diff options
22 files changed, 477 insertions, 240 deletions
diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index fffe84f..4899e4a 100644 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -360,6 +360,13 @@ function local_backed($username, $passwd) { return false; } + if ($user['bcrypt-hash']) { + if (password_verify($passwd, $user['bcrypt-hash'])) { + return true; + } + } + + //for backwards compatibility if ($user['password']) { if (crypt($passwd, $user['password']) == $user['password']) { return true; @@ -450,7 +457,7 @@ function local_sync_accounts() { function local_user_set(& $user) { global $g, $debug; - if (empty($user['password'])) { + if (empty($user['password']) && empty($user['bcrypt-hash'])) { log_error("There is something wrong in your config because user {$user['name']} password is missing!"); return; } @@ -498,7 +505,11 @@ function local_user_set(& $user) { log_error(sprintf(gettext("Running: %s"), $cmd)); } $fd = popen($cmd, "w"); - fwrite($fd, $user['password']); + if (empty($user['bcrypt-hash'])) { + fwrite($fd, $user['password']); + } else { + fwrite($fd, $user['bcrypt-hash']); + } pclose($fd); $user_group = "wheel"; $user_home = "/root"; @@ -528,7 +539,11 @@ function local_user_set(& $user) { log_error(sprintf(gettext("Running: %s"), $cmd)); } $fd = popen($cmd, "w"); - fwrite($fd, $user['password']); + if (empty($user['bcrypt-hash'])) { + fwrite($fd, $user['password']); + } else { + fwrite($fd, $user['bcrypt-hash']); + } pclose($fd); /* create user directory if required */ @@ -593,8 +608,17 @@ function local_user_del($user) { function local_user_set_password(&$user, $password) { - $user['password'] = crypt($password); - $user['md5-hash'] = md5($password); + unset($user['password']); + unset($user['md5-hash']); + $user['bcrypt-hash'] = password_hash($password, PASSWORD_BCRYPT); + + /* Maintain compatibility with FreeBSD - change $2y$ prefix to $2b$ + * https://reviews.freebsd.org/D2742 + * XXX: Can be removed as soon as r284483 is MFC'd. + */ + if ($user['bcrypt-hash'][2] == "y") { + $user['bcrypt-hash'][2] = "b"; + } // Converts ascii to unicode. $astr = (string) $password; diff --git a/src/etc/inc/authgui.inc b/src/etc/inc/authgui.inc index 3fddaaf..47616ee 100644 --- a/src/etc/inc/authgui.inc +++ b/src/etc/inc/authgui.inc @@ -277,7 +277,7 @@ if (isset($config['system']['webgui']['webguicss'])) { <div class="form-group"> <label for="usernamefld" class="col-sm-3 control-label">Username</label> <div class="col-sm-9 col-md-7"> - <input type="text" class="form-control" name="usernamefld" id="usernamefld" placeholder="Enter your username" autocorrect="off" autocapitalize="off" spellcheck="false"> + <input type="text" class="form-control" name="usernamefld" id="usernamefld" placeholder="Enter your username" autocorrect="off" autocapitalize="none" spellcheck="false"> </div> </div> diff --git a/src/etc/inc/captiveportal.inc b/src/etc/inc/captiveportal.inc index ec0cabe..032b2f4 100644 --- a/src/etc/inc/captiveportal.inc +++ b/src/etc/inc/captiveportal.inc @@ -238,7 +238,6 @@ function captiveportal_configure_zone($cpcfg) { $htmltext = str_replace("\$PORTAL_MESSAGE\$", "#PORTAL_MESSAGE#", $htmltext); $htmltext = str_replace("\$CLIENT_MAC\$", "#CLIENT_MAC#", $htmltext); $htmltext = str_replace("\$CLIENT_IP\$", "#CLIENT_IP#", $htmltext); - $htmltext = str_replace("\$ORIGINAL_PORTAL_IP\$", "#ORIGINAL_PORTAL_IP#", $htmltext); $htmltext = str_replace("\$PORTAL_ACTION\$", "#PORTAL_ACTION#", $htmltext); if ($cpcfg['preauthurl']) { $htmltext = str_replace("\$PORTAL_REDIRURL\$", "{$cpcfg['preauthurl']}", $htmltext); @@ -266,7 +265,6 @@ function captiveportal_configure_zone($cpcfg) { $errtext = str_replace("\$PORTAL_MESSAGE\$", "#PORTAL_MESSAGE#", $errtext); $errtext = str_replace("\$CLIENT_MAC\$", "#CLIENT_MAC#", $errtext); $errtext = str_replace("\$CLIENT_IP\$", "#CLIENT_IP#", $errtext); - $errtext = str_replace("\$ORIGINAL_PORTAL_IP\$", "#ORIGINAL_PORTAL_IP#", $errtext); $errtext = str_replace("\$PORTAL_ACTION\$", "#PORTAL_ACTION#", $errtext); if ($cpcfg['preauthurl']) { $errtext = str_replace("\$PORTAL_REDIRURL\$", "{$cpcfg['preauthurl']}", $errtext); diff --git a/src/etc/inc/smtp.inc b/src/etc/inc/smtp.inc index 2cae8dd..de5522c 100644 --- a/src/etc/inc/smtp.inc +++ b/src/etc/inc/smtp.inc @@ -2,7 +2,7 @@ /* * smtp.php * - * @(#) $Header: /opt2/ena/metal/smtp/smtp.php,v 1.48 2014/11/23 22:45:30 mlemos Exp $ + * @(#) $Header: /opt2/ena/metal/smtp/smtp.php,v 1.50 2016/01/19 00:16:06 mlemos Exp $ * */ @@ -12,7 +12,7 @@ <package>net.manuellemos.smtp</package> - <version>@(#) $Id: smtp.php,v 1.48 2014/11/23 22:45:30 mlemos Exp $</version> + <version>@(#) $Id: smtp.php,v 1.50 2016/01/19 00:16:06 mlemos Exp $</version> <copyright>Copyright (C) Manuel Lemos 1999-2011</copyright> <title>Sending e-mail messages via SMTP protocol</title> <author>Manuel Lemos</author> @@ -261,7 +261,7 @@ class smtp_class <variable> <name>user_agent</name> <type>STRING</type> - <value>SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.48 $)</value> + <value>SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.50 $)</value> <documentation> <purpose>Set the user agent used when connecting via an HTTP proxy.</purpose> <usage>Change this value only if for some reason you want emulate a @@ -270,7 +270,7 @@ class smtp_class </variable> {/metadocument} */ - var $user_agent='SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.48 $)'; + var $user_agent='SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.50 $)'; /* {metadocument} @@ -1889,4 +1889,4 @@ class smtp_class */ -?> +?>
\ No newline at end of file diff --git a/src/usr/local/www/bootstrap/css/pfSense-BETA.css b/src/usr/local/www/bootstrap/css/pfSense-BETA.css index 9332b81..41d115d 100644 --- a/src/usr/local/www/bootstrap/css/pfSense-BETA.css +++ b/src/usr/local/www/bootstrap/css/pfSense-BETA.css @@ -3,4 +3,4 @@ /*** Experimental Changes Go Here ***/ .panel-title { font-size: 16px; -}
\ No newline at end of file +} diff --git a/src/usr/local/www/classes/Form/Textarea.class.php b/src/usr/local/www/classes/Form/Textarea.class.php index 1f4938a..f38fd85 100644 --- a/src/usr/local/www/classes/Form/Textarea.class.php +++ b/src/usr/local/www/classes/Form/Textarea.class.php @@ -51,7 +51,7 @@ class Form_Textarea extends Form_Input public function setNoWrap() { - $this->_attributes['style'] = 'white-space: nowrap; width: auto;'; + $this->_attributes['style'] = 'white-space: pre;'; return $this; } diff --git a/src/usr/local/www/firewall_nat.php b/src/usr/local/www/firewall_nat.php index ec7a708..287133b 100644 --- a/src/usr/local/www/firewall_nat.php +++ b/src/usr/local/www/firewall_nat.php @@ -164,6 +164,19 @@ if (isset($_POST['del_x'])) { header("Location: firewall_nat.php"); exit; } +} else if ($_GET['act'] == "toggle") { + if ($a_nat[$_GET['id']]) { + if (isset($a_nat[$_GET['id']]['disabled'])) { + unset($a_nat[$_GET['id']]['disabled']); + } else { + $a_nat[$_GET['id']]['disabled'] = true; + } + if (write_config(gettext("Firewall: NAT: Port forward, enable/disable NAT rule"))) { + mark_subsystem_dirty('natconf'); + } + header("Location: firewall_nat.php"); + exit; + } } $pgtitle = array(gettext("Firewall"), gettext("NAT"), gettext("Port Forward")); @@ -175,7 +188,7 @@ if ($savemsg) { if (is_subsystem_dirty('natconf')) { print_info_box_np(gettext('The NAT configuration has been changed.') . '<br />' . - gettext('You must apply the changes in order for them to take effect.') . '<br />'); + gettext('You must apply the changes in order for them to take effect.')); } $tab_array = array(); @@ -194,6 +207,7 @@ display_top_tabs($tab_array); <thead> <tr> <th><!