($_POST["address{$x}"]) @@ -643,7 +643,7 @@ if (empty($tab)) { <td valign="top" class="vncellreq"><?=gettext("Name"); ?></td> <td class="vtable"> <input name="origname" type="hidden" id="origname" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> - <input name="name" type="text" id="name" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> + <input name="name" type="text" id="name" class="formfld unknown" size="40" maxlength="31" value="<?=htmlspecialchars($pconfig['name']);?>" /> <?php if (isset($id) && $a_aliases[$id]): ?> <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif; ?> diff --git a/usr/local/www/firewall_aliases_import.php b/usr/local/www/firewall_aliases_import.php index 4151521..c028b3e 100755 --- a/usr/local/www/firewall_aliases_import.php +++ b/usr/local/www/firewall_aliases_import.php @@ -57,7 +57,7 @@ $reserved_ifs = get_configured_interface_list(false, true); $reserved_keywords = array_merge($reserved_keywords, $reserved_ifs, $reserved_table_names); if (!is_array($config['aliases']['alias'])) - $config['aliases']['alias'] = array(); + $config['aliases']['alias'] = array(); $a_aliases = &$config['aliases']['alias']; if($_POST['aliasimport'] <> "") { @@ -65,7 +65,7 @@ if($_POST['aliasimport'] <> "") { $reqdfieldsn = array(gettext("Name"),gettext("Aliases")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - + if (is_validaliasname($_POST['name']) == false) $input_errors[] = gettext("The alias name may only consist of the characters") . " a-z, A-Z, 0-9, _."; @@ -75,17 +75,17 @@ if($_POST['aliasimport'] <> "") { /* Check for reserved keyword names */ - foreach($reserved_keywords as $rk) - if ($rk == $_POST['name']) - $input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk); - - /* check for name interface description conflicts */ - foreach($config['interfaces'] as $interface) { - if($interface['descr'] == $_POST['name']) { - $input_errors[] = gettext("An interface description with this name already exists."); - break; - } - } + foreach($reserved_keywords as $rk) + if ($rk == $_POST['name']) + $input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk); + + /* check for name interface description conflicts */ + foreach($config['interfaces'] as $interface) { + if($interface['descr'] == $_POST['name']) { + $input_errors[] = gettext("An interface description with this name already exists."); + break; + } + } if ($_POST['aliasimport']) { $tocheck = explode("\n", $_POST['aliasimport']); @@ -147,7 +147,7 @@ if($_POST['aliasimport'] <> "") { if (write_config()) mark_subsystem_dirty('aliases'); pfSenseHeader("firewall_aliases.php"); - + exit; } } @@ -163,38 +163,53 @@ include("head.inc"); <div id="inputerrors"></div> <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="firewall alias import"> <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("Alias Import"); ?></td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Alias Import"); ?></td> </tr> <tr> - <td valign="top" class="vncellreq"><?=gettext("Alias Name"); ?></td> - <td class="vtable"> <input name="name" type="text" class="formfld unknown" id="name" size="40" value="<?=htmlspecialchars($_POST['name']);?>" /> - <br /> <span class="vexpl"> - <?=gettext("The name of the alias may only consist of the characters \"a-z, A-Z and 0-9\"."); ?></span></td> + <td valign="top" class="vncellreq"><?=gettext("Alias Name"); ?></td> + <td class="vtable"> + <input name="name" type="text" class="formfld unknown" id="name" size="40" maxlength="31" value="<?=htmlspecialchars($_POST['name']);?>" /> + <br /> + <span class="vexpl"> + <?=gettext("The name of the alias may only consist of the characters \"a-z, A-Z and 0-9\"."); ?> + </span> + </td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> - <td width="78%" class="vtable"> <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($_POST['descr']);?>" /> - <br /> <span class="vexpl"><?=gettext("You may enter a description here " . - "for your reference (not parsed)"); ?>.</span></td> + <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($_POST['descr']);?>" /> + <br /> + <span class="vexpl"> + <?=gettext("You may enter a description here for your reference (not parsed)"); ?>. + </span> + </td> </tr> <tr> - <td valign="top" class="vncellreq"><?=gettext("Aliases to import"); ?></td> - <td class="vtable"><textarea name="aliasimport" rows="15" cols="40"><?php echo $_POST['aliasimport']; ?></textarea> - <br /> <span class="vexpl"><?=gettext("Paste in the aliases to import separated by a carriage return. Common examples are lists of IPs, networks, blacklists, etc."); ?> - <br /> <?=gettext("The list may contain IP addresses, with or without CIDR prefix, IP ranges, blank lines (ignored) and an optional description after each IP. e.g.:"); ?> - <br />172.16.1.2 - <br />172.16.0.0/24 - <br />10.11.12.100-10.11.12.200 - <br />192.168.1.254 Home router - <br />10.20.0.0/16 Office network - <br />10.40.1.10-10.40.1.19 Managed switches</span></td> + <td valign="top" class="vncellreq"><?=gettext("Aliases to import"); ?></td> + <td class="vtable"> + <textarea name="aliasimport" rows="15" cols="40"><?php echo $_POST['aliasimport']; ?></textarea> + <br /> + <span class="vexpl"> + <?=gettext("Paste in the aliases to import separated by a carriage return. Common examples are lists of IPs, networks, blacklists, etc."); ?> + <br /> + <?=gettext("The list may contain IP addresses, with or without CIDR prefix, IP ranges, blank lines (ignored) and an optional description after each IP. e.g.:"); ?> + <br />172.16.1.2 + <br />172.16.0.0/24 + <br />10.11.12.100-10.11.12.200 + <br />192.168.1.254 Home router + <br />10.20.0.0/16 Office network + <br />10.40.1.10-10.40.1.19 Managed switches + </span> + </td> </tr> <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input id="submit" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> - <input class="formbtn" type="button" value="<?=gettext("Cancel"); ?>" onclick="history.back()" /> - </td></tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input id="submit" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> + <input class="formbtn" type="button" value="<?=gettext("Cancel"); ?>" onclick="history.back()" /> + </td> + </tr> </table> @@ -202,7 +217,7 @@ include("head.inc"); </div> <?php include("fend.inc"); ?> - + <script type="text/javascript"> //<![CDATA[ NiftyCheck(); diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index 5f4c66b..7b509dd 100644 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -482,7 +482,7 @@ if (is_subsystem_dirty('natconf')) $i++; endforeach; ?> - <tr> + <tr valign="top" id="fr<?=$i;?>"> <td class="list" colspan="11"></td> <td class="list nowrap" valign="middle"> <table border="0" cellspacing="0" cellpadding="1" summary="edit"> @@ -495,7 +495,7 @@ if (is_subsystem_dirty('natconf')) <?php else: ?> - <input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected mappings to end");?>" /> + <input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected mappings to end");?>" /> <?php endif; ?> diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index bf48e12..c33166b 100644 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -113,8 +113,23 @@ if ($_POST) { if ($_POST['subnet']) { if (!is_ipaddr($_POST['subnet'])) $input_errors[] = gettext("A valid IP address must be specified."); - else if (is_ipaddr_configured($_POST['subnet'], "{$_POST['interface']}_vip{$id}")) - $input_errors[] = gettext("This IP address is being used by another interface or VIP."); + else { + if (isset($id) && isset($a_vip[$id])) { + $ignore_if = $a_vip[$id]['interface']; + $ignore_mode = $a_vip[$id]['mode']; + } else { + $ignore_if = $_POST['interface']; + $ignore_mode = $_POST['mode']; + } + + if ($ignore_mode == 'carp') + $ignore_if .= "_vip{$id}"; + + if (is_ipaddr_configured($_POST['subnet'], $ignore_if)) + $input_errors[] = gettext("This IP address is being used by another interface or VIP."); + + unset($ignore_if, $ignore_mode); + } } $natiflist = get_configured_interface_with_descr(); diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index e1d05c0..6aa0014 100644 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -797,9 +797,7 @@ if ($_POST['apply']) { $wancfg['if'] = $a_ppps[$pppid]['ports']; unset($a_ppps[$pppid]); } else if ($wancfg['ipaddr'] == "dhcp") { - $pid = find_dhclient_process($wancfg['if']); - if($pid) - posix_kill($pid, SIGTERM); + kill_dhclient_process($wancfg['if']); } if ($wancfg['ipaddrv6'] == "dhcp6") { $pid = find_dhcp6c_process($wancfg['if']); diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index 42ba60e..a1c9c3e 100644 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -52,6 +52,43 @@ require("vpn.inc"); require("captiveportal.inc"); require_once("rrd.inc"); +function interface_assign_description($portinfo, $portname) { + if ($portinfo['isvlan']) { + $descr = sprintf(gettext('VLAN %1$s on %2$s'),$portinfo['tag'],$portinfo['if']); + if ($portinfo['descr']) + $descr .= " (" . $portinfo['descr'] . ")"; + } elseif ($portinfo['iswlclone']) { + $descr = $portinfo['cloneif']; + if ($portinfo['descr']) + $descr .= " (" . $portinfo['descr'] . ")"; + } elseif ($portinfo['isppp']) { + $descr = $portinfo['descr']; + } elseif ($portinfo['isbridge']) { + $descr = strtoupper($portinfo['bridgeif']); + if ($portinfo['descr']) + $descr .= " (" . $portinfo['descr'] . ")"; + } elseif ($portinfo['isgre']) { + $descr = "GRE {$portinfo['remote-addr']}"; + if ($portinfo['descr']) + $descr .= " (" . $portinfo['descr'] . ")"; + } elseif ($portinfo['isgif']) { + $descr = "GIF {$portinfo['remote-addr']}"; + if ($portinfo['descr']) + $descr .= " (" . $portinfo['descr'] . ")"; + } elseif ($portinfo['islagg']) { + $descr = strtoupper($portinfo['laggif']); + if ($portinfo['descr']) + $descr .= " (" . $portinfo['descr'] . ")"; + } elseif ($portinfo['isqinq']) { + $descr = $portinfo['descr']; + } elseif (substr($portname, 0, 4) == 'ovpn') { + $descr = $portname . " (" . $ovpn_descrs[substr($portname, 5)] . ")"; + } else + $descr = $portname . " (" . $portinfo['mac'] . ")"; + + return htmlspecialchars($descr); +} + /* In this file, "port" refers to the physical port name, while "interface" refers to LAN, WAN, or OPTn. @@ -153,14 +190,55 @@ if (is_array($config['openvpn'])) { $ovpn_descrs[$c['vpnid']] = $c['description']; } -if ($_POST['apply']) { +if (isset($_POST['add_x']) && isset($_POST['if_add'])) { + /* Be sure this port is not being used */ + $portused = false; + foreach ($config['interfaces'] as $ifname => $ifdata) { + if ($ifdata['if'] == $_PORT['if_add']) { + $portused = true; + break; + } + } + + if ($portused === false) { + /* find next free optional interface number */ + if(!$config['interfaces']['lan']) { + $newifname = gettext("lan"); + $descr = gettext("LAN"); + } else { + for ($i = 1; $i <= count($config['interfaces']); $i++) { + if (!$config['interfaces']["opt{$i}"]) + break; + } + $newifname = 'opt' . $i; + $descr = "OPT" . $i; + } + + $config['interfaces'][$newifname] = array(); + $config['interfaces'][$newifname]['descr'] = $descr; + $config['interfaces'][$newifname]['if'] = $_POST['if_add']; + if (preg_match($g['wireless_regex'], $_POST['if_add'])) { + $config['interfaces'][$newifname]['wireless'] = array(); + interface_sync_wireless_clones($config['interfaces'][$newifname], false); + } + + uksort($config['interfaces'], "compare_interface_friendly_names"); + + /* XXX: Do not remove this. */ + unlink_if_exists("{$g['tmp_path']}/config.cache"); + + write_config(); + + $savemsg = gettext("Interface has been added."); + } + +} else if (isset($_POST['apply'])) { if (file_exists("/var/run/interface_mismatch_reboot_needed")) { system_reboot(); $rebootingnow = true; } else { write_config(); - $retval = 0; $retval = filter_configure(); $savemsg = get_std_save_message($retval); @@ -170,7 +248,7 @@ if ($_POST['apply']) { $savemsg = $retval; } -} else if ($_POST) { +} else if (isset($_POST['Submit'])) { unset($input_errors); @@ -272,108 +350,80 @@ if ($_POST['apply']) { enable_rrd_graphing(); } -} +} else { + /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ + unset($delbtn); + foreach ($_POST as $pn => $pd) { + if (preg_match("/del_(.+)_x/", $pn, $matches)) + $delbtn = $matches[1]; + } -if ($_GET['act'] == "del") { - $id = $_GET['id']; - - if (link_interface_to_group($id)) - $input_errors[] = gettext("The interface is part of a group. Please remove it from the group to continue"); - else if (link_interface_to_bridge($id)) - $input_errors[] = gettext("The interface is part of a bridge. Please remove it from the bridge to continue"); - else if (link_interface_to_gre($id)) - $input_errors[] = gettext("The interface is part of a gre tunnel. Please delete the tunnel to continue"); - else if (link_interface_to_gif($id)) - $input_errors[] = gettext("The interface is part of a gif tunnel. Please delete the tunnel to continue"); - else { - unset($config['interfaces'][$id]['enable']); - $realid = get_real_interface($id); - interface_bring_down($id); /* down the interface */ - - unset($config['interfaces'][$id]); /* delete the specified OPTn or LAN*/ - - if (is_array($config['dhcpd']) && is_array($config['dhcpd'][$id])) { - unset($config['dhcpd'][$id]); - services_dhcpd_configure(); - } + if (isset($delbtn)) { + $id = $delbtn; + + if (link_interface_to_group($id)) + $input_errors[] = gettext("The interface is part of a group. Please remove it from the group to continue"); + else if (link_interface_to_bridge($id)) + $input_errors[] = gettext("The interface is part of a bridge. Please remove it from the bridge to continue"); + else if (link_interface_to_gre($id)) + $input_errors[] = gettext("The interface is part of a gre tunnel. Please delete the tunnel to continue"); + else if (link_interface_to_gif($id)) + $input_errors[] = gettext("The interface is part of a gif tunnel. Please delete the tunnel to continue"); + else { + unset($config['interfaces'][$id]['enable']); + $realid = get_real_interface($id); + interface_bring_down($id); /* down the interface */ + + unset($config['interfaces'][$id]); /* delete the specified OPTn or LAN*/ + + if (is_array($config['dhcpd']) && is_array($config['dhcpd'][$id])) { + unset($config['dhcpd'][$id]); + services_dhcpd_configure(); + } - if (count($config['filter']['rule']) > 0) { - foreach ($config['filter']['rule'] as $x => $rule) { - if($rule['interface'] == $id) - unset($config['filter']['rule'][$x]); + if (count($config['filter']['rule']) > 0) { + foreach ($config['filter']['rule'] as $x => $rule) { + if($rule['interface'] == $id) + unset($config['filter']['rule'][$x]); + } } - } - if (is_array($config['nat']['rule']) && count($config['nat']['rule']) > 0) { - foreach ($config['nat']['rule'] as $x => $rule) { - if($rule['interface'] == $id) - unset($config['nat']['rule'][$x]['interface']); + if (is_array($config['nat']['rule']) && count($config['nat']['rule']) > 0) { + foreach ($config['nat']['rule'] as $x => $rule) { + if($rule['interface'] == $id) + unset($config['nat']['rule'][$x]['interface']); + } } - } - write_config(); - - /* If we are in firewall/routing mode (not single interface) - * then ensure that we are not running DHCP on the wan which - * will make a lot of ISP's unhappy. - */ - if($config['interfaces']['lan'] && $config['dhcpd']['wan']) { - unset($config['dhcpd']['wan']); - } + write_config(); - link_interface_to_vlans($realid, "update"); + /* If we are in firewall/routing mode (not single interface) + * then ensure that we are not running DHCP on the wan which + * will make a lot of ISP's unhappy. + */ + if($config['interfaces']['lan'] && $config['dhcpd']['wan']) { + unset($config['dhcpd']['wan']); + } - $savemsg = gettext("Interface has been deleted."); - } -} + link_interface_to_vlans($realid, "update"); -if ($_GET['act'] == "add" && (count($config['interfaces']) < count($portlist))) { - /* find next free optional interface number */ - if(!