diff options
89 files changed, 6116 insertions, 5782 deletions
diff --git a/conf.default/config.xml b/conf.default/config.xml index e6387ee..5c61aa7 100644 --- a/conf.default/config.xml +++ b/conf.default/config.xml @@ -1,7 +1,7 @@ <?xml version="1.0"?> <!-- pfSense default system configuration --> <pfsense> - <version>6.1</version> + <version>6.8</version> <lastchange></lastchange> <theme>pfsense_ng</theme> <sysctl> diff --git a/etc/devd.conf b/etc/devd.conf index da1f611..647de43 100644 --- a/etc/devd.conf +++ b/etc/devd.conf @@ -30,7 +30,7 @@ notify 100 { #notify 0 { # match "type" "LINK_DOWN"; # media-type "ethernet"; -# action "/bin/echo -n '$subsystem stop ' >>/tmp/rc.linkup"; +# action "/usr/local/sbin/pfSctl -c 'interface linkup stop $subsystem'"; #}; # When a USB keyboard arrives, attach it as the console keyboard. @@ -54,7 +54,7 @@ notify 0 { match "system" "IFNET"; match "type" "LINK_UP"; media-type "ethernet"; - action "/bin/echo -n '$subsystem start ' >>/tmp/rc.linkup"; + action "/usr/local/sbin/pfSctl -c 'interface linkup start $subsystem'"; }; # Notify all users before beginning emergency shutdown when we get diff --git a/etc/inc/IPv6.inc b/etc/inc/IPv6.inc index 0ead7a7..8896ef6 100644 --- a/etc/inc/IPv6.inc +++ b/etc/inc/IPv6.inc @@ -1,922 +1,922 @@ -<?php
-
-/*
- pfSense_MODULE: utils
-*/
-
-/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
-
-/**
- * This file contains the implementation of the Net_IPv6 class
- *
- * PHP versions 4 and 5
- *
- * LICENSE: This source file is subject to the New BSD license, that is
- * available through the world-wide-web at
- * http://www.opensource.org/licenses/bsd-license.php
- * If you did not receive a copy of the new BSDlicense and are unable
- * to obtain it through the world-wide-web, please send a note to
- * license@php.net so we can mail you a copy immediately
- *
- * @category Net
- * @package Net_IPv6
- * @author Alexander Merz <alexander.merz@web.de>
- * @copyright 2003-2005 The PHP Group
- * @license http://www.opensource.org/licenses/bsd-license.php
- * @version CVS: $Id: IPv6.inc,v 1.2 2008/11/26 03:54:43 sumacob Exp $
- * @link http://pear.php.net/package/Net_IPv6
- */
-
-// {{{ constants
-
-/**
- * Error message if netmask bits was not found
- * @see isInNetmask
- */
-define("NET_IPV6_NO_NETMASK_MSG", "Netmask length not found");
-
-/**
- * Error code if netmask bits was not found
- * @see isInNetmask
- */
-define("NET_IPV6_NO_NETMASK", 10);
-
-/**
- * Address Type: Unassigned (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_UNASSIGNED", 1);
-
-/**
- * Address Type: Reserved (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_RESERVED", 11);
-
-/**
- * Address Type: Reserved for NSAP Allocation (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_RESERVED_NSAP", 12);
-
-/**
- * Address Type: Reserved for IPX Allocation (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_RESERVED_IPX", 13);
-
-/**
- * Address Type: Reserved for Geographic-Based Unicast Addresses
- * (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_RESERVED_UNICAST_GEOGRAPHIC", 14);
-
-/**
- * Address Type: Provider-Based Unicast Address (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_UNICAST_PROVIDER", 22);
-
-/**
- * Address Type: Multicast Addresses (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_MULTICAST", 31);
-
-/**
- * Address Type: Link Local Use Addresses (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_LOCAL_LINK", 42);
-
-/**
- * Address Type: Link Local Use Addresses (RFC 1884, Section 2.3)
- * @see getAddressType()
- */
-define("NET_IPV6_LOCAL_SITE", 43);
-
-/**
- * Address Type: address can not assigned to a specific type
- * @see getAddressType()
- */
-define("NET_IPV6_UNKNOWN_TYPE", 1001);
-
-// }}}
-// {{{ Net_IPv6
-
-/**
- * Class to validate and to work with IPv6 addresses.
- *
- * @category Net
- * @package Net_IPv6
- * @copyright 2003-2005 The PHP Group
- * @license http://www.opensource.org/licenses/bsd-license.php
- * @version $Release$
- * @link http://pear.php.net/package/Net_IPv6
- * @author Alexander Merz <alexander.merz@web.de>
- * @author <elfrink at introweb dot nl>
- * @author Josh Peck <jmp at joshpeck dot org>
- */
-class Net_IPv6 {
-
- // {{{ removeNetmaskBits()
-
- /**
- * Removes a possible existing netmask specification at an IP addresse.
- *
- * @param String $ip the (compressed) IP as Hex representation
- *
- * @return String the IP without netmask length
- * @since 1.1.0
- * @access public
- * @static
- */
- function removeNetmaskSpec($ip)
- {
- $addr = $ip;
-
- if (false !== strpos($ip, '/')) {
-
- $elements = explode('/', $ip);
-
- if (2 == count($elements)) {
-
- $addr = $elements[0];
-
- }
-
- }
-
- return $addr;
- }
-
- /**
- * Returns a possible existing netmask specification at an IP addresse.
- *
- * @param String $ip the (compressed) IP as Hex representation
- *
- * @return String the netmask spec
- * @since 1.1.0
- * @access public
- * @static
- */
- function getNetmaskSpec($ip)
- {
- $spec = '';
-
- if (false !== strpos($ip, '/')) {
-
- $elements = explode('/', $ip);
-
- if (2 == count($elements)) {
-
- $spec = $elements[1];
-
- }
-
- }
-
- return $spec;
- }
-
- // }}}
- // {{{ getNetmask()
-
- /**
- * Calculates the network prefix based on the netmask bits.
- *
- * @param String $ip the (compressed) IP in Hex format
- * @param int $bits if the number of netmask bits is not part of the IP
- * you must provide the number of bits
- *
- * @return String the network prefix
- * @since 1.1.0
- * @access public
- * @static
- */
- function getNetmask($ip, $bits = null)
- {
- if (null==$bits) {
-
- $elements = explode('/', $ip);
-
- if (2 == count($elements)) {
-
- $addr = $elements[0];
- $bits = $elements[1];
-
- } else {
-
- include_once 'PEAR.inc';
-
- return PEAR::raiseError(NET_IPV6_NO_NETMASK_MSG,
- NET_IPV6_NO_NETMASK);
- }
-
- } else {
-
- $addr = $ip;
-
- }
-
- $addr = Net_IPv6::uncompress($addr);
- $binNetmask = str_repeat('1', $bits).str_repeat('0', 128 - $bits);
-
- return Net_IPv6::_bin2Ip(Net_IPv6::_ip2Bin($addr) & $binNetmask);
- }
-
- // }}}
- // {{{ isInNetmask()
-
- /**
- * Checks if an (compressed) IP is in a specific address space.
- *
- * IF the IP does not contains the number of netmask bits (F8000::FFFF/16)
- * then you have to use the $bits parameter.
- *
- * @param String $ip the IP to check (eg. F800::FFFF)
- * @param String $netmask the netmask (eg F800::)
- * @param int $bits the number of netmask bits to compare,
- * if not given in $ip
- *
- * @return boolean true if $ip is in the netmask
- * @since 1.1.0
- * @access public
- * @static
- */
- function isInNetmask($ip, $netmask, $bits=null)
- {
- // try to get the bit count
-
- if (null == $bits) {
-
- $elements = explode('/', $ip);
-
- if (2 == count($elements)) {
-
- $ip = $elements[0];
- $bits = $elements[1];
-
- } else if (null == $bits) {
-
- $elements = explode('/', $netmask);
-
- if (2 == count($elements)) {
-
- $netmask = $elements[0];
- $bits = $elements[1];
-
- }
-
- if (null == $bits) {
-
- include_once 'PEAR.inc';
- return PEAR::raiseError(NET_IPV6_NO_NETMASK_MSG,
- NET_IPV6_NO_NETMASK);
-
- }
-
- }
-
- }
-
- $binIp = Net_IPv6::_ip2Bin(Net_IPv6::removeNetmaskSpec($ip));
- $binNetmask = Net_IPv6::_ip2Bin(Net_IPv6::removeNetmaskSpec($netmask));
-
- if (null != $bits
- && "" != $bits
- && 0 == strncmp( $binNetmask, $binIp, $bits)) {
-
- return true;
-
- }
-
- return false;
- }
-
- // }}}
- // {{{ getAddressType()
-
- /**
- * Returns the type of an IPv6 address.
- *
- * RFC 1883, Section 2.3 describes several types of addresses in
- * the IPv6 addresse space.
- * Several addresse types are markers for reserved spaces and as
- * consequence a subject to change.