-- Checkbox --></th> + <th><!-- Icon --></th> <th><!-- Rule type --></th> <th><?=gettext("Interface")?></th> <th><?=gettext("Protocol")?></th> @@ -225,13 +239,26 @@ foreach ($a_nat as $natent): if (!have_natpfruleint_access($natent['interface'])) { continue; } + + if (isset($natent['disabled'])) { + $iconfn = "pass_d"; + $trclass = 'class="disabled"'; + } else { + $iconfn = "pass"; + $trclass = ''; + } ?> - <tr id="fr<?=$nnats;?>" onClick="fr_toggle(<?=$nnats;?>)" ondblclick="document.location='firewall_nat_edit.php?id=<?=$i;?>';"> + <tr id="fr<?=$nnats;?>" <?=$trclass?> onClick="fr_toggle(<?=$nnats;?>)" ondblclick="document.location='firewall_nat_edit.php?id=<?=$i;?>';"> <td > <input type="checkbox" id="frc<?=$nnats;?>" onClick="fr_toggle(<?=$nnats;?>)" name="rule[]" value="<?=$i;?>"/> </td> <td> + <a href="?act=toggle&id=<?=$i?>"> + <i class="fa <?= ($iconfn == "pass") ? "fa-check":"fa-times"?>" title="<?=gettext("click to toggle enabled/disabled status")?>"></i> + </a> + </td> + <td> <?php if ($natent['associated-rule-id'] == "pass"): ?> diff --git a/src/usr/local/www/firewall_nat_1to1.php b/src/usr/local/www/firewall_nat_1to1.php index f336433..3042a70 100644 --- a/src/usr/local/www/firewall_nat_1to1.php +++ b/src/usr/local/www/firewall_nat_1to1.php @@ -161,7 +161,7 @@ if ($savemsg) { if (is_subsystem_dirty('natconf')) { print_info_box_np(gettext('The NAT configuration has been changed.') . '<br />' . - gettext('You must apply the changes in order for them to take effect.') . '<br />'); + gettext('You must apply the changes in order for them to take effect.')); } $tab_array = array(); @@ -249,9 +249,9 @@ display_top_tabs($tab_array); </td> <td> - <a class="fa fa-pencil" title="<?=gettext("Edit rule")?>" href="firewall_nat_1to1_edit.php?id=<?=$i?>"></a> - <a class="fa fa-clone" title="<?=gettext("Add a new rule based on this one")?>" href="firewall_nat_1to1_edit.php?dup=<?=$i?>"></a> - <a class="fa fa-trash" title="<?=gettext("Delete rule")?>" href="firewall_nat_1to1.php?act=del&id=<?=$i?>" ></a> + <a class="fa fa-pencil" title="<?=gettext("Edit mapping")?>" href="firewall_nat_1to1_edit.php?id=<?=$i?>"></a> + <a class="fa fa-clone" title="<?=gettext("Add a new mapping based on this one")?>" href="firewall_nat_1to1_edit.php?dup=<?=$i?>"></a> + <a class="fa fa-trash" title="<?=gettext("Delete mapping")?>" href="firewall_nat_1to1.php?act=del&id=<?=$i?>"></a> </td> </tr> @@ -265,15 +265,19 @@ display_top_tabs($tab_array); </div> <nav class="action-buttons"> - <a href="firewall_nat_1to1_edit.php?after=-1" class="btn btn-sm btn-success" title="<?=gettext('Add new mapping')?>"> - <i class="fa fa-plus icon-embed-btn"></i> + <a href="firewall_nat_1to1_edit.php?after=-1" class="btn btn-sm btn-success" title="<?=gettext('Add mapping to the top of the list')?>"> + <i class="fa fa-level-up icon-embed-btn"></i> + <?=gettext('Add')?> + </a> + <a href="firewall_nat_1to1_edit.php" class="btn btn-sm btn-success" title="<?=gettext('Add mapping to the end of the list')?>"> + <i class="fa fa-level-down icon-embed-btn"></i> <?=gettext('Add')?> </a> <button name="del_x" type="submit" class="btn btn-danger btn-sm" title="<?=gettext('Delete selected mappings')?>"> <i class="fa fa-trash icon-embed-btn"></i> <?=gettext("Delete"); ?> </button> - <button type="submit" id="order-store" name="order-store" class="btn btn-primary btn-sm" disabled title="<?=gettext('Save rule order')?>"> + <button type="submit" id="order-store" name="order-store" class="btn btn-primary btn-sm" disabled title="<?=gettext('Save mapping order')?>"> <i class="fa fa-save icon-embed-btn"></i> <?=gettext("Save")?> </button> diff --git a/src/usr/local/www/firewall_nat_npt.php b/src/usr/local/www/firewall_nat_npt.php index 9dc8fd5..89179ce 100644 --- a/src/usr/local/www/firewall_nat_npt.php +++ b/src/usr/local/www/firewall_nat_npt.php @@ -75,6 +75,27 @@ if (!is_array($config['nat']['npt'])) { $a_npt = &$config['nat']['npt']; +/* update rule order, POST[rule] is an array of ordered IDs */ +if (array_key_exists('order-store', $_POST)) { + if (is_array($_POST['rule']) && !empty($_POST['rule'])) { + $a_npt_new = array(); + + // if a rule is not in POST[rule], it has been deleted by the user + foreach ($_POST['rule'] as $id) { + $a_npt_new[] = $a_npt[$id]; + } + + $a_npt = $a_npt_new; + + if (write_config()) { + mark_subsystem_dirty('natconf'); + } + + header("Location: firewall_nat_npt.php"); + exit; + } +} + if ($_POST) { $pconfig = $_POST; @@ -101,6 +122,36 @@ if ($_GET['act'] == "del") { } } +if (isset($_POST['del_x'])) { + /* delete selected rules */ + if (is_array($_POST['rule']) && count($_POST['rule'])) { + foreach ($_POST['rule'] as $rulei) { + unset($a_npt[$rulei]); + } + + if (write_config()) { + mark_subsystem_dirty('natconf'); + } + + header("Location: firewall_nat_npt.php"); + exit; + } + +} else if ($_GET['act'] == "toggle") { + if ($a_npt[$_GET['id']]) { + if (isset($a_npt[$_GET['id']]['disabled'])) { + unset($a_npt[$_GET['id']]['disabled']); + } else { + $a_npt[$_GET['id']]['disabled'] = true; + } + if (write_config(gettext("Firewall: NAT: NPt, enable/disable NAT rule"))) { + mark_subsystem_dirty('natconf'); + } + header("Location: firewall_nat_npt.php"); + exit; + } +} + $pgtitle = array(gettext("Firewall"), gettext("NAT"), gettext("NPt")); include("head.inc"); @@ -109,7 +160,8 @@ if ($savemsg) { } if (is_subsystem_dirty('natconf')) { - print_info_box_np(gettext("The NAT configuration has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect.")); + print_info_box_np(gettext('The NAT configuration has been changed.') . '<br />' . + gettext('You must apply the changes in order for them to take effect.')); } $tab_array = array(); @@ -119,14 +171,15 @@ $tab_array[] = array(gettext("Outbound"), false, "firewall_nat_out.php"); $tab_array[] = array(gettext("NPt"), true, "firewall_nat_npt.php"); display_top_tabs($tab_array); ?> -<div class="panel panel-default"> - <div class="panel-heading"><h2 class="panel-title"><?=gettext('NPt Mappings')?></h2></div> - <div class="panel-body"> - <div class="table responsive"> - <form method="post"> +<form action="firewall_nat_npt.php" method="post"> + <div class="panel panel-default"> + <div class="panel-heading"><h2 class="panel-title"><?=gettext('NPt Mappings')?></h2></div> + <div id="mainarea" class="table-responsive panel-body"> <table class="table table-striped table-hover table-condensed"> <thead> <tr> + <th><!-- checkbox --></th> + <th><!-- icon --></th> <th><?=gettext("Interface")?></th> <th><?=gettext("External Prefix")?></th> <th><?=gettext("Internal prefix")?></th> @@ -137,38 +190,58 @@ display_top_tabs($tab_array); <tbody class="user-entries"> <?php -$i = 0; -foreach ($a_npt as $natent): + $textse = "</span>"; + $i = 0; + foreach ($a_npt as $natent): + if (isset($natent['disabled'])) { + $textss = "<span class=\"gray\">"; + $iconfn = "pass_d"; + $trclass = 'class="disabled"'; + } else { + $textss = "<span>"; + $iconfn = "pass"; + $trclass = ''; + } ?