diff options
-rw-r--r-- | src/etc/inc/interfaces.inc | 202 | ||||
-rw-r--r-- | src/usr/local/www/firewall_nat_edit.php | 37 | ||||
-rw-r--r-- | src/usr/local/www/firewall_rules.php | 9 | ||||
-rw-r--r-- | src/usr/local/www/guiconfig.inc | 5 | ||||
-rw-r--r-- | src/usr/local/www/js/pfSenseHelpers.js | 9 | ||||
-rw-r--r-- | src/usr/local/www/services_captiveportal.php | 22 | ||||
-rw-r--r-- | src/usr/local/www/services_captiveportal_hostname_edit.php | 4 | ||||
-rw-r--r-- | src/usr/local/www/services_captiveportal_ip_edit.php | 4 | ||||
-rw-r--r-- | src/usr/local/www/services_captiveportal_mac_edit.php | 4 | ||||
-rw-r--r-- | src/usr/local/www/services_captiveportal_vouchers_edit.php | 8 | ||||
-rw-r--r-- | src/usr/local/www/services_captiveportal_zones_edit.php | 2 | ||||
-rw-r--r-- | src/usr/local/www/services_dhcpv6_edit.php | 2 | ||||
-rw-r--r-- | src/usr/local/www/services_ntpd.php | 2 | ||||
-rw-r--r-- | src/usr/local/www/services_ntpd_gps.php | 47 | ||||
-rw-r--r-- | src/usr/local/www/services_pppoe_edit.php | 2 |
15 files changed, 263 insertions, 96 deletions
diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc index 43af567..c5bed0d 100644 --- a/src/etc/inc/interfaces.inc +++ b/src/etc/inc/interfaces.inc @@ -1300,7 +1300,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = switch ($ifcfg['ipaddrv6']) { case "slaac": case "dhcp6": - kill_dhcp6client_process($realif); + kill_dhcp6client_process($realif, isset($ifcfg['dhcp6norelease'])); unlink_if_exists("{$g['varetc_path']}/dhcp6c_{$interface}.conf"); unlink_if_exists("{$g['varetc_path']}/dhcp6c_{$interface}_script.sh"); unlink_if_exists("{$g['varetc_path']}/rtsold_{$realifv6}_script.sh"); @@ -3039,14 +3039,63 @@ function find_dhcp6c_process($interface) { return intval($pid); } -function kill_dhcp6client_process($interface) { +function kill_dhcp6client_process($interface, $norelease) { + global $g; + if (empty($interface) || !does_interface_exist($interface)) { return; } if (($pid = find_dhcp6c_process($interface)) != 0) { - mwexec("kill -9 {$pid}"); - sleep(1); + /* + * Kill -9 caused the pid to get left behind, also if we need a + * relase sent then it needs to be -15, this then allows dhcp6c + * to send the release, it will also clean up after itself + */ + $sig = (isset($norelease) ? SIGKILL : SIGTERM); + posix_kill($pid, $sig); + if(!isset($norelease)) { + /* + * Allow dhcp6c to send release and exit gracefully if + * needed. + */ + sleep(2); + } + } + /* Clear the RTSOLD script created lock & tidy up */ + unlink_if_exists("/tmp/dhcp6c_{$interface}_lock"); + /* just in case! */ + unlink_if_exists("{$g['varrun_path']}/dhcp6c_{$interface}.pid"); +} + +function run_dhcp6client_process($interface, $wancfg) { + global $g; + + $debugOption = isset($wancfg['dhcp6debug']) ? "-D" : "-d"; + $noreleaseOption = isset($wancfg['dhcp6norelease']) ? "-n" : ""; + + /* + * Only run this if the lock does not exist. In theory the lock being + * there in this mode means the user has selected dhcp6withoutRA while + * a session is active in the other mode. + * + * It should not happen as the process should have been killed and the + * lock deleted. + */ + if (!file_exists("/tmp/dhcp6c_{$interface}_lock")) { + kill_dhcp6client_process($interface, + isset($wancfg['dhcp6norelease'])); + + /* Lock it to avoid multiple runs */ + touch("/tmp/dhcp6c_{$interface}_lock"); + mwexec("/usr/local/sbin/dhcp6c {$debugOption} " . + "{$noreleaseOption} " . + "-c {$g['varetc_path']}/dhcp6c_wan.conf " . + "-p {$g['varrun_path']}/dhcp6c_{$interface}.pid " . + $interface); + log_error(sprintf(gettext( + "Starting dhcp6 client for interface wan %s in DHCP6 without RA mode"), + $wanif)); } } @@ -3892,7 +3941,7 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { log_error(gettext("Failed to write user DUID file!")); } } - + if ($wancfg['adv_dhcp6_config_file_override']) { // DHCP6 Config File Override $dhcp6cconf = DHCP6_Config_File_Override($wancfg, $wanif); @@ -3929,7 +3978,16 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { $dhcp6cconf .