diff options
| -rw-r--r-- | etc/inc/captiveportal.inc | 13 | ||||
| -rw-r--r-- | etc/inc/filter_log.inc | 51 | ||||
| -rw-r--r-- | etc/inc/pkg-utils.inc | 1 | ||||
| -rw-r--r-- | etc/inc/shaper.inc | 4 | ||||
| -rw-r--r-- | etc/inc/xmlrpc_client.inc | 10 | ||||
| -rw-r--r-- | usr/local/www/diag_logs_filter.php | 12 | ||||
| -rw-r--r-- | usr/local/www/diag_logs_settings.php | 2 | ||||
| -rw-r--r-- | usr/local/www/load_balancer_pool_edit.php | 10 | ||||
| -rw-r--r-- | usr/local/www/system_routes_edit.php | 2 | ||||
| -rw-r--r-- | usr/local/www/widgets/widgets/log.widget.php | 2 | ||||
| -rw-r--r-- | usr/local/www/wizard.php | 4 |
11 files changed, 68 insertions, 43 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 9ffb517..fbce4ae 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -427,7 +427,6 @@ function captiveportal_init_webgui_zone($cpcfg) { } /* generate lighttpd configuration */ - $listenporthttp = $cpcfg['listenporthttp'] ? $cpcfg['listenporthttp'] : $cpcfg['zoneid']; if (!empty($cpcfg['listenporthttp'])) $listenporthttp = $cpcfg['listenporthttp']; else @@ -543,16 +542,16 @@ EOD; $cprules .= "add {$rulenum} pipe tablearg ip from any to table(2) out\n"; $rulenum++; - if (!empty($$config['captiveportal'][$cpzone]['listenporthttp'])) - $listenporthttp = $$config['captiveportal'][$cpzone]['listenporthttp']; + if (!empty($config['captiveportal'][$cpzone]['listenporthttp'])) + $listenporthttp = $config['captiveportal'][$cpzone]['listenporthttp']; else - $listenporthttp = 8000 + $$config['captiveportal'][$cpzone]['zoneid']; + $listenporthttp = 8000 + $cpzoneid; if (isset($config['captiveportal'][$cpzone]['httpslogin'])) { if (!empty($config['captiveportal'][$cpzone]['listenporthttps'])) $listenporthttps = $config['captiveportal'][$cpzone]['listenporthttps']; else - $listenporthttps = 8001 + $$config['captiveportal'][$cpzone]['zoneid']; + $listenporthttps = 8001 + $cpzoneid; if (!isset($config['captiveportal'][$cpzone]['nohttpsforwards'])) { $cprules .= "add 65531 fwd 127.0.0.1,{$listenporthttps} tcp from any to any dst-port 443 in\n"; } @@ -1676,13 +1675,13 @@ function portal_hostname_from_client_ip($cliip) { $cpcfg = $config['captiveportal'][$cpzone]; if (isset($cpcfg['httpslogin'])) { - $listenporthttps = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : ($cpcfg['zoneid'] + 1); + $listenporthttps = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : ($cpcfg['zoneid'] + 8001); $ourhostname = $cpcfg['httpsname']; if ($listenporthttps != 443) $ourhostname .= ":" . $listenporthttps; } else { - $listenporthttp = $cpcfg['listenporthttp'] ? $cpcfg['listenporthttp'] : $cpcfg['zoneid']; + $listenporthttp = $cpcfg['listenporthttp'] ? $cpcfg['listenporthttp'] : ($cpcfg['zoneid'] + 8000); $ifip = portal_ip_from_client_ip($cliip); if (!$ifip) $ourhostname = "{$config['system']['hostname']}.{$config['system']['domain']}"; diff --git a/etc/inc/filter_log.inc b/etc/inc/filter_log.inc index ded2f3f..a327bb8 100644 --- a/etc/inc/filter_log.inc +++ b/etc/inc/filter_log.inc @@ -36,6 +36,10 @@ require 'config.inc'; +global $buffer_rules_rdr, $buffer_rules_normal; +$buffer_rules_rdr = array(); +$buffer_rules_normal = array(); + /* format filter logs */ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $filterinterface = null) { global $config, $g; @@ -209,22 +213,28 @@ function get_port_with_service($port, $proto) { return ':' . $portstr; } -function find_rule_by_number($rulenum, $type="rules") { +function find_rule_by_number($rulenum, $trackernum, $type="block") { global $g; /* Passing arbitrary input to grep could be a Very Bad Thing(tm) */ - if (!