> - <tr<?=isset($natent['disabled'])? ' class="disabled"' : ''?>> + <tr id="fr<?=$i;?>" <?=$trclass?> onClick="fr_toggle(<?=$i;?>)" ondblclick="document.location='firewall_nat_npt_edit.php?id=<?=$i;?>';"> + <td > + <input type="checkbox" id="frc<?=$i;?>" onClick="fr_toggle(<?=$i;?>)" name="rule[]" value="<?=$i;?>"/> + </td> + <td> + <a href="?act=toggle&id=<?=$i?>"> + <i class="fa <?= ($iconfn == "pass") ? "fa-check":"fa-times"?>" title="<?=gettext("click to toggle enabled/disabled status")?>"></i> + </a> + </td> <td> - <input type="hidden" name="rule[]" value="<?=$i?>" /> <?php - if (!$natent['interface']) { - print(htmlspecialchars(convert_friendly_interface_to_friendly_descr("wan"))); - } else { - print(htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface']))); - } + echo $textss; + if (!$natent['interface']) { + echo htmlspecialchars(convert_friendly_interface_to_friendly_descr("wan")); + } else { + echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])); + } + echo $textse; ?> - </td> + </td> + <td> <?php - $source_net = pprint_address($natent['source']); - $source_cidr = strstr($source_net, '/'); - $destination_net = pprint_address($natent['destination']); - $destination_cidr = strstr($destination_net, '/'); + echo $textss . pprint_address($natent['destination']) . $textse; ?> - <td> - <?=$destination_net?> </td> <td> - <?=$source_net?> +<?php + echo $textss . pprint_address($natent['source']) . $textse; +?> </td> <td> - <?=htmlspecialchars($natent['descr'])?> +<?php + echo $textss . htmlspecialchars($natent['descr']) . ' ' . $textse; +?> </td> <td> - <a class="fa fa-pencil" title="<?=gettext("Edit"); ?>" href="firewall_nat_npt_edit.php?id=<?=$i?>"></a> - <a class="fa fa-trash" title="<?=gettext("Delete")?>" href="firewall_nat_npt.php?act=del&id=<?=$i?>"></a> + <a class="fa fa-pencil" title="<?=gettext("Edit mapping")?>" href="firewall_nat_npt_edit.php?id=<?=$i?>"></a> + <a class="fa fa-clone" title="<?=gettext("Add a new mapping based on this one")?>" href="firewall_nat_npt_edit.php?dup=<?=$i?>"></a> + <a class="fa fa-trash" title="<?=gettext("Delete mapping")?>" href="firewall_nat_npt.php?act=del&id=<?=$i?>"></a> </td> </tr> <?php @@ -179,19 +252,25 @@ endforeach; </table> </div> </div> -</div> - - -<nav class="action-buttons"> - <a href="firewall_nat_npt_edit.php" class="btn btn-sm btn-success"> - <i class="fa fa-plus icon-embed-btn"></i> - <?=gettext("Add")?> - </a> - <button type="submit" id="order-store" class="btn btn-primary btn-sm" value="store changes" disabled> - <i class="fa fa-save icon-embed-btn"></i> - <?=gettext("Save")?> - </button> -</nav> + + <nav class="action-buttons"> + <a href="firewall_nat_npt_edit.php?after=-1" class="btn btn-sm btn-success" title="<?=gettext('Add mapping to the top of the list')?>"> + <i class="fa fa-level-up icon-embed-btn"></i> + <?=gettext('Add')?> + </a> + <a href="firewall_nat_npt_edit.php" class="btn btn-sm btn-success" title="<?=gettext('Add mapping to the end of the list')?>"> + <i class="fa fa-level-down icon-embed-btn"></i> + <?=gettext('Add')?> + </a> + <button name="del_x" type="submit" class="btn btn-danger btn-sm" title="<?=gettext('Delete selected mappings')?>"> + <i class="fa fa-trash icon-embed-btn"></i> + <?=gettext("Delete"); ?> + </button> + <button type="submit" id="order-store" name="order-store" class="btn btn-primary btn-sm" disabled title="<?=gettext('Save mapping order')?>"> + <i class="fa fa-save icon-embed-btn"></i> + <?=gettext("Save")?> + </button> + </nav> </form> <script type="text/javascript"> @@ -204,6 +283,11 @@ events.push(function() { $('#order-store').removeAttr('disabled'); } }); + + // Check all of the rule checkboxes so that their values are posted + $('#order-store').click(function () { + $('[id^=frc]').prop('checked', true); + }); }); //]]> </script> diff --git a/src/usr/local/www/firewall_nat_npt_edit.php b/src/usr/local/www/firewall_nat_npt_edit.php index 6adbbcf..249159e 100644 --- a/src/usr/local/www/firewall_nat_npt_edit.php +++ b/src/usr/local/www/firewall_nat_npt_edit.php @@ -63,20 +63,6 @@ require_once("ipsec.inc"); -function natnptcmp($a, $b) { - return ipcmp($a['external'], $b['external']); -} - -function nat_npt_rules_sort() { - global $g, $config; - - if (!is_array($config['nat']['npt'])) { - return; - } - - usort($config['nat']['npt'], "natnptcmp"); -} - require("guiconfig.inc"); require_once("interfaces.inc"); require_once("filter.inc"); @@ -102,6 +88,16 @@ if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; } +$after = $_GET['after']; +if (isset($_POST['after'])) { + $after = $_POST['after']; +} + +if (isset($_GET['dup'])) { + $id = $_GET['dup']; + $after = $_GET['dup']; +} + if (isset($id) && $a_npt[$id]) { $pconfig['disabled'] = isset($a_npt[$id]['disabled']); @@ -118,12 +114,14 @@ if (isset($id) && $a_npt[$id]) { $pconfig['interface'] = "wan"; } - $pconfig['external'] = $a_npt[$id]['external']; $pconfig['descr'] = $a_npt[$id]['descr']; } else { $pconfig['interface'] = "wan"; } +if (isset($_GET['dup'])) { + unset($id); +} if ($_POST) { @@ -161,9 +159,12 @@ if ($_POST) { if (isset($id) && $a_npt[$id]) { $a_npt[$id] = $natent; } else { - $a_npt[] = $natent; + if (is_numeric($after)) { + array_splice($a_npt, $after+1, 0, array($natent)); + } else { + $a_npt[] = $natent; + } } - nat_npt_rules_sort(); if (write_config()) { mark_subsystem_dirty('natconf'); @@ -185,24 +186,24 @@ function build_if_list() { if ($config['l2tp']['mode'] == "server") { if (have_ruleint_access("l2tp")) { - $interfaces['l2tp'] = "L2TP VPN"; + $interfaces['l2tp'] = gettext("L2TP VPN"); } } if ($config['pppoe']['mode'] == "server") { if (have_ruleint_access("pppoe")) { - $interfaces['pppoe'] = "PPPoE Server"; + $interfaces['pppoe'] = gettext("PPPoE Server"); } } /* add ipsec interfaces */ if (ipsec_enabled() && have_ruleint_access("enc0")) { - $interfaces["enc0"] = "IPsec"; + $interfaces["enc0"] = gettext("IPsec"); } /* add openvpn/tun interfaces */ if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) { - $interfaces["openvpn"] = "OpenVPN"; + $interfaces["openvpn"] = gettext("OpenVPN"); } return($interfaces); diff --git a/src/usr/local/www/firewall_nat_out.php b/src/usr/local/www/firewall_nat_out.php index 20b7098..cb31869 100644 --- a/src/usr/local/www/firewall_nat_out.php +++ b/src/usr/local/www/firewall_nat_out.php @@ -244,7 +244,8 @@ if ($savemsg) { } if (is_subsystem_dirty('natconf')) { - print_info_box_np(gettext("The NAT configuration has been changed.")."<br />".gettext("You must apply the changes in order for them to take effect.")); + print_info_box_np(gettext('The NAT configuration has been changed.') . '<br />' . + gettext('You must apply the changes in order for them to take effect.')); } $tab_array = array(); @@ -353,7 +354,7 @@ print($form); else: ?> <a href="?act=toggle&id=<?=$i?>"> - <i class="fa <?= ($iconfn == "pass") ? "fa-check":"fa-hidden"?>" title="<?=gettext("Click to toggle enabled/disabled status")?>"></i> + <i class="fa <?= ($iconfn == "pass") ? "fa-check":"fa-times"?