= "\trequest domain-name-servers;\n"; $dhcp6cconf .= "\trequest domain-name;\n"; - $dhcp6cconf .= "\tscript \"{$g['varetc_path']}/dhcp6c_{$interface}_script.sh\"; # we'd like some nameservers please\n"; + + /* + * dhcp6c will run different scripts depending on + * whether dhcpwithoutra is set or unset. + */ + if (isset($wancfg['dhcp6withoutra'])) { + $dhcp6cconf .= "\tscript \"{$g['varetc_path']}/dhcp6c_{$interface}_dhcp6withoutra_script.sh\"; # we'd like nameservers and RTSOLD to do all the work\n"; + } else { + $dhcp6cconf .= "\tscript \"{$g['varetc_path']}/dhcp6c_{$interface}_script.sh\"; # we'd like some nameservers please\n"; + } $dhcp6cconf .= "};\n"; if (!isset($wancfg['dhcp6prefixonly'])) { @@ -3968,10 +4026,48 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { } unset($dhcp6cconf); - $dhcp6cscript = "#!/bin/sh\n"; + /* + * Script create for dhcp6withoutRA mode. + * dhcp6c will launch rtsold. rtsold will then run the wan ipv6 + * configure + */ + $dhcp6cscriptwithoutra = "#!/bin/sh\n"; + $dhcp6cscriptwithoutra .= "# This shell script launches rtsold.\n"; + $dhcp6cscriptwithoutra .= "dmips=\${new_domain_name_servers}\n"; + $dhcp6cscriptwithoutra .= "dmnames=\${new_domain_name}\n"; + // Need to pass params to the final script + $dhcp6cscriptwithoutra .= "echo \$dmips > /tmp/{$wanif}_domain_name_servers\n"; + $dhcp6cscriptwithoutra .= "echo \$dmnames > /tmp/{$wanif}_new_domain_name\n"; + $dhcp6cscriptwithoutra .= "/usr/sbin/rtsold -1 -p {$g['varrun_path']}/rtsold_{$wanif}.pid -O {$g['varetc_path']}/rtsold_{$wanif}_script.sh {$wanif}\n"; + + if (!@file_put_contents( + "{$g['varetc_path']}/dhcp6c_{$interface}_dhcp6withoutra_script.sh", + $dhcp6cscriptwithoutra)) { + printf("Error: cannot open " . + "dhcp6c_{$interface}_dhcp6cwithoutra_script.sh in " . + "interface_dhcpv6_configure() for writing.\n"); + unset($dhcp6cscriptwithoutra); + return 1; + } + unset($dhcp6cscriptwithoutra); + @chmod( + "{$g['varetc_path']}/dhcp6c_{$interface}_dhcp6withoutra_script.sh", + 0755); + + /* + * Dual mode wan_dhcp6c script with variations depending on node + * dhcp6 will run the wan ipv6 configure + */ + $dhcp6cscript = "#!/bin/sh\n"; $dhcp6cscript .= "# This shell script launches /etc/rc.newwanipv6 with a interface argument.\n"; - $dhcp6cscript .= "dmips=\${new_domain_name_servers}\n"; - $dhcp6cscript .= "dmnames=\${new_domain_name}\n"; + if (!isset($wancfg['dhcp6withoutra'])) { + $dhcp6cscript .= "dmips=\${new_domain_name_servers}\n"; + $dhcp6cscript .= "dmnames=\${new_domain_name}\n"; + } else { + // Need to get the paramaters from the dhcp6cwithoutRA run + $dhcp6cscript .= "dmips=\$(cat \"/tmp/{$wanif}_domain_name_servers\")\n"; + $dhcp6cscript .= "dmnames=\$(cat \"/tmp/{$wanif}_new_domain_name\")\n"; + } $dhcp6cscript .= "/usr/local/sbin/fcgicli -f /etc/rc.newwanipv6 -d \"interface={$wanif}&dmnames=\${dmnames}&dmips=\${dmips}\"\n"; /* Add wide-dhcp6c shell script here. Because we can not pass a argument to it. */ if (!@file_put_contents("{$g['varetc_path']}/dhcp6c_{$interface}_script.sh", $dhcp6cscript)) { @@ -3982,6 +4078,9 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { unset($dhcp6cscript); @chmod("{$g['varetc_path']}/dhcp6c_{$interface}_script.sh", 0755); + $debugOption = isset($wancfg['dhcp6debug']) ? "-D" : "-d"; + $noreleaseOption = isset($wancfg['dhcp6norelease']) ? "-n" : ""; + $rtsoldscript = "#!/bin/sh\n"; $rtsoldscript .= "# This shell script launches dhcp6c and configured gateways for this interface.\n"; $rtsoldscript .