$config['interfaces']['lan']) { - $newifname = gettext("lan"); - $descr = gettext("LAN"); - $config['interfaces'][$newifname] = array(); - $config['interfaces'][$newifname]['descr'] = $descr; - } else { - for ($i = 1; $i <= count($config['interfaces']); $i++) { - if (!$config['interfaces']["opt{$i}"]) - break; + $savemsg = gettext("Interface has been deleted."); } - $newifname = 'opt' . $i; - $descr = "OPT" . $i; - $config['interfaces'][$newifname] = array(); - $config['interfaces'][$newifname]['descr'] = $descr; } +} - uksort($config['interfaces'], "compare_interface_friendly_names"); - - /* Find an unused port for this interface */ - foreach ($portlist as $portname => $portinfo) { - $portused = false; - foreach ($config['interfaces'] as $ifname => $ifdata) { - if ($ifdata['if'] == $portname) { - $portused = true; - break; - } - } - if (!$portused) { - $config['interfaces'][$newifname]['if'] = $portname; - if (preg_match($g['wireless_regex'], $portname)) { - $config['interfaces'][$newifname]['wireless'] = array(); - interface_sync_wireless_clones($config['interfaces'][$newifname], false); - } +/* Create a list of unused ports */ +$unused_portlist = array(); +foreach ($portlist as $portname => $portinfo) { + $portused = false; + foreach ($config['interfaces'] as $ifname => $ifdata) { + if ($ifdata['if'] == $portname) { + $portused = true; break; } } - - /* XXX: Do not remove this. */ - mwexec("/bin/rm -f /tmp/config.cache"); - - write_config(); - - $savemsg = gettext("Interface has been added."); - -} else if ($_GET['act'] == "add") - $input_errors[] = "No more interfaces available to be assigned."; + if ($portused === false) + $unused_portlist[$portname] = $portinfo; +} include("head.inc"); @@ -384,7 +434,7 @@ if(file_exists("/var/run/interface_mismatch_reboot_needed")) else $savemsg = gettext("Reboot is needed. Please apply the settings in order to reboot."); } else { - $savemsg = gettext("Interface mismatch detected. Please resolve the mismatch and click Save. The firewall will reboot afterwards."); + $savemsg = gettext("Interface mismatch detected. Please resolve the mismatch and click 'Apply changes'. The firewall will reboot afterwards."); } ?> @@ -393,17 +443,21 @@ if(file_exists("/var/run/interface_mismatch_reboot_needed")) <form action="interfaces_assign.php" method="post" name="iform" id="iform"> -<?php if (file_exists("/tmp/reload_interfaces")): ?><p> - <?php print_info_box_np(gettext("The interface configuration has been changed.<br />You must apply the changes in order for them to take effect."));?><br /></p> -<?php elseif($savemsg): ?> - <?php print_info_box($savemsg); ?> -<?php endif; ?> - -<?php pfSense_handle_custom_code("/usr/local/pkg/interfaces_assign/pre_input_errors"); ?> -<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php +if (file_exists("/tmp/reload_interfaces")) { + echo "<p>\n"; + print_info_box_np(gettext("The interface configuration has been changed.<br />You must apply the changes in order for them to take effect.")); + echo "<br /></p>\n"; +} elseif($savemsg) + print_info_box($savemsg); + +pfSense_handle_custom_code("/usr/local/pkg/interfaces_assign/pre_input_errors"); +if ($input_errors) + print_input_errors($input_errors); +?> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="interfaces assign"> - <tr><td class="tabnavtbl"> + <tr><td class="tabnavtbl"> <?php $tab_array = array(); $tab_array[0] = array(gettext("Interface assignments"), true, "interfaces_assign.php"); @@ -418,100 +472,88 @@ if(file_exists("/var/run/interface_mismatch_reboot_needed")) $tab_array[10] = array(gettext("LAGG"), false, "interfaces_lagg.php"); display_top_tabs($tab_array); ?> - </td></tr> - <tr> - <td> - <div id="mainarea"> - <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area"> - <tr> - <td class="listhdrr"><?=gettext("Interface"); ?></td> - <td class="listhdr"><?=gettext("Network port"); ?></td> - <td class="list"> </td> - </tr> - <?php foreach ($config['interfaces'] as $ifname => $iface): - if ($iface['descr']) - $ifdescr = $iface['descr']; - else - $ifdescr = strtoupper($ifname); - ?> - <tr> - <td class="listlr" valign="middle"><strong><u><span onclick="location.href='/interfaces.php?if=<?=$ifname;?>'" style="cursor: pointer;"><?=$ifdescr;?></span></u></strong></td> - <td valign="middle" class="listr"> - <select onchange="javascript:jQuery('#savediv').show();" name="<?=$ifname;?>" id="<?=$ifname;?>"> - <?php foreach ($portlist as $portname => $portinfo): ?> - <option value="<?=$portname;?>" <?php if ($portname == $iface['if']) echo " selected=\"selected\"";?>> - <?php if ($portinfo['isvlan']) { - $descr = sprintf(gettext('VLAN %1$s on %2$s'),$portinfo['tag'],$portinfo['if']); - if ($portinfo['descr']) - $descr .= " (" . $portinfo['descr'] . ")"; - echo htmlspecialchars($descr); - } elseif ($portinfo['iswlclone']) { - $descr = $portinfo['cloneif']; - if ($portinfo['descr']) - $descr .= " (" . $portinfo['descr'] . ")"; - echo htmlspecialchars($descr); - } elseif ($portinfo['isppp']) { - echo htmlspecialchars($portinfo['descr']); - } elseif ($portinfo['isbridge']) { - $descr = strtoupper($portinfo['bridgeif']); - if ($portinfo['descr']) - $descr .= " (" . $portinfo['descr'] . ")"; - echo htmlspecialchars($descr); - } elseif ($portinfo['isgre']) { - $descr = "GRE {$portinfo['remote-addr']}"; - if ($portinfo['descr']) - $descr .= " (" . $portinfo['descr'] . ")"; - echo htmlspecialchars($descr); - } elseif ($portinfo['isgif']) { - $descr = "GIF {$portinfo['remote-addr']}"; - if ($portinfo['descr']) - $descr .= " (" . $portinfo['descr'] . ")"; - echo htmlspecialchars($descr); - } elseif ($portinfo['islagg']) { - $descr = strtoupper($portinfo['laggif']); - if ($portinfo['descr']) - $descr .= " (" . $portinfo['descr'] . ")"; - echo htmlspecialchars($descr); - } elseif ($portinfo['isqinq']) { - echo htmlspecialchars($portinfo['descr']); - } elseif (substr($portname, 0, 4) == 'ovpn') { - echo htmlspecialchars($portname . " (" . $ovpn_descrs[substr($portname, 5)] . ")"); - } else - echo htmlspecialchars($portname . " (" . $portinfo['mac'] . ")"); - ?></option> - <?php endforeach; ?> - </select> - </td> - <td valign="middle" class="list"> - <?php if ($ifname != 'wan'): ?> - <a href="interfaces_assign.php?act=del&id=<?=$ifname;?>" onclick="return confirm('<?=gettext("Do you really want to delete this interface?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete interface"); ?>" width="17" height="17" border="0" alt="delete" /></a> - <?php endif; ?> - </td> - </tr> - <?php endforeach; ?> - <?php if (count($config['interfaces']) < count($portlist)): ?> - <tr> - <td class="list" colspan="2"></td> - <td class="list nowrap"> - <a href="interfaces_assign.php?act=add"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add interface"); ?>" width="17" height="17" border="0" alt="add" /></a> - </td> - </tr> - <?php else: ?> - <tr> - <td class="list" colspan="3" height="10"></td> - </tr> - <?php endif; ?> -</table> -</div> -<br /> -<div id='savediv' <?php if (empty($_GET['act'])) echo "style='display:none;'"; ?>> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /><br /><br /> -</div> -<ul> - <li><span class="vexpl"><?=gettext("Interfaces that are configured as members of a lagg(4) interface will not be shown."); ?></span></li> -</ul> -</td> -</tr> + </td></tr> + <tr><td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area"> + <tr> + <td class="listhdrr"><?=gettext("Interface"); ?></td> + <td class="listhdr"><?=gettext("Network port"); ?></td> + <td class="list"> </td> + </tr> +<?php + foreach ($config['interfaces'] as $ifname => $iface): + if ($iface['descr']) + $ifdescr = $iface['descr']; + else + $ifdescr = strtoupper($ifname); +?> + <tr> + <td class="listlr" valign="middle"><strong><u><span onclick="location.href='/interfaces.php?if=<?=$ifname;?>'" style="cursor: pointer;"><?=$ifdescr;?></span></u></strong></td> + <td valign="middle" class="listr"> + <select onchange="javascript:jQuery('#savediv').show();" name="<?=$ifname;?>" id="<?=$ifname;?>"> +<?php + foreach ($portlist as $portname => $portinfo): +?> + <option value="<?=$portname;?>" <?php if ($portname == $iface['if']) echo " selected=\"selected\"";?>> + <?=interface_assign_description($portinfo, $portname);?> + </option> +<?php + endforeach; +?> + </select> + </td> + <td valign="middle" class="list"> +<?php + if ($ifname != 'wan'): +?> + <input name="del_<?=$ifname;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" + title="<?=gettext("delete interface");?>" + type="image" style="height:17;width:17;border:0" + onclick="return confirm('<?=gettext("Do you really want to delete this interface?"); ?>')" /> +<?php + endif; +?> + </td> + </tr> +<?php + endforeach; + if (count($config['interfaces']) < count($portlist)): +?> + <tr> + <td class="list"> + <strong><?=gettext("Available network ports:");?></strong> + </td> + <td class="list"> + <select name="if_add" id="if_add"> +<?php + foreach ($unused_portlist as $portname => $portinfo): +?> + <option value="<?=$portname;?>" <?php if ($portname == $iface['if']) echo " selected=\"selected\"";?>> + <?=interface_assign_description($portinfo, $portname);?> + </option> +<?php + endforeach; +?> + </select> + </td> + <td class="list"> + <input name="add" type="image" src="/themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" style="width:17;height:17;border:0" title="<?=gettext("add selected interface");?>" /> + </td> + </tr> +<?php + endif; +?> + </table> + </div> + <br /> + <div id='savediv' style='display:none'> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /><br /><br /> + </div> + <ul> + <li><span class="vexpl"><?=gettext("Interfaces that are configured as members of a lagg(4) interface will not be shown."); ?></span></li> + </ul> + </td></tr> </table> </form> <?php include("fend.inc"); ?> diff --git a/usr/local/www/javascript/jquery.js b/usr/local/www/javascript/jquery.js index e375a10..859a7b2 100644 --- a/usr/local/www/javascript/jquery.js +++ b/usr/local/www/javascript/jquery.js @@ -37,8 +37,8 @@ var jQuery = function( selector, context ) { rootjQuery, // A simple way to check for HTML strings or ID strings - // (both of which we optimize for) - quickExpr = /^(?:[^<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/, + // Prioritize #id over <tag> to avoid XSS via location.hash (#9521) + quickExpr = /^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/, // Check if a string has a non-whitespace character in it rnotwhite = /\S/, diff --git a/usr/local/www/javascript/row_toggle.js b/usr/local/www/javascript/row_toggle.js index 6a1f5f8..350743e 100644 --- a/usr/local/www/javascript/row_toggle.js +++ b/usr/local/www/javascript/row_toggle.js @@ -1,35 +1,46 @@ -function fr_toggle(id) { - var checkbox = document.getElementById('frc' + id); +function fr_toggle(id, prefix) { + if (!prefix) + prefix = 'fr'; + + var checkbox = document.getElementById(prefix + 'c' + id); checkbox.checked = !checkbox.checked; - fr_bgcolor(id); + fr_bgcolor(id, prefix); } -function fr_bgcolor(id) { - var row = document.getElementById('fr' + id); - var checkbox = document.getElementById('frc' + id); + +function fr_bgcolor(id, prefix) { + if (!prefix) + prefix = 'fr'; + + var row = document.getElementById(prefix + id); + var checkbox = document.getElementById(prefix + 'c' + id); var cells = row.getElementsByTagName('td'); var cellcnt = cells.length; for (i = 0; i < cellcnt; i++) { // Check for cells with frd id only - if (cells[i].id == "frd" + id) + if (cells[i].id == prefix + 'd' + id) cells[i].style.backgroundColor = checkbox.checked ? "#FFFFBB" : "#FFFFFF"; } //cells[7].style.backgroundColor = checkbox.checked ? "#FFFFBB" : "#990000"; } -function fr_insline(id, on) { - var row = document.getElementById('fr' + id); - var prevrow; + +function fr_insline(id, on, prefix) { + if (!prefix) + prefix = 'fr'; + + var row = document.getElementById(prefix + id); + var prevrow; if (id != 0) { - prevrow = document.getElementById('fr' + (id-1)); + prevrow = document.getElementById(prefix + (id-1)); } else { - prevrow = document.getElementById('frheader'); + prevrow = document.getElementById(prefix + 'header'); } var cells = row.getElementsByTagName("td"); var prevcells = prevrow.getElementsByTagName("td"); for (i = 0; i <= prevcells.length - 1; i++) { - if (prevcells[i].id == 'frd' + (id-1)) { + if (prevcells[i].id == prefix + 'd' + (id-1)) { if (on) { prevcells[i].style.borderBottom = "3px solid #990000"; prevcells[i].style.paddingBottom = ((id != 0) ? 