>" title="<?=gettext("Click to toggle enabled/disabled status")?>"></i> </a> <?php @@ -529,7 +530,7 @@ print($form); <i class="fa fa-trash icon-embed-btn"></i> <?=gettext("Delete"); ?> </button> - <button type="submit" id="order-store" class="btn btn-primary btn-sm" value="Save changes" disabled name="order-store" title="<?=gettext('Save map order')?>"> + <button type="submit" id="order-store" class="btn btn-primary btn-sm" value="Save changes" disabled name="order-store" title="<?=gettext('Save mapping order')?>"> <i class="fa fa-save icon-embed-btn"></i> <?=gettext("Save")?> </button> diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php index 615f3bc..1d32e65 100644 --- a/src/usr/local/www/firewall_rules.php +++ b/src/usr/local/www/firewall_rules.php @@ -120,26 +120,26 @@ foreach ($ifdescs as $ifent => $ifdesc) { if ($config['l2tp']['mode'] == "server") { if (have_ruleint_access("l2tp")) { - $iflist['l2tp'] = "L2TP VPN"; + $iflist['l2tp'] = gettext("L2TP VPN"); } } if (is_array($config['pppoes']['pppoe'])) { foreach ($config['pppoes']['pppoe'] as $pppoes) { if (($pppoes['mode'] == 'server') && have_ruleint_access("pppoe")) { - $iflist['pppoe'] = "PPPoE Server"; + $iflist['pppoe'] = gettext("PPPoE Server"); } } } /* add ipsec interfaces */ if (ipsec_enabled() && have_ruleint_access("enc0")) { - $iflist["enc0"] = "IPsec"; + $iflist["enc0"] = gettext("IPsec"); } /* add openvpn/tun interfaces */ if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) { - $iflist["openvpn"] = "OpenVPN"; + $iflist["openvpn"] = gettext("OpenVPN"); } if (!$if || !isset($iflist[$if])) { @@ -155,6 +155,7 @@ if (!$if || !isset($iflist[$if])) { } if ($_POST) { + $pconfig = $_POST; if ($_POST['apply']) { @@ -233,6 +234,16 @@ if (isset($_POST['del_x'])) { } $a_filter = $a_filter_new; + + $config['filter']['separator'][strtolower($if)] = ""; + + if ($_POST['separator']) { + $idx = 0; + foreach ($_POST['separator'] as $separator) { + $config['filter']['separator'][strtolower($separator['if'])]['sep' . $idx++] = $separator; + } + } + if (write_config()) { mark_subsystem_dirty('filter'); } @@ -297,8 +308,8 @@ display_top_tabs($tab_array); <?php // Show the anti-lockout rule if it's enabled, and we are on LAN with an if count > 1, or WAN with an if count of 1. if (!isset($config['system']['webgui']['noantilockout']) && - (((count($config['interfaces']) > 1) && ($if == 'lan')) || - ((count($config['interfaces']) == 1) && ($if == 'wan')))): + (((count($config['interfaces']) > 1) && ($if == 'lan')) || + ((count($config['interfaces']) == 1) && ($if == 'wan')))): $alports = implode('<br />', filter_get_antilockout_ports(true)); ?> <tr id="antilockout"> @@ -359,6 +370,16 @@ display_top_tabs($tab_array); <tbody class="user-entries"> <?php $nrules = 0; +$seps = 0; + +// There can be a separator before any rules are listed +if ($config['filter']['separator'][strtolower($if)]['sep0']['row'][0] == "fr-1") { + print('<tr class="ui-sortable-handle separator">' . + '<td bgcolor="#cce5ff" colspan="11">' . '<font color="#002699">' . $config['filter']['separator'][strtolower($if)]['sep0']['text'] . '</font></td>' . + '<td bgcolor="#cce5ff"><a href="#"><i class="fa fa-trash no-confirm sepdel" title="delete this separator"></i></a></td>' . + '</tr>' . "\n"); +} + for ($i = 0; isset($a_filter[$i]); $i++): $filterent = $a_filter[$i]; @@ -367,6 +388,7 @@ for ($i = 0; isset($a_filter[$i]); $i++): } else { $display = ""; } + ?> <tr id="fr<?=$nrules;?>" <?=$display?> onClick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';" <?=(isset($filterent['disabled']) ? ' class="disabled"' : '')?>> <td > @@ -517,7 +539,7 @@ for ($i = 0; isset($a_filter[$i]); $i++): #FIXME $sched_caption_escaped = str_replace("'", "\'", $schedule['descr']); $schedule_span_begin = '<a href="/firewall_schedule_edit.php?id=' . $idx . '" data-toggle="popover" data-trigger="hover focus" title="' . $schedule['name'] . '" data-content="' . - $sched_caption_escaped . '" data-html="true">'; + $sched_caption_escaped . '" data-html="true">'; $schedule_span_end = ""; } } @@ -528,7 +550,7 @@ for ($i = 0; isset($a_filter[$i]); $i++): $image = ""; if (!isset($filterent['disabled'])) { if ($schedstatus) { - if ($iconfn == "block" || $iconfn == "reject") { + if ($filterent['type'] == "block" || $filterent['type'] == "reject") { $image = "times-circle"; $dispcolor = "text-danger"; $alttext = gettext("Traffic matching this rule is currently being denied"); @@ -539,13 +561,13 @@ for ($i = 0; isset($a_filter[$i]); $i++): } $printicon = true; } else if ($filterent['sched']) { - if ($iconfn == "block" || $iconfn == "reject") { + if ($filterent['type'] == "block" || $filterent['type'] == "reject") { $image = "times-circle"; } else { - $image = "times-circle"; + $image = "play-circle"; } $alttext = gettext("This rule is not currently active because its period has expired"); - $dispcolor = "text-danger"; + $dispcolor = "text-warning"; $printicon = true; } } @@ -572,7 +594,7 @@ for ($i = 0; isset($a_filter[$i]); $i++): echo strtoupper($filterent['protocol']); if (strtoupper($filterent['protocol']) == "ICMP" && !empty($filterent['icmptype'])) { - echo ' <span style="cursor: help;" title="ICMP type: ' . + echo ' <span style="cursor: help;" title="' . gettext('ICMP type') . ': ' . ($filterent['ipprotocol'] == "inet6" ? $icmp6types[$filterent['icmptype']] : $icmptypes[$filterent['icmptype']]) . '"><u>'; echo $filterent['icmptype']; @@ -584,25 +606,25 @@ for ($i = 0; isset($a_filter[$i]); $i++): </td> <td> <?php if (isset($alias['src'])): ?> - <a href="/firewall_aliases_edit.php?id=<?=$alias['src']?>" data-toggle="popover" data-trigger="hover focus" title="Alias details" data-content="<?=alias_info_popup($alias['src'])?>" data-html="true"> + <a href="/firewall_aliases_edit.php?id=<?=$alias['src']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['src'])?>" data-html="true"> <?php endif; ?> <?=htmlspecialchars(pprint_address($filterent['source']))?> </td> <td> <?php if (isset($alias['srcport'])): ?> - <a href="/firewall_aliases_edit.php?id=<?=$alias['srcport']?>" data-toggle="popover" data-trigger="hover focus" title="Alias details" data-content="<?=alias_info_popup($alias['srcport'])?>" data-html="true"> + <a href="/firewall_aliases_edit.php?id=<?=$alias['srcport']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['srcport'])?>" data-html="true"> <?php endif; ?> <?=htmlspecialchars(pprint_port($filterent['source']['port']))?> </td> <td> <?php if (isset($alias['dst'])): ?> - <a href="/firewall_aliases_edit.php?id=<?=$alias['dst']?>" data-toggle="popover" data-trigger="hover focus" title="Alias details" data-content="<?=alias_info_popup($alias['dst'])?>" data-html="true"> + <a href="/firewall_aliases_edit.php?id=<?=$alias['dst']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['dst'])?>" data-html="true"> <?php endif; ?> <?=htmlspecialchars(pprint_address($filterent['destination']))?> </td> <td> <?php if (isset($alias['dstport'])): ?> - <a href="/firewall_aliases_edit.php?id=<?=$alias['dstport']?>" data-toggle="popover" data-trigger="hover focus" title="Alias details" data-content="<?=alias_info_popup($alias['dstport'])?>" data-html="true"> + <a href="/firewall_aliases_edit.php?id=<?