= "echo $2 > {$g['tmp_path']}/{$wanif}_routerv6\n"; @@ -3990,23 +4089,41 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { /* non ipoe Process */ if (!isset($wancfg['dhcp6withoutra'])) { - $rtsoldscript .= "if [ -f {$g['varrun_path']}/dhcp6c_{$wanif}.pid ]; then\n"; - $rtsoldscript .= "\t/bin/pkill -F {$g['varrun_path']}/dhcp6c_{$wanif}.pid\n"; - $rtsoldscript .= "\t/bin/sleep 1\n"; + /* + * We only want this script to run once, and if it runs twice + * then do not launch dhcp6c again, this only happens if + * dhcpwithoutra is not set. + * + * Check for a lock file, trying to prevent multiple instances + * of dhcp6c being launched + */ + $rtsoldscript .= "if [ ! -f /tmp/dhcp6c_{$wanif}_lock ]; then\n"; + $rtsoldscript .= "\tif [ -f {$g['varrun_path']}/dhcp6c_{$wanif}.pid ]; then\n"; + $rtsoldscript .= "\t\t/bin/pkill -F {$g['varrun_path']}/dhcp6c_{$wanif}.pid\n"; + $rtsoldscript .= "\t\t/bin/rm -f {$g['varrun_path']}/dhcp6c_{$wanif}.pid\n"; + $rtsoldscript .= "\t\t/bin/sleep 1\n"; + $rtsoldscript .= "\tfi\n"; + /* + * Create the lock file, trying to prevent multiple instances + * of dhcp6c being launched + */ + $rtsoldscript .= "\t/usr/bin/touch /tmp/dhcp6c_{$wanif}_lock\n"; + $rtsoldscript .= "\t/usr/local/sbin/dhcp6c {$debugOption} " . + "{$noreleaseOption} -c {$g['varetc_path']}/dhcp6c_{$interface}.conf " . + "-p {$g['varrun_path']}/dhcp6c_{$wanif}.pid {$wanif}\n"; + $rtsoldscript .= "\t/usr/bin/logger -t rtsold \"Starting dhcp6 client for interface {$interface}({$wanif})\"\n"; + $rtsoldscript .= "else\n"; + $rtsoldscript .= "\t/usr/bin/logger -t rtsold \"RTSOLD Lock in place\"\n"; $rtsoldscript .= "fi\n"; } else { + /* + * The script needs to run in dhcp6withoutra mode as RA may + * not have been received, or there can be a delay with + * certain ISPs + */ $rtsoldscript .= "{$g['varetc_path']}/dhcp6c_{$interface}_script.sh\n"; $rtsoldscript .= "/bin/sleep 1\n"; } - $debugOption = isset($wancfg['dhcp6debug']) ? "-D" : "-d"; - $noreleaseOption = isset($wancfg['dhcp6norelease']) ? "-n" : ""; - - - /* add the start of dhcp6c to the rtsold script if we are going to wait for ra */ - if (!isset($wancfg['dhcp6withoutra'])) { - $rtsoldscript .= "/usr/local/sbin/dhcp6c {$debugOption} {$noreleaseOption} -c {$g['varetc_path']}/dhcp6c_{$interface}.conf -p {$g['varrun_path']}/dhcp6c_{$wanif}.pid {$wanif}\n"; - $rtsoldscript .= "/usr/bin/logger -t rtsold \"Starting dhcp6 client for interface {$interface}({$wanif})\"\n"; - } /* Add wide-dhcp6c shell script here. Because we can not pass a argument to it. */ if (!@file_put_contents("{$g['varetc_path']}/rtsold_{$wanif}_script.sh", $rtsoldscript)) { printf("Error: cannot open rtsold_{$wanif}_script.sh in interface_dhcpv6_configure() for writing.\n"); @@ -4020,22 +4137,47 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { log_error("Accept router advertisements on interface {$wanif} "); mwexec("/sbin/ifconfig {$wanif} inet6 accept_rtadv"); - /* fire up rtsold for IPv6 RAs first, this backgrounds immediately. It will call dhcp6c */ if (isvalidpid("{$g['varrun_path']}/rtsold_{$wanif}.pid")) { killbypid("{$g['varrun_path']}/rtsold_{$wanif}.pid"); sleep(2); } - /* start dhcp6c here if we don't want to wait for ra */ if (isset($wancfg['dhcp6withoutra'])) { - kill_dhcp6client_process($wanif); - - mwexec("/usr/local/sbin/dhcp6c {$debugOption} {$noreleaseOption} -c {$g['varetc_path']}/dhcp6c_wan.conf -p {$g['varrun_path']}/dhcp6c_{$wanif}.pid {$wanif}"); - mwexec("/usr/bin/logger -t info 'Starting dhcp6 client for interface wan({$wanif} in DHCP6 without RA mode)'"); + /* + * Start dhcp6c here if we don't want to wait for ra - calls + * seperate function + * + * In this mode dhcp6c launches rtsold via its script. RTSOLD + * will then run the configure on receipt of the RA. + * + * Already