2 : 3) + "px"; @@ -42,7 +53,7 @@ function fr_insline(id, on) { } for (i = 0; i <= cells.length - 1; i++) { - if (cells[i].id == 'frd' + (id)) { + if (cells[i].id == prefix + 'd' + (id)) { if (on) { cells[i].style.borderTop = "2px solid #990000"; cells[i].style.paddingTop = "2px"; diff --git a/usr/local/www/services_igmpproxy_edit.php b/usr/local/www/services_igmpproxy_edit.php index 98c4414..6a82590 100644 --- a/usr/local/www/services_igmpproxy_edit.php +++ b/usr/local/www/services_igmpproxy_edit.php @@ -7,7 +7,7 @@ Copyright (C) 2004 Scott Ullrich All rights reserved. - originially part of m0n0wall (http://m0n0.ch/wall) + originally part of m0n0wall (http://m0n0.ch/wall) Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. All rights reserved. @@ -214,7 +214,7 @@ include("head.inc"); <br /> <span class="vexpl"> <?=gettext("Defines the TTL threshold for the network interface. Packets". - " with a lower TTL than the threshols value will be ignored. This". + " with a lower TTL than the threshold value will be ignored. This". " setting is optional, and by default the threshold is 1.");?> </span> </td> diff --git a/usr/local/www/status.php b/usr/local/www/status.php index 93fe21e..0a0f70a 100755 --- a/usr/local/www/status.php +++ b/usr/local/www/status.php @@ -179,7 +179,7 @@ defCmdT("dhcpd.conf","cat /var/dhcpd/etc/dhcpd.conf"); defCmdT("df","/bin/df"); -defCmdT("racoon.conf","cat /var/etc/racoon.conf"); +defCmdT("ipsec.conf","cat /var/etc/ipsec/ipsec.conf"); defCmdT("SPD","/sbin/setkey -DP"); defCmdT("SAD","/sbin/setkey -D"); diff --git a/usr/local/www/status_interfaces.php b/usr/local/www/status_interfaces.php index 58ed077..4e10fe1 100644 --- a/usr/local/www/status_interfaces.php +++ b/usr/local/www/status_interfaces.php @@ -46,13 +46,12 @@ require_once("guiconfig.inc"); require_once("shaper.inc"); require_once("filter.inc"); -if ($_GET['if']) { - $interface = $_GET['if']; - if ($_GET['action'] == "Disconnect" || $_GET['action'] == "Release") { +if ($_POST['if'] && $_POST['submit']) { + $interface = $_POST['if']; + if ($_POST['status'] == "up") interface_bring_down($interface); - } else if ($_GET['action'] == "Connect" || $_GET['action'] == "Renew") { + else interface_configure($interface); - } header("Location: status_interfaces.php"); exit; } @@ -96,15 +95,13 @@ include("head.inc"); DHCP </td> <td width="78%" class="listr"> - <?=htmlspecialchars($ifinfo['dhcplink']);?> - <?php if ($ifinfo['dhcplink'] == "up"): ?> - <a href="status_interfaces.php?action=Release&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Release");?>" class="formbtns" /> - <?php else: ?> - <a href="status_interfaces.php?action=Renew&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Renew");?>" class="formbtns" /> - <?php endif; ?> - </a> + <form name="dhcplink_form" action="status_interfaces.php" method="post"> + <input type="hidden" name="if" value="<?php echo $ifdescr; ?>" /> + <input type="hidden" name="status" value="<?php echo $ifinfo['dhcplink']; ?>" /> + <?=htmlspecialchars($ifinfo['dhcplink']);?> + <?php $action = ($ifinfo['dhcplink'] == "up" ? gettext("Release") : gettext("Renew")); ?> + <input type="submit" name="submit" class="formbtn" value="<?php echo $action; ?>" /> + </form> </td> </tr> <?php endif; @@ -114,77 +111,70 @@ include("head.inc"); DHCP6 </td> <td width="78%" class="listr"> - <?=htmlspecialchars($ifinfo['dhcp6link']);?> - <?php if ($ifinfo['dhcp6link'] == "up"): ?> - <a href="status_interfaces.php?action=Release&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Release");?>" class="formbtns" /> - <?php else: ?> - <a href="status_interfaces.php?action=Renew&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Renew");?>" class="formbtns" /> - <?php endif; ?> - </a> + <form name="dhcp6link_form" action="status_interfaces.php" method="post"> + <input type="hidden" name="if" value="<?php echo $ifdescr; ?>" /> + <input type="hidden" name="status" value="<?php echo $ifinfo['dhcp6link']; ?>" /> + <?=htmlspecialchars($ifinfo['dhcp6link']);?> + <?php $action = ($ifinfo['dhcp6link'] == "up" ? gettext("Release") : gettext("Renew")); ?> + <input type="submit" name="submit" class="formbtn" value="<?php echo $action; ?>" /> + </form> </td> </tr> <?php endif; if ($ifinfo['pppoelink']): ?> <tr> <td width="22%" class="vncellt"><?=gettext("PPPoE"); ?></td> <td width="78%" class="listr"> - <?=htmlspecialchars($ifinfo['pppoelink']);?> - <?php if ($ifinfo['pppoelink'] == "up"): ?> - <a href="status_interfaces.php?action=Disconnect&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Disconnect");?>" class="formbtns" /> - <?php else: ?> - <a href="status_interfaces.php?action=Connect&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Connect");?>" class="formbtns" /> - <?php endif; ?> - </a> + <form name="pppoelink_form" action="status_interfaces.php" method="post"> + <input type="hidden" name="if" value="<?php echo $ifdescr; ?>" /> + <input type="hidden" name="status" value="<?php echo $ifinfo['pppoelink']; ?>" /> + <?=htmlspecialchars($ifinfo['pppoelink']);?> + <?php $action = ($ifinfo['pppoelink'] == "up" ? gettext("Disconnect") : gettext("Connect")); ?> + <input type="submit" name="submit" class="formbtn" value="<?php echo $action; ?>" /> + </form> </td> </tr> <?php endif; if ($ifinfo['pptplink']): ?> <tr> <td width="22%" class="vncellt"><?=gettext("PPTP"); ?></td> <td width="78%" class="listr"> - <?=htmlspecialchars($ifinfo['pptplink']);?> - <?php if ($ifinfo['pptplink'] == "up"): ?> - <a href="status_interfaces.php?action=Disconnect&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Disconnect");?>" class="formbtns" /> - <?php else: ?> - <a href="status_interfaces.php?action=Connect&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Connect");?>" class="formbtns" /> - <?php endif; ?> - </a> + <form name="pptplink_form" action="status_interfaces.php" method="post"> + <input type="hidden" name="if" value="<?php echo $ifdescr; ?>" /> + <input type="hidden" name="status" value="<?php echo $ifinfo['pptplink']; ?>" /> + <?=htmlspecialchars($ifinfo['pptplink']);?> + <?php $action = ($ifinfo['pptplink'] == "up" ? gettext("Disconnect") : gettext("Connect")); ?> + <input type="submit" name="submit" class="formbtn" value="<?php echo $action; ?>" /> + </form> </td> </tr> <?php endif; if ($ifinfo['l2tplink']): ?> <tr> <td width="22%" class="vncellt"><?=gettext("L2TP"); ?></td> <td width="78%" class="listr"> - <?=htmlspecialchars($ifinfo['l2tplink']);?> - <?php if ($ifinfo['l2tplink'] == "up"): ?> - <a href="status_interfaces.php?action=Disconnect&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Disconnect");?>" class="formbtns" /> - <?php else: ?> - <a href="status_interfaces.php?action=Connect&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Connect");?>" class="formbtns" /> - <?php endif; ?> - </a> + <form name="l2tplink_form" action="status_interfaces.php" method="post"> + <input type="hidden" name="if" value="<?php echo $ifdescr; ?>" /> + <input type="hidden" name="status" value="<?php echo $ifinfo['l2tplink']; ?>" /> + <?=htmlspecialchars($ifinfo['l2tplink']);?> + <?php $action = ($ifinfo['l2tplink'] == "up" ? gettext("Disconnect") : gettext("Connect")); ?> + <input type="submit" name="submit" class="formbtn" value="<?php echo $action; ?>" /> + </form> </td> </tr> <?php endif; if ($ifinfo['ppplink']): ?> <tr> <td width="22%" class="vncellt"><?=gettext("PPP"); ?></td> <td width="78%" class="listr"> - <?=htmlspecialchars($ifinfo['pppinfo']);?> - <?php if ($ifinfo['ppplink'] == "up"): ?> - <a href="status_interfaces.php?action=Disconnect&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Disconnect");?>" class="formbtns" /> - <?php else: ?> - <?php if (!$ifinfo['nodevice']): ?> - <a href="status_interfaces.php?action=Connect&if=<?php echo $ifdescr; ?>"> - <input type="button" name="<?php echo $ifdescr; ?>" value="<?=gettext("Connect");?>" class="formbtns" /> + <form name="ppplink_form" action="status_interfaces.php" method="post"> + <input type="hidden" name="if" value="<?php echo $ifdescr; ?>" /> + <input type="hidden" name="status" value="<?php echo $ifinfo['ppplink']; ?>" /> + <?=htmlspecialchars($ifinfo['pppinfo']);?> + <?php if ($ifinfo['ppplink'] == "up"): ?> + <input type="submit" name="submit" class="formbtn" value="<?php echo gettext("Disconnect"); ?>" /> + <?php else: ?> + <?php if (!$ifinfo['nodevice']): ?> + <input type="submit" name="submit" class="formbtn" value="<?php echo gettext("Connect"); ?>" /> + <?php endif; ?> <?php endif; ?> - <?php endif; ?> - </a> + </form> </td> </tr> <?php endif; if ($ifinfo['ppp_uptime'] || $ifinfo['ppp_uptime_accumulated']): ?> diff --git a/usr/local/www/themes/code-red/all.css b/usr/local/www/themes/code-red/all.css index a68d44d..81efac7 100644 --- a/usr/local/www/themes/code-red/all.css +++ b/usr/local/www/themes/code-red/all.css @@ -1,6 +1,6 @@ /* Element CSS Definitions */ html, body, td, th, input, select { - font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-family: Tahoma, sans-serif; font-size: 0.9em; } @@ -351,12 +351,9 @@ table#marquee div#container div#scroller { /* Style the List */ #navigation { - /* background: url('images/menu.gif') no-repeat; */ - /* width: 693px; */ position: relative; top: -35px; left: 3px; - width: 810px; padding: 0px; height: 28px; z-index: 3; @@ -376,7 +373,7 @@ table#marquee div#container div#scroller { #navigation ul li { float: left; position: relative; - width: 6.2em; + width: 80px; } #navigation ul li div { font-size: 1em; diff --git a/usr/local/www/themes/metallic/all.css b/usr/local/www/themes/metallic/all.css index 47b6b98..e1a49d6 100644 --- a/usr/local/www/themes/metallic/all.css +++ b/usr/local/www/themes/metallic/all.css @@ -1,6 +1,6 @@ /* Element CSS Definitions */ html, body, td, th, input, select { - font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-family: Tahoma, sans-serif; font-size: 0.9em; } @@ -334,12 +334,9 @@ table#marquee div#container div#scroller { /* Style the List */ #navigation { - /* background: url('images/menu.gif') no-repeat; */ - /* width: 693px; */ position: relative; top: -24px; left: -4px; - width: 800px; padding: 0px; height: 28px; z-index: 3; @@ -359,8 +356,7 @@ table#marquee div#container div#scroller { #navigation ul li { float: left; position: relative; - /* width: 7.5em; */ - width: 6.2em; + width: 80px; } #navigation ul li div { font-size: 1em; diff --git a/usr/local/www/themes/nervecenter/all.css b/usr/local/www/themes/nervecenter/all.css index 541861a..d66e36c 100644 --- a/usr/local/www/themes/nervecenter/all.css +++ b/usr/local/www/themes/nervecenter/all.css @@ -1,6 +1,6 @@ /* Element CSS Definitions */ html, body, td, th, input, select { - font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-family: Tahoma, sans-serif; font-size: 0.9em; } @@ -357,12 +357,9 @@ table#marquee div#container div#scroller { /* Style the List */ #navigation { - /* background: url('images/menu.gif') no-repeat; */ - /* width: 693px; */ position: relative; top: -25px; left: 3px; - width: 810px; padding: 0px; height: 28px; z-index: 3; @@ -382,7 +379,7 @@ table#marquee div#container div#scroller { #navigation ul li { float: left; position: relative; - width: 6.2em; + width: 80px; } #navigation ul li div { font-size: 1em; diff --git a/usr/local/www/themes/pfsense_ng/all.css b/usr/local/www/themes/pfsense_ng/all.css index 46f74fa..9bb4b56 100644 --- a/usr/local/www/themes/pfsense_ng/all.css +++ b/usr/local/www/themes/pfsense_ng/all.css @@ -1,6 +1,6 @@ /* Element CSS Definitions */ html, body, td, th, input, select { - font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-family: Tahoma, sans-serif; font-size: 0.9em; } @@ -407,7 +407,6 @@ table#marquee div#container div#scroller { position: fixed; top: 0px; left: 100px; - width: 750px; padding: 0px; height: 28px; z-index: 3; @@ -428,7 +427,7 @@ table#marquee div#container div#scroller { #navigation ul li { float: left; position: relative; - padding-right: 27px; + padding-right: 20px; top: 0px; } @@ -1366,7 +1365,7 @@ div#log span.log-protocol-mini-header { /* Sortable tables */ table.sortable thead { cursor: default; - // background-color: #EEEEEE; this causing light gray rectangles to the right of many tables in gui + /* background-color: #EEEEEE; this causing light gray rectangles to the right of many tables in gui */ padding-right: 12px; padding-left: 12px; padding-top: 12px; diff --git a/usr/local/www/themes/pfsense_ng_fs/all.css b/usr/local/www/themes/pfsense_ng_fs/all.css index 7ccc4c7..dd66eec 100644 --- a/usr/local/www/themes/pfsense_ng_fs/all.css +++ b/usr/local/www/themes/pfsense_ng_fs/all.css @@ -1,6 +1,6 @@ /* Element CSS Definitions */ html, body, td, th, input, select { - font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-family: Tahoma, sans-serif; font-size: 0.9em; } @@ -368,7 +368,6 @@ table#marquee div#container div#scroller { position: fixed; top: 0px; left: 100px; - width: 750px; padding: 0px; height: 28px; z-index: 3; @@ -389,7 +388,7 @@ table#marquee div#container div#scroller { #navigation ul li { float: left; position: relative; - padding-right: 27px; + padding-right: 20px; top: 0px; } @@ -1327,7 +1326,7 @@ div#log span.log-protocol-mini-header { /* Sortable tables */ table.sortable thead { cursor: default; -// background-color: #EEEEEE; this causing light gray rectangles to the right of many tables in gui + /* background-color: #EEEEEE; this causing light gray rectangles to the right of many tables in gui */ padding-right: 12px; padding-left: 12px; padding-top: 12px; diff --git a/usr/local/www/themes/the_wall/all.css b/usr/local/www/themes/the_wall/all.css index 60404d7..cb90972 100644 --- a/usr/local/www/themes/the_wall/all.css +++ b/usr/local/www/themes/the_wall/all.css @@ -1,6 +1,6 @@ /* Element CSS Definitions */ html, body, td, th, input, select { - font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-family: Tahoma, sans-serif; font-size: 0.9em; } @@ -359,12 +359,9 @@ table#marquee div#container div#scroller { /* Style the List */ #navigation { - /* background: url('images/menu.gif') no-repeat; */ - /* width: 693px; */ position: relative; top: -25px; left: 3px; - width: 810px; padding: 0px; height: 28px; z-index: 3; @@ -384,7 +381,7 @@ table#marquee div#container div#scroller { #navigation ul li { float: left; position: relative; - width: 6.2em; + width: 80px; } #navigation ul li div { font-size: 1em; diff --git a/usr/local/www/vpn_ipsec.php b/usr/local/www/vpn_ipsec.php index 62e7dc5..17e0e0d 100644 --- a/usr/local/www/vpn_ipsec.php +++ b/usr/local/www/vpn_ipsec.php @@ -55,7 +55,6 @@ $a_phase2 = &$config['ipsec']['phase2']; $pconfig['enable'] = isset($config['ipsec']['enable']); if ($_POST) { - if ($_POST['apply']) { $retval = 0; $retval = vpn_ipsec_configure(); @@ -74,46 +73,141 @@ if ($_POST) { write_config(); $retval = vpn_ipsec_configure(); - } -} + } else if (isset($_POST['del_x'])) { + /* delete selected p1 entries */ + if (is_array($_POST['p1entry']) && count($_POST['p1entry'])) { + foreach ($_POST['p1entry'] as $p1entrydel) { + unset($a_phase1[$p1entrydel]); + } + if (write_config()) + mark_subsystem_dirty('ipsec'); + } + } else if (isset($_POST['delp2_x'])) { + /* delete selected p2 entries */ + if (is_array($_POST['p2entry']) && count($_POST['p2entry'])) { + foreach ($_POST['p2entry'] as $p2entrydel) { + unset($a_phase2[$p2entrydel]); + } + if (write_config()) + mark_subsystem_dirty('ipsec'); + } + } else { + /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ + unset($delbtn, $delbtnp2, $movebtn, $movebtnp2, $togglebtn, $togglebtnp2); + foreach ($_POST as $pn => $pd) { + if (preg_match("/del_(\d+)_x/", $pn, $matches)) { + $delbtn = $matches[1]; + } else if (preg_match("/delp2_(\d+)_x/", $pn, $matches)) { + $delbtnp2 = $matches[1]; + } else if (preg_match("/move_(\d+)_x/", $pn, $matches)) { + $movebtn = $matches[1]; + } else if (preg_match("/movep2_(\d+)_x/", $pn, $matches)) { + $movebtnp2 = $matches[1]; + } else if (preg_match("/toggle_(\d+)_x/", $pn, $matches)) { + $togglebtn = $matches[1]; + } else if (preg_match("/togglep2_(\d+)_x/", $pn, $matches)) { + $togglebtnp2 = $matches[1]; + } + } -if ($_GET['act'] == "delph1") -{ - if ($a_phase1[$_GET['p1index']]) { - /* remove static route if interface is not WAN */ - if ($a_phase1[$_GET['p1index']]['interface'] <> "wan") - mwexec("/sbin/route delete -host {$a_phase1[$_GET['p1index']]['remote-gateway']}"); - - /* remove all phase2 entries that match the ikeid */ - $ikeid = $a_phase1[$_GET['p1index']]['ikeid']; - foreach ($a_phase2 as $p2index => $ph2tmp) - if ($ph2tmp['ikeid'] == $ikeid) { - unset($a_phase2[$p2index]); + $save = 1; + + /* move selected p1 entries before this */ + if (isset($movebtn) && is_array($_POST['p1entry']) && count($_POST['p1entry'])) { + $a_phase1_new = array(); + + /* copy all p1 entries < $movebtn and not selected */ + for ($i = 0; $i < $movebtn; $i++) { + if (!in_array($i, $_POST['p1entry'])) + $a_phase1_new[] = $a_phase1[$i]; } - /* remove the phase1 entry */ - unset($a_phase1[$_GET['p1index']]); - write_config(); - mark_subsystem_dirty('ipsec'); - header("Location: vpn_ipsec.php"); - exit; - } -} + /* copy all selected p1 entries */ + for ($i = 0; $i < count($a_phase1); $i++) { + if ($i == $movebtn) + continue; + if (in_array($i, $_POST['p1entry'])) + $a_phase1_new[] = $a_phase1[$i]; + } -if ($_GET['act'] == "delph2") -{ - if ($a_phase1[$_GET['p1index']] && $a_phase2[$_GET['p2index']]) { - /* remove the phase2 entry */ - foreach ($a_phase2 as $ph2idx => $ph2) { - if ($ph2['uniqid'] == $_GET['p2index']) { - unset($a_phase2[$ph2idx]); - write_config(); - mark_subsystem_dirty('ipsec'); - break; + /* copy $movebtn p1 entry */ + if ($movebtn < count($a_phase1)) + $a_phase1_new[] = $a_phase1[$movebtn]; + + /* copy all p1 entries > $movebtn and not selected */ + for ($i = $movebtn+1; $i < count($a_phase1); $i++) { + if (!in_array($i, $_POST['p1entry'])) + $a_phase1_new[] = $a_phase1[$i]; + } + if (count($a_phase1_new) > 0) + $a_phase1 = $a_phase1_new; + + } else if (isset($movebtnp2) && is_array($_POST['p2entry']) && count($_POST['p2entry'])) { + /* move selected p2 entries before this */ + $a_phase2_new = array(); + + /* copy all p2 entries < $movebtnp2 and not selected */ + for ($i = 0; $i < $movebtnp2; $i++) { + if (!in_array($i, $_POST['p2entry'])) + $a_phase2_new[] = $a_phase2[$i]; + } + + /* copy all selected p2 entries */ + for ($i = 0; $i < count($a_phase2); $i++) { + if ($i == $movebtnp2) + continue; + if (in_array($i, $_POST['p2entry'])) + $a_phase2_new[] = $a_phase2[$i]; + } + + /* copy $movebtnp2 p2 entry */ + if ($movebtnp2 < count($a_phase2)) + $a_phase2_new[] = $a_phase2[$movebtnp2]; + + /* copy all p2 entries > $movebtnp2 and not selected */ + for ($i = $movebtnp2+1; $i < count($a_phase2); $i++) { + if (!in_array($i, $_POST['p2entry'])) + $a_phase2_new[] = $a_phase2[$i]; } + if (count($a_phase2_new) > 0) + $a_phase2 = $a_phase2_new; + + } else if (isset($togglebtn)) { + if (isset($a_phase1[$togglebtn]['disabled'])) + unset($a_phase1[$togglebtn]['disabled']); + else + $a_phase1[$togglebtn]['disabled'] = true; + + } else if (isset($togglebtnp2)) { + if (isset($a_phase2[$togglebtnp2]['disabled'])) + unset($a_phase2[$togglebtnp2]['disabled']); + else + $a_phase2[$togglebtnp2]['disabled'] = true; + + } else if (isset($delbtn)) { + /* remove static route if interface is not WAN */ + if ($a_phase1[$delbtn]['interface'] <> "wan") + mwexec("/sbin/route delete -host {$a_phase1[$delbtn]['remote-gateway']}"); + + /* remove all phase2 entries that match the ikeid */ + $ikeid = $a_phase1[$delbtn]['ikeid']; + foreach ($a_phase2 as $p2index => $ph2tmp) + if ($ph2tmp['ikeid'] == $ikeid) { + unset($a_phase2[$p2index]); + } + + unset($a_phase1[$delbtn]); + + } else if (isset($delbtnp2)) { + unset($a_phase2[$delbtnp2]); + + } else + $save = 0; + + if ($save === 1) { + if (write_config()) + mark_subsystem_dirty('ipsec'); } - header("Location: vpn_ipsec.php"); - exit; } } @@ -127,6 +221,7 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <form action="vpn_ipsec.php" method="post"> +<script type="text/javascript" src="/javascript/row_toggle.js"></script> <?php if ($savemsg) print_info_box($savemsg); @@ -136,14 +231,14 @@ include("head.inc"); <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn ipsec"> <tr> <td class="tabnavtbl"> - <?php - $tab_array = array(); - $tab_array[0] = array(gettext("Tunnels"), true, "vpn_ipsec.php"); - $tab_array[1] = array(gettext("Mobile clients"), false, "vpn_ipsec_mobile.php"); - $tab_array[2] = array(gettext("Pre-Shared Keys"), false, "vpn_ipsec_keys.php"); - $tab_array[3] = array(gettext("Advanced Settings"), false, "vpn_ipsec_settings.php"); - display_top_tabs($tab_array); - ?> +<?php + $tab_array = array(); + $tab_array[0] = array(gettext("Tunnels"), true, "vpn_ipsec.php"); + $tab_array[1] = array(gettext("Mobile clients"), false, "vpn_ipsec_mobile.php"); + $tab_array[2] = array(gettext("Pre-Shared Keys"), false, "vpn_ipsec_keys.php"); + $tab_array[3] = array(gettext("Advanced Settings"), false, "vpn_ipsec_settings.php"); + display_top_tabs($tab_array); +?> </td> </tr> <tr> @@ -171,87 +266,106 @@ include("head.inc"); </tr> </table> <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="phase-1 entries"> - <?php - $i = 0; - foreach ($a_phase1 as $ph1ent) { - if (isset( $ph1ent['disabled'])) { - $spans = "<span class=\"gray\">"; - $spane = "</span>"; - } - else - $spans = $spane = ""; - - show_ipsec_header($ph1ent); - $counter++; // used to determine if we need to output header manually (no records exist) - ?> - <tr valign="top" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'"> - <td class="listlr"> + <tr id="frheader"> + <td class="list"> </td> + <td class="list"> </td> + <td class="listhdrr"><?=gettext("IKE"); ?></td> + <td class="listhdrr"><?=gettext("Remote Gateway"); ?></td> + <td class="listhdrr"><?=gettext("Mode"); ?></td> + <td class="listhdrr"><?=gettext("P1 Protocol"); ?></td> + <td class="listhdrr"><?=gettext("P1 Transforms"); ?></td> + <td class="listhdrr"><?=gettext("P1 Description"); ?></td> + <td class="list"> + </td> + </tr> +<?php + $i = 0; + foreach ($a_phase1 as $ph1ent): + $iconfn = "pass"; + $spans = $spane = ""; + if (isset($ph1ent['disabled'])) { + $spans = "<span class=\"gray\">"; + $spane = "</span>"; + $iconfn .= "_d"; + } +?> + <tr valign="top" id="fr<?=$i;?>" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'"> + <td class="listt" align="center" valign="middle"> + <input type="checkbox" id="frc<?=$i;?>" name="p1entry[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$i;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" /> + </td> + <td class="listt" align="center" valign="middle"> + <input name="toggle_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn?>.gif" + title="<?=gettext("click to toggle enabled/disabled status");?>" + type="image" style="height:11;width:11;border:0" /> + </td> + <td class="listlr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>"> <?=$spans;?> - <?php if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1") - echo "V1"; - else - echo "V2"; - ?> +<?php + if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1") + echo "V1"; + else + echo "V2"; +?> <?=$spane;?> </td> - <td class="listr"> + <td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>"> <?=$spans;?> - <?php - if ($ph1ent['interface']) { - $iflabels = get_configured_interface_with_descr(); - - $carplist = get_configured_carp_interface_list(); - foreach ($carplist as $cif => $carpip) - $iflabels[$cif] = $carpip." (".get_vip_descr($carpip).")"; - - $aliaslist = get_configured_ip_aliases_list(); - foreach ($aliaslist as $aliasip => $aliasif) - $iflabels[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; - - $grouplist = return_gateway_groups_array(); - foreach ($grouplist as $name => $group) { - if($group[0]['vip'] <> "") - $vipif = $group[0]['vip']; - else - $vipif = $group[0]['int']; - $iflabels[$name] = "GW Group {$name}"; - } - $if = htmlspecialchars($iflabels[$ph1ent['interface']]); +<?php + if ($ph1ent['interface']) { + $iflabels = get_configured_interface_with_descr(); + + $carplist = get_configured_carp_interface_list(); + foreach ($carplist as $cif => $carpip) + $iflabels[$cif] = $carpip." (".get_vip_descr($carpip).")"; + + $aliaslist = get_configured_ip_aliases_list(); + foreach ($aliaslist as $aliasip => $aliasif) + $iflabels[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; + + $grouplist = return_gateway_groups_array(); + foreach ($grouplist as $name => $group) { + if($group[0]['vip'] <> "") + $vipif = $group[0]['vip']; + else + $vipif = $group[0]['int']; + $iflabels[$name] = "GW Group {$name}"; } - else - $if = "WAN"; + $if = htmlspecialchars($iflabels[$ph1ent['interface']]); + } + else + $if = "WAN"; - if (!isset($ph1ent['mobile'])) - echo $if."<br />".$ph1ent['remote-gateway']; - else - echo $if."<br /><strong>" . gettext("Mobile Client") . "</strong>"; - ?> + if (!isset($ph1ent['mobile'])) + echo $if."<br />".$ph1ent['remote-gateway']; + else + echo $if."<br /><strong>" . gettext("Mobile Client") . "</strong>"; +?> <?=$spane;?> </td> - <td class="listr"> + <td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>"> <?=$spans;?> <?=$ph1ent['mode'];?> <?=$spane;?> </td> - <td class="listr"> + <td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>"> <?=$spans;?> <?=$p1_ealgos[$ph1ent['encryption-algorithm']['name']]['name'];?> - <?php - if ($ph1ent['encryption-algorithm']['keylen']) { - if ($ph1ent['encryption-algorithm']['keylen']=="auto") - echo " (" . gettext("auto") . ")"; - else - echo " ({$ph1ent['encryption-algorithm']['keylen']} " . gettext("bits") . ")"; - } - ?> +<?php + if ($ph1ent['encryption-algorithm']['keylen']) { + if ($ph1ent['encryption-algorithm']['keylen']=="auto") + echo " (" . gettext("auto") . ")"; + else + echo " ({$ph1ent['encryption-algorithm']['keylen']} " . gettext("bits") . ")"; + } +?> <?=$spane;?> </td> - <td class="listr"> + <td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>"> <?=$spans;?> <?=$p1_halgos[$ph1ent['hash-algorithm']];?> <?=$spane;?> </td> - <td class="listbg"> + <td class="listbg" onclick="fr_toggle(<?=$i;?>)"> <?=$spans;?> <?=htmlspecialchars($ph1ent['descr']);?> <?=$spane;?> @@ -260,182 +374,269 @@ include("head.inc"); <table border="0" cellspacing="0" cellpadding="1" summary="icons"> <tr> <td> - <a href="vpn_ipsec_phase1.php?p1index=<?=$i;?>"> - <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase1 entry"); ?>" width="17" height="17" border="0" alt="edit" /> - </a> + <input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" + name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" + title="<?=gettext("move selected entries before this");?>" + type="image" style="height:17;width:17;border:0" /> </td> <td> - <a href="vpn_ipsec.php?act=delph1&p1index=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this phase1 and all associated phase2 entries?"); ?>')"> - <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete phase1 entry"); ?>" width="17" height="17" border="0" alt="delete" /> + <a href="vpn_ipsec_phase1.php?p1index=<?=$i;?>"> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase1 entry"); ?>" width="17" height="17" border="0" alt="edit" /> </a> </td> </tr> - <?php if (!isset($ph1ent['mobile'])): ?> <tr> <td> + <input name="del_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" + title="<?=gettext("delete phase1 entry");?>" + type="image" style="height:17;width:17;border:0" + onclick="return confirm('<?=gettext("Do you really want to delete this phase1 and all associated phase2 entries?"); ?>')" /> </td> <td> +<?php + if (!isset($ph1ent['mobile'])): +?> <a href="vpn_ipsec_phase1.php?dup=<?=$i;?>"> <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("copy phase1 entry"); ?>" width="17" height="17" border="0" alt="add" /> </a> +<?php + endif; +?> </td> </tr> - <?php endif; ?> </table> </td> </tr> <tr> + <td class="listt"> </td> + <td class="listt"> </td> <td class="listrborder" colspan="6"> - <div id="shph2but-<?=$i?