=$alias['dstport']?>" data-toggle="popover" data-trigger="hover focus" title="<?=gettext('Alias details')?>" data-content="<?=alias_info_popup($alias['dstport'])?>" data-html="true"> <?php endif; ?> <?=htmlspecialchars(pprint_port($filterent['destination']['port']))?> </td> @@ -653,6 +675,18 @@ for ($i = 0; isset($a_filter[$i]); $i++): </td> </tr> <?php + if (isset($config['filter']['separator'][strtolower($if)]['sep0'])) { + foreach ($config['filter']['separator'][strtolower($if)] as $rulesep) { + if ($rulesep['row']['0'] == "fr" . $nrules) { + $cellcolor = $rulesep['color']; + print('<tr class="ui-sortable-handle separator">' . + '<td class="' . $cellcolor . '" colspan="11">' . '<font class="' . $cellcolor . '">' . $rulesep['text'] . '</font></td>' . + '<td class="' . $cellcolor . '"><a href="#"><i class="fa fa-trash no-confirm sepdel" title="delete this separator"></i></a></td>' . + '</tr>' . "\n"); + } + } + } + $nrules++; endfor; ?> @@ -745,37 +779,135 @@ events.push(function() { // Check all of the rule checkboxes so that their values are posted $('#order-store').click(function () { - $('[id^=frc]').prop('checked', true); + $('[id^=frc]').prop('checked', true); + + // Save the separator bar configuration + save_separators(); }); - // Separator bar stuff + // Separator bar stuff ------------------------------------------------------------------------ + + // Globals + gColor = 'bg-info'; + newSeperator = false; + $("#addsep").prop('type' ,'button'); - $("#addsep").click(function() { - alert("This feature is not yet complete. (Nothing is saved)\nIncluded for review only."); - $('#ruletable > tbody:last').append('<tr>' + - '<td bgcolor="#cce5ff" colspan="10"><input id="newsep" placeholder="<?=gettext("Enter a description, Save, then drag to final location.")?>" class="col-md-12" type="text"></input></td>' + - '<td bgcolor="#cce5ff" colspan="2"><button class="btn btn-default btn-sm" id="btnnewsep"><?=gettext("Save")?></button></td>' + - '</tr>'); + $("#addsep").click(function() { + if (newSeperator) { + return(false); + } + + gColor = 'bg-info'; + // Inset a temporary bar in which the user can enter some optional text + $('#ruletable > tbody:last').append('<tr>' + + '<td class="' + gColor + '" colspan="10"><input id="newsep" placeholder="<?=gettext("Enter a description, Save, then drag to final location.")?>" class="col-md-12" type="text"></input></td>' + + '<td class="' + gColor + '" colspan="2"><button class="btn btn-default btn-sm" id="btnnewsep"><?=gettext("Save")?></button>' + + '<button class="btn btn-default btn-sm" id="btncncsep"><?=gettext("Cancel")?></button>' + + ' ' + + ' <a href="#" id="sepclrblue" value="bg-info"><i class="fa fa-circle text-info"></i></a>' + + ' <a href="#" id="sepclrred" value="bg-danger"><i class="fa fa-circle text-danger"></i></a>' + + ' <a href="#" id="sepclrgreen" value="bg-success"><i class="fa fa-circle text-success"></i></a>' + + ' <a href="#" id="sepclrorange" value="bg-warning"><i class="fa fa-circle text-warning"></i></a>' + + '</td></tr>'); + + $('#newsep').focus(); + newSeperator = true; $("#btnnewsep").prop('type' ,'button'); + handle_colors(); + + // Remove the temporary separator bar and replace it with the final version containing the + // user's text and a delete icon $("#btnnewsep").click(function() { - var septext = $('#newsep').val(); + var septext = escapeHtml($('#newsep').val()); $('#ruletable > tbody:last >tr:last').remove(); - $('#ruletable > tbody:last').append('<tr class="ui-sortable-handle">' + - '<td bgcolor="#cce5ff" colspan="11">' + '<font color="#002699">' + septext + '</font></td>' + - '<td bgcolor="#cce5ff"><a href="#"><i class="fa fa-trash"></i></a></td>' + - '</tr>'); + $('#ruletable > tbody:last').append('<tr class="ui-sortable-handle separator">' + + '<td class="' + gColor + '" colspan="11">' + '<font class="' + gColor + '">' + septext + '</font></td>' + + '<td class="' + gColor + '"><a href="#"><i class="fa fa-trash sepdel"></i></a>' + + '</tr>'); + + $('#order-store').removeAttr('disabled'); + newSeperator = false; }); - }); + // Cancel button + $('#btncncsep').click(function(e) { + e.preventDefault(); + $(this).parents('tr').remove(); + newSeperator = false; + }); + }); + + // Delete a separator row $(function(){ - $('table').on('click','tr a',function(e){ + $('table').on('click','tr a .sepdel',function(e){ e.preventDefault(); $(this).parents('tr').remove(); + $('#order-store').removeAttr('disabled'); }); }); + + // Compose an inout array containing the row # and text for each separator + function save_separators() { + var seprow = 0; + var sepinput; + var sepnum = 0; + + $('#ruletable > tbody > tr').each(function() { + if ($(this).hasClass('separator')) { + seprow = $(this).prev('tr').attr("id"); + if (seprow == undefined) { + seprow = "fr-1"; + } + + sepinput = '<input type="hidden" name="separator[' + sepnum + '][row]" value="' + seprow + '"></input>'; + $('form').append(sepinput); + sepinput = '<input type="hidden" name="separator[' + sepnum + '][text]" value="' + $(this).find('td').text() + '"></input>'; + $('form').append(sepinput); + sepinput = '<input type="hidden" name="separator[' + sepnum + '][color]" value="' + $(this).find('td').prop('class') + '"></input>'; + $('form').append(sepinput); + sepinput = '<input type="hidden" name="separator[' + sepnum + '][if]" value="<?=strtolower($if)?>"></input>'; + $('form').append(sepinput); + sepnum++; + } + + if ($(this).parent('tbody').hasClass('user-entries')) { + seprow++; + } + }); + } + + function handle_colors() { + $('[id^=sepclr]').prop("type", "button"); + + $('[id^=sepclr]').click(function () { + var color = $(this).attr('value'); + // Clear all the color classes + $(this).parent('td').prop('class', ''); + $(this).parent('td').prev('td').prop('class', ''); + // Install our new color class + $(this).parent('td').addClass(color); + $(this).parent('td').prev('td').addClass(color); + // Set the global color + gColor = color; + }); + } + + //JS equivalent to PHP htmlspecialchars() + function escapeHtml(text) { + var map = { + '&': '&', + '<': '<', + '>': '>', + '"': '"', + "'": ''' + }; + + return text.replace(/[&<>"']/g, function(m) { return map[m]; }); + } + // -------------------------------------------------------------------------------------------- }); //]]> </script> diff --git a/src/usr/local/www/firewall_rules_edit.php b/src/usr/local/www/firewall_rules_edit.php index 3918866..8a7a046 100644 --- a/src/usr/local/www/firewall_rules_edit.php +++ b/src/usr/local/www/firewall_rules_edit.php @@ -429,10 +429,10 @@ if ($_POST) { $reqdfields[] = "src"; $reqdfields[] = "dst"; } - $reqdfieldsn = explode(",", "Type,Protocol"); + $reqdfieldsn = array(gettext("Type"), gettext("Protocol")); if (isset($a_filter[$id]['associated-rule-id']) === false) { - $reqdfieldsn[] = "Source"; - $reqdfieldsn[] = "Destination"; + $reqdfieldsn[] = gettext("Source"); + $reqdfieldsn[] = gettext("Destination"); } if ($_POST['statetype'] == "modulate state" or $_POST['statetype'] == "synproxy state") { @@ -447,7 +447,7 @@ if ($_POST) { if (isset($a_filter[$id]['associated-rule-id']) === false && (!