- *
- * @param String $ip the IP address in Hex format,
- * compressed IPs are allowed
- *
- * @return int one of the addresse type constants
- * @access public
- * @since 1.1.0
- * @static
- *
- * @see NET_IPV6_UNASSIGNED
- * @see NET_IPV6_RESERVED
- * @see NET_IPV6_RESERVED_NSAP
- * @see NET_IPV6_RESERVED_IPX
- * @see NET_IPV6_RESERVED_UNICAST_GEOGRAPHIC
- * @see NET_IPV6_UNICAST_PROVIDER
- * @see NET_IPV6_MULTICAST
- * @see NET_IPV6_LOCAL_LINK
- * @see NET_IPV6_LOCAL_SITE
- * @see NET_IPV6_UNKNOWN_TYPE
- */
- function getAddressType($ip)
- {
- $ip = Net_IPv6::removeNetmaskSpec($ip);
- $binip = Net_IPv6::_ip2Bin($ip);
-
- if (0 == strncmp('1111111010', $binip, 10)) {
-
- return NET_IPV6_LOCAL_LINK;
-
- } else if (0 == strncmp('1111111011', $binip, 10)) {
-
- return NET_IPV6_LOCAL_SITE;
-
- } else if (0 == strncmp('111111100', $binip, 9)) {
-
- return NET_IPV6_UNASSIGNED;
-
- } else if (0 == strncmp('11111111', $binip, 8)) {
-
- return NET_IPV6_MULTICAST;
-
- } else if (0 == strncmp('00000000', $binip, 8)) {
-
- return NET_IPV6_RESERVED;
-
- } else if (0 == strncmp('00000001', $binip, 8)
- || 0 == strncmp('1111110', $binip, 7)) {
-
- return NET_IPV6_UNASSIGNED;
-
- } else if (0 == strncmp('0000001', $binip, 7)) {
-
- return NET_IPV6_RESERVED_NSAP;
-
- } else if (0 == strncmp('0000010', $binip, 7)) {
-
- return NET_IPV6_RESERVED_IPX;;
-
- } else if (0 == strncmp('0000011', $binip, 7) ||
- 0 == strncmp('111110', $binip, 6) ||
- 0 == strncmp('11110', $binip, 5) ||
- 0 == strncmp('00001', $binip, 5) ||
- 0 == strncmp('1110', $binip, 4) ||
- 0 == strncmp('0001', $binip, 4) ||
- 0 == strncmp('001', $binip, 3) ||
- 0 == strncmp('011', $binip, 3) ||
- 0 == strncmp('101', $binip, 3) ||
- 0 == strncmp('110', $binip, 3)) {
-
- return NET_IPV6_UNASSIGNED;
-
- } else if (0 == strncmp('010', $binip, 3)) {
-
- return NET_IPV6_UNICAST_PROVIDER;
-
- } else if (0 == strncmp('100', $binip, 3)) {
-
- return NET_IPV6_RESERVED_UNICAST_GEOGRAPHIC;
-
- }
-
- return NET_IPV6_UNKNOWN_TYPE;
- }
-
- // }}}
- // {{{ Uncompress()
-
- /**
- * Uncompresses an IPv6 adress
- *
- * RFC 2373 allows you to compress zeros in an adress to '::'. This
- * function expects an valid IPv6 adress and expands the '::' to
- * the required zeros.
- *
- * Example: FF01::101 -> FF01:0:0:0:0:0:0:101
- * ::1 -> 0:0:0:0:0:0:0:1
- *
- * @access public
- * @see Compress()
- * @static
- * @param string $ip a valid IPv6-adress (hex format)
- * @return string the uncompressed IPv6-adress (hex format)
- */
- function uncompress($ip)
- {
-
- $prefix = Net_IPv6::getPrefixLength($ip);
-
- if (false === $prefix) {
-
- $prefix = '';
-
- } else {
-
- $ip = Net_IPv6::removePrefixLength($ip);
- $prefix = '/'.$prefix;
-
- }
-
- $netmask = Net_IPv6::getNetmaskSpec($ip);
- $uip = Net_IPv6::removeNetmaskSpec($ip);
-
- $c1 = -1;
- $c2 = -1;
-
- if (false !== strpos($uip, '::') ) {
-
- list($ip1, $ip2) = explode('::', $uip);
-
- if("" == $ip1) {
-
- $c1 = -1;
-
- } else {
-
- $pos = 0;
-
- if (0 < ($pos = substr_count($ip1, ':'))) {
-
- $c1 = $pos;
-
- } else {
-
- $c1 = 0;
-
- }
- }
- if ("" == $ip2) {
-
- $c2 = -1;
-
- } else {
-
- $pos = 0;
-
- if (0 < ($pos = substr_count($ip2, ':'))) {
-
- $c2 = $pos;
-
- } else {
-
- $c2 = 0;
-
- }
-
- }
-
- if (strstr($ip2, '.')) {
-
- $c2++;
-
- }
- if (-1 == $c1 && -1 == $c2) { // ::
-
- $uip = "0:0:0:0:0:0:0:0";
-
- } else if (-1 == $c1) { // ::xxx
-
- $fill = str_repeat('0:', 7-$c2);
- $uip = str_replace('::', $fill, $uip);
-
- } else if (-1 == $c2) { // xxx::
-
- $fill = str_repeat(':0', 7-$c1);
- $uip = str_replace('::', $fill, $uip);
-
- } else { // xxx::xxx
-
- $fill = str_repeat(':0:', 6-$c2-$c1);
- $uip = str_replace('::', $fill, $uip);
- $uip = str_replace('::', ':', $uip);
-
- }
- }
- if ('' != $netmask) {
-
- $uip = $uip.'/'.$netmask;
-
- }
-
- return $uip.$prefix;
- }
-
- // }}}
- // {{{ Compress()
-
- /**
- * Compresses an IPv6 adress
- *
- * RFC 2373 allows you to compress zeros in an adress to '::'. This
- * function expects an valid IPv6 adress and compresses successive zeros
- * to '::'
- *
- * Example: FF01:0:0:0:0:0:0:101 -> FF01::101
- * 0:0:0:0:0:0:0:1 -> ::1
- *
- * @access public
- * @see Uncompress()
- * @static
- * @param string $ip a valid IPv6-adress (hex format)
- * @return string the compressed IPv6-adress (hex format)
- * @author elfrink at introweb dot nl
- */
- function compress($ip)
- {
- $prefix = Net_IPv6::getPrefixLength($ip);
-
- if (false === $prefix) {
-
- $prefix = '';
-
- } else {
-
- $ip = Net_IPv6::removePrefixLength($ip);
- $prefix = '/'.$prefix;
-
- }
-
- $netmask = Net_IPv6::getNetmaskSpec($ip);
- $ip = Net_IPv6::removeNetmaskSpec($ip);
-
- if (!strstr($ip, '::')) {
-
- $ipp = explode(':',$ip);
-
- for ($i = 0; $i < count($ipp); $i++) {
-
- $ipp[$i] = dechex(hexdec($ipp[$i]));
-
- }
-
- $cip = ':' . join(':',$ipp) . ':';
-
- preg_match_all("/(:0)+/", $cip, $zeros);
-
- if (count($zeros[0]) > 0) {
-
- $match = '';
-
- foreach($zeros[0] as $zero) {
-
- if (strlen($zero) > strlen($match)) {
-
- $match = $zero;
-
- }
- }
-
- $cip = preg_replace('/' . $match . '/', ':', $cip, 1);
-
- }
-
- $cip = preg_replace('/((^:)|(:$))/', '' ,$cip);
- $cip = preg_replace('/((^:)|(:$))/', '::' ,$cip);
-
- }
- if ('' != $netmask) {
-
- $cip = $cip.'/'.$netmask;
-
- }
-
- return $cip.$prefix;
- }
-
- // }}}
- // {{{ SplitV64()
-
- /**
- * Splits an IPv6 adress into the IPv6 and a possible IPv4 part
- *
- * RFC 2373 allows you to note the last two parts of an IPv6 adress as
- * an IPv4 compatible adress
- *
- * Example: 0:0:0:0:0:0:13.1.68.3
- * 0:0:0:0:0:FFFF:129.144.52.38
- *
- * @param string $ip a valid IPv6-adress (hex format)
- *
- * @return array [0] contains the IPv6 part,
- * [1] the IPv4 part (hex format)
- * @access public
- * @static
- */
- function SplitV64($ip, $uncompress = true)
- {
- $ip = Net_IPv6::removeNetmaskSpec($ip);
-
- if ($uncompress) {
-
- $ip = Net_IPv6::Uncompress($ip);
-
- }
-
- if (strstr($ip, '.')) {
-
- $pos = strrpos($ip, ':');
- $ip{$pos} = '_';
- $ipPart = explode('_', $ip);
-
- return $ipPart;
-
- } else {
-
- return array($ip, "");
-
- }
- }
-
- // }}}
- // {{{ checkIPv6()
-
- /**
- * Checks an IPv6 adress
- *
- * Checks if the given IP is IPv6-compatible
- *
- * @access public
- * @static
- * @param string $ip a valid IPv6-adress
- * @return boolean true if $ip is an IPv6 adress
- */
- function checkIPv6($ip)
- {
- $ip = Net_IPv6::removePrefixLength($ip);
- $ip = Net_IPv6::removeNetmaskSpec($ip);
-
- $ipPart = Net_IPv6::SplitV64($ip);
- $count = 0;
-
- if (!empty($ipPart[0]))
- {
- $ipv6 =explode(':', $ipPart[0]);
-
- for ($i = 0; $i < count($ipv6); $i++) {
-
- $dec = hexdec($ipv6[$i]);
- $hex = strtoupper(preg_replace("/^[0]{1,3}(.*[0-9a-fA-F])$/",
- "\\1",
- $ipv6[$i]));
-
- if ($ipv6[$i] >= 0 && $dec <= 65535
- && $hex == strtoupper(dechex($dec))) {
-
- $count++;
-
- }
-
- }
-
- if (8 == $count) {
-
- return true;
-
- } else if (6 == $count and !empty($ipPart[1])) {
-
- $ipv4 = explode('.',$ipPart[1]);
- $count = 0;
-
- for ($i = 0; $i < count($ipv4); $i++) {
-
- if ($ipv4[$i] >= 0 && (integer)$ipv4[$i] <= 255
- && preg_match("/^\d{1,3}$/", $ipv4[$i])) {
-
- $count++;
-
- }
-
- }
-
- if (4 == $count) {
-
- return true;
-
- }
-
- } else {
-
- return false;
-
- }
-
- } else {
-
- return false;
-
- }
-
- }
-
- // }}}
- // {{{ getPrefixLength()
-
- /**
- * Tests for a prefix length specification in the address
- * and returns the prefix length, if exists
- *
- * @param String $ip a valid ipv6 address
- *
- * @return Mixed the prefix as String or false, if no prefix was found
- * @access public
- * @static
- */
- function getPrefixLength($ip)
- {
- if (preg_match("/^([0-9a-fA-F:]{2,39})\/(\d{1,3})*$/",
- $ip, $matches)) {
-
- return $matches[2];
-
- } else {
-
- return false;
-
- }
-
- }
-
- // }}}
- // {{{ removePrefixLength()
-
- /**
- * Tests for a prefix length specification in the address
- * and removes the prefix length, if exists
- *
- * @param String $ip a valid ipv6 address
- *
- * @return String the address without a prefix length
- * @access public
- * @static
- */
- function removePrefixLength($ip)
- {
- $pos = strrpos($ip, '/');
-
- if (false !== $pos) {
-
- return substr($ip, 0, $pos);
-
- }
-
- return $ip;
- }
-
- // }}}
-
- // {{{ _parseAddress()
-
- /**
- * Returns the lowest and highest IPv6 address
- * for a given IP and netmask specification
- *
- * The netmask may be a part of the $ip or
- * the number of netwask bits is provided via $bits
- *
- * The result is an indexed array. The key 'start'
- * contains the lowest possible IP adress. The key
- * 'end' the highest address.