>"> - <?php - $phase2count=0; - foreach ($a_phase2 as $ph2ent) { - if ($ph2ent['ikeid'] != $ph1ent['ikeid']) - continue; - $phase2count++; - } - ?> +<?php + if (isset($_POST["tdph2-{$i}-visible"])) + $tdph2_visible = htmlspecialchars($_POST["tdph2-{$i}-visible"]); + else + $tdph2_visible = 0; +?> + <input type="hidden" name="tdph2-<?=$i;?>-visible" id="tdph2-<?=$i;?>-visible" value="<?=$tdph2_visible?>" /> + <div id="shph2but-<?=$i?>" <?php echo ($tdph2_visible == '1' ? 'style="display:none"' : '');?>> +<?php + $phase2count=0; + foreach ($a_phase2 as $ph2ent) { + if ($ph2ent['ikeid'] != $ph1ent['ikeid']) + continue; + $phase2count++; + } + $fr_prefix = "frp2{$i}"; + $fr_header = $fr_prefix . "header"; +?> <input type="button" onclick="show_phase2('tdph2-<?=$i?>','shph2but-<?=$i?>')" value="+" /> - <?php printf(gettext("Show %s Phase-2 entries"), $phase2count); ?> </div> - <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" id="tdph2-<?=$i?>" style="display:none" summary="phase-2 entries"> - <tr> + <div id="tdph2-<?=$i?>" <?php echo ($tdph2_visible != '1' ? 'style="display:none"' : '');?>> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="phase-2 entries"> + <tr id="<?=$fr_header;?>"> + <td> </td> + <td> </td> <td class="listhdrr"><?=gettext("Mode"); ?></td> - <?php if(($ph2ent['mode'] == "tunnel") or ($ph2ent['mode'] == "tunnel6")): ?> <td class="listhdrr"><?=gettext("Local Subnet"); ?></td> <td class="listhdrr"><?=gettext("Remote Subnet"); ?></td> - <?php endif; ?> <td class="listhdrr"><?=gettext("P2 Protocol"); ?></td> <td class="listhdrr"><?=gettext("P2 Transforms"); ?></td> <td class="listhdrr"><?=gettext("P2 Auth Methods"); ?></td> - <td class ="list"> - <a href="vpn_ipsec_phase2.php?ikeid=<?=$ph1ent['ikeid'];?><?php if (isset($ph1ent['mobile'])) echo "&mobile=true";?>"> - <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add phase2 entry"); ?>" width="17" height="17" border="0" alt="add" /> - </a> - </td> + <td class ="list"> </td> </tr> - <?php - foreach ($a_phase2 as $ph2ent): - if ($ph2ent['ikeid'] != $ph1ent['ikeid']) - continue; - - if (isset( $ph2ent['disabled']) || isset($ph1ent['disabled'])) { - $spans = "<span class=\"gray\">"; - $spane = "</span>"; - } - else - $spans = $spane = ""; - ?> - <tr valign="top" ondblclick="document.location='vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];?>'"> - - <td class="listlr nowrap"> - <?=$spans;?> - <?=$ph2ent['mode'];?> - <?=$spane;?> +<?php + $j = 0; + foreach ($a_phase2 as $ph2index => $ph2ent): + if ($ph2ent['ikeid'] != $ph1ent['ikeid']) + continue; + + $fr_c = $fr_prefix . "c" . $j; + $fr_d = $fr_prefix . "d" . $j; + + $iconfn = "pass"; + $spans = $spane = ""; + if (isset($ph2ent['disabled'])) { + $spans = "<span class=\"gray\">"; + $spane = "</span>"; + $iconfn .= "_d"; + } +?> + <tr valign="top" id="<?=$fr_prefix . $j;?>" ondblclick="document.location='vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];?>'"> + <td class="listt" align="center" valign="middle"> + <input type="checkbox" id="<?=$fr_c;?>" name="p2entry[]" value="<?=$ph2index;?>" onclick="fr_bgcolor('<?=$j;?>', '<?=$fr_prefix;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" /> </td> - <?php - if(($ph2ent['mode'] <> "tunnel") and ($ph2ent['mode'] <> "tunnel6")) { - echo "<td class=\"listr nowrap\"> </td><td class=\"listr nowrap\"> </td>"; - } - ?> - <?php if(($ph2ent['mode'] == "tunnel") or ($ph2ent['mode'] == "tunnel6")): ?> - <td class="listr nowrap"> - <?=$spans;?> - <?=ipsec_idinfo_to_text($ph2ent['localid']); ?> - <?=$spane;?> + <td class="listt" align="center" valign="middle"> + <input name="togglep2_<?=$ph2index;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn?>.gif" + title="<?=gettext("click to toggle enabled/disabled status");?>" + type="image" style="height:11;width:11;border:0" /> </td> - <td class="listr nowrap"> + <td class="listlr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')"> <?=$spans;?> - <?=ipsec_idinfo_to_text($ph2ent['remoteid']); ?> + <?=$ph2ent['mode'];?> <?=$spane;?> </td> - <?php endif; ?> - <td class="listr nowrap"> +<?php + if(($ph2ent['mode'] == "tunnel") or ($ph2ent['mode'] == "tunnel6")): +?> + <td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')"> + <?=$spans;?> + <?=ipsec_idinfo_to_text($ph2ent['localid']); ?> + <?=$spane;?> + </td> + <td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')"> + <?=$spans;?> + <?=ipsec_idinfo_to_text($ph2ent['remoteid']); ?> + <?=$spane;?> + </td> +<?php + else: + echo "<td class=\"listr nowrap\"> </td><td class=\"listr nowrap\"> </td>"; + endif; +?> + <td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')"> <?=$spans;?> - <?php echo $p2_protos[$ph2ent['protocol']]; ?> + <?php echo $p2_protos[$ph2ent['protocol']]; ?> <?=$spane;?> </td> - <td class="listr"> + <td class="listr" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')"> <?=$spans;?> - <?php - foreach ($ph2ent['encryption-algorithm-option'] as $k => $ph2ea) { - if ($k) - echo ", "; - echo $p2_ealgos[$ph2ea['name']]['name']; - if ($ph2ea['keylen']) { - if ($ph2ea['keylen']=="auto") - echo " (" . gettext("auto") . ")"; - else - echo " ({$ph2ea['keylen']} " . gettext("bits") . ")"; - } +<?php + foreach ($ph2ent['encryption-algorithm-option'] as $k => $ph2ea) { + if ($k) + echo ", "; + echo $p2_ealgos[$ph2ea['name']]['name']; + if ($ph2ea['keylen']) { + if ($ph2ea['keylen']=="auto") + echo " (" . gettext("auto") . ")"; + else + echo " ({$ph2ea['keylen']} " . gettext("bits") . ")"; } - ?> + } +?> <?=$spane;?> </td> - <td class="listr nowrap"> + <td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')"> <?=$spans;?> - <?php - if (!empty($ph2ent['hash-algorithm-option']) && is_array($ph2ent['hash-algorithm-option'])) { - foreach ($ph2ent['hash-algorithm-option'] as $k => $ph2ha) { - if ($k) - echo ", "; - echo $p2_halgos[$ph2ha]; - } +<?php + if (!empty($ph2ent['hash-algorithm-option']) && is_array($ph2ent['hash-algorithm-option'])) { + foreach ($ph2ent['hash-algorithm-option'] as $k => $ph2ha) { + if ($k) + echo ", "; + echo $p2_halgos[$ph2ha]; } - ?> + } +?> <?=$spane;?> </td> - <td class="list nowrap"> + <td class="list nowrap" valign="middle"> + <input onmouseover="fr_insline(<?=$j;?>, true, '<?=$fr_prefix;?>')" onmouseout="fr_insline(<?=$j;?>, false, '<?=$fr_prefix;?>')" + name="movep2_<?=$j;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" + title="<?=gettext("move selected entries before this");?>" + type="image" style="height:17;width:17;border:0" /> <a href="vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];?>"> <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase2 entry"); ?>" width="17" height="17" border="0" alt="edit" /> </a> - <a href="vpn_ipsec.php?act=delph2&p1index=<?=$i;?>&p2index=<?=$ph2ent['uniqid'];?>" onclick="return confirm('<?=gettext("Do you really want to delete this phase2 entry?"); ?>')"> - <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete phase2 entry"); ?>" width="17" height="17" border="0" alt="delete" /> - </a> + <input name="delp2_<?=$ph2index;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" + title="<?=gettext("delete phase2 entry");?>" + type="image" style="height:17;width:17;border:0" + onclick="return confirm('<?=gettext("Do you really want to delete this phase2 entry?"); ?>')" /> <a href="vpn_ipsec_phase2.php?dup=<?=$ph2ent['uniqid'];?>"> <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new Phase 2 based on this one"); ?>" width="17" height="17" border="0" alt="add" /> </a> </td> </tr> - - <?php endforeach; ?> - +<?php + $j++; + endforeach; +?> + <tr valign="top" id="<?=$fr_prefix . $j;?>"> + <td class="list" colspan="8"></td> + <td class="list nowrap" valign="middle"> +<?php + if ($j == 0): +?> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected phase2 entries to end");?>" border="0" alt="move" /> +<?php + else: +?> + <input onmouseover="fr_insline(<?=$j;?>, true, '<?=$fr_prefix;?>')" onmouseout="fr_insline(<?=$j;?>, false, '<?=$fr_prefix;?>')" name="movep2_<?=$j;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected phase2 entries to end");?>" /> +<?php + endif; +?> + <a href="vpn_ipsec_phase2.php?ikeid=<?=$ph1ent['ikeid'];?><?php if (isset($ph1ent['mobile'])) echo "&mobile=true";?>"> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add phase2 entry"); ?>" width="17" height="17" border="0" alt="add" /> + </a> +<?php + if ($j == 0): +?> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected phase2 entries");?>" border="0" alt="delete" /> +<?php + else: +?> + <input name="delp2" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected phase2 entries");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected phase2 entries?");?>')" /> +<?php + endif; +?> + </td> + </tr> </table> + </div> </td> </tr> - <tr> - <td> - - </td> - </tr> - <?php - $i++; - } - if(!$counter) - show_ipsec_header($ph1ent); - ?> - <tr> - <td class="list" colspan="6"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="add"> +<?php + $i++; + endforeach; // $a_phase1 as $ph1ent +?> + <tr valign="top" id="fr<?=$i;?>"> + <td class="list" colspan="8"></td> + <td class="list nowrap" valign="middle"> + <table border="0" cellspacing="0" cellpadding="1" summary="edit"> <tr> - <td width="17"></td> + <td> +<?php + if ($i == 0): +?> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected phase1 entries to end");?>" border="0" alt="move" /> +<?php + else: +?> + <input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected phase1 entries to end");?>" /> +<?php + endif; +?> + </td> <td> <a href="vpn_ipsec_phase1.php"> - <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add phase1 entry"); ?>" width="17" height="17" border="0" alt="add" /> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new phase1");?>" alt="add" /> </a> </td> </tr> + <tr> + <td> +<?php + if ($i == 0): +?> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected phase1 entries");?>" border="0" alt="delete" /> +<?php + else: +?> + <input name="del" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected phase1 entries");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected phase1 entries?");?>')" /> +<?php + endif; +?> + </td> + </tr> </table> </td> </tr> <tr> - <td colspan="7"> + <td colspan="8"> <p> <span class="vexpl"> <span class="red"> <strong><?=gettext("Note"); ?>:<br /></strong> </span> - <?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br /> + <?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br /> <?=gettext("IPsec Debug Mode can be enabled at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.<br /> <?=gettext("IPsec can be set to prefer older SAs at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>. </span> @@ -453,34 +654,11 @@ include("head.inc"); //<![CDATA[ function show_phase2(id, buttonid) { document.getElementById(buttonid).innerHTML=''; - aodiv = document.getElementById(id); - aodiv.style.display = "block"; + document.getElementById(id).style.display = "block"; + var visible = id + '-visible'; + document.getElementById(visible).value = "1"; } //]]> </script> </body> </html> - -<?php - -function show_ipsec_header($ph1ent) { - global $g; - if (isset($ph1ent['mobile'])) - $mobile = "&mobile=true"; - ?> - <tr> - <td class="listhdrr"><?=gettext("IKE"); ?></td> - <td class="listhdrr"><?=gettext("Remote Gateway"); ?></td> - <td class="listhdrr"><?=gettext("Mode"); ?></td> - <td class="listhdrr"><?=gettext("P1 Protocol"); ?></td> - <td class="listhdrr"><?=gettext("P1 Transforms"); ?></td> - <td class="listhdrr"><?=gettext("P1 Description"); ?></td> - <td class ="list"> - </td> - </tr> - -<?php - -} - -?> diff --git a/usr/local/www/vpn_ipsec_phase2.php b/usr/local/www/vpn_ipsec_phase2.php index 370416e..461a708 100644 --- a/usr/local/www/vpn_ipsec_phase2.php +++ b/usr/local/www/vpn_ipsec_phase2.php @@ -255,7 +255,7 @@ if ($_POST) { if (!count($ealgos)) { $input_errors[] = gettext("At least one encryption algorithm must be selected."); } else { - if (empty($pconfig['halgo'])) { + if (empty($pconfig['halgos'])) { foreach ($ealgos as $ealgo) { if (!strpos($ealgo['name'], "gcm")) { $input_errors[] = gettext("At least one hashing algorithm needs to be selected."); diff --git a/usr/local/www/widgets/widgets/gateways.widget.php b/usr/local/www/widgets/widgets/gateways.widget.php index 24b8afd..f8cb056 100644 --- a/usr/local/www/widgets/widgets/gateways.widget.php +++ b/usr/local/www/widgets/widgets/gateways.widget.php @@ -44,32 +44,21 @@ $counter = 1; <table bgcolor="#990000" width="100%" border="0" cellspacing="0" cellpadding="0" summary="gateway status"> <tr> - <td class="vncellt" width="30%" id="gatewayname"> - Name - </td> - <td width="70%" class="listr"> - <table width="100%" border="0" cellspacing="0" cellpadding="0" style="table-layout: fixed;" summary="heading"> - <tr> - <td width="25%" class="listhdrr ellipsis">RTT</td> - <td width="25%" class="listhdrr ellipsis">Loss</td> - <td width="50%" class="listhdrr ellipsis">Status</td> - </tr> - </table> - </td> + <td class="listhdrr" id="gatewayname" align="center">Name</td> + <td class="listhdrr" align="center">RTT</td> + <td class="listhdrr" align="center">Loss</td> + <td class="listhdrr" align="center">Status</td> </tr> <?php foreach ($a_gateways as $gname => $gateway) { ?> <tr> - <td class="vncellt" width="30%" id="gateway<?php echo $counter; ?>"> + <td class="listhdrr" id="gateway<?php echo $counter; ?>" rowspan="2" align="center"> <strong> <?php echo htmlspecialchars($gateway['name']); ?> </strong> <?php $counter++; ?> </td> - <td width="70%" class="listr ellipsis"> - <table width="100%" border="0" cellspacing="0" cellpadding="0" style="table-layout: fixed;" summary="address"> - <tr> - <td class="vncellt ellipsis" width="100%"> - <div id="gateway<?php echo $counter; ?>" style="display:inline"> + <td colspan="3" class="listr ellipsis" summary="address" align="center"> + <div id="gateway<?php echo $counter; ?>" style="display:inline"><b> <?php $if_gw = ''; if (is_ipaddr($gateway['gateway'])) @@ -84,13 +73,11 @@ $counter = 1; unset ($if_gw); $counter++; ?