started. interface_dhcpv6_configure() appears to get + * called multiple times. + * + * Taking the interface down or releasing will kill the client. + */ + if (!file_exists("/tmp/dhcp6c_{$wanif}_lock")) + { + /* + * If the interface is being brought up, wait for the + * interface to configure accept RA before launching. + * Otherwise it is not ready to accept and will fail. + */ + sleep(3); + run_dhcp6client_process($wanif,$wancfg); + } + } else { + /* + * Fire up rtsold for IPv6 RAs, this backgrounds immediately + * ( it does not background, it exits! ) It will launch dhcp6c + * if dhcpwihtoutra is not set + */ + mwexec("/usr/sbin/rtsold -1 " . + "-p {$g['varrun_path']}/rtsold_{$wanif}.pid " . + "-O {$g['varetc_path']}/rtsold_{$wanif}_script.sh " . + $wanif); } - mwexec("/usr/sbin/rtsold -1 -p {$g['varrun_path']}/rtsold_{$wanif}.pid -O {$g['varetc_path']}/rtsold_{$wanif}_script.sh {$wanif}"); - - /* NOTE: will be called from rtsold invoked script + /* + * NOTE: will be called from rtsold invoked script * link_interface_to_track6($interface, "update"); */ diff --git a/src/usr/local/www/firewall_nat_edit.php b/src/usr/local/www/firewall_nat_edit.php index b4ba61a..34e790e 100644 --- a/src/usr/local/www/firewall_nat_edit.php +++ b/src/usr/local/www/firewall_nat_edit.php @@ -1072,49 +1072,14 @@ events.push(function() { function check_for_aliases() { // if External port range is an alias, then disallow // entry of Local port - // for (i = 0; i < customarray.length; i++) { - if ($('#dstbeginport_cust').val() == customarray[i]) { + if (($('#dstbeginport_cust').val() == customarray[i]) || ($('#dstendport_cust').val() == customarray[i])) { $('#dstendport_cust').val(customarray[i]); $('#localbeginport_cust').val(customarray[i]); - disableInput('dstendport_cust', true); - disableInput('localbeginport', true); - disableInput('localbeginport_cust', true); disableInput('dstendport_cust', false); disableInput('localbeginport', false); disableInput('localbeginport_cust', false); } - if ($('#dstbeginport').val() == customarray[i]) { - $('#dstendport_cust').val(customarray[i]); - $('#localbeginport_cust').val(customarray[i]); - disableInput('dstendport_cust', true); - disableInput('localbeginport', true); - disableInput('localbeginport_cust', true); - disableInput('dstendport_cust', false); - disableInput('localbeginport', false); - disableInput('localbeginport_cust', false); - } - if ($('#dstendport_cust').val() == customarray[i]) { - $('#dstendport_cust').val(customarray[i]); - $('#localbeginport_cust').val(customarray[i]); - disableInput('dstendport_cust', true); - disableInput('localbeginport', true); - disableInput('localbeginport_cust', true); - disableInput('dstendport_cust', false); - disableInput('localbeginport', false); - disableInput('localbeginport_cust', false); - } - if ($('#dstendport').val() == customarray[i]) { - $('#dstendport_cust').val(customarray[i]); - $('#localbeginport_cust').val(customarray[i]); - disableInput('dstendport_cust', true); - disableInput('localbeginport', true); - disableInput('localbeginport_cust', true); - disableInput('dstendport_cust', false); - disableInput('localbeginport', false); - disableInput('localbeginport_cust', false); - } - } } diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php index 188d8dc..55b6aef 100644 --- a/src/usr/local/www/firewall_rules.php +++ b/src/usr/local/www/firewall_rules.php @@ -174,12 +174,9 @@ if ($_POST) { if ($_POST['apply']) { $retval = 0; - $retval = filter_configure(); + $retval |= filter_configure(); clear_subsystem_dirty('filter'); - - $savemsg = sprintf(gettext("The settings have been applied. The firewall rules are now reloading in the background.