(is_numeric($rulenum))) + if (!is_numeric($rulenum) || !is_numeric($trackernum) || !in_array($type, array('pass', 'block', 'match', 'rdr'))) return; + + if ($trackernum == "0") + $lookup_pattern = "^@{$rulenum}\([0-9]+\)[[:space:]]{$type}[[:space:]].*[[:space:]]log[[:space:]]"; + else + $lookup_pattern = "^@[0-9]+\({$trackernum}\)[[:space:]]{$type}[[:space:]].*[[:space:]]log[[:space:]]"; + /* At the moment, miniupnpd is the only thing I know of that generates logging rdr rules */ unset($buffer); if ($type == "rdr") - $_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | grep '^@'", $buffer); + $_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | /usr/bin/egrep " . escapeshellarg("^@{$rulenum}"), $buffer); else { if (file_exists("{$g['tmp_path']}/rules.debug")) - $_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep " . escapeshellarg("^@{$rulenum} {$type}"), $buffer); + $_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep " . escapeshellarg($lookup_pattern), $buffer); else - $_gb = exec("/sbin/pfctl -vvPsr | grep " . escapeshellarg("^@{$rulenum}"), $buffer); + $_gb = exec("/sbin/pfctl -vvPsr | /usr/bin/egrep " . escapeshellarg($lookup_pattern), $buffer); } if (is_array($buffer)) return $buffer[0]; @@ -234,8 +244,9 @@ function find_rule_by_number($rulenum, $type="rules") { function buffer_rules_load() { global $g, $buffer_rules_rdr, $buffer_rules_normal; - unset($buffer, $buffer_rules_rdr, $buffer_rules_normal); + /* Redeclare globals after unset to work around PHP */ + global $buffer_rules_rdr, $buffer_rules_normal; $buffer_rules_rdr = array(); $buffer_rules_normal = array(); @@ -248,12 +259,21 @@ function buffer_rules_load() { } unset($buffer, $_gb); if (file_exists("{$g['tmp_path']}/rules.debug")) - $_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+ ' | /usr/bin/egrep -v '^@[0-9]+ (nat|rdr|binat|no|scrub)'", $buffer); + $_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]' | /usr/bin/egrep -v '^@[0-9]+\([0-9]+\)[[:space:]](nat|rdr|binat|no|scrub)'", $buffer); else - $_gb = exec("/sbin/pfctl -vvPsr | grep '^@'", $buffer); + $_gb = exec("/sbin/pfctl -vvPsr | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]'", $buffer); + if (is_array($buffer)) { foreach ($buffer as $line) { list($key, $value) = explode (" ", $line, 2); + # pfctl rule number output with tracker number: @dd(dddddddddd) + $matches = array(); + if (preg_match('/\@(?P<rulenum>\d+)\((?<trackernum>\d+)\)/', $key, $matches) == 1) { + if ($matches['trackernum'] > 0) + $key = $matches['trackernum']; + else + $key = "@{$matches['rulenum']}"; + } $buffer_rules_normal[$key] = $value; } } @@ -265,19 +285,24 @@ function buffer_rules_clear() { unset($GLOBALS['buffer_rules_rdr']); } -function find_rule_by_number_buffer($rulenum, $type){ +function find_rule_by_number_buffer($rulenum, $trackernum, $type){ global $g, $buffer_rules_rdr, $buffer_rules_normal; - + + if ($trackernum == "0") + $lookup_key = "@{$rulenum}"; + else + $lookup_key = $trackernum; + if ($type == "rdr") { - $ruleString = $buffer_rules_rdr["@".$rulenum]; + $ruleString = $buffer_rules_rdr[$lookup_key]; //TODO: get the correct 'description' part of a RDR log line. currently just first 30 characters.. $rulename = substr($ruleString,0,30); } else { - $ruleString = $buffer_rules_normal["@".$rulenum]; + $ruleString = $buffer_rules_normal[$lookup_key]; list(,$rulename,) = explode("\"",$ruleString); $rulename = str_replace("USER_RULE: ",'<img src="/themes/'.$g['theme'].'