> - </div> + </b></div> </td> - </tr> - </table> - <table width="100%" border="0" cellspacing="0" cellpadding="0" style="table-layout: fixed;" summary="statistics"> - <tr> - <td width="25%" class="listlr ellipsis" align="center" id="gateway<?php echo $counter; ?>"> + </tr> + <tr> + <td class="listr ellipsis" align="center" id="gateway<?php echo $counter; ?>"> <?php if ($gateways_status[$gname]) echo htmlspecialchars($gateways_status[$gname]['delay']); @@ -99,7 +86,7 @@ $counter = 1; ?> <?php $counter++; ?> </td> - <td width="25%" class="listr ellipsis" align="center" id="gateway<?php echo $counter; ?>"> + <td class="listr ellipsis" align="center" id="gateway<?php echo $counter; ?>"> <?php if ($gateways_status[$gname]) echo htmlspecialchars($gateways_status[$gname]['loss']); @@ -108,8 +95,6 @@ $counter = 1; ?> <?php $counter++; ?> </td> - <td width="50%" class="listr ellipsis" id="gateway<?php echo $counter ?>" > - <table border="0" cellpadding="0" cellspacing="2" style="table-layout: fixed;" summary="status"> <?php if ($gateways_status[$gname]) { if (stristr($gateways_status[$gname]['status'], "force_down")) { @@ -135,14 +120,9 @@ $counter = 1; $online = gettext("Unknown"); $bgcolor = "#ADD8E6"; // lightblue } - echo "<tr><td class=\"ellipsis\" bgcolor=\"$bgcolor\"> $online </td></tr>\n"; + echo "<td class=\"ellipsis\" bgcolor=\"$bgcolor\" align=\"center\">$online</td>\n"; $counter++; ?> - </table> - </td> - </tr> - </table> - </td> </tr> <?php } // foreach ?> </table> diff --git a/usr/local/www/widgets/widgets/interfaces.widget.php b/usr/local/www/widgets/widgets/interfaces.widget.php index 22b15d9..92a5ffb 100644 --- a/usr/local/www/widgets/widgets/interfaces.widget.php +++ b/usr/local/www/widgets/widgets/interfaces.widget.php @@ -49,7 +49,7 @@ require_once("/usr/local/www/widgets/include/interfaces.inc"); $iswireless = is_interface_wireless($ifdescr); ?> <tr> - <td class="vncellt" width="40%"> + <td class="vncellt" rowspan="2"> <?php if($ifinfo['ppplink']) { echo "<img src='./themes/{$g['theme']}/images/icons/icon_3g.gif' alt='3g' />"; @@ -67,39 +67,37 @@ require_once("/usr/local/www/widgets/include/interfaces.inc"); <?=htmlspecialchars($ifname);?></span></u></strong> <?php if ($ifinfo['dhcplink']) - echo " (DHCP)"; + echo " (DHCP)"; ?> </td> - <td width="60%" class="listr"> - <table width="100%" border="0" cellspacing="0" cellpadding="0" summary="status"> - <tr> - <?php if($ifinfo['status'] == "up" || $ifinfo['status'] == "associated") { ?> - <td> + <?php if($ifinfo['status'] == "up" || $ifinfo['status'] == "associated") { ?> + <td rowspan="2" class="listr" align="center"> <div id="<?php echo $ifname;?>-up" style="display:inline" ><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_interface_up.gif" title="<?=$ifname;?> is up" alt="up" /></div> </td> <?php } else if ($ifinfo['status'] == "no carrier") { ?> - <td> + <td rowspan="2" class="listr" align="center"> <div id="<?php echo $ifname;?>-down" style="display:inline" ><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_interface_down.gif" title="<?=$ifname;?> is down" alt="down" /></div> </td> <?php } else if ($ifinfo['status'] == "down") { ?> - <td> + <td rowspan="2" class="listr" align="center"> <div id="<?php echo $ifname;?>-block" style="display:inline" ><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" title="<?=$ifname;?> is disabled" alt="disabled" /></div> </td> <?php } else { ?><?=htmlspecialchars($ifinfo['status']); }?> - <td> + <td class="listr"> <div id="<?php echo $ifname;?>-media" style="display:inline"><?=htmlspecialchars($ifinfo['media']);?></div> </td> </tr> - </table> - <table width="100%" border="0" cellspacing="0" cellpadding="0" summary="summary"> <tr> - <td class="vncellt" width="100%"> - <div id="<?php echo $ifname;?>-ip" style="display:inline"><?=htmlspecialchars($ifinfo['ipaddr']);?> </div> - <br /> - <div id="<?php echo $ifname;?>-ipv6" style="display:inline"><?=htmlspecialchars($ifinfo['ipaddrv6']);?> </div> - </td> + <td class="listr"><b> + <?php if($ifinfo['ipaddr'] != "") { ?> + <div id="<?php echo $ifname;?>-ip" style="display:inline"><?=htmlspecialchars($ifinfo['ipaddr']);?> </div> + <br /> + <?php } + if ($ifinfo['ipaddrv6'] != "") { ?> + <div id="<?php echo $ifname;?>-ipv6" style="display:inline"><?=htmlspecialchars($ifinfo['ipaddrv6']);?> </div> + <?php } ?> + </b></td> </tr> - </table> - </td></tr> + </tr> <?php }//end for each ?> </table> diff --git a/usr/local/www/widgets/widgets/ipsec.widget.php b/usr/local/www/widgets/widgets/ipsec.widget.php index 9d35e0b..930a560 100644 --- a/usr/local/www/widgets/widgets/ipsec.widget.php +++ b/usr/local/www/widgets/widgets/ipsec.widget.php @@ -163,26 +163,33 @@ if (isset($config['ipsec']['phase1'])){?> <div id="ipsec-mobile" style="display:none;background-color:#EEEEEE;"> <div style="padding: 10px"> <div style="display:table-row;"> - <div class="widgetsubheader" style="display:table-cell;width:140px">User/Time</div> - <div class="widgetsubheader" style="display:table-cell;width:130px">Local/Remote</div> - <div class="widgetsubheader" style="display:table-cell;width:30px"> </div> + <div class="widgetsubheader" style="display:table-cell;width:140px">User</div> + <div class="widgetsubheader" style="display:table-cell;width:130px">IP</div> + <div class="widgetsubheader" style="display:table-cell;width:30px">Status;</div> </div> <div style="max-height:105px;overflow:auto;"> -<?php foreach ($mobile as $muser) : ?> +<?php + if (is_array($mobile['pool'])): + foreach ($mobile['pool'] as $pool): + if (is_array($pool['lease'])): + foreach ($pool['lease'] as $muser) : ?> <div style="display:table-row;"> <div class="listlr" style="display:table-cell;width:139px"> - <?php echo htmlspecialchars($muser['username']);?><br /> - <?php echo htmlspecialchars($muser['logintime']);?> + <?php echo htmlspecialchars($muser['id']);?><br /> </div> <div class="listr" style="display:table-cell;width:130px"> - <?php echo htmlspecialchars($muser['local']);?><br /> - <?php echo htmlspecialchars($muser['remote']);?> + <?php echo htmlspecialchars($muser['host']);?><br /> </div> - <div class="listr" style="display:table-cell;width:30px" align="center"> - <a href="diag_ipsec.php?act=disconnect&user=<?php echo $muser['username']; ?>"><img src='/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif' height='17' width='17' border='0' alt='x' /></a> + <div class="listr" style="display:table-cell;width:30px"> + <?php echo htmlspecialchars($muser['status']);?><br/> </div> </div> -<?php endforeach; ?> +<?php + endforeach; + endif; + endforeach; + endif; +?> </div> </div> </div> diff --git a/usr/local/www/widgets/widgets/traffic_graphs.widget.php b/usr/local/www/widgets/widgets/traffic_graphs.widget.php index 2dedc2d..3f9bba7 100644 --- a/usr/local/www/widgets/widgets/traffic_graphs.widget.php +++ b/usr/local/www/widgets/widgets/traffic_graphs.widget.php @@ -98,12 +98,6 @@ if (isset($a_config["scale_type"])) { ?> <input type="hidden" id="traffic_graphs-config" name="traffic_graphs-config" value="" /> -<?php - //set variables for traffic graph - $width = "100%"; - $height = "150"; -?> - <div id="traffic_graphs-settings" class="widgetconfigdiv" style="display:none;"> <form action="/widgets/widgets/traffic_graphs.widget.php" method="post" name="iform" id="iform"> <?php foreach ($ifdescrs as $ifname => $ifdescr) { ?> @@ -117,14 +111,16 @@ if (isset($a_config["scale_type"])) { $selected_radio = $config["widgets"]["trafficgraphs"]["scale_type"]; if ($selected_radio == "up") { $scale_type_up = "checked=\"checked\""; + $scale_type_follow=""; } else if ($selected_radio == "follow") { + $scale_type_up=""; $scale_type_follow = "checked=\"checked\""; } } ?> - <input name="scale_type_up" class="radio" type="radio" id="scale_type_up" value="up" <?php echo $scale_type_up; ?> onchange="updateGraphDisplays();" /> <span>up</span> - <input name="scale_type_follow" class="radio" type="radio" id="scale_type_follow" value="follow" <?php echo $scale_type_follow; ?> onchange="updateGraphDisplays();" /> <span>follow</span><br /><br /> + <input name="scale_type" class="radio" type="radio" id="scale_type_up" value="up" <?php echo $scale_type_up; ?> onchange="updateGraphDisplays();" /> <span>up</span> + <input name="scale_type" class="radio" type="radio" id="scale_type_follow" value="follow" <?php echo $scale_type_follow; ?> onchange="updateGraphDisplays();" /> <span>follow</span><br /><br /> Refresh Interval: <select name="refreshinterval" class="formfld" id="refreshinterval" onchange="updateGraphDisplays();"> <?php for ($i = 1; $i <= 10; $i += 1) { ?> @@ -173,11 +169,9 @@ foreach ($ifdescrs as $ifname => $ifdescr) { <div style="clear:both;"></div> </div> <div id="<?=$ifname;?>graphdiv" style="display:<?php echo $graphdisplay;?>"> - <object data="graph.php?ifnum=<?=$ifname;?>&ifname=<?=rawurlencode($ifdescr);?>&timeint=<?=$refreshinterval;?>&initdelay=<?=($graphcounter+1) * 2;?>"> + <object data="graph.php?ifnum=<?=$ifname;?>&ifname=<?=rawurlencode($ifdescr);?>&timeint=<?=$refreshinterval;?>&initdelay=<?=($graphcounter+1) * 2;?>" height="100%" width="100%"> <param name="id" value="graph" /> <param name="type" value="image/svg+xml" /> - <param name="width" value="<? echo $width; ?>" /> - <param name="height" value="<? echo $height; ?>" /> <param name="pluginspage" value="http://www.adobe.com/svg/viewer/install/auto" /> </object> </div> diff --git a/usr/local/www/wizards/traffic_shaper_wizard_dedicated.xml b/usr/local/www/wizards/traffic_shaper_wizard_dedicated.xml index eccdc83..3775142 100755 --- a/usr/local/www/wizards/traffic_shaper_wizard_dedicated.xml +++ b/usr/local/www/wizards/traffic_shaper_wizard_dedicated.xml @@ -439,7 +439,7 @@ <type>checkbox</type> <typehint>Prioritize network gaming traffic</typehint> <description>This will raise the priority of gaming traffic to higher than most traffic.</description> - <enablefields>ARMA2,BattleNET,Battlefield2,Battlefield3,BattlefieldBC2,Borderlands,CallOfDuty,Counterstrike,Crysis2,DeltaForce,Dirt3,DOOM3,EmpireEarth,EveOnline,Everquest,Everquest2,FarCry,FarCry2,FarCry3,GunZOnline,HalfLife,Halo2,LeagueofLegends,Lineage2,MechwarriorOnline,Minecraft,OperationFlashpointDR,PlanetSide,PlanetSide2,PlayStation3,QuakeIII,QuakeIV,Steam,StarWarsTOR,TigerWoods2004PS2,TribesAscend,UnrealTournament,WolfensteinEnemyTerritory,WorldOfWarcraft,XBox360</enablefields> + <enablefields>BattleNET,EAOrigin,GameForWindowsLive,PlayStationConsoles,Steam,WiiConsoles,XboxConsoles,ARMA2,ARMA3,Battlefield2,Battlefield3,BattlefieldBC2,Borderlands,CallOfDuty,Counterstrike,Crysis2,Crysis3,DeltaForce,DeadSpace2,DeadSpace3,Dirt3,DOOM3,DragonAge2,EmpireEarth,EveOnline,Everquest,Everquest2,FarCry,FarCry2,FarCry3,GunZOnline,HalfLife,LeagueofLegends,Lineage2,MassEffect3,MechwarriorOnline,Minecraft,OperationFlashpointDR,PlanetSide,PlanetSide2,QuakeIII,QuakeIV,StarWarsTOR,TigerWoods2004PS2,TribesAscend,UnrealTournament,WolfensteinEnemyTerritory,WorldOfWarcraft</enablefields> <donotdisable>true</donotdisable> <bindstofield>ezshaper->step6->enable</bindstofield> </field> @@ -448,6 +448,52 @@ <type>submit</type> </field> <field> + <name>Enable/Disable specific game consoles and services</name> + <type>listtopic</type> + </field> + <field> + <name>BattleNET</name> + <type>checkbox</type> + <typehint>Battle.net - Virtually every game from Blizzard publishing should match this. This includes the following game series: Starcraft, Diablo, Warcraft. Guild Wars also uses this port.</typehint> + <bindstofield>ezshaper->step6->battlenet</bindstofield> + </field> + <field> + <name>EAOrigin</name> + <type>checkbox</type> + <typehint>EA Origin Client - Some PC games by EA use this.</typehint> + <bindstofield>ezshaper->step6->eaorigin</bindstofield> + </field> + <field> + <name>GameForWindowsLive</name> + <type>checkbox</type> + <typehint>Games for Windows Live</typehint> + <bindstofield>ezshaper->step6->gamesforwindowslive</bindstofield> + </field> + <field> + <name>PlayStationConsoles</name> + <type>checkbox</type> + <typehint>PlayStation Consoles - This should cover all ports required for the Playstation 4, Playstation, PS Vita</typehint> + <bindstofield>ezshaper->step6->playstationconsoles</bindstofield> + </field> + <field> + <name>Steam</name> + <type>checkbox</type> + <typehint>Steam Game Client (Includes: America's Army 3, Counter-Strike: Source, Counter-Strike: Global Offensive, Half-Life 2, COD: Black Ops Series, Borderlands 2, Natural Selection 2, Left 4 Dead Series, Portal 2 and many other games on the Steam)</typehint> + <bindstofield>ezshaper->step6->steam</bindstofield> + </field> + <field> + <name>WiiConsoles</name> + <type>checkbox</type> + <typehint>Wii Consoles - Wii, Wii U, DS and 3DS</typehint> + <bindstofield>ezshaper->step6->wiiconsoles</bindstofield> + </field> + <field> + <name>XboxConsoles</name> + <type>checkbox</type> + <typehint>Xbox Consoles - Xbox 360 and Xbox One</typehint> + <bindstofield>ezshaper->step6->xboxconsoles</bindstofield> + </field> + <field> <name>Enable/Disable specific games</name> <type>listtopic</type> </field> @@ -458,10 +504,10 @@ <bindstofield>ezshaper->step6->arma2</bindstofield> </field> <field> - <name>BattleNET</name> + <name>ARMA3</name> <type>checkbox</type> - <typehint>Battle.net - Virtually every game from Blizzard publishing should match this. This includes the following game series: Starcraft, Diablo, Warcraft. Guild Wars also uses this port.