- *
- * @param String $ip the IPv6 address
- * @param String $bits the optional count of netmask bits
- *
- * @return Array ['start', 'end'] the lowest and highest IPv6 address
- * @access public
- * @static
- * @author Nicholas Williams
- */
-
- function parseAddress($ipToParse, $bits = null)
- {
-
- $ip = null;
- $bitmask = null;
-
- if( null == $bits )
- {
-
- $elements = explode('/', $ipToParse);
-
- if( 2 == count($elements) ) {
-
- $ip = Net_IPv6::uncompress($elements[0]);
- $bitmask = $elements[1];
-
- } else {
-
- include_once 'PEAR.inc';
-
- return PEAR::raiseError(NET_IPV6_NO_NETMASK_MSG,
- NET_IPV6_NO_NETMASK);
- }
- }
- else
- {
-
- $ip = Net_IPv6::uncompress($ipToParse);
- $bitmask = $bits;
-
- }
-
- $binNetmask = str_repeat('1', $bitmask).
- str_repeat('0', 128 - $bitmask);
- $maxNetmask = str_repeat('1', 128);
- $netmask = Net_IPv6::_bin2Ip($binNetmask);
-
- $startAddress = Net_IPv6::_bin2Ip(Net_IPv6::_ip2Bin($ip)
- & $binNetmask);
- $endAddress = Net_IPv6::_bin2Ip(Net_IPv6::_ip2Bin($ip)
- | ($binNetmask ^ $maxNetmask));
-
- return array('start' => $startAddress, 'end' => $endAddress);
- }
-
- // }}}
-
- // {{{ _ip2Bin()
-
- /**
- * Converts an IPv6 address from Hex into Binary representation.
- *
- * @param String $ip the IP to convert (a:b:c:d:e:f:g:h),
- * compressed IPs are allowed
- *
- * @return String the binary representation
- * @access private
- @ @since 1.1.0
- */
- function _ip2Bin($ip)
- {
- $binstr = '';
-
- $ip = Net_IPv6::removeNetmaskSpec($ip);
- $ip = Net_IPv6::Uncompress($ip);
-
- $parts = explode(':', $ip);
-
- foreach($parts as $v) {
-
- $str = base_convert($v, 16, 2);
- $binstr .= str_pad($str, 16, '0', STR_PAD_LEFT);
-
- }
-
- return $binstr;
- }
-
- // }}}
- // {{{ _bin2Ip()
-
- /**
- * Converts an IPv6 address from Binary into Hex representation.
- *
- * @param String $ip the IP as binary
- *
- * @return String the uncompressed Hex representation
- * @access private
- @ @since 1.1.0
- */
- function _bin2Ip($bin)
- {
- $ip = "";
-
- if (strlen($bin) < 128) {
-
- $bin = str_pad($str, 128, '0', STR_PAD_LEFT);
-
- }
-
- $parts = str_split($bin, "16");
-
- foreach($parts as $v) {
-
- $str = base_convert($v, 2, 16);
- $ip .= $str.":";
-
- }
-
- $ip = substr($ip, 0,-1);
-
- return $ip;
- }
-
- // }}}
-}
-// }}}
-
-/*
- * Local variables:
- * tab-width: 4
- * c-basic-offset: 4
- * c-hanging-comment-ender-p: nil
- * End:
- */
-
-?>
+<?php + +/* + pfSense_MODULE: utils +*/ + +/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */ + +/** + * This file contains the implementation of the Net_IPv6 class + * + * PHP versions 4 and 5 + * + * LICENSE: This source file is subject to the New BSD license, that is + * available through the world-wide-web at + * http://www.opensource.org/licenses/bsd-license.php + * If you did not receive a copy of the new BSDlicense and are unable + * to obtain it through the world-wide-web, please send a note to + * license@php.net so we can mail you a copy immediately + * + * @category Net + * @package Net_IPv6 + * @author Alexander Merz <alexander.merz@web.de> + * @copyright 2003-2005 The PHP Group + * @license http://www.opensource.org/licenses/bsd-license.php + * @version CVS: $Id: IPv6.inc,v 1.2 2008/11/26 03:54:43 sumacob Exp $ + * @link http://pear.php.net/package/Net_IPv6 + */ + +// {{{ constants + +/** + * Error message if netmask bits was not found + * @see isInNetmask + */ +define("NET_IPV6_NO_NETMASK_MSG", "Netmask length not found"); + +/** + * Error code if netmask bits was not found + * @see isInNetmask + */ +define("NET_IPV6_NO_NETMASK", 10); + +/** + * Address Type: Unassigned (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_UNASSIGNED", 1); + +/** + * Address Type: Reserved (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_RESERVED", 11); + +/** + * Address Type: Reserved for NSAP Allocation (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_RESERVED_NSAP", 12); + +/** + * Address Type: Reserved for IPX Allocation (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_RESERVED_IPX", 13); + +/** + * Address Type: Reserved for Geographic-Based Unicast Addresses + * (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_RESERVED_UNICAST_GEOGRAPHIC", 14); + +/** + * Address Type: Provider-Based Unicast Address (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_UNICAST_PROVIDER", 22); + +/** + * Address Type: Multicast Addresses (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_MULTICAST", 31); + +/** + * Address Type: Link Local Use Addresses (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_LOCAL_LINK", 42); + +/** + * Address Type: Link Local Use Addresses (RFC 1884, Section 2.3) + * @see getAddressType() + */ +define("NET_IPV6_LOCAL_SITE", 43); + +/** + * Address Type: address can not assigned to a specific type + * @see getAddressType() + */ +define("NET_IPV6_UNKNOWN_TYPE", 1001); + +// }}} +// {{{ Net_IPv6 + +/** + * Class to validate and to work with IPv6 addresses. + * + * @category Net + * @package Net_IPv6 + * @copyright 2003-2005 The PHP Group + * @license http://www.opensource.org/licenses/bsd-license.php + * @version $Release$ + * @link http://pear.php.net/package/Net_IPv6 + * @author Alexander Merz <alexander.merz@web.de> + * @author <elfrink at introweb dot nl> + * @author Josh Peck <jmp at joshpeck dot org> + */ +class Net_IPv6 { + + // {{{ removeNetmaskBits() + + /** + * Removes a possible existing netmask specification at an IP addresse. + * + * @param String $ip the (compressed) IP as Hex representation + * + * @return String the IP without netmask length + * @since 1.1.0 + * @access public + * @static + */ + function removeNetmaskSpec($ip) + { + $addr = $ip; + + if (false !== strpos($ip, '/')) { + + $elements = explode('/', $ip); + + if (2 == count($elements)) { + + $addr = $elements[0]; + + } + + } + + return $addr; + } + + /** + * Returns a possible existing netmask specification at an IP addresse. + * + * @param String $ip the (compressed) IP as Hex representation + * + * @return String the netmask spec + * @since 1.1.0 + * @access public + * @static + */ + function getNetmaskSpec($ip) + { + $spec = ''; + + if (false !== strpos($ip, '/')) { + + $elements = explode('/', $ip); + + if (2 == count($elements)) { + + $spec = $elements[1]; + + } + + } + + return $spec; + } + + // }}} + // {{{ getNetmask() + + /** + * Calculates the network prefix based on the netmask bits. + * + * @param String $ip the (compressed) IP in Hex format + * @param int $bits if the number of netmask bits is not part of the IP + * you must provide the number of bits + * + * @return String the network prefix + * @since 1.1.0 + * @access public + * @static + */ + function getNetmask($ip, $bits = null) + { + if (null==$bits) { + + $elements = explode('/', $ip); + + if (2 == count($elements)) { + + $addr = $elements[0]; + $bits = $elements[1]; + + } else { + + include_once 'PEAR.inc'; + + return PEAR::raiseError(NET_IPV6_NO_NETMASK_MSG, + NET_IPV6_NO_NETMASK); + } + + } else { + + $addr = $ip; + + } + + $addr = Net_IPv6::uncompress($addr); + $binNetmask = str_repeat('1', $bits).str_repeat('0', 128 - $bits); + + return Net_IPv6::_bin2Ip(Net_IPv6::_ip2Bin($addr) & $binNetmask); + } + + // }}} + // {{{ isInNetmask() + + /** + * Checks if an (compressed) IP is in a specific address space. + * + * IF the IP does not contains the number of netmask bits (F8000::FFFF/16) + * then you have to use the $bits parameter. + * + * @param String $ip the IP to check (eg. F800::FFFF) + * @param String $netmask the netmask (eg F800::) + * @param int $bits the number of netmask bits to compare, + * if not given in $ip + * + * @return boolean true if $ip is in the netmask + * @since 1.1.0 + * @access public + * @static + */ + function isInNetmask($ip, $netmask, $bits=null) + { + // try to get the bit count + + if (null == $bits) { + + $elements = explode('/', $ip); + + if (2 == count($elements)) { + + $ip = $elements[0]; + $bits = $elements[1]; + + } else if (null == $bits) { + + $elements = explode('/', $netmask); + + if (2 == count($elements)) { + + $netmask = $elements[0]; + $bits = $elements[1]; + + } + + if (null == $bits) { + + include_once 'PEAR.inc'; + return PEAR::raiseError(NET_IPV6_NO_NETMASK_MSG, + NET_IPV6_NO_NETMASK); + + } + + } + + } + + $binIp = Net_IPv6::_ip2Bin(Net_IPv6::removeNetmaskSpec($ip)); + $binNetmask = Net_IPv6::_ip2Bin(Net_IPv6::removeNetmaskSpec($netmask)); + + if (null != $bits + && "" != $bits + && 0 == strncmp( $binNetmask, $binIp, $bits)) { + + return true; + + } + + return false; + } + + // }}} + // {{{ getAddressType() + + /** + * Returns the type of an IPv6 address. + * + * RFC 1883, Section 2.3 describes several types of addresses in + * the IPv6 addresse space. + * Several addresse types are markers for reserved spaces and as + * consequence a subject to change. + * + * @param String $ip the IP address in Hex format, + * compressed IPs are allowed + * + * @return int one of the addresse type constants + * @access public + * @since 1.1.0 + * @static + * + * @see NET_IPV6_UNASSIGNED + * @see NET_IPV6_RESERVED + * @see NET_IPV6_RESERVED_NSAP + * @see NET_IPV6_RESERVED_IPX + * @see NET_IPV6_RESERVED_UNICAST_GEOGRAPHIC + * @see NET_IPV6_UNICAST_PROVIDER + * @see NET_IPV6_MULTICAST + * @see NET_IPV6_LOCAL_LINK + * @see NET_IPV6_LOCAL_SITE + * @see NET_IPV6_UNKNOWN_TYPE + */ + function getAddressType($ip) + { + $ip = Net_IPv6::removeNetmaskSpec($ip); + $binip = Net_IPv6::_ip2Bin($ip); + + if (0 == strncmp('1111111010', $binip, 10)) { + + return NET_IPV6_LOCAL_LINK; + + } else if (0 == strncmp('1111111011', $binip, 10)) { + + return NET_IPV6_LOCAL_SITE; + + } else if (0 == strncmp('111111100', $binip, 9)) { + + return NET_IPV6_UNASSIGNED; + + } else if (0 == strncmp('11111111', $binip, 8)) { + + return NET_IPV6_MULTICAST; + + } else if (0 == strncmp('00000000', $binip, 8)) { + + return NET_IPV6_RESERVED; + + } else if (0 == strncmp('00000001', $binip, 8) + || 0 == strncmp('1111110', $binip, 7)) { + + return NET_IPV6_UNASSIGNED; + + } else if (0 == strncmp('0000001', $binip, 7)) { + + return NET_IPV6_RESERVED_NSAP; + + } else if (0 == strncmp('0000010', $binip, 7)) { + + return NET_IPV6_RESERVED_IPX;; + + } else if (0 == strncmp('0000011', $binip, 7) || + 0 == strncmp('111110', $binip, 6) || + 0 == strncmp('11110', $binip, 5) || + 0 == strncmp('00001', $binip, 5) || + 0 == strncmp('1110', $binip, 4) || + 0 == strncmp('0001', $binip, 4) || + 0 == strncmp('001', $binip, 3) || + 0 == strncmp('011', $binip, 3) || + 0 == strncmp('101', $binip, 3) || + 0 == strncmp('110', $binip, 3)) { + + return NET_IPV6_UNASSIGNED; + + } else if (0 == strncmp('010', $binip, 3)) { + + return NET_IPV6_UNICAST_PROVIDER; + + } else if (0 == strncmp('100', $binip, 3)) { + + return NET_IPV6_RESERVED_UNICAST_GEOGRAPHIC; + + } + + return NET_IPV6_UNKNOWN_TYPE; + } + + // }}} + // {{{ Uncompress() + + /** + * Uncompresses an IPv6 adress + * + * RFC 2373 allows you to compress zeros in an adress to '::'. This + * function expects an valid IPv6 adress and expands the '::' to + * the required zeros. + * + * Example: FF01::101 -> FF01:0:0:0:0:0:0:101 + * ::1 -> 0:0:0:0:0:0:0:1 + * + * @access public + * @see Compress() + * @static + * @param string $ip a valid IPv6-adress (hex format) + * @return string the uncompressed IPv6-adress (hex format) + */ + function uncompress($ip) + { + + $prefix = Net_IPv6::getPrefixLength($ip); + + if (false === $prefix) { + + $prefix = ''; + + } else { + + $ip = Net_IPv6::removePrefixLength($ip); + $prefix = '/'.$prefix; + + } + + $netmask = Net_IPv6::getNetmaskSpec($ip); + $uip = Net_IPv6::removeNetmaskSpec($ip); + + $c1 = -1; + $c2 = -1; + + if (false !== strpos($uip, '::') ) { + + list($ip1, $ip2) = explode('::', $uip); + + if("" == $ip1) { + + $c1 = -1; + + } else { + + $pos = 0; + + if (0 < ($pos = substr_count($ip1, ':'))) { + + $c1 = $pos; + + } else { + + $c1 = 0; + + } + } + if ("" == $ip2) { + + $c2 = -1; + + } else { + + $pos = 0; + + if (0 < ($pos = substr_count($ip2, ':'))) { + + $c2 = $pos; + + } else { + + $c2 = 0; + + } + + } + + if (strstr($ip2, '.')) { + + $c2++; + + } + if (-1 == $c1 && -1 == $c2) { // :: + + $uip = "0:0:0:0:0:0:0:0"; + + } else if (-1 == $c1) { // ::xxx + + $fill = str_repeat('0:', 7-$c2); + $uip = str_replace('::', $fill, $uip); + + } else if (-1 == $c2) { // xxx:: + + $fill = str_repeat(':0', 7-$c1); + $uip = str_replace('::', $fill, $uip); + + } else { // xxx::xxx + + $fill = str_repeat(':0:', 6-$c2-$c1); + $uip = str_replace('::', $fill, $uip); + $uip = str_replace('::', ':', $uip); + + } + } + if ('' != $netmask) { + + $uip = $uip.'/'.$netmask; + + } + + return $uip.$prefix; + } + + // }}} + // {{{ Compress() + + /** + * Compresses an IPv6 adress + * + * RFC 2373 allows you to compress zeros in an adress to '::'. This + * function expects an valid IPv6 adress and compresses successive zeros + * to '::' + * + * Example: FF01:0:0:0:0:0:0:101 -> FF01::101 + * 0:0:0:0:0:0:0:1 -> ::1 + * + * @access public + * @see Uncompress() + * @static + * @param string $ip a valid IPv6-adress (hex format) + * @return string the compressed IPv6-adress (hex format) + * @author elfrink at introweb dot nl + */ + function compress($ip) + { + $prefix = Net_IPv6::getPrefixLength($ip); + + if (false === $prefix) { + + $prefix = ''; + + } else { + + $ip = Net_IPv6::removePrefixLength($ip); + $prefix = '/'.$prefix; + + } + + $netmask = Net_IPv6::getNetmaskSpec($ip); + $ip = Net_IPv6::removeNetmaskSpec($ip); + + if (!strstr($ip, '::')) { + + $ipp = explode(':',$ip); + + for ($i = 0; $i < count($ipp); $i++) { + + $ipp[$i] = dechex(hexdec($ipp[$i])); + + } + + $cip = ':' . join(':',$ipp) . ':'; + + preg_match_all("/(:0)+/", $cip, $zeros); + + if (count($zeros[0]) > 0) { + + $match = ''; + + foreach($zeros[0] as $zero) { + + if (strlen($zero) > strlen($match)) { + + $match = $zero; + + } + } + + $cip = preg_replace('/' . $match . '/', ':', $cip, 1); + + } + + $cip = preg_replace('/((^:)|(:$))/', '' ,$cip); + $cip = preg_replace('/((^:)|(:$))/', '::' ,$cip); + + } + if ('' != $netmask) { + + $cip = $cip.'/'.$netmask; + + } + + return $cip.$prefix; + } + + // }}} + // {{{ SplitV64() + + /** + * Splits an IPv6 adress into the IPv6 and a possible IPv4 part + * + * RFC 2373 allows you to note the last two parts of an IPv6 adress as + * an IPv4 compatible adress + * + * Example: 0:0:0:0:0:0:13.1.68.3 + * 0:0:0:0:0:FFFF:129.144.52.38 + * + * @param string $ip a valid IPv6-adress (hex format) + * + * @return array [0] contains the IPv6 part, + * [1] the IPv4 part (hex format) + * @access public + * @static + */ + function SplitV64($ip, $uncompress = true) + { + $ip = Net_IPv6::removeNetmaskSpec($ip); + + if ($uncompress) { + + $ip = Net_IPv6::Uncompress($ip); + + } + + if (strstr($ip, '.')) { + + $pos = strrpos($ip, ':'); + $ip{$pos} = '_'; + $ipPart = explode('_', $ip); + + return $ipPart; + + } else { + + return array($ip, ""); + + } + } + + // }}} + // {{{ checkIPv6() + + /** + * Checks an IPv6 adress + * + * Checks if the given IP is IPv6-compatible + * + * @access public + * @static + * @param string $ip a valid IPv6-adress + * @return boolean true if $ip is an IPv6 adress + */ + function checkIPv6($ip) + { + $ip = Net_IPv6::removePrefixLength($ip); + $ip = Net_IPv6::removeNetmaskSpec($ip); + + $ipPart = Net_IPv6::SplitV64($ip); + $count = 0; + + if (!empty($ipPart[0])) + { + $ipv6 =explode(':', $ipPart[0]); + + for ($i = 0; $i < count($ipv6); $i++) { + + $dec = hexdec($ipv6[$i]); + $hex = strtoupper(preg_replace("/^[0]{1,3}(.*[0-9a-fA-F])$/", + "\\1", + $ipv6[$i])); + + if ($ipv6[$i] >= 0 && $dec <= 65535 + && $hex == strtoupper(dechex($dec))) { + + $count++; + + } + + } + + if (8 == $count) { + + return true; + + } else if (6 == $count and !empty($ipPart[1])) { + + $ipv4 = explode('.',$ipPart[1]); + $count = 0; + + for ($i = 0; $i < count($ipv4); $i++) { + + if ($ipv4[$i] >= 0 && (integer)$ipv4[$i] <= 255 + && preg_match("/^\d{1,3}$/", $ipv4[$i])) { + + $count++; + + } + + } + + if (4 == $count) { + + return true; + + } + + } else { + + return false; + + } + + } else { + + return false; + + } + + } + + // }}} + // {{{ getPrefixLength() + + /** + * Tests for a prefix length specification in the address + * and returns the prefix length, if exists + * + * @param String $ip a valid ipv6 address + * + * @return Mixed the prefix as String or false, if no prefix was found + * @access public + * @static + */ + function getPrefixLength($ip) + { + if (preg_match("/^([0-9a-fA-F:]{2,39})\/(\d{1,3})*$/", + $ip, $matches)) { + + return $matches[2]; + + } else { + + return false; + + } + + } + + // }}} + // {{{ removePrefixLength() + + /** + * Tests for a prefix length specification in the address + * and removes the prefix length, if exists + * + * @param String $ip a valid ipv6 address + * + * @return String the address without a prefix length + * @access public + * @static + */ + function removePrefixLength($ip) + { + $pos = strrpos($ip, '/'); + + if (false !