/images/icons/icon_frmfld_user.png" width="11" height="12" title="USER_RULE" alt="USER_RULE"/> ',$rulename); } - return $rulename." (@".$rulenum.")"; + return "{$rulename} ({$lookup_key})"; } function find_action_image($action) { diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 3541b3e..99385f1 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -47,7 +47,6 @@ if(file_exists("/cf/conf/use_xmlreader")) require_once("xmlreader.inc"); else require_once("xmlparse.inc"); -require_once("service-utils.inc"); require_once("pfsense-utils.inc"); if(!function_exists("update_status")) { diff --git a/etc/inc/shaper.inc b/etc/inc/shaper.inc index ba5616d..35bfd67 100644 --- a/etc/inc/shaper.inc +++ b/etc/inc/shaper.inc @@ -3171,7 +3171,7 @@ class dnpipe_class extends dummynet_class { if (filter_get_time_based_rule_status($schedule)) { $pfq_rule .= " bw ".trim($bw['bw']).$bw['bwscale']; if (is_numeric($bw['burst']) && ($bw['burst'] > 0)) - $pfq_rule .= " burst ".trim($bw['burst']).$bw['bwscale']; + $pfq_rule .= " burst ".trim($bw['burst']); $found = true; break; } @@ -3185,7 +3185,7 @@ class dnpipe_class extends dummynet_class { } else { $pfq_rule .= " bw ".trim($bw['bw']).$bw['bwscale']; if (is_numeric($bw['burst']) && ($bw['burst'] > 0)) - $pfq_rule .= " burst ".trim($bw['burst']).$bw['bwscale']; + $pfq_rule .= " burst ".trim($bw['burst']); $found = true; break; } diff --git a/etc/inc/xmlrpc_client.inc b/etc/inc/xmlrpc_client.inc index 6248d95..fbbf977 100644 --- a/etc/inc/xmlrpc_client.inc +++ b/etc/inc/xmlrpc_client.inc @@ -735,7 +735,7 @@ class XML_RPC_Client extends XML_RPC_Base { if ($match[1] == '') { if ($port == 443) { $this->server = $match[2]; - $this->protocol = 'https://'; + $this->protocol = 'ssl://'; $this->port = 443; } else { $this->server = $match[2]; @@ -750,7 +750,7 @@ class XML_RPC_Client extends XML_RPC_Base { } } else { $this->server = $match[2]; - $this->protocol = 'https://'; + $this->protocol = 'ssl://'; if ($port) { $this->port = $port; } else { @@ -763,7 +763,7 @@ class XML_RPC_Client extends XML_RPC_Base { if ($match[1] == '') { if ($proxy_port == 443) { $this->proxy = $match[2]; - $this->proxy_protocol = 'https://'; + $this->proxy_protocol = 'ssl://'; $this->proxy_port = 443; } else { $this->proxy = $match[2]; @@ -778,7 +778,7 @@ class XML_RPC_Client extends XML_RPC_Base { } } else { $this->proxy = $match[2]; - $this->proxy_protocol = 'https://'; + $this->proxy_protocol = 'ssl://'; if ($proxy_port) { $this->proxy_port = $proxy_port; } else { @@ -1002,7 +1002,7 @@ class XML_RPC_Client extends XML_RPC_Base { return false; } if ($this->proxy) { - $this->headers = 'POST ' . $this->protocol . $this->server; + $this->headers = 'POST ' . ($this->protocol=='ssl://'?'https://':$this->protocol). $this->server; if ($this->proxy_port) { $this->headers .= ':' . $this->port; } diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 5f21504..f68d4b4 100644 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -72,8 +72,8 @@ function getGETPOSTsettingvalue($settingname, $default) $rulenum = getGETPOSTsettingvalue('getrulenum', null); if($rulenum) { - list($rulenum, $type) = explode(',', $rulenum); - $rule = find_rule_by_number($rulenum, $type); + list($rulenum, $tracker, $type) = explode(',', $rulenum); + $rule = find_rule_by_number($rulenum, $tracker, $type); echo gettext("The rule that triggered this action is") . ":\n\n{$rule}"; exit; } @@ -341,8 +341,8 @@ include("head.inc"); <tr class="<?=$evenRowClass?>"> <td class="listMRlr nowrap" align="center" sorttable_customkey="<?=$filterent['act']?>"> <center> - <a onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['act']}"; ?