</typehint> - <bindstofield>ezshaper->step6->battlenet</bindstofield> + <typehint>ARMA 3</typehint> + <bindstofield>ezshaper->step6->arma3</bindstofield> </field> <field> <name>Battlefield2</name> @@ -472,7 +518,7 @@ <field> <name>Battlefield3</name> <type>checkbox</type> - <typehint>Battlefield 3 - this game uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> + <typehint>Battlefield 3 and 4 - this game uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> <bindstofield>ezshaper->step6->battlefield3</bindstofield> </field> <field> @@ -506,6 +552,24 @@ <bindstofield>ezshaper->step6->crysis2</bindstofield> </field> <field> + <name>Crysis3</name> + <type>checkbox</type> + <typehint>Crysis 3</typehint> + <bindstofield>ezshaper->step6->crysis3</bindstofield> + </field> + <field> + <name>DeadSpace2</name> + <type>checkbox</type> + <typehint>Dead Space2 - this game uses a HUGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> + <bindstofield>ezshaper->step6->deadspace2</bindstofield> + </field> + <field> + <name>DeadSpace3</name> + <type>checkbox</type> + <typehint>Dead Space 3</typehint> + <bindstofield>ezshaper->step6->deadspace3</bindstofield> + </field> + <field> <name>DeltaForce</name> <type>checkbox</type> <typehint>Delta Force</typehint> @@ -524,6 +588,12 @@ <bindstofield>ezshaper->step6->doom3</bindstofield> </field> <field> + <name>DragonAge2</name> + <type>checkbox</type> + <typehint>Dragon Age 2</typehint> + <bindstofield>ezshaper->step6->dragonage2</bindstofield> + </field> + <field> <name>EmpireEarth</name> <type>checkbox</type> <typehint>Empire Earth</typehint> @@ -578,12 +648,6 @@ <bindstofield>ezshaper->step6->halflife</bindstofield> </field> <field> - <name>Halo2</name> - <type>checkbox</type> - <typehint>Halo2 via Xbox live</typehint> - <bindstofield>ezshaper->step6->halo2xbox</bindstofield> - </field> - <field> <name>LeagueofLegends</name> <type>checkbox</type> <typehint>League of Legends - this game uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> @@ -596,6 +660,12 @@ <bindstofield>ezshaper->step6->lineage2</bindstofield> </field> <field> + <name>MassEffect3</name> + <type>checkbox</type> + <typehint>Mass Effect 3</typehint> + <bindstofield>ezshaper->step6->masseffect3</bindstofield> + </field> + <field> <name>MechwarriorOnline</name> <type>checkbox</type> <typehint>MechWarrior: Online - this game uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> @@ -620,12 +690,6 @@ <bindstofield>ezshaper->step6->planetside2</bindstofield> </field> <field> - <name>PlayStation3</name> - <type>checkbox</type> - <typehint>PlayStation 3</typehint> - <bindstofield>ezshaper->step6->playstation3</bindstofield> - </field> - <field> <name>OperationFlashpointDR</name> <type>checkbox</type> <typehint>Operation Flashpoint: Dragon Rising</typehint> @@ -650,12 +714,6 @@ <bindstofield>ezshaper->step6->starwarstor</bindstofield> </field> <field> - <name>Steam</name> - <type>checkbox</type> - <typehint>Steam (Includes: America's Army 3, Counter-Strike: Source, Counter-Strike: Global Offensive, Half-Life 2, COD: Black Ops Series, Borderlands 2, Natural Selection 2, Left 4 Dead Series, Portal 2)</typehint> - <bindstofield>ezshaper->step6->steam</bindstofield> - </field> - <field> <name>TigerWoods2004PS2</name> <type>checkbox</type> <typehint>Tiger Woods 2004 for PS2</typehint> @@ -686,12 +744,6 @@ <bindstofield>ezshaper->step6->wow</bindstofield> </field> <field> - <name>Xbox360</name> - <type>checkbox</type> - <typehint>XBox 360 and Games for Windows Live</typehint> - <bindstofield>ezshaper->step6->xbox360</bindstofield> - </field> - <field> <name>Next</name> <type>submit</type> </field> @@ -709,7 +761,7 @@ <type>checkbox</type> <typehint>Other networking protocols</typehint> <description>This will help raise or lower the priority of other protocols higher than most traffic.</description> - <enablefields>AIM,AppleRemoteDesktop,DNS,HTTP,ICMP,ICQ,IMAP,IPSEC,IRC,Jabber,LotusNotes,MSN,MSRDP,MySqlServer,PCAnywhere,POP3,PPTP,RTSP,SMB,SMTP,SNMP,StreamingMP3,TeamSpeak,VNC,NNTP,CVSUP,Slingbox,HBCI</enablefields> + <enablefields>AppleRemoteDesktop,MSRDP,PCAnywhere,VNC,AIM,Facetime,GoogleHangouts,ICQ,IRC,Jabber,MSN,TeamSpeak,TeamSpeak3,Ventrilo,PPTP,IPSEC,iTunesRadio,StreamingMP3,RTSP,HTTP,IMAP,LotusNotes,POP3,SMTP,BattleNETDownloader,SteamDownloader,APNS,AppleMobileSync,CrashPlan,CVSUP,DNS,GIT,HBCI,ICMP,MySqlServer,NNTP,Slingbox,SMB,SNMP,Subversion</enablefields> <donotdisable>true</donotdisable> <bindstofield>ezshaper->step7->enable</bindstofield> </field> @@ -722,6 +774,26 @@ <type>listtopic</type> </field> <field> + <name>AppleRemoteDesktop</name> + <bindstofield>ezshaper->step7->appleremotedesktop</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Apple Remote Desktop</typehint> + </field> + <field> <name>MSRDP</name> <type>select</type> <bindstofield>ezshaper->step7->msrdp</bindstofield> @@ -742,6 +814,26 @@ <typehint>Microsoft Remote Desktop Protocol</typehint> </field> <field> + <name>PCAnywhere</name> + <bindstofield>ezshaper->step7->pcanywhere</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Symantec PC Anywhere</typehint> + </field> + <field> <name>VNC</name> <bindstofield>ezshaper->step7->vnc</bindstofield> <type>select</type> @@ -762,8 +854,12 @@ <typehint>Virtual Network Computing</typehint> </field> <field> - <name>AppleRemoteDesktop</name> - <bindstofield>ezshaper->step7->appleremotedesktop</bindstofield> + <name>Messengers</name> + <type>listtopic</type> + </field> + <field> + <name>AIM</name> + <bindstofield>ezshaper->step7->aolinstantmessenger</bindstofield> <type>select</type> <options> <option> @@ -779,11 +875,11 @@ <value>L</value> </option> </options> - <typehint>Apple Remote Desktop</typehint> + <typehint>AOL Instant Messenger</typehint> </field> <field> - <name>PCAnywhere</name> - <bindstofield>ezshaper->step7->pcanywhere</bindstofield> + <name>Facetime</name> + <bindstofield>ezshaper->step7->facetime</bindstofield> <type>select</type> <options> <option> @@ -799,11 +895,27 @@ <value>L</value> </option> </options> - <typehint>Symantec PC Anywhere</typehint> + <typehint>Facetime</typehint> </field> <field> - <name>Messengers</name> - <type>listtopic</type> + <name>ICQ</name> + <bindstofield>ezshaper->step7->icq</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>ICQ</typehint> </field> <field> <name>IRC</name> @@ -846,8 +958,8 @@ <typehint>Jabber instant messanger</typehint> </field> <field> - <name>ICQ</name> - <bindstofield>ezshaper->step7->icq</bindstofield> + <name>GoogleHangouts</name> + <bindstofield>ezshaper->step7->googlehangouts</bindstofield> <type>select</type> <options> <option> @@ -863,11 +975,11 @@ <value>L</value> </option> </options> - <typehint>ICQ</typehint> + <typehint>Google Hangouts</typehint> </field> <field> - <name>AIM</name> - <bindstofield>ezshaper->step7->aolinstantmessenger</bindstofield> + <name>MSN</name> + <bindstofield>ezshaper->step7->msnmessenger</bindstofield> <type>select</type> <options> <option> @@ -883,11 +995,11 @@ <value>L</value> </option> </options> - <typehint>AOL Instant Messenger</typehint> + <typehint>MSN Messenger</typehint> </field> <field> - <name>MSN</name> - <bindstofield>ezshaper->step7->msnmessenger</bindstofield> + <name>Teamspeak</name> + <bindstofield>ezshaper->step7->teamspeak</bindstofield> <type>select</type> <options> <option> @@ -903,11 +1015,11 @@ <value>L</value> </option> </options> - <typehint>MSN Messenger</typehint> + <typehint>TeamSpeak</typehint> </field> <field> - <name>Teamspeak</name> - <bindstofield>ezshaper->step7->teamspeak</bindstofield> + <name>Teamspeak3</name> + <bindstofield>ezshaper->step7->teamspeak3</bindstofield> <type>select</type> <options> <option> @@ -923,7 +1035,27 @@ <value>L</value> </option> </options> - <typehint>TeamSpeak</typehint> + <typehint>TeamSpeak 3</typehint> + </field> + <field> + <name>Ventrilo</name> + <bindstofield>ezshaper->step7->ventrilo</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Ventrilo</typehint> </field> <field> <name>VPN</name> @@ -974,6 +1106,26 @@ <type>listtopic</type> </field> <field> + <name>iTunesRadio</name> + <type>select</type> + <bindstofield>ezshaper->step7->itunesradio</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>iTunes Radio - this rule uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> + </field> + <field> <name>StreamingMP3</name> <type>select</type> <bindstofield>ezshaper->step7->streamingmp3</bindstofield> @@ -1122,10 +1274,134 @@ <typehint>Lotus Notes</typehint> </field> <field> + <name>Game Downloader</name> + <type>listtopic</type> + </field> + <field> + <name>BattleNetDownloader</name> + <type>select</type> + <bindstofield>ezshaper->step7->battlenetdownloader</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Battle.NET Downloader</typehint> + </field> + <field> + <name>SteamDownloader</name> + <type>select</type> + <bindstofield>ezshaper->step7->steamdownloader</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Steam Downloader</typehint> + </field> + <field> <name>Miscellaneous</name> <type>listtopic</type> </field> <field> + <name>APNS</name> + <type>select</type> + <bindstofield>ezshaper->step7->apns</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Apple Push Notification Service</typehint> + </field> + <field> + <name>AppleMobileSync</name> + <type>select</type> + <bindstofield>ezshaper->step7->applemobilesync</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Apple Mobile Sync</typehint> + </field> + <field> + <name>CrashPlan</name> + <bindstofield>ezshaper->step7->crashplan</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>CrashPlan</typehint> + </field> + <field> + <name>CVSUP</name> + <bindstofield>ezshaper->step7->cvsup</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>CVSUP</typehint> + </field> + <field> <name>DNS</name> <type>select</type> <bindstofield>ezshaper->step7->dns</bindstofield> @@ -1146,6 +1422,46 @@ <typehint>Domain Name Services</typehint> </field> <field> + <name>Git</name> + <bindstofield>ezshaper->step7->git</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Git Server</typehint> + </field> + <field> + <name>HBCI</name> + <bindstofield>ezshaper->step7->hbci</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>HBCI</typehint> + </field> + <field> <name>ICMP</name> <bindstofield>ezshaper->step7->icmp</bindstofield> <type>select</type> @@ -1246,8 +1562,8 @@ <typehint>Internet News</typehint> </field> <field> - <name>CVSUP</name> - <bindstofield>ezshaper->step7->cvsup</bindstofield> + <name>Slingbox</name> + <bindstofield>ezshaper->step7->slingbox</bindstofield> <type>select</type> <options> <option> @@ -1263,48 +1579,28 @@ <value>L</value> </option> </options> - <typehint>CVSUP</typehint> + <typehint>Slingbox</typehint> </field> <field> - <name>Slingbox</name> - <bindstofield>ezshaper->step7->slingbox</bindstofield> - <type>select</type> - <options> - <option> - <name>Default priority</name> - <value>D</value> - </option> - <option> - <name>Higher priority</name> - <value>H</value> - </option> - <option> - <name>Lower priority</name> - <value>L</value> - </option> - </options> - <typehint>Slingbox</typehint> - </field> - <field> - <name>HBCI</name> - <bindstofield>ezshaper->step7->hbci</bindstofield> - <type>select</type> - <options> - <option> - <name>Default priority</name> - <value>D</value> - </option> - <option> - <name>Higher priority</name> - <value>H</value> - </option> - <option> - <name>Lower priority</name> - <value>L</value> - </option> - </options> - <typehint>HBCI</typehint> - </field> + <name>Subversion</name> + <bindstofield>ezshaper->step7->subversion</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Subversion Server</typehint> + </field> <field> <name>Next</name> <type>submit</type> diff --git a/usr/local/www/wizards/traffic_shaper_wizard_multi_all.xml b/usr/local/www/wizards/traffic_shaper_wizard_multi_all.xml index 1a18f61..52e7f0d 100755 --- a/usr/local/www/wizards/traffic_shaper_wizard_multi_all.xml +++ b/usr/local/www/wizards/traffic_shaper_wizard_multi_all.xml @@ -447,7 +447,7 @@ <type>checkbox</type> <typehint>Prioritize network gaming traffic</typehint> <description>This will raise the priority of gaming traffic to higher than most traffic.</description> - <enablefields>ARMA2,BattleNET,Battlefield2,Battlefield3,BattlefieldBC2,Borderlands,CallOfDuty,Counterstrike,Crysis2,DeltaForce,Dirt3,DOOM3,EmpireEarth,EveOnline,Everquest,Everquest2,FarCry,FarCry2,FarCry3,GunZOnline,HalfLife,Halo2,LeagueofLegends,Lineage2,MechwarriorOnline,Minecraft,OperationFlashpointDR,PlanetSide,PlanetSide2,PlayStation3,QuakeIII,QuakeIV,Steam,StarWarsTOR,TigerWoods2004PS2,TribesAscend,UnrealTournament,WolfensteinEnemyTerritory,WorldOfWarcraft,XBox360</enablefields> + <enablefields>BattleNET,EAOrigin,GameForWindowsLive,PlayStationConsoles,Steam,WiiConsoles,XboxConsoles,ARMA2,ARMA3,Battlefield2,Battlefield3,BattlefieldBC2,Borderlands,CallOfDuty,Counterstrike,Crysis2,Crysis3,DeltaForce,DeadSpace2,DeadSpace3,Dirt3,DOOM3,DragonAge2,EmpireEarth,EveOnline,Everquest,Everquest2,FarCry,FarCry2,FarCry3,GunZOnline,HalfLife,LeagueofLegends,Lineage2,MassEffect3,MechwarriorOnline,Minecraft,OperationFlashpointDR,PlanetSide,PlanetSide2,QuakeIII,QuakeIV,StarWarsTOR,TigerWoods2004PS2,TribesAscend,UnrealTournament,WolfensteinEnemyTerritory,WorldOfWarcraft</enablefields> <donotdisable>true</donotdisable> <bindstofield>ezshaper->step6->enable</bindstofield> </field> @@ -456,6 +456,52 @@ <type>submit</type> </field> <field> + <name>Enable/Disable specific game consoles and services</name> + <type>listtopic</type> + </field> + <field> + <name>BattleNET</name> + <type>checkbox</type> + <typehint>Battle.net - Virtually every game from Blizzard publishing should match this. This includes the following game series: Starcraft, Diablo, Warcraft. Guild Wars also uses this port.</typehint> + <bindstofield>ezshaper->step6->battlenet</bindstofield> + </field> + <field> + <name>EAOrigin</name> + <type>checkbox</type> + <typehint>EA Origin Client - Some PC games by EA use this.