(is_specialnet($_POST['srctype']) || ($_POST['srctype'] == "single")))) { $reqdfields[] = "srcmask"; - $reqdfieldsn[] = "Source bit count"; + $reqdfieldsn[] = gettext("Source bit count"); } if (isset($a_filter[$id]['associated-rule-id']) === false && (!(is_specialnet($_POST['dsttype']) || ($_POST['dsttype'] == "single")))) { @@ -645,22 +645,22 @@ if ($_POST) { if ($_POST['statetype'] == "none") { if (!empty($_POST['max'])) { - $input_errors[] = gettext("You cannot specify the maximum state entries (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum state entries (advanced option) if statetype is none."); } if (!empty($_POST['max-src-nodes'])) { - $input_errors[] = gettext("You cannot specify the maximum number of unique source hosts (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum number of unique source hosts (advanced option) if statetype is none."); } if (!empty($_POST['max-src-conn'])) { - $input_errors[] = gettext("You cannot specify the maximum number of established connections per host (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum number of established connections per host (advanced option) if statetype is none."); } if (!empty($_POST['max-src-states'])) { - $input_errors[] = gettext("You cannot specify the maximum state entries per host (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum state entries per host (advanced option) if statetype is none."); } if (!empty($_POST['max-src-conn-rate']) || !empty($_POST['max-src-conn-rates'])) { - $input_errors[] = gettext("You cannot specify the maximum new connections per host / per second(s) (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum new connections per host / per second(s) (advanced option) if statetype is none."); } if (!empty($_POST['statetimeout'])) { - $input_errors[] = gettext("You cannot specify the state timeout (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the state timeout (advanced option) if statetype is none."); } } @@ -939,8 +939,8 @@ function build_flag_table() { $setflags = explode(",", $pconfig['tcpflags1']); $outofflags = explode(",", $pconfig['tcpflags2']); $header = "<td></td>"; - $tcpflags1 = "<td>set</td>"; - $tcpflags2 = "<td>out of</td>"; + $tcpflags1 = "<td>" . gettext("set") . "</td>"; + $tcpflags2 = "<td>" . gettext("out of") . "</td>"; foreach ($tcpflags as $tcpflag) { $header .= "<td><strong>" . strtoupper($tcpflag) . "</strong></td>\n"; @@ -993,21 +993,21 @@ function build_if_list() { } if ($config['l2tp']['mode'] == "server" && have_ruleint_access("l2tp")) { - $iflist['l2tp'] = 'L2TP VPN'; + $iflist['l2tp'] = gettext('L2TP VPN'); } if (is_pppoe_server_enabled() && have_ruleint_access("pppoe")) { - $iflist['pppoe'] = "PPPoE Server"; + $iflist['pppoe'] = gettext("PPPoE Server"); } // add ipsec interfaces if (ipsec_enabled() && have_ruleint_access("enc0")) { - $iflist["enc0"] = "IPsec"; + $iflist["enc0"] = gettext("IPsec"); } // add openvpn/tun interfaces if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) { - $iflist["openvpn"] = "OpenVPN"; + $iflist["openvpn"] = gettext("OpenVPN"); } return($iflist); @@ -1062,13 +1062,13 @@ $form->addGlobal(new Form_Input( pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/htmlphpearly"); $values = array( - 'pass' => 'Pass', - 'block' => 'Block', - 'reject' => 'Reject', + 'pass' => gettext('Pass'), + 'block' => gettext('Block'), + 'reject' => gettext('Reject'), ); if ($if == "FloatingRules" || isset($pconfig['floating'])) { - $values['match'] = 'Match'; + $values['match'] = gettext('Match'); } $section->addInput(new Form_Select( @@ -1159,9 +1159,9 @@ if ($if == "FloatingRules" || isset($pconfig['floating'])) { 'Direction', $pconfig['direction'], array( - 'any' => 'any', - 'in' => 'in', - 'out' => 'out', + 'any' => gettext('any'), + 'in' => gettext('in'), + 'out' => gettext('out'), ) )); @@ -1201,7 +1201,7 @@ $section->addInput(new Form_Select( 'pim' => 'PIM', 'ospf' => 'OSPF', 'sctp' => 'SCTP', - 'any' => 'any', + 'any' => gettext('any'), 'carp' => 'CARP', 'pfsync' => 'PFSYNC', ) @@ -1252,23 +1252,23 @@ foreach (['src' => 'Source', 'dst' => 'Destination'] as $type => $name) { } $ruleValues = array( - 'any' => 'any', - 'single' => 'Single host or alias', - 'network' => 'Network', + 'any' => gettext('any'), + 'single' => gettext('Single host or alias'), + 'network' => gettext('Network'), ); - if($type == 'dst') { - $ruleValues['(self)'] = "This firewall (self)"; + if ($type == 'dst') { + $ruleValues['(self)'] = gettext("This firewall (self)"); } if (isset($a_filter[$id]['floating']) || $if == "FloatingRules") { - $ruleValues['(self)'] = 'This Firewall (self)'; + $ruleValues['(self)'] = gettext('This Firewall (self)'); } if (have_ruleint_access("pppoe")) { - $ruleValues['pppoe'] = 'PPPoE clients'; + $ruleValues['pppoe'] = gettext('PPPoE clients'); } if (have_ruleint_access("l2tp")) { - $ruleValues['l2tp'] = 'L2TP clients'; + $ruleValues['l2tp'] = gettext('L2TP clients'); } foreach ($ifdisp as $ifent => $ifdesc) { @@ -1302,7 +1302,7 @@ foreach (['src' => 'Source', 'dst' => 'Destination'] as $type => $name) { ))->removeClass('btn-primary'); } - $portValues = ['' => '(other)', 'any' => 'any']; + $portValues = ['' => gettext('(other)'), 'any' => gettext('any')]; foreach ($wkports as $port => $portName) { $portValues[$port] = $portName.' ('. $port .')'; @@ -1507,10 +1507,10 @@ $section->addInput(new Form_Select( 'State type', (isset($pconfig['statetype'])) ? "keep state":$pconfig['statetype'], array( - 'keep state' => 'Keep', - 'sloppy state' => 'Sloppy', - 'synproxy state' => 'Synproxy', - 'none' => 'None', + 'keep state' => gettext('Keep'), + 'sloppy state' => gettext('Sloppy'), + 'synproxy state' => gettext('Synproxy'), + 'none' => gettext('None'), ) ))->setHelp('Select which type of state tracking mechanism you would like to use. If in doubt, use keep state' . '<br />' . '<span></span>'); @@ -1549,10 +1549,10 @@ $section->addInput(new Form_Select( 'sched', 'Schedule', $pconfig['sched'], - ['' => 'none'] + array_combine($schedules, $schedules) + ['' => gettext('none')] + array_combine($schedules, $schedules) ))->setHelp('Leave as \'none\' to leave the rule enabled all the time'); -$gateways = array("" => 'default'); +$gateways = array("" => gettext('default')); foreach (return_gateways_array() as $gwname => $gw) { if (($pconfig['ipprotocol'] == "inet46")) { continue; @@ -1590,14 +1590,14 @@ $group->add(new Form_Select( 'dnpipe', 'DNpipe', (isset($pconfig['dnpipe'])) ? $pconfig['dnpipe']:"", - array('' => 'none') + array_combine(array_keys($dnqlist), array_keys($dnqlist)) + array('' => gettext('none')) + array_combine(array_keys($dnqlist), array_keys($dnqlist)) )); $group->add(new Form_Select( 'pdnpipe', 'PDNpipe', (isset($pconfig['pdnpipe'])) ? $pconfig['pdnpipe']:"", - array('' => 'none') + array_combine(array_keys($dnqlist), array_keys($dnqlist)) + array('' => gettext('none')) + array_combine(array_keys($dnqlist), array_keys($dnqlist)) )); $section->add($group)->setHelp('Choose the Out queue/Virtual interface only if '. diff --git a/src/usr/local/www/firewall_schedule_edit.php b/src/usr/local/www/firewall_schedule_edit.php index 5a867b2..93c7f91 100644 --- a/src/usr/local/www/firewall_schedule_edit.php +++ b/src/usr/local/www/firewall_schedule_edit.php @@ -130,7 +130,7 @@ if ($_POST) { $input_errors[] = gettext("Reserved word used for schedule name."); } else { if (is_validaliasname($_POST['name']) == false) { - $input_errors[] = gettext("The schedule name must be less than 32 characters long, may not consist of only numbers, may not consist of only underscores, and may only contain the following characters:") . ' a-z, A-Z, 0-9, _'; + $input_errors[] = sprintf(gettext("The schedule name must be less than 32 characters long, may not consist of only numbers, may not consist of only underscores, and may only contain the following characters: %s"), 'a-z, A-Z, 0-9, _'); } } diff --git a/src/usr/local/www/firewall_shaper.php b/src/usr/local/www/firewall_shaper.php index 079a8ce..b10bdd2 100644 --- a/src/usr/local/www/firewall_shaper.php +++ b/src/usr/local/www/firewall_shaper.php @@ -157,15 +157,17 @@ if ($_GET) { if (write_config()) { $retval = 0; $retval |= filter_configure(); - $savemsg = get_std_save_message($retval); if (stristr($retval, "error") <> true) { $savemsg = get_std_save_message($retval); + $class = 'success'; } else { $savemsg = $retval; + $class = 'warning'; } } else { $savemsg = gettext("Unable to write config.xml (Access Denied?)"); + $class = 'warning'; } $dfltmsg = true; @@ -336,12 +338,13 @@ if ($_POST) { $retval = 0; $retval = filter_configure(); - $savemsg = get_std_save_message($retval); if (stristr($retval, "error") <> true) { $savemsg = get_std_save_message($retval); + $class = 'success'; } else { $savemsg = $retval; + $class = 'warning'; } /* reset rrd queues */ @@ -423,7 +426,7 @@ if ($input_errors) { } if ($savemsg) { - print_info_box($savemsg, 'success'); + print_info_box($savemsg, $class); } if (is_subsystem_dirty('shaper')) { diff --git a/src/usr/local/www/firewall_shaper_wizards.php b/src/usr/local/www/firewall_shaper_wizards.php index fec62a2..7bbc941 100644 --- a/src/usr/local/www/firewall_shaper_wizards.php +++ b/src/usr/local/www/firewall_shaper_wizards.php @@ -77,11 +77,12 @@ if ($_POST['apply']) { $retval = 0; /* Setup pf rules since the user may have changed the optimization value */ $retval = filter_configure(); - $savemsg = get_std_save_message($retval); if (stristr($retval, "error") <> true) { $savemsg = get_std_save_message($retval); + $class = 'success'; } else { $savemsg = $retval; + $class = 'warning'; } /* reset rrd queues */ @@ -114,7 +115,7 @@ $tab_array[] = array(gettext("Wizards"), true, "firewall_shaper_wizards.php"); display_top_tabs($tab_array); if ($savemsg) { - print_info_box($savemsg, 'success'); + print_info_box($savemsg, $class); } if (is_subsystem_dirty('shaper')) { diff --git a/src/usr/local/www/firewall_virtual_ip.php b/src/usr/local/www/firewall_virtual_ip.php index ccfaf92..8db4818 100644 --- a/src/usr/local/www/firewall_virtual_ip.php +++ b/src/usr/local/www/firewall_virtual_ip.php @@ -217,13 +217,13 @@ if ($_GET['act'] == "del") { } if ($found_carp === true && $found_other_alias === false && $found_if === false) { - $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by a CARP IP with the description") . " {$vip['descr']}."; + $input_errors[] = sprintf(gettext("This entry cannot be deleted because it is still referenced by a CARP IP with the description %s."), $vip['descr']); } } else if ($a_vip[$_GET['id']]['mode'] == "carp") { $vipiface = "{$a_vip[$_GET['id']]['interface']}_vip{$a_vip[$_GET['id']]['vhid']}"; foreach ($a_vip as $vip) { if ($vipiface == $vip['interface'] && $vip['mode'] == "ipalias") { - $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by an IP alias entry with the description") . " {$vip['descr']}."; + $input_errors[] = sprintf(gettext("This entry cannot be deleted because it is still referenced by an IP alias entry with the description %s."), $vip['descr']); } } } @@ -262,10 +262,10 @@ if ($_GET['act'] == "del") { $id = $_GET['id']; } -$types = array('proxyarp' => 'Proxy ARP', - 'carp' => 'CARP', - 'other' => 'Other', - 'ipalias' => 'IP Alias' +$types = array('proxyarp' => gettext('Proxy ARP'), + 'carp' => gettext('CARP'), + 'other' => gettext('Other'), + 'ipalias' => gettext('IP Alias') ); $pgtitle = array(gettext("Firewall"), gettext("Virtual IP Addresses")); @@ -276,7 +276,7 @@ if ($input_errors) { } else if ($savemsg) { print_info_box($savemsg, 'success'); } else if (is_subsystem_dirty('vip')) { - print_info_box_np(gettext("The VIP configuration has been changed.")."<br />".gettext("You must apply the changes in order for them to take effect.")); + print_info_box_np(gettext("The VIP configuration has been changed.") . "<br />" . gettext("You must apply the changes in order for them to take effect.")); } /* active tabs @@ -365,8 +365,8 @@ endforeach; </nav> <div class="infoblock"> - <?=print_info_box(gettext('The virtual IP addresses defined on this page may be used in ') . '<a href="firewall_nat.php">' . gettext('NAT') . '</a>' . gettext(' mappings.') . '<br />' . - gettext('You can check the status of your CARP Virtual IPs and interfaces ') . '<a href="status_carp.php">' . gettext('here') . '</a>', 'info', false)?> + <?=print_info_box(sprintf(gettext('The virtual IP addresses defined on this page may be used in %1$sNAT%2$s mappings'), '<a href="firewall_nat.php">', '</a>') . '<br />' . + sprintf(gettext('You can check the status of your CARP Virtual IPs and interfaces %1$shere%2$s'), '<a href="status_carp.php">', '</a>'), 'info', false)?> </div> <?php diff --git a/src/usr/local/www/firewall_virtual_ip_edit.php b/src/usr/local/www/firewall_virtual_ip_edit.php index 9df1f98..f459813 100644 --- a/src/usr/local/www/firewall_virtual_ip_edit.php +++ b/src/usr/local/www/firewall_virtual_ip_edit.php @@ -200,7 +200,7 @@ if ($_POST) { $idtracker = 0; foreach ($config['virtualip']['vip'] as $vip) { if ($vip['vhid'] == $_POST['vhid'] && $vip['interface'] == $_POST['interface'] && $idtracker != $id) { - $input_errors[] = sprintf(gettext("VHID %s is already in use on interface %s. Pick a unique number on this interface."), $_POST['vhid'], convert_friendly_interface_to_friendly_descr($_POST['interface'])); + $input_errors[] = sprintf(gettext("VHID %1$s is already in use on interface %2$s. Pick a unique number on this interface."), $_POST['vhid'], convert_friendly_interface_to_friendly_descr($_POST['interface'])); } $idtracker++; } @@ -410,8 +410,8 @@ $section->addInput(new Form_Select( 'Address type', ((!$pconfig['range'] && $pconfig['subnet_bits'] == 32) || (!isset($pconfig['subnet']))) ? 