>', outputrule);"> - <img border="0" src="<?php echo find_action_image($filterent['act']);?>" width="11" height="11" align="middle" alt="<?php echo $filterent['act'];?>" title="<?php echo $filterent['act'];?>" /> + <a onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['tracker']},{$filterent['act']}"; ?>', outputrule);"> + <img border="0" src="<?php echo find_action_image($filterent['act']);?>" width="11" height="11" align="middle" alt="<?php echo $filterent['act'] .'/'. $filterent['tracker'];?>" title="<?php echo $filterent['act'] .'/'. $filterent['tracker'];?>" /> <?php if ($filterent['count']) echo $filterent['count'];?></a></center></td> <td class="listMRr" nowrap="nowrap"><?php echo htmlspecialchars($filterent['time']);?></td> <td class="listMRr" nowrap="nowrap"> @@ -352,7 +352,7 @@ include("head.inc"); <?php echo htmlspecialchars($filterent['interface']);?></td> <?php if ($config['syslog']['filterdescriptions'] === "1") - echo("<td class=\"listMRr nowrap\">".find_rule_by_number_buffer($filterent['rulenum'],$filterent['act'])."</td>"); + echo("<td class=\"listMRr nowrap\">".find_rule_by_number_buffer($filterent['rulenum'],$filterent['tracker'],$filterent['act'])."</td>"); $int = strtolower($filterent['interface']); $proto = strtolower($filterent['proto']); @@ -390,7 +390,7 @@ include("head.inc"); <?php if (isset($config['syslog']['filterdescriptions']) && $config['syslog']['filterdescriptions'] === "2"):?> <tr class="<?=$evenRowClass?>"> <td colspan="2" class="listMRDescriptionL listMRlr" /> - <td colspan="4" class="listMRDescriptionR listMRr nowrap"><?=find_rule_by_number_buffer($filterent['rulenum'],$filterent['act']);?></td> + <td colspan="4" class="listMRDescriptionR listMRr nowrap"><?=find_rule_by_number_buffer($filterent['rulenum'],$filterent['tracker'],$filterent['act']);?></td> </tr> <?php endif; endforeach; diff --git a/usr/local/www/diag_logs_settings.php b/usr/local/www/diag_logs_settings.php index 729a871..5f40bd7 100644 --- a/usr/local/www/diag_logs_settings.php +++ b/usr/local/www/diag_logs_settings.php @@ -297,7 +297,7 @@ function check_everything() { <input name="logfilesize" id="logfilesize" type="text" class="formfld unknown" size="8" value="<?=htmlspecialchars($pconfig['logfilesize']);?>" /><br /> <?=gettext("Logs are held in constant-size circular log files. This field controls how large each log file is, and thus how many entries may exist inside the log By default this is approximately 500KB per log file, and there are nearly 20 such log files.") ?> <br /><br /> - <?=gettext("NOTE: Log sizes are changed the next time a log file is cleared or deleted. To immediately increase the size of the log files, you must clear all logs using the \"Reset Log Files\" option farther down this page. "); ?> + <?=gettext("NOTE: Log sizes are changed the next time a log file is cleared or deleted. To immediately increase the size of the log files, you must first save the options to set the size, then clear all logs using the \"Reset Log Files\" option farther down this page. "); ?> <?=gettext("Be aware that increasing this value increases every log file size, so disk usage will increase significantly."); ?> <?=gettext("Disk space currently used by log files: ") ?><?= exec("/usr/bin/du -sh /var/log | /usr/bin/awk '{print $1;}'"); ?>. <?=gettext("Remaining disk space for log files: ") ?><?= exec("/bin/df -h /var/log | /usr/bin/awk '{print $4;}'"); ?>. diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index 46634cd..16a2a41 100644 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -287,15 +287,16 @@ function clearcombo(){ <tr> <td align="center"> <b><?