== $pos) { + + return substr($ip, 0, $pos); + + } + + return $ip; + } + + // }}} + + // {{{ _parseAddress() + + /** + * Returns the lowest and highest IPv6 address + * for a given IP and netmask specification + * + * The netmask may be a part of the $ip or + * the number of netwask bits is provided via $bits + * + * The result is an indexed array. The key 'start' + * contains the lowest possible IP adress. The key + * 'end' the highest address. + * + * @param String $ip the IPv6 address + * @param String $bits the optional count of netmask bits + * + * @return Array ['start', 'end'] the lowest and highest IPv6 address + * @access public + * @static + * @author Nicholas Williams + */ + + function parseAddress($ipToParse, $bits = null) + { + + $ip = null; + $bitmask = null; + + if( null == $bits ) + { + + $elements = explode('/', $ipToParse); + + if( 2 == count($elements) ) { + + $ip = Net_IPv6::uncompress($elements[0]); + $bitmask = $elements[1]; + + } else { + + include_once 'PEAR.inc'; + + return PEAR::raiseError(NET_IPV6_NO_NETMASK_MSG, + NET_IPV6_NO_NETMASK); + } + } + else + { + + $ip = Net_IPv6::uncompress($ipToParse); + $bitmask = $bits; + + } + + $binNetmask = str_repeat('1', $bitmask). + str_repeat('0', 128 - $bitmask); + $maxNetmask = str_repeat('1', 128); + $netmask = Net_IPv6::_bin2Ip($binNetmask); + + $startAddress = Net_IPv6::_bin2Ip(Net_IPv6::_ip2Bin($ip) + & $binNetmask); + $endAddress = Net_IPv6::_bin2Ip(Net_IPv6::_ip2Bin($ip) + | ($binNetmask ^ $maxNetmask)); + + return array('start' => $startAddress, 'end' => $endAddress); + } + + // }}} + + // {{{ _ip2Bin() + + /** + * Converts an IPv6 address from Hex into Binary representation. + * + * @param String $ip the IP to convert (a:b:c:d:e:f:g:h), + * compressed IPs are allowed + * + * @return String the binary representation + * @access private + @ @since 1.1.0 + */ + function _ip2Bin($ip) + { + $binstr = ''; + + $ip = Net_IPv6::removeNetmaskSpec($ip); + $ip = Net_IPv6::Uncompress($ip); + + $parts = explode(':', $ip); + + foreach($parts as $v) { + + $str = base_convert($v, 16, 2); + $binstr .= str_pad($str, 16, '0', STR_PAD_LEFT); + + } + + return $binstr; + } + + // }}} + // {{{ _bin2Ip() + + /** + * Converts an IPv6 address from Binary into Hex representation. + * + * @param String $ip the IP as binary + * + * @return String the uncompressed Hex representation + * @access private + @ @since 1.1.0 + */ + function _bin2Ip($bin) + { + $ip = ""; + + if (strlen($bin) < 128) { + + $bin = str_pad($str, 128, '0', STR_PAD_LEFT); + + } + + $parts = str_split($bin, "16"); + + foreach($parts as $v) { + + $str = base_convert($v, 2, 16); + $ip .= $str.":"; + + } + + $ip = substr($ip, 0,-1); + + return $ip; + } + + // }}} +} +// }}} + +/* + * Local variables: + * tab-width: 4 + * c-basic-offset: 4 + * c-hanging-comment-ender-p: nil + * End: + */ + +?> diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index c403252..c27eac0 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -53,7 +53,7 @@ require_once("voucher.inc"); function get_default_captive_portal_html() { global $config, $g; // Detect if vouchers are being used and default to the voucher page - if($config['voucher']) { + if(isset($config['voucher']['enable'])) { $htmltext = <<<EOD <html> <body> diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index 763c25d..9ac7120 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -34,8 +34,8 @@ require_once("functions.inc"); function & lookup_ca($refid) { global $config; - if (is_array($config['system']['ca'])) - foreach ($config['system']['ca'] as & $ca) + if (is_array($config['ca'])) + foreach ($config['ca'] as & $ca) if ($ca['refid'] == $refid) return $ca; @@ -45,8 +45,8 @@ function & lookup_ca($refid) { function & lookup_ca_by_subject($subject) { global $config; - if (is_array($config['system']['ca'])) - foreach ($config['system']['ca'] as & $ca) + if (is_array($config['ca'])) + foreach ($config['ca'] as & $ca) { $ca_subject = cert_get_subject($ca['crt']); if ($ca_subject == $subject) @@ -59,8 +59,8 @@ function & lookup_ca_by_subject($subject) { function & lookup_cert($refid) { global $config; - if (is_array($config['system']['cert'])) - foreach ($config['system']['cert'] as & $cert) + if (is_array($config['cert'])) + foreach ($config['cert'] as & $cert) if ($cert['refid'] == $refid) return $cert; @@ -119,15 +119,15 @@ function ca_import(& $ca, $str, $key="") { } /* Correct if child certificate was loaded first */ - if (is_array($config['system']['ca'])) - foreach ($config['system']['ca'] as & $oca) + if (is_array($config['ca'])) + foreach ($config['ca'] as & $oca) { $issuer = cert_get_issuer($oca['crt']); if($ca['refid']<>$oca['refid'] && $issuer==$subject) $oca['caref'] = $ca['refid']; } - if (is_array($config['system']['cert'])) - foreach ($config['system']['cert'] as & $cert) + if (is_array($config['cert'])) + foreach ($config['cert'] as & $cert) { $issuer = cert_get_issuer($cert['crt']); if($issuer==$subject) @@ -335,30 +335,66 @@ function cert_get_issuer($str_crt, $decode = true) { return $issuer; } -function get_all_user_certs($certsonly=false) { +function is_user_cert($certref) { global $config; - $usercerts = array(); if (!is_array($config['system']['user'])) return; foreach ($config['system']['user'] as $user) { if (!is_array($user['cert'])) continue; foreach ($user['cert'] as $cert) { - $usercerts[] = $certsonly ? $cert['crt'] : $cert; + if ($certref == $cert) + return true; } } - return $usercerts; + return false; } -function get_all_certs_tree() { +function is_openvpn_server_cert($certref) { global $config; - $cert_tree = array(); - foreach ($config['system']['ca'] as $ca) - $cert_tree[$ca['refid']] = $ca; - $usercerts = get_all_user_certs(); - foreach ($usercerts as $cert) - $cert_tree[$cert['caref']]['certs'][] = $cert; - return $cert_tree; + if (!is_array($config['openvpn']['openvpn-server'])) + return; + foreach ($config['openvpn']['openvpn-server'] as $ovpns) { + if ($ovpns['certref'] == $certref) + return true; + } + return false; +} + +function is_openvpn_client_cert($certref) { + global $config; + if (!is_array($config['openvpn']['openvpn-client'])) + return; + foreach ($config['openvpn']['openvpn-client'] as $ovpnc) { + if ($ovpnc['certref'] == $certref) + return true; + } + return false; +} + +function is_ipsec_cert($certref) { + global $config; + if (!is_array($config['ipsec']['phase1'])) + return; + foreach ($config['ipsec']['phase1'] as $ipsec) { + if ($ipsec['certref'] == $certref) + return true; + } + return false; +} + +function is_webgui_cert($certref) { + global $config; + if ($config['system']['webgui']['ssl-certref'] == $certref) + return true; +} + +function cert_in_use($certref) { + return (is_webgui_cert($certref) || + is_user_cert($certref) || + is_openvpn_server_cert($certref) || + is_openvpn_client_cert($certref) || + is_ipsec_cert($certref)); } ?> diff --git a/etc/inc/dyndns.class b/etc/inc/dyndns.class index 2e90386..1b332d0 100644 --- a/etc/inc/dyndns.class +++ b/etc/inc/dyndns.class @@ -17,6 +17,7 @@ * - StaticCling (staticcling.org) * - DNSexit (dnsexit.com) * - OpenDNS (opendns.com) + * - Namecheap (namecheap.com) * +----------------------------------------------------+ * Requirements: * - PHP version 4.0.2 or higher with CURL Library @@ -47,6 +48,7 @@ * StaticCling - Last Tested: 27 April 2006 * DNSexit - Last Tested: 20 July 2008 * OpenDNS - Last Tested: 4 August 2008 + * Namecheap - Last Tested: 31 August 2010 * +====================================================+ * * @author E.Kristensen @@ -96,17 +98,17 @@ log_error("DynDns: updatedns() starting"); if (!