<br />%s Monitor %s the reload progress."), - "<a href='status_filter_reload.php'>", "</a>"); } } @@ -331,6 +328,10 @@ if ($savemsg) { print_info_box($savemsg, 'success'); } +if ($_POST['apply']) { + print_apply_result_box($retval); +} + if (is_subsystem_dirty('filter')) { print_apply_box(gettext("The firewall rule configuration has been changed.") . "<br />" . gettext("The changes must be applied for them to take effect.")); } diff --git a/src/usr/local/www/guiconfig.inc b/src/usr/local/www/guiconfig.inc index 3b3c1c4..2163dc2 100644 --- a/src/usr/local/www/guiconfig.inc +++ b/src/usr/local/www/guiconfig.inc @@ -379,7 +379,7 @@ function print_callout($msg, $class = 'info', $heading = '') { function get_std_save_message($retval) { $filter_related = false; - $filter_pages = array("nat", "filter"); + $filter_pages = array("firewall_aliases", "firewall_nat", "firewall_rules", "status_logs_filter"); if ($retval === 0) { // 0 is success $to_return = gettext("The changes have been applied successfully."); @@ -393,7 +393,8 @@ function get_std_save_message($retval) { } } if ($filter_related) { - $to_return .= "<br />" . gettext("<a href=\"status_filter_reload.php\">Monitor</a> the filter reload progress."); + $to_return .= " " . gettext("The firewall rules are now reloading in the background.") . "<br />" . + sprintf(gettext("%sMonitor%s the filter reload progress."), "<a href='status_filter_reload.php'>", "</a>"); } return $to_return; } diff --git a/src/usr/local/www/js/pfSenseHelpers.js b/src/usr/local/www/js/pfSenseHelpers.js index 1dff7fa..49c9415 100644 --- a/src/usr/local/www/js/pfSenseHelpers.js +++ b/src/usr/local/www/js/pfSenseHelpers.js @@ -292,6 +292,15 @@ function add_row() { // Find the last repeatable group var lastRepeatableGroup = $('.repeatable:last'); + // If the number of repeats exceeds the maximum, do not add another clone + if ($('.repeatable').length >= lastRepeatableGroup.attr('max_repeats')) { + // Alert user if alert message is specified + if (typeof lastRepeatableGroup.attr('max_repeats_alert') !== 'undefined') { + alert(lastRepeatableGroup.attr('max_repeats_alert')); + } + return; + } + // Clone it var newGroup = lastRepeatableGroup.clone(); diff --git a/src/usr/local/www/services_captiveportal.php b/src/usr/local/www/services_captiveportal.php index 912e3d0..54db037 100644 --- a/src/usr/local/www/services_captiveportal.php +++ b/src/usr/local/www/services_captiveportal.php @@ -212,8 +212,8 @@ if ($_POST) { /* input validation */ if ($_POST['enable']) { - $reqdfields = explode(" ", "zone cinterface"); - $reqdfieldsn = array(gettext("Zone name"), gettext("Interface")); + $reqdfields = explode(" ", "zone cinterface auth_method"); + $reqdfieldsn = array(gettext("Zone name"), gettext("Interface"), gettext("Authentication method")); if (isset($_POST['auth_method']) && $_POST['auth_method'] == "radius") { $reqdfields[] = "radius_protocol"; @@ -240,6 +240,10 @@ if ($_POST) { } } + if ($_POST['auth_method'] && !in_array($_POST['auth_method'], array('none', 'local', 'radius'))) { + $input_errors[] = sprintf(gettext("Authentication method %s is invalid."), $_POST['auth_method']); + } + if ($_POST['httpslogin_enable']) { if (!$_POST['certref']) { $input_errors[] = gettext("Certificate must be specified for HTTPS login."); @@ -536,7 +540,7 @@ $section->addInput(new Form_Checkbox( $section->addInput(new Form_Select( 'cinterface', - 'Interfaces', + '*Interfaces', explode(",", $pconfig['cinterface']), get_configured_interface_with_descr(), true @@ -682,7 +686,7 @@ $form->add($section); $section = new Form_Section('Authentication'); $section->addClass('Authentication'); -$group = new Form_Group('Authentication method'); +$group = new Form_Group('*Authentication method'); $group->add(new Form_Checkbox( 'auth_method', @@ -717,7 +721,7 @@ $section->addInput(new Form_Checkbox( $pconfig['localauth_priv'] )); -$group = new