=gettext("Pool Disabled"); ?></b> + <br/> + <select id="serversDisabledSelect" name="serversdisabled[]" multiple="multiple" size="5"> <?php if (is_array($pconfig['serversdisabled'])) { - echo "<select id=\"serversDisabledSelect\" name=\"serversdisabled[]\" multiple=\"multiple\" size=\"5\">"; foreach($pconfig['serversdisabled'] as $svrent) { if($svrent != '') echo " <option value=\"{$svrent}\">{$svrent}</option>\n"; } - echo "</select>"; } ?> + </select> <input class="formbtn" type="button" name="removeDisabled" value="<?=gettext("Remove"); ?>" onclick="RemoveServerFromPool(document.iform, 'serversdisabled[]');" /> </td> @@ -306,15 +307,16 @@ function clearcombo(){ <td align="center"> <b><?=gettext("Enabled (default)"); ?></b> + <br/> + <select id="serversSelect" name="servers[]" multiple="multiple" size="5"> <?php if (is_array($pconfig['servers'])) { -echo "<select id=\"serversSelect\" name=\"servers[]\" multiple=\"multiple\" size=\"5\">"; foreach($pconfig['servers'] as $svrent) { echo " <option value=\"{$svrent}\">{$svrent}</option>\n"; } -echo "</select>"; } ?> + </select> <input class="formbtn" type="button" name="removeEnabled" value="<?=gettext("Remove"); ?>" onclick="RemoveServerFromPool(document.iform, 'servers[]');" /> </td> </tr> diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index 4c58d53..995c63c 100644 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -228,7 +228,7 @@ include("head.inc"); <input name="network" type="text" class="formfldalias ipv4v6" id="network" size="20" value="<?=htmlspecialchars($pconfig['network']);?>" /> / <select name="network_subnet" class="formselect ipv4v6" id="network_subnet"> - <?php for ($i = 129; $i >= 1; $i--): ?> + <?php for ($i = 128; $i >= 1; $i--): ?> <option value="<?=$i;?>" <?php if ($i == $pconfig['network_subnet']) echo "selected=\"selected\""; ?>> <?=$i;?> </option> diff --git a/usr/local/www/widgets/widgets/log.widget.php b/usr/local/www/widgets/widgets/log.widget.php index 8f2d6d0..b76467c 100644 --- a/usr/local/www/widgets/widgets/log.widget.php +++ b/usr/local/www/widgets/widgets/log.widget.php @@ -188,7 +188,7 @@ function format_log_line(row) { ?> <tr class="<?=$evenRowClass?>"> <td class="listMRlr" nowrap="nowrap" align="center"> - <a href="#" onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['act']}"; ?>', outputrule);"> + <a href="#" onclick="javascript:getURL('diag_logs_filter.php?getrulenum=<?php echo "{$filterent['rulenum']},{$filterent['tracker']},{$filterent['act']}"; ?>', outputrule);"> <img border="0" src="<?php echo find_action_image($filterent['act']);?>" width="11" height="11" alt="<?php echo $filterent['act'];?>" title="<?php echo $filterent['act'];?>" /> </a> </td> diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index 017d03f..a773e12 100644 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -592,7 +592,7 @@ function showchange() { echo ":</td>\n"; } if($field['size']) $size = " size='" . $field['size'] . "' "; - if($field['multiple'] == "yes") $multiple = "MULTIPLE "; + if($field['multiple'] == "yes") $multiple = "multiple=\"multiple\" "; if(!$field['dontcombinecells']) echo "<td class=\"vtable\">\n"; $onchange = ""; @@ -658,7 +658,7 @@ function showchange() { break; case "listtopic": echo "<td> </td></tr>"; - echo "<tr><td colspan=\"2\" class=\"listtopic\">" . $field['name'] . "<br /></td>\n"; + echo "<tr><td colspan=\"2\" class=\"listtopic\">" . $field['name'] . "<br />\n"; break; case "subnet_select": |