'single':'network', array( - 'single' => 'Single address', - 'network' => 'Network' + 'single' => gettext('Single address'), + 'network' => gettext('Network') ) ))->addClass('typesel'); diff --git a/src/usr/local/www/interfaces.php b/src/usr/local/www/interfaces.php index 3a7e85c..84824be 100644 --- a/src/usr/local/www/interfaces.php +++ b/src/usr/local/www/interfaces.php @@ -283,7 +283,7 @@ $pconfig['enable'] = isset($wancfg['enable']); if (is_array($config['aliases']['alias'])) { foreach ($config['aliases']['alias'] as $alias) { if ($alias['name'] == $wancfg['descr']) { - $input_errors[] = sprintf(gettext("Sorry, an alias with the name %s already exists."), $wancfg['descr']); + $input_errors[] = sprintf(gettext("Sorry, an alias with the name %s already exists. Interfaces cannot have the same name as an alias."), $wancfg['descr']); } } } diff --git a/src/usr/local/www/pkg_mgr_install.php b/src/usr/local/www/pkg_mgr_install.php index 5958783..6b0876f 100644 --- a/src/usr/local/www/pkg_mgr_install.php +++ b/src/usr/local/www/pkg_mgr_install.php @@ -259,7 +259,7 @@ if ($_GET && $_GET['id'] == "firmware") { $tab_array = array(); if ($firmwareupdate || ($_POST['id'] == "firmware")) { - $pgtitle = array(gettext("System"), gettext("Update"), $headline); + $pgtitle = array(gettext("System"), gettext("Update")); $tab_array[] = array(gettext("System Update"), true, ""); $tab_array[] = array(gettext("Update Settings"), false, "system_update_settings.php"); } else { diff --git a/src/usr/local/www/services_captiveportal.php b/src/usr/local/www/services_captiveportal.php index ce4c96c..663e7c6 100644 --- a/src/usr/local/www/services_captiveportal.php +++ b/src/usr/local/www/services_captiveportal.php @@ -1083,10 +1083,10 @@ list($host) = explode(":", $_SERVER['HTTP_HOST']); $zoneid = $pconfig['zoneid'] ? $pconfig['zoneid'] : 8000; if ($pconfig['httpslogin_enable']) { $port = $pconfig['listenporthttps'] ? $pconfig['listenporthttps'] : ($zoneid + 8001); - $href = "https://{$host}:{$port}"; + $href = "https://{$host}:{$port}/?zone={$cpzone}"; } else { $port = $pconfig['listenporthttp'] ? $pconfig['listenporthttp'] : ($zoneid + 8000); - $href = "http://{$host}:{$port}"; + $href = "http://{$host}:{$port}/?zone={$cpzone}"; } if ($pconfig['page']['htmltext']) { diff --git a/src/usr/local/www/services_dhcp.php b/src/usr/local/www/services_dhcp.php index 4513d94..b643a52 100644 --- a/src/usr/local/www/services_dhcp.php +++ b/src/usr/local/www/services_dhcp.php @@ -970,7 +970,7 @@ $btnadv = new Form_Button( 'Advanced' ); -$btnadv->removeClass('btn-primary')->addClass('btn-default btn-sm'); +$btnadv->removeClass('btn-primary')->addClass('btn-info btn-sm'); $section->addInput(new Form_StaticText( 'Dynamic DNS', @@ -1018,7 +1018,7 @@ $btnadv = new Form_Button( 'Advanced' ); -$btnadv->removeClass('btn-primary')->addClass('btn-default btn-sm'); +$btnadv->removeClass('btn-primary')->addClass('btn-info btn-sm'); $section->addInput(new Form_StaticText( 'MAC address control', @@ -1027,14 +1027,14 @@ $section->addInput(new Form_StaticText( $section->addInput(new Form_Input( 'mac_allow', - 'Allow', + 'MAC Allow', 'text', $pconfig['mac_allow'] ))->setHelp('List of partial MAC addresses to allow, comma separated, no spaces, e.g.: 00:00:00,01:E5:FF'); $section->addInput(new Form_Input( 'mac_deny', - 'Deny', + 'MAC Deny', 'text', $pconfig['mac_deny'] ))->setHelp('List of partial MAC addresses to deny access, comma separated, no spaces, e.g.: 00:00:00,01:E5:FF'); @@ -1045,7 +1045,7 @@ $btnadv = new Form_Button( 'Advanced' ); -$btnadv->removeClass('btn-primary')->addClass('btn-default btn-sm'); +$btnadv->removeClass('btn-primary')->addClass('btn-info btn-sm'); $section->addInput(new Form_StaticText( 'NTP servers', @@ -1070,7 +1070,7 @@ $btnadv = new Form_Button( 'Advanced' ); -$btnadv->removeClass('btn-primary')->addClass('btn-default btn-sm'); +$btnadv->removeClass('btn-primary')->addClass('btn-info btn-sm'); $section->addInput(new Form_StaticText( 'TFTP server', @@ -1079,7 +1079,7 @@ $section->addInput(new Form_StaticText( $section->addInput(new Form_IpAddress( 'tftp', - null, + 'Host or IP', $pconfig['tftp'] ))->setHelp('Leave blank to disable. Enter a full hostname or IP for the TFTP server')->setPattern('[.a-zA-Z0-9_]+'); @@ -1089,7 +1089,7 @@ $btnadv = new Form_Button( 'Advanced' ); -$btnadv->removeClass('btn-primary')->addClass('btn-default btn-sm'); +$btnadv->removeClass('btn-primary')->addClass('btn-info btn-sm'); $section->addInput(new Form_StaticText( 'LDAP URI', @@ -1103,22 +1103,18 @@ $section->addInput(new Form_Input( $pconfig['ldap'] ))->setHelp('Leave blank to disable. Enter a full URI for the LDAP server in the form ldap://ldap.example.com/dc=example,dc=com '); -// Advanced NETBOOT -$btnadv = new Form_Button( - 'btnadvboot', - 'Advanced' -); - -$btnadv->removeClass('btn-primary')->addClass('btn-default btn-sm'); +$form->add($section); -$section->addInput(new Form_StaticText( - 'Network booting', - $btnadv -)); +if ($pconfig['netboot']) { + $sectate = COLLAPSIBLE|SEC_OPEN; +} else { + $sectate = COLLAPSIBLE|SEC_CLOSED; +} +$section = new Form_Section("Network booting", nwkbootsec, $sectate); $section->addInput(new Form_Checkbox( 'netboot', - null, + 'Enable', 'Enables network booting', $pconfig['netboot'] )); @@ -1164,7 +1160,7 @@ $btnadv = new Form_Button( 'Advanced' ); -$btnadv->removeClass('btn-primary')->addClass('btn-default btn-sm'); +$btnadv->removeClass('btn-primary')->addClass('btn-info btn-sm'); $section->addInput(new Form_StaticText( 'Additional BOOTP/DHCP Options', @@ -1391,7 +1387,6 @@ events.push(function() { hideInput('mac_allow', !showadvmac && !hide); hideInput('mac_deny', !showadvmac && !hide); - hideInput('btnadvmac', hide); showadvmac = !showadvmac; } @@ -1399,7 +1394,7 @@ events.push(function() { $('#btnadvmac').prop('type', 'button'); $('#btnadvmac').click(function(event) { - show_advmac(); + show_advmac(true); }); // Show advanced NTP options ====================================================================================== @@ -1429,7 +1424,7 @@ events.push(function() { }); // Show advanced TFTP options ====================================================================================== - var showadvtftp = false; + var showtftp = false; function show_advtftp() { <?php @@ -1441,10 +1436,9 @@ events.push(function() { ?> var hide = <?php if ($hide) {echo 'true';} else {echo 'false';} ?>; - hideInput('tftp', !showadvtftp && !hide); - hideInput('btnadvtftp', hide); + hideInput('tftp', !showtftp & !hide); - showadvtftp = !showadvtftp; + showtftp = !showtftp; } $('#btnadvtftp').prop('type', 'button'); @@ -1478,37 +1472,6 @@ events.push(function() { show_advldap(); }); - // Show advanced NETBOOT options =================================================================================== - var showadvboot = false; - - function show_advboot() { -<?php - if (!$pconfig['netboot'] && empty($pconfig['nextserver']) && empty($pconfig['filename']) && empty($pconfig['filename32']) && - empty($pconfig['filename64']) && empty($pconfig['rootpath'])) { - $hide = false; - } else { - $hide = true; - } -?> - var hide = <?php if ($hide) {echo 'true';} else {echo 'false';} ?>; - - hideCheckbox('netboot', !showadvboot && !hide); - hideInput('nextserver', !showadvboot && !hide); - hideInput('filename', !showadvboot && !hide); - hideInput('filename32', !showadvboot && !hide); - hideInput('filename64', !showadvboot && !hide); - hideInput('rootpath', !showadvboot && !hide); - hideInput('btnadvboot', hide); - - showadvboot = !showadvboot; - } - - $('#btnadvboot').prop('type', 'button'); - - $('#btnadvboot').click(function(event) { - show_advboot(); - }); - // Show advanced additional opts options =========================================================================== var showadvopts = false; @@ -1542,7 +1505,6 @@ events.push(function() { show_advntp(); show_advtftp(); show_advldap(); - show_advboot(); show_advopts(); // Suppress "Delete row" button if there are fewer than two rows |