Form_Group('RADIUS protocol'); +$group = new Form_Group('*RADIUS protocol'); $group->addClass("radiusproto"); $group->add(new Form_Checkbox( @@ -759,7 +763,7 @@ $form->add($section); $section = new Form_Section('Primary Authentication Source'); $section->addClass('Primary'); -$group = new Form_Group('Primary RADIUS server'); +$group = new Form_Group('*Primary RADIUS server'); $group->add(new Form_IpAddress( 'radiusip', @@ -1017,7 +1021,7 @@ $section->addInput(new Form_Checkbox( $section->addInput(new Form_Input( 'httpsname', - 'HTTPS server name', + '*HTTPS server name', 'text', $pconfig['httpsname'] ))->setHelp('This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in the certificate ' . @@ -1026,7 +1030,7 @@ $section->addInput(new Form_Input( $section->addInput(new Form_Select( 'certref', - 'SSL Certificate', + '*SSL Certificate', $pconfig['certref'], build_cert_list() ))->setHelp('If no certificates are defined, one may be defined here: ' . '<a href="system_certmanager.php">System > Cert. Manager</a>'); @@ -1036,7 +1040,7 @@ $section->addInput(new Form_Checkbox( 'HTTPS Forwards', 'Disable HTTPS Forwards', $pconfig['nohttpsforwards'] -))->setHelp('If this option is set, attempts to connect to SSL/HTTPS (Port 443) sites will not be forwarded to the captive portal' . +))->setHelp('If this option is set, attempts to connect to SSL/HTTPS (Port 443) sites will not be forwarded to the captive portal. ' . 'This prevents certificate errors from being presented to the user even if HTTPS logins are enabled. ' . 'Users must attempt a connecton to an HTTP (Port 80) site to get forwarded to the captive portal. ' . 'If HTTPS logins are enabled, the user will be redirected to the HTTPS login page.'); diff --git a/src/usr/local/www/services_captiveportal_hostname_edit.php b/src/usr/local/www/services_captiveportal_hostname_edit.php index dbf3e25..28a3de7 100644 --- a/src/usr/local/www/services_captiveportal_hostname_edit.php +++ b/src/usr/local/www/services_captiveportal_hostname_edit.php @@ -174,7 +174,7 @@ $section = new Form_Section('Captive Portal Hostname Settings'); $section->addInput(new Form_Select( 'dir', - 'Direction', + '*Direction', strtolower($pconfig['dir']), build_dir_list() ))->setHelp('Use "From" to always allow a Hostname through the captive portal (without authentication). ' . @@ -182,7 +182,7 @@ $section->addInput(new Form_Select( $section->addInput(new Form_Input( 'hostname', - 'Hostname', + '*Hostname', 'text', $pconfig['hostname'] )); diff --git a/src/usr/local/www/services_captiveportal_ip_edit.php b/src/usr/local/www/services_captiveportal_ip_edit.php index 4e398db..9bf83d6 100644 --- a/src/usr/local/www/services_captiveportal_ip_edit.php +++ b/src/usr/local/www/services_captiveportal_ip_edit.php @@ -221,7 +221,7 @@ $section = new Form_Section('Edit Captive Portal IP Rule'); $section->addInput(new Form_IpAddress( 'ip', - 'IP Address', + '*IP Address', $pconfig['ip'] ))->addMask(sn, $pconfig['sn'], 32); @@ -234,7 +234,7 @@ $section->addInput(new Form_Input( $section->addInput(new Form_Select( 'dir', - 'Direction', + '*Direction', strtolower($pconfig['dir']), build_dir_list() ))->setHelp('Use "From" to always allow access to an address through the captive portal (without authentication). ' . diff --git a/src/usr/local/www/services_captiveportal_mac_edit.php b/src/usr/local/www/services_captiveportal_mac_edit.php index 50e45d7..4cd30a3 100644 --- a/src/usr/local/www/services_captiveportal_mac_edit.php +++ b/src/usr/local/www/services_captiveportal_mac_edit.php @@ -200,7 +200,7 @@ $section = new Form_Section('Edit MAC Address Rules'); $section->addInput(new Form_Select( 'action', - 'Action', + '*Action', strtolower($pconfig['action']), array('pass' => gettext('Pass'), 'block' => gettext('Block')) ))->setHelp('Choose what to do with packets coming from this MAC address.'); @@ -222,7 +222,7 @@ $btnmymac = new Form_Button( $btnmymac->setAttribute('type','button')->removeClass('btn-primary')->addClass('btn-success btn-sm'); -$group = new Form_Group('MAC Address'); +$group = new Form_Group('*MAC Address'); $group->add($macaddress); $group->add($btnmymac); $group->setHelp('6 hex octets separated by colons'); diff --git a/src/usr/local/www/services_captiveportal_vouchers_edit.php b/src/usr/local/www/services_captiveportal_vouchers_edit.php index 100cc78..87afc48 100644 --- a/src/usr/local/www/services_captiveportal_vouchers_edit.php +++ b/src/usr/local/www/services_captiveportal_vouchers_edit.php @@ -89,7 +89,7 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "number count minutes"); - $reqdfieldsn = array(gettext("Number"), gettext("Count"), gettext("minutes")); + $reqdfieldsn = array(gettext("Roll #"), gettext("Count"), gettext("Minutes per ticket")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); @@ -182,21 +182,21 @@ $section = new Form_Section('Voucher Rolls'); $section->addInput(new Form_Input( 'number', - 'Roll #', + '*Roll #', 'text', $pconfig['number'] ))->setHelp('Enter the Roll# (0..%d) found on top of the generated/printed vouchers', [$maxnumber]); $section->addInput(new Form_Input( 'minutes', - 'Minutes per ticket', + '*Minutes per ticket', 'text', $pconfig['minutes'] ))->setHelp('Defines the time in minutes that a user is allowed access. The clock starts ticking the first time a voucher is used for authentication.'); $section->addInput(new Form_Input( 'count', - 'Count', + '*Count', 'text', $pconfig['count'] ))->setHelp('Enter the number of vouchers (1..%d) found on top of the generated/printed vouchers. WARNING: Changing this number for an existing Roll will mark all vouchers as unused again', [$maxcount]); diff --git a/src/usr/local/www/services_captiveportal_zones_edit.php b/src/usr/local/www/services_captiveportal_zones_edit.php index 2aa2dfe..2d71251 100644 --- a/src/usr/local/www/services_captiveportal_zones_edit.php +++ b/src/usr/local/www/services_captiveportal_zones_edit.php @@ -87,7 +87,7 @@ $section = new Form_Section('Add Captive Portal Zone'); $section->addInput(new Form_Input( 'zone', - 'Zone name' + '*Zone name' ))->setPattern('^[A-Za-z_][0-9A-Za-z_]+')->setHelp('Zone name. Can only contain letters, digits, and underscores (_) and may not start with a digit.'); $section->addInput(new Form_Input( diff --git a/src/usr/local/www/services_dhcpv6_edit.php b/src/usr/local/www/services_dhcpv6_edit.php index 1c3b0bb..e2947c3 100644 --- a/src/usr/local/www/services_dhcpv6_edit.php +++ b/src/usr/local/www/services_dhcpv6_edit.php @@ -199,7 +199,7 @@ if (!empty($if) && isset($iflist[$if])) { $ifname = $iflist[$if]; } $pgtitle = array(gettext("Services"), htmlspecialchars(gettext("DHCPv6 Server & RA")), $ifname, gettext("DHCPv6 Server"), gettext("Edit Static Mapping")); -$pglinks = array("", "services_dhcp.php", "services_dhcp.php?if={$if}", "services_dhcp.php?if={$if}", "@self"); +$pglinks = array("", "services_dhcpv6.php", "services_dhcpv6.php?if={$if}", "services_dhcpv6.php?if={$if}", "@self"); $shortcut_section = "dhcp6"; include("head.inc"); diff --git a/src/usr/local/www/services_ntpd.php b/src/usr/local/www/services_ntpd.php index ad25b1a..9c40909 100644 --- a/src/usr/local/www/services_ntpd.php +++ b/src/usr/local/www/services_ntpd.php @@ -228,6 +228,8 @@ $auto_pool_suffix = "pool.ntp.org"; for ($counter=0; $counter < $maxrows; $counter++) { $group = new Form_Group($counter == 0 ? 