</typehint> + <bindstofield>ezshaper->step6->eaorigin</bindstofield> + </field> + <field> + <name>GameForWindowsLive</name> + <type>checkbox</type> + <typehint>Games for Windows Live</typehint> + <bindstofield>ezshaper->step6->gamesforwindowslive</bindstofield> + </field> + <field> + <name>PlayStationConsoles</name> + <type>checkbox</type> + <typehint>PlayStation Consoles - This should cover all ports required for the Playstation 4, Playstation, PS Vita</typehint> + <bindstofield>ezshaper->step6->playstationconsoles</bindstofield> + </field> + <field> + <name>Steam</name> + <type>checkbox</type> + <typehint>Steam Game Client (Includes: America's Army 3, Counter-Strike: Source, Counter-Strike: Global Offensive, Half-Life 2, COD: Black Ops Series, Borderlands 2, Natural Selection 2, Left 4 Dead Series, Portal 2 and many other games on the Steam)</typehint> + <bindstofield>ezshaper->step6->steam</bindstofield> + </field> + <field> + <name>WiiConsoles</name> + <type>checkbox</type> + <typehint>Wii Consoles - Wii, Wii U, DS and 3DS</typehint> + <bindstofield>ezshaper->step6->wiiconsoles</bindstofield> + </field> + <field> + <name>XboxConsoles</name> + <type>checkbox</type> + <typehint>Xbox Consoles - Xbox 360 and Xbox One</typehint> + <bindstofield>ezshaper->step6->xboxconsoles</bindstofield> + </field> + <field> <name>Enable/Disable specific games</name> <type>listtopic</type> </field> @@ -466,10 +512,10 @@ <bindstofield>ezshaper->step6->arma2</bindstofield> </field> <field> - <name>BattleNET</name> + <name>ARMA3</name> <type>checkbox</type> - <typehint>Battle.net - Virtually every game from Blizzard publishing should match this. This includes the following game series: Starcraft, Diablo, Warcraft. Guild Wars also uses this port.</typehint> - <bindstofield>ezshaper->step6->battlenet</bindstofield> + <typehint>ARMA 3</typehint> + <bindstofield>ezshaper->step6->arma3</bindstofield> </field> <field> <name>Battlefield2</name> @@ -480,7 +526,7 @@ <field> <name>Battlefield3</name> <type>checkbox</type> - <typehint>Battlefield 3 - this game uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> + <typehint>Battlefield 3 and 4 - this game uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> <bindstofield>ezshaper->step6->battlefield3</bindstofield> </field> <field> @@ -514,6 +560,24 @@ <bindstofield>ezshaper->step6->crysis2</bindstofield> </field> <field> + <name>Crysis3</name> + <type>checkbox</type> + <typehint>Crysis 3</typehint> + <bindstofield>ezshaper->step6->crysis3</bindstofield> + </field> + <field> + <name>DeadSpace2</name> + <type>checkbox</type> + <typehint>Dead Space2 - this game uses a HUGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> + <bindstofield>ezshaper->step6->deadspace2</bindstofield> + </field> + <field> + <name>DeadSpace3</name> + <type>checkbox</type> + <typehint>Dead Space 3</typehint> + <bindstofield>ezshaper->step6->deadspace3</bindstofield> + </field> + <field> <name>DeltaForce</name> <type>checkbox</type> <typehint>Delta Force</typehint> @@ -532,6 +596,12 @@ <bindstofield>ezshaper->step6->doom3</bindstofield> </field> <field> + <name>DragonAge2</name> + <type>checkbox</type> + <typehint>Dragon Age 2</typehint> + <bindstofield>ezshaper->step6->dragonage2</bindstofield> + </field> + <field> <name>EmpireEarth</name> <type>checkbox</type> <typehint>Empire Earth</typehint> @@ -586,12 +656,6 @@ <bindstofield>ezshaper->step6->halflife</bindstofield> </field> <field> - <name>Halo2</name> - <type>checkbox</type> - <typehint>Halo2 via Xbox live</typehint> - <bindstofield>ezshaper->step6->halo2xbox</bindstofield> - </field> - <field> <name>LeagueofLegends</name> <type>checkbox</type> <typehint>League of Legends - this game uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> @@ -604,6 +668,12 @@ <bindstofield>ezshaper->step6->lineage2</bindstofield> </field> <field> + <name>MassEffect3</name> + <type>checkbox</type> + <typehint>Mass Effect 3</typehint> + <bindstofield>ezshaper->step6->masseffect3</bindstofield> + </field> + <field> <name>MechwarriorOnline</name> <type>checkbox</type> <typehint>MechWarrior: Online - this game uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> @@ -628,12 +698,6 @@ <bindstofield>ezshaper->step6->planetside2</bindstofield> </field> <field> - <name>PlayStation3</name> - <type>checkbox</type> - <typehint>PlayStation 3</typehint> - <bindstofield>ezshaper->step6->playstation3</bindstofield> - </field> - <field> <name>OperationFlashpointDR</name> <type>checkbox</type> <typehint>Operation Flashpoint: Dragon Rising</typehint> @@ -658,12 +722,6 @@ <bindstofield>ezshaper->step6->starwarstor</bindstofield> </field> <field> - <name>Steam</name> - <type>checkbox</type> - <typehint>Steam (Includes: America's Army 3, Counter-Strike: Source, Counter-Strike: Global Offensive, Half-Life 2, COD: Black Ops Series, Borderlands 2, Natural Selection 2, Left 4 Dead Series, Portal 2)</typehint> - <bindstofield>ezshaper->step6->steam</bindstofield> - </field> - <field> <name>TigerWoods2004PS2</name> <type>checkbox</type> <typehint>Tiger Woods 2004 for PS2</typehint> @@ -694,12 +752,6 @@ <bindstofield>ezshaper->step6->wow</bindstofield> </field> <field> - <name>Xbox360</name> - <type>checkbox</type> - <typehint>XBox 360 and Games for Windows Live</typehint> - <bindstofield>ezshaper->step6->xbox360</bindstofield> - </field> - <field> <name>Next</name> <type>submit</type> </field> @@ -717,7 +769,7 @@ <type>checkbox</type> <typehint>Other networking protocols</typehint> <description>This will help raise or lower the priority of other protocols higher than most traffic.</description> - <enablefields>AIM,AppleRemoteDesktop,DNS,HTTP,ICMP,ICQ,IMAP,IPSEC,IRC,Jabber,LotusNotes,MSN,MSRDP,MySqlServer,PCAnywhere,POP3,PPTP,RTSP,SMB,SMTP,SNMP,StreamingMP3,TeamSpeak,VNC,NNTP,CVSUP,Slingbox,HBCI</enablefields> + <enablefields>AppleRemoteDesktop,MSRDP,PCAnywhere,VNC,AIM,Facetime,GoogleHangouts,ICQ,IRC,Jabber,MSN,TeamSpeak,TeamSpeak3,Ventrilo,PPTP,IPSEC,iTunesRadio,StreamingMP3,RTSP,HTTP,IMAP,LotusNotes,POP3,SMTP,BattleNETDownloader,SteamDownloader,APNS,AppleMobileSync,CrashPlan,CVSUP,DNS,GIT,HBCI,ICMP,MySqlServer,NNTP,Slingbox,SMB,SNMP,Subversion</enablefields> <donotdisable>true</donotdisable> <bindstofield>ezshaper->step7->enable</bindstofield> </field> @@ -730,6 +782,26 @@ <type>listtopic</type> </field> <field> + <name>AppleRemoteDesktop</name> + <bindstofield>ezshaper->step7->appleremotedesktop</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Apple Remote Desktop</typehint> + </field> + <field> <name>MSRDP</name> <type>select</type> <bindstofield>ezshaper->step7->msrdp</bindstofield> @@ -750,6 +822,26 @@ <typehint>Microsoft Remote Desktop Protocol</typehint> </field> <field> + <name>PCAnywhere</name> + <bindstofield>ezshaper->step7->pcanywhere</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Symantec PC Anywhere</typehint> + </field> + <field> <name>VNC</name> <bindstofield>ezshaper->step7->vnc</bindstofield> <type>select</type> @@ -770,8 +862,12 @@ <typehint>Virtual Network Computing</typehint> </field> <field> - <name>AppleRemoteDesktop</name> - <bindstofield>ezshaper->step7->appleremotedesktop</bindstofield> + <name>Messengers</name> + <type>listtopic</type> + </field> + <field> + <name>AIM</name> + <bindstofield>ezshaper->step7->aolinstantmessenger</bindstofield> <type>select</type> <options> <option> @@ -787,11 +883,11 @@ <value>L</value> </option> </options> - <typehint>Apple Remote Desktop</typehint> + <typehint>AOL Instant Messenger</typehint> </field> <field> - <name>PCAnywhere</name> - <bindstofield>ezshaper->step7->pcanywhere</bindstofield> + <name>Facetime</name> + <bindstofield>ezshaper->step7->facetime</bindstofield> <type>select</type> <options> <option> @@ -807,11 +903,27 @@ <value>L</value> </option> </options> - <typehint>Symantec PC Anywhere</typehint> + <typehint>Facetime</typehint> </field> <field> - <name>Messengers</name> - <type>listtopic</type> + <name>ICQ</name> + <bindstofield>ezshaper->step7->icq</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>ICQ</typehint> </field> <field> <name>IRC</name> @@ -854,8 +966,8 @@ <typehint>Jabber instant messanger</typehint> </field> <field> - <name>ICQ</name> - <bindstofield>ezshaper->step7->icq</bindstofield> + <name>GoogleHangouts</name> + <bindstofield>ezshaper->step7->googlehangouts</bindstofield> <type>select</type> <options> <option> @@ -871,11 +983,11 @@ <value>L</value> </option> </options> - <typehint>ICQ</typehint> + <typehint>Google Hangouts</typehint> </field> <field> - <name>AIM</name> - <bindstofield>ezshaper->step7->aolinstantmessenger</bindstofield> + <name>MSN</name> + <bindstofield>ezshaper->step7->msnmessenger</bindstofield> <type>select</type> <options> <option> @@ -891,11 +1003,11 @@ <value>L</value> </option> </options> - <typehint>AOL Instant Messenger</typehint> + <typehint>MSN Messenger</typehint> </field> <field> - <name>MSN</name> - <bindstofield>ezshaper->step7->msnmessenger</bindstofield> + <name>Teamspeak</name> + <bindstofield>ezshaper->step7->teamspeak</bindstofield> <type>select</type> <options> <option> @@ -911,11 +1023,11 @@ <value>L</value> </option> </options> - <typehint>MSN Messenger</typehint> + <typehint>TeamSpeak</typehint> </field> <field> - <name>Teamspeak</name> - <bindstofield>ezshaper->step7->teamspeak</bindstofield> + <name>Teamspeak3</name> + <bindstofield>ezshaper->step7->teamspeak3</bindstofield> <type>select</type> <options> <option> @@ -931,7 +1043,27 @@ <value>L</value> </option> </options> - <typehint>TeamSpeak</typehint> + <typehint>TeamSpeak 3</typehint> + </field> + <field> + <name>Ventrilo</name> + <bindstofield>ezshaper->step7->ventrilo</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Ventrilo</typehint> </field> <field> <name>VPN</name> @@ -982,6 +1114,26 @@ <type>listtopic</type> </field> <field> + <name>iTunesRadio</name> + <type>select</type> + <bindstofield>ezshaper->step7->itunesradio</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>iTunes Radio - this rule uses a LARGE port range, be aware that you may need to manually rearrange the resulting rules to correctly prioritize other traffic.</typehint> + </field> + <field> <name>StreamingMP3</name> <type>select</type> <bindstofield>ezshaper->step7->streamingmp3</bindstofield> @@ -1130,10 +1282,134 @@ <typehint>Lotus Notes</typehint> </field> <field> + <name>Game Downloader</name> + <type>listtopic</type> + </field> + <field> + <name>BattleNetDownloader</name> + <type>select</type> + <bindstofield>ezshaper->step7->battlenetdownloader</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Battle.NET Downloader</typehint> + </field> + <field> + <name>SteamDownloader</name> + <type>select</type> + <bindstofield>ezshaper->step7->steamdownloader</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Steam Downloader</typehint> + </field> + <field> <name>Miscellaneous</name> <type>listtopic</type> </field> <field> + <name>APNS</name> + <type>select</type> + <bindstofield>ezshaper->step7->apns</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Apple Push Notification Service</typehint> + </field> + <field> + <name>AppleMobileSync</name> + <type>select</type> + <bindstofield>ezshaper->step7->applemobilesync</bindstofield> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Apple Mobile Sync</typehint> + </field> + <field> + <name>CrashPlan</name> + <bindstofield>ezshaper->step7->crashplan</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>CrashPlan</typehint> + </field> + <field> + <name>CVSUP</name> + <bindstofield>ezshaper->step7->cvsup</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>CVSUP</typehint> + </field> + <field> <name>DNS</name> <type>select</type> <bindstofield>ezshaper->step7->dns</bindstofield> @@ -1154,6 +1430,46 @@ <typehint>Domain Name Services</typehint> </field> <field> + <name>Git</name> + <bindstofield>ezshaper->step7->git</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>Git Server</typehint> + </field> + <field> + <name>HBCI</name> + <bindstofield>ezshaper->step7->hbci</bindstofield> + <type>select</type> + <options> + <option> + <name>Default priority</name> + <value>D</value> + </option> + <option> + <name>Higher priority</name> + <value>H</value> + </option> + <option> + <name>Lower priority</name> + <value>L</value> + </option> + </options> + <typehint>HBCI</typehint> + </field> + <field> <name>ICMP</name> <bindstofield>ezshaper->step7->icmp</bindstofield> <type>select</type> @@ -1254,8 +1570,8 @@ <typehint>Internet News</typehint> </field> <field> - <name>CVSUP</name> - <bindstofield>ezshaper->step7->cvsup</bindstofield> + <name>Slingbox</name> + <bindstofield>ezshaper->step7->slingbox</bindstofield> <type>select</type> <options> <option> @@ -1271,31 +1587,11 @@ <value>L</value> </option> </options> - <typehint>CVSUP</typehint> + <typehint>Slingbox</typehint> </field> <field> - <name>Slingbox</name> - <bindstofield>ezshaper->step7->slingbox</bindstofield> - <type>select</type> - <options> - <option> - <name>Default priority</name> - <value>D</value> - </option> - <option> - <name>Higher priority</name> - <value>H</value> - </option> - <option> - <name>Lower priority</name> - <value>L</value> - </option> - </options> - <typehint>Slingbox</typehint> - </field> - <field> - <name>HBCI</name> - <bindstofield>ezshaper->step7->hbci</bindstofield> + <name>Subversion</name> + <bindstofield>ezshaper->step7->subversion</bindstofield> <type>select</type> <options> <option> @@ -1311,7 +1607,7 @@ <value>L</value> </option> </options> - <typehint>HBCI</typehint> + <typehint>Subversion Server</typehint> </field> <field> <name>Next</name> diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index 5c6fdba..93733cc 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -244,7 +244,7 @@ function restore_config_section_xmlrpc($raw_params) { } unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]); } else if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip") && isset($oldvips[$vip['subnet']])) { - if ($oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}") { + if ($oldvips[$vip['subnet']] == "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}") { if (does_vip_exist($vip)) { unset($oldvips[$vip['subnet']]); continue; // Skip reconfiguring this vips since nothing has changed. @@ -370,11 +370,15 @@ function filter_configure_xmlrpc($raw_params) { relayd_configure(); require_once("openvpn.inc"); openvpn_resync_all(); - services_dhcpd_configure(); if (isset($config['dnsmasq']['enable'])) services_dnsmasq_configure(); elseif (isset($config['unbound']['enable'])) services_unbound_configure(); + else + # Both calls above run services_dhcpd_configure(), then we just + # need to call it when them are not called to avoid restart dhcpd + # twice, as described on ticket #3797 + services_dhcpd_configure(); local_sync_accounts(); return $xmlrpc_g['return']['true']; |