$dnsService) $this->_error(2); - if (!($dnsService == 'freedns')) { - - /* all services except freedns use these */ - - if (!$dnsUser) $this->_error(3); + switch ($dnsService) { + case 'freedns': + if (!$dnsHost) $this->_error(5); + break; + case 'namecheap': if (!$dnsPass) $this->_error(4); if (!$dnsHost) $this->_error(5); - } else { - - /* freedns needs this */ - + break; + default: + if (!$dnsUser) $this->_error(3); + if (!$dnsPass) $this->_error(4); if (!$dnsHost) $this->_error(5); } @@ -148,6 +150,7 @@ case 'staticcling': case 'dnsexit': case 'opendns': + case 'namecheap': $this->_update(); break; default: @@ -416,6 +419,20 @@ curl_close($ch); $this->_checkStatus($data); break; + case 'namecheap': + /* Example: + https://dynamicdns.park-your-domain.com/update?host=[host_name]&domain=[domain.com]&password=[domain_password]&ip=[your_ip] + */ + $needsIP = FALSE; + log_error("Namecheap: DNS update() starting."); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); + list($hostname, $domain) = explode(".", $this->_dnsHost, 2); + $server = "https://dynamicdns.park-your-domain.com/update?host={$hostname}&domain={$domain}&password={$this->_dnsPass}&ip={$this->_dnsIP}"; + curl_setopt($ch, CURLOPT_URL, $server); + $data = curl_exec($ch); + if (@curl_error($ch)) log_error("Curl error occurred: " . curl_error($ch)); + curl_close($ch); + $this->_checkStatus($data); default: break; } @@ -719,6 +736,23 @@ $this->_debug($data); } break; + case 'namecheap': + $tmp = str_replace("^M", "", $data); + $ncresponse = @xml2array($tmp); + if (preg_match("/internal server error/i", $data)) { + $status = "phpDynDNS: (Error) Server side error."; + } else if ($ncresponse['interface-response']['ErrCount'] === "0") { + $status = "phpDynDNS: (Success) IP Address Updated Successfully!"; + $successful_update = true; + } else if (is_numeric($ncresponse['interface-response']['ErrCount']) && ($ncresponse['interface-response']['ErrCount'] > 0)) { + $status = "phpDynDNS: (Error) " . implode(", ", $ncresponse["interface-response"]["errors"]); + $successful_update = true; + } else { + $status = "phpDynDNS: (Unknown Response)"; + log_error("phpDynDNS: PAYLOAD: {$data}"); + $this->_debug($data); + } + break; } if($successful_update == true) { diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 8e7757a..c240f11 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -136,8 +136,7 @@ function filter_configure() { $mt = microtime(); echo "filter_configure() being called $mt\n"; } - global $g; - touch($g['tmp_path'] . "/filter_dirty"); + send_event("filter reload"); } function filter_delete_states_for_down_gateways() { @@ -255,9 +254,11 @@ function filter_configure_sync() { if($config['system']['maximumstates'] <> "" && is_numeric($config['system']['maximumstates'])) { /* User defined maximum states in Advanced menu. */ $rules .= "set limit states {$config['system']['maximumstates']}\n"; + $rules .= "set limit src-nodes {$config['system']['maximumstates']}\n"; } else { $max_states = pfsense_default_state_size(); $rules .= "set limit states {$max_states}\n"; + $rules .= "set limit src-nodes {$max_states}\n"; } if($config['system']['maximumtableentries'] <> "" && is_numeric($config['system']['maximumtableentries'])) { @@ -650,7 +651,10 @@ function filter_get_vpns_list() { foreach ($config['ipsec']['phase2'] as $ph2ent) { if((!$ph2ent['mobile']) && ($ph2ent['mode'] != 'transport')) { require_once("ipsec.inc"); - $vpns_arr[] = ipsec_idinfo_to_cidr($ph2ent['remoteid']); + $vpns_subnet = ipsec_idinfo_to_cidr($ph2ent['remoteid']); + if ($vpns_subnet == "0.0.0.0/0") + continue; + $vpns_arr[] = $vpns_subnet; } } } @@ -660,8 +664,8 @@ function filter_get_vpns_list() { if(is_array($config['openvpn']["openvpn-$type"])) { foreach ($config['openvpn']["openvpn-$type"] as & $settings) { if(is_array($settings)) { - if(is_subnet($settings['remote-subnet'])) { - $vpns_arr[] = $tunnel['remote_network']; + if(is_subnet($settings['remote-subnet']) && $settings['remote-subnet'] <> "0.0.0.0/0") { + $vpns_arr[] = $settings['remote-subnet']; } } } @@ -968,7 +972,7 @@ function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_ $rflctnorange = true; if(is_alias($loc_pt)) { $loc_pt_translated = filter_expand_alias($loc_pt); - if(!$loc_pt_translated) { + if(empty($loc_pt_translated)) { log_error(sprintf(gettext("Reflection processing: %s is not a vaild port alias."), $loc_pt)); continue; } @@ -1002,7 +1006,9 @@ function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_ $starting_localhost_port++; } - foreach($toadd_array as $tda){ + foreach($toadd_array as $tda) { + if (empty($tda)) + continue; foreach($reflect_protos as $reflect_proto) { if($reflect_proto == "udp") { $socktype = "dgram"; @@ -1099,40 +1105,61 @@ function filter_nat_rules_generate() { /* any 1:1 mappings? */ if(is_array($config['nat']['onetoone'])) { - foreach ($config['nat']['onetoone'] as $natent) { - if(!is_numeric($natent['subnet'])) - $sn = 32; - else - $sn = $natent['subnet']; - if(!$natent['interface']) + foreach ($config['nat']['onetoone'] as $rule) { + if (isset($rule['disabled'])) + continue; + + $sn = ""; + $sn1 = ""; + $target = alias_expand($rule['external']); + if (!$target) { + $natrules .= "# Unresolvable alias {$rule['target']}\n"; + continue; /* unresolvable alias */ + } + + if (!$rule['interface']) $natif = "wan"; else - $natif = $natent['interface']; - $natif = $FilterIflist[$natif]['if']; + $natif = $rule['interface']; + if (!isset($FilterIflist[$natif])) + continue; - if($natif) { - /* If reflection is enabled, turn on extra redirections - * for this rule by adding other interfaces to binat rule. */ - if((isset($config['system']['enablebinatreflection']) || $natent['natreflection'] == "enable") - && $natent['natreflection'] != "disable") { - $nat_if_list = filter_get_reflection_interfaces($natif); - } else { - $nat_if_list = array(); - } + $srcaddr = filter_generate_address($rule, 'source'); + $dstaddr = filter_generate_address($rule, 'destination'); + if(!$dstaddr) + $dstaddr = $FilterIflist[$natif]['ip']; - $natrules .= "binat on {$natif} from {$natent['internal']}/{$sn} to any -> {$natent['external']}/{$sn}\n"; + $srcaddr = trim($srcaddr); + $dstaddr = trim($dstaddr); - if(!empty($nat_if_list)) { - $binat_if_list = implode(" ", $nat_if_list); - if(count($nat_if_list) > 1) - $binat_if_list = "{ {$binat_if_list} }"; + $tmp = explode('/', $srcaddr); + $srcip = $tmp[0]; + if (!empty($tmp[1]) && is_numeric($tmp[1])) { + $sn = $tmp[1]; + $sn1 = "/{$sn}"; + } - $reflection_txt .= "rdr on {$binat_if_list} from any to {$natent['external']}/{$sn} -> {$natent['internal']}/{$sn} bitmask\n"; - } + $natif = $FilterIflist[$natif]['if']; + + /* + * If reflection is enabled, turn on extra redirections + * for this rule by adding other interfaces to an rdr rule. + */ + if ((isset($config['system']['enablebinatreflection']) || $rule['natreflection'] == "enable") + && $rule['natreflection'] != "disable") + $nat_if_list = filter_get_reflection_interfaces($natif); + else + $nat_if_list = array(); - $nat_if_list = array_merge(array($natif), $nat_if_list); - $reflection_txt .= filter_generate_reflection_nat($rule, $nat_if_list, "", "{$natent['internal']}/{$sn}", $natent['internal'], $sn); + $natrules .= "binat on {$natif} from {$srcaddr} to {$dstaddr} -> {$target}{$sn1}\n"; + if (!empty($nat_if_list)) { + $binat_if_list = implode(" ", $nat_if_list); + $binat_if_list = "{ {$binat_if_list} }"; + $reflection_txt .= "rdr on {$binat_if_list} from {$dstaddr} to {$target}{$sn1} -> {$srcaddr} bitmask\n"; } + + $nat_if_list = array_merge(array($natif), $nat_if_list); + $reflection_txt .= filter_generate_reflection_nat($rule, $nat_if_list, "", $srcaddr, $srcip, $sn); } } $natrules .= "\n# Outbound NAT rules\n"; @@ -1327,7 +1354,14 @@ function filter_nat_rules_generate() { $localport = alias_expand($rule['local-port']); if(!