'Time Servers':''); $group->addClass('repeatable'); + $group->setAttribute('max_repeats', NUMTIMESERVERS); + $group->setAttribute('max_repeats_alert', sprintf(gettext('%d is the maximum number of configured servers.'), NUMTIMESERVERS)); $group->add(new Form_Input( 'server' . $counter, diff --git a/src/usr/local/www/services_ntpd_gps.php b/src/usr/local/www/services_ntpd_gps.php index b89a548..4c5bc8c 100644 --- a/src/usr/local/www/services_ntpd_gps.php +++ b/src/usr/local/www/services_ntpd_gps.php @@ -122,6 +122,30 @@ function parse_initcmd(&$nmeaset, $initcmd) { } } +function NMEAChecksum($cmd) { + $checksum = 0; + for ($i=0; $i<strlen($cmd); $i++) { + $checksum = ($checksum ^ ord($cmd[$i])); + } + return strtoupper(str_pad(dechex($checksum), 2, '0', STR_PAD_LEFT)); +} + +function autocorrect_initcmd($initcmd) { + $cmds = ''; + $split_initcmd = preg_split('/[\s]+/', $initcmd); + foreach ($split_initcmd as $line) { + if (!strlen($line)) { + continue; + } + $begin = ($line[0] == '$') ? 1 : 0; + $astpos = strrpos($line, '*'); + $end = ($astpos !== false) ? $astpos : strlen($line); + $trimline = substr($line, $begin, $end-$begin); + $cmds = $cmds . '$' . $trimline . '*' . NMEAChecksum($trimline) . "\r\n"; + } + return $cmds; +} + if ($_POST) { unset($input_errors); @@ -222,9 +246,19 @@ if ($_POST) { unset($config['ntpd']['gps']['extstatus']); } + if (!empty($_POST['autocorrect_initcmd'])) { + $config['ntpd']['gps']['autocorrect_initcmd'] = $_POST['autocorrect_initcmd']; + } elseif (isset($config['ntpd']['gps']['autocorrect_initcmd'])) { + unset($config['ntpd']['gps']['autocorrect_initcmd']); + } + if (!empty($_POST['gpsinitcmd'])) { - $config['ntpd']['gps']['initcmd'] = base64_encode($_POST['gpsinitcmd']); - parse_initcmd($config['ntpd']['gps']['nmeaset'], $_POST['gpsinitcmd']); + $initcmd = $_POST['gpsinitcmd']; + if ($config['ntpd']['gps']['autocorrect_initcmd']) { + $initcmd = autocorrect_initcmd($initcmd); + } + $config['ntpd']['gps']['initcmd'] = base64_encode($initcmd); + parse_initcmd($config['ntpd']['gps']['nmeaset'], $initcmd); } elseif (isset($config['ntpd']['gps']['initcmd'])) { unset($config['ntpd']['gps']['initcmd']); unset($config['ntpd']['gps']['nmeaset']); @@ -449,6 +483,13 @@ $section->addInput(new Form_Textarea( base64_decode($pconfig['initcmd']) ))->setHelp('Commands entered here will be sent to the GPS during initialization. Please read and understand the GPS documentation before making any changes here.'); +$section->addInput(new Form_Checkbox( + 'autocorrect_initcmd', + null, + 'Auto correct malformed initialization commands. (default: unchecked).', + $pconfig['autocorrect_initcmd'] +))->setHelp('Calculates and appends checksum and missing special characters "$" and "*". May not work with some GPS models.'); + $group = new Form_Group('NMEA Checksum Calculator'); $group->add(new Form_Input( @@ -595,6 +636,7 @@ events.push(function() { $('#gpsflag4').prop('checked', false); $('#gpssubsec').prop('checked', false); $('#extstatus').prop('checked', true); + $('#autocorrect_initcmd').prop('checked', false); } // Show advanced GPS options ============================================== @@ -618,6 +660,7 @@ events.push(function() { } hideInput('gpsinitcmd', !showadvgps); + hideInput('autocorrect_initcmd', !showadvgps); hideClass('calculator', !showadvgps); if (showadvgps) { diff --git a/src/usr/local/www/services_pppoe_edit.php b/src/usr/local/www/services_pppoe_edit.php index ebc3093..c58b9e5 100644 --- a/src/usr/local/www/services_pppoe_edit.php +++ b/src/usr/local/www/services_pppoe_edit.php @@ -131,7 +131,7 @@ if ($_POST) { $input_errors[] = gettext("User Max Logins must be between 1 and 255"); } if (!is_numericint($_POST['pppoe_subnet']) || $_POST['pppoe_subnet'] > 32) { - $input_errors[] = gettext("Subnet mask must be an interger between 0 and 32"); + $input_errors[] = gettext("Subnet mask must be an integer between 0 and 32"); } $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['pppoe_subnet']); |