$localport || $dstport[0] == $localport) { $localport = ""; - } else if(is_alias($rule['destination']['port']) || is_alias($rule['local-port'])) { + } else if(is_alias($rule['local-port'])) { + $localport = filter_expand_alias($rule['local-port']); + if($localport) { + $localport = explode(" ", trim($localport)); + $localport = $localport[0]; + $localport = " port {$localport}"; + } + } else if(is_alias($rule['destination']['port'])) { $localport = " port {$localport}"; } else { if(($dstport[1]) && ($dstport[0] != $dstport[1])) { @@ -1897,8 +1931,19 @@ function filter_rules_generate() { if(!empty($tmpif)) { $cpiflist[] = "{$tmpif}"; $cpipm = get_interface_ip($cpifgrp); - if(is_ipaddr($cpipm)) + if(is_ipaddr($cpipm)) { + $carpif = link_ip_to_carp_interface($cpipm); + if (!empty($carpif)) { + $cpiflist[] = $carpif; + $carpsif = explode(" ", $carpif); + foreach ($carpsif as $cpcarp) { + $carpip = find_interface_ip($cpcarp); + if (is_ipaddr($carpip)) + $cpiplist[] = $carpip; + } + } $cpiplist[] = $cpipm; + } } } if (count($cpiplist) > 0 && count($cpiflist) > 0) { diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 6a17c8d..1b786bd 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -58,6 +58,7 @@ function get_nics_with_capabilities($CAPABILITIES) { $g = array( "base_packages" => "siproxd", + "event_address" => "unix:///var/run/check_reload_status", "factory_shipped_username" => "admin", "factory_shipped_password" => "pfsense", "upload_path" => "/root", @@ -88,7 +89,7 @@ $g = array( "disablehelpmenu" => false, "disablehelpicon" => false, "debug" => false, - "latest_config" => "6.4", + "latest_config" => "7.0", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "105", "minimum_ram_warning_text" => "128 MB", diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 0e40341..39f9be5 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -69,7 +69,7 @@ pid_file "{$g['varrun_path']}/apinger.pid" status { ## File where the status information whould be written to - file "/tmp/apinger.status" + file "{$g['tmp_path']}/apinger.status" ## Interval between file updates ## when 0 or not set, file is written only when SIGUSR1 is received interval 10s @@ -82,8 +82,8 @@ rrd interval 60s; ## These parameters can be overriden in a specific alarm configuration alarm default { - command on "/usr/bin/touch /tmp/filter_dirty" - command off "/usr/bin/touch /tmp/filter_dirty" + command on "/usr/local/sbin/pfSctl -c 'filter reload'" + command off "/usr/local/sbin/pfSctl -c 'filter reload'" combine 10s } @@ -249,6 +249,7 @@ EOD; @chown("{$g['vardb_path']}/rrd", "nobody"); /* start a new apinger process */ + @unlink("{$g['tmp_path']}/apinger.status"); mwexec_bg("/usr/local/sbin/apinger -c {$g['varetc_path']}/apinger.conf"); return 0; diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 5366ebc..455a527 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -848,7 +848,7 @@ function interface_bring_down($interface = "wan", $destroy = false) { } unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf"); if (isset($ppp['ondemand']) && !$destroy) - file_put_contents("{$g['tmp_path']}/interface_configure", $interface); + send_event("interface reconfigure {$interface}"); break; } } @@ -867,14 +867,16 @@ function interface_bring_down($interface = "wan", $destroy = false) { unlink_if_exists("{$g['varetc_path']}/dhclient_{$interface}.conf"); if(does_interface_exist("$realif")) { mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true); - pfSense_interface_flags($realif, -IFF_UP); + if ($destroy == true) + pfSense_interface_flags($realif, -IFF_UP); mwexec("/usr/sbin/arp -d -i {$realif} -a"); } break; default: if(does_interface_exist("$realif")) { mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true); - pfSense_interface_flags($realif, -IFF_UP); + if ($destroy == true) + pfSense_interface_flags($realif, -IFF_UP); mwexec("/usr/sbin/arp -d -i {$realif} -a"); } break; @@ -1519,9 +1521,14 @@ function interface_proxyarp_configure($interface = "") { /* kill any running choparp */ if (empty($interface)) killbyname("choparp"); + else { + $vipif = get_real_interface($interface); + if (file_exists("{$g['varrun_path']}/choparp_{$vipif}.pid")) + killbypid("{$g['varrun_path']}/choparp_{$vipif}.pid"); + } - if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) { - $paa = array(); + $paa = array(); + if (!empty($config['virtualip']) && is_array($config['virtualip']['vip'])) { /* group by interface */ foreach ($config['virtualip']['vip'] as $vipent) { @@ -1530,8 +1537,11 @@ function interface_proxyarp_configure($interface = "") { $proxyif = $vipent['interface']; else $proxyif = "wan"; + + if (!empty($interface) && $interface != $proxyif) + continue; - if (!is_array($paa[$if])) + if (!is_array($paa[$proxyif])) $paa[$proxyif] = array(); $paa[$proxyif][] = $vipent; @@ -1553,10 +1563,10 @@ function interface_proxyarp_configure($interface = "") { } mwexec_bg("/usr/local/sbin/choparp " . $args); } - } else if (count($paa)) { - foreach ($paa as $paif => $paents) { + } else if (count($paa) > 0) { + foreach ($paa as $paif => $paents) { $paaifip = get_interface_ip($paif); - if (!(is_ipaddr($paaifip))) + if (!is_ipaddr($paaifip)) continue; $args = get_real_interface($paif) . " auto"; foreach ($paents as $paent) { @@ -2278,6 +2288,20 @@ EOD; /* bring the clones back up that were previously up */ foreach ($clones_up as $clone_if) { mwexec("{$ifconfig} " . escapeshellarg($clone_if) . " up"); + + /* + * Rerun the setup script for the interface if it isn't this interface, the interface + * is in infrastructure mode, and WPA is enabled. + * This can be removed if wpa_supplicant stops dying when you bring the interface down. + */ + if ($clone_if != $if) { + $friendly_if = convert_real_interface_to_friendly_interface_name($clone_if); + if ( !empty($friendly_if) + && $config['interfaces'][$friendly_if]['wireless']['mode'] == "bss" + && isset($config['interfaces'][$friendly_if]['wireless']['wpa']['enable']) ) { + mwexec("/bin/sh {$g['tmp_path']}/{$clone_if}_setup.sh"); + } + } } } @@ -2307,9 +2331,11 @@ function kill_wpasupplicant($interface) { } function find_dhclient_process($interface) { - if($interface) { + if ($interface) $pid = `/bin/pgrep -xf "dhclient: {$interface}"`; - } + else + $pid = 0; + return $pid; } @@ -2324,7 +2350,18 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven if (!$g['booting']) { /* remove all IPv4 addresses */ while (mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " -alias", true) == 0); - interface_bring_down($interface, true); + + switch ($wancfg['ipaddr']) { + case 'pppoe': + case 'l2tp': + case 'pptp': + case 'ppp': + interface_bring_down($interface, true); + break; + default: + interface_bring_down($interface); + break; + } } /* wireless configuration? */ @@ -3106,19 +3143,21 @@ function ip_in_interface_alias_subnet($interface, $ipalias) { global $config; if (empty($interface) || !is_ipaddr($ipalias)) - return 0; + return false; if (is_array($config['virtualip']['vip'])) { foreach ($config['virtualip']['vip'] as $vip) { switch ($vip['mode']) { case "ipalias": if ($vip['interface'] <> $interface) - continue; + break; if (ip_in_subnet($ipalias, gen_subnet($vip['subnet'], $vip['subnet_bits']) . "/" . $vip['subnet_bits'])) - return 1; + return true; break; } } } + + return false; } function get_interface_ip($interface = "wan") diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 4ee029d..43a5e8e 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -573,7 +573,7 @@ function openvpn_restart($mode, & $settings) { /* start the new process */ $fpath = $g['varetc_path']."/openvpn/{$mode_id}.conf"; mwexec_bg("nohup openvpn --config {$fpath}"); - touch("{$g['tmp_path']}/filter_dirty"); + send_event("filter reload"); } function openvpn_delete($mode, & $settings) { diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 833c802..dc945a7 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -852,7 +852,7 @@ function reload_interfaces_sync() { ******/ function reload_all() { global $g; - touch("{$g['tmp_path']}/reload_all"); + send_event("service reload all"); } /****f* pfsense-utils/reload_interfaces @@ -925,10 +925,10 @@ function reload_all_sync() { conf_mount_ro(); /* restart sshd */ - @touch("{$g['tmp_path']}/start_sshd"); + send_event("service restart sshd"); /* restart webConfigurator if needed */ - touch("{$g['tmp_path']}/restart_webgui"); + send_event("service restart webgui"); mwexec("/bin/rm {$g['tmp_path']}/reload*"); } diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 3766350..cbeb855 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -101,7 +101,8 @@ function remove_freebsd_package($packagestring) { ******/ function is_package_installed($packagename) { $pkg = get_pkg_id($packagename); - if($pkg == -1) return false; + if($pkg == -1) + return false; return true; } @@ -119,7 +120,8 @@ function get_pkg_id($pkg_name) { if(is_array($config['installedpackages']['package'])) { $i = 0; foreach($config['installedpackages']['package'] as $pkg) { - if($pkg['name'] == $pkg_name) return $i; + if($pkg['name'] == $pkg_name) + return $i; $i++; } } @@ -137,6 +139,7 @@ function get_pkg_id($pkg_name) { ******/ function get_pkg_info($pkgs = 'all', $info = 'all') { global $g; + $freebsd_version = str_replace("\n", "", `uname -r | cut -d'-' -f1 | cut -d'.' -f1`); $freebsd_machine = str_replace("\n", "", `uname -m`); $params = array( @@ -151,6 +154,7 @@ function get_pkg_info($pkgs = 'all', $info = 'all') { function get_pkg_sizes($pkgs = 'all') { global $g; + $params = array("pkg" => $pkgs); $msg = new XML_RPC_Message('pfsense.get_pkg_sizes', array(php_value_to_xmlrpc($params))); $xmlrpc_base_url = isset($config['system']['altpkgrepo']['enable']) ? $config['system']['altpkgrepo']['xmlrpcbaseurl'] : $g['xmlrpcbaseurl']; @@ -159,9 +163,9 @@ function get_pkg_sizes($pkgs = 'all') { if($resp and !$resp->faultCode()) { $raw_versions = $resp->value(); return xmlrpc_value_to_php($raw_versions); - } else { - return array(); } + + return array(); } /* @@ -170,27 +174,33 @@ function get_pkg_sizes($pkgs = 'all') { */ function resync_all_package_configs($show_message = false) { global $config, $restart_sync, $pkg_interface; + $i = 0; log_error(gettext("Resyncing configuration for all packages.")); if(!$config['installedpackages']['package']) return; if($show_message == true) echo "Syncing packages:"; - foreach($config['installedpackages']['package'] as $package) { - if (empty($package['name'])) - continue; - if($show_message == true) print " " . $package['name']; - get_pkg_depends($package['name'], "all"); - stop_service($package['name']); - sync_package($i, true, true); - if($restart_sync == true) { - $restart_sync = false; - if($pkg_interface == "console") - echo "\n" . gettext("Syncing packages:"); + + if (is_array($config['installedpackages']['package'])) { + foreach($config['installedpackages']['package'] as $package) { + if (empty($package['name'])) + continue; + if($show_message == true) + echo " " . $package['name']; + get_pkg_depends($package['name'], "all"); + stop_service($package['name']); + sync_package($i, true, true); + if($restart_sync == true) { + $restart_sync = false; + if($pkg_interface == "console") + echo "\n" . gettext("Syncing packages:"); + } + $i++; } - $i++; } - if($show_message == true) print ".\n"; + if($show_message == true) + echo "done.\n"; @unlink("/conf/needs_package_sync"); } @@ -200,6 +210,7 @@ function resync_all_package_configs($show_message = false) { */ function is_freebsd_pkg_installed($pkg) { global $g; + if(in_array($pkg, return_dir_as_array("{$g['vardb_path']}/pkg"))) return true; return false; @@ -216,27 +227,29 @@ function is_freebsd_pkg_installed($pkg) { function get_pkg_depends($pkg_name, $filetype = ".xml", $format = "files", $return_nosync = 1) { global $config; require_once("notices.inc"); + $pkg_id = get_pkg_id($pkg_name); - if(!is_numeric($pkg_name)) { - if($pkg_id == -1) return -1; // This package doesn't really exist - exit the function. - } else { - if(!isset($config['installedpackages']['package'][$pkg_id])) return; // No package belongs to the pkg_id passed to this function. - } - $package = $config['installedpackages']['package'][$pkg_id]; + if($pkg_id == -1) + return -1; // This package doesn't really exist - exit the function. + else if (!isset($config['installedpackages']['package'][$pkg_id])) + return; // No package belongs to the pkg_id passed to this function. + + $package =& $config['installedpackages']['package'][$pkg_id]; if(!file_exists("/usr/local/pkg/" . $package['configurationfile'])) { log_error(sprintf(gettext("The %1$s package is missing required dependencies and must be reinstalled. %2$s"), $package['name'], $package['configurationfile'])); - install_package($package['name']); uninstall_package_from_name($package['name']); install_package($package['name']); return; } $pkg_xml = parse_xml_config_pkg("/usr/local/pkg/" . $package['configurationfile'], "packagegui"); - if($pkg_xml['additional_files_needed'] != "") { + if (!empty($pkg_xml['additional_files_needed'])) { foreach($pkg_xml['additional_files_needed'] as $item) { - if (($return_nosync == 0) && (isset($item['nosync']))) continue; // Do not return depends with nosync set if not required. + if ($return_nosync == 0 && isset($item['nosync'])) + continue; // Do not return depends with nosync set if not required. $depend_file = substr(strrchr($item['item']['0'], '/'),1); // Strip URLs down to filenames. $depend_name = substr(substr($depend_file,0,strpos($depend_file,".")+1),0,-1); // Strip filename down to dependency name. - if (($filetype != "all") && (!preg_match("/{$filetype}/i", $depend_file))) continue; + if (($filetype != "all") && (!preg_match("/{$filetype}/i", $depend_file))) + continue; if ($item['prefix'] != "") { $prefix = $item['prefix']; } else { @@ -244,47 +257,47 @@ function get_pkg_depends($pkg_name, $filetype = ".xml", $format = "files", $retu } // Ensure that the prefix exists to avoid installation errors. if(!is_dir($prefix)) - exec("mkdir -p {$prefix}"); + exec("/bin/mkdir -p {$prefix}"); if(!file_exists($prefix . $depend_file)) log_error(sprintf(gettext("The %s package is missing required dependencies and must be reinstalled."), $package['name'])); switch ($format) { - case "files": - $depends[] = $prefix . $depend_file; - break; - case "names": - switch ($filetype) { - case "all": - if(preg_match("/\.xml/i", $depend_file)) { - $depend_xml = parse_xml_config_pkg("/usr/local/pkg/" . $depend_file, "packagegui"); - $depends[] = $depend_xml['name']; - break; - } else { - $depends[] = $depend_name; // If this dependency isn't package XML, use the stripped filename. - break; - } - case ".xml": - $depend_xml = parse_xml_config_pkg("/usr/local/pkg/" . $depend_file, "packagegui"); + case "files": + $depends[] = $prefix . $depend_file; + break; + case "names": + switch ($filetype) { + case "all": + if(preg_match("/\.xml/i", $depend_file)) { + $depend_xml = parse_xml_config_pkg("/usr/local/pkg/{$depend_file}", "packagegui"); + if (!empty($depend_xml)) $depends[] = $depend_xml['name']; - break; - default: - $depends[] = $depend_name; // If we aren't looking for XML, use the stripped filename (it's all we have). - break; - } - } + } else + $depends[] = $depend_name; // If this dependency isn't package XML, use the stripped filename. + break; + case ".xml": + $depend_xml = parse_xml_config_pkg("/usr/local/pkg/" . $depend_file, "packagegui"); + if (!empty($depend_xml)) + $depends[] = $depend_xml['name']; + break; + default: + $depends[] = $depend_name; // If we aren't looking for XML, use the stripped filename (it's all we have). + break; + } } + } return $depends; } } function uninstall_package_from_name($pkg_name) { global $config; + $id = get_pkg_id($pkg_name); if ($id >= 0) { $pkg_depends =& $config['installedpackages']['package'][$id]['depends_on_package']; - delete_package($pkg_depends[0], $pkg_name); if (is_array($pkg_depends)) { foreach ($pkg_depends as $pkg_depend) - remove_freebsd_package($pkg_depend); + delete_package($pkg_depend, $id); } } delete_package_xml($pkg_name); @@ -301,19 +314,22 @@ function force_remove_package($pkg_name) { function sync_package($pkg_name, $sync_depends = true, $show_message = false) { global $config; require_once("notices.inc"); - if(!$config['installedpackages']['package']) return; + + if(empty($config['installedpackages']['package'])) + return; if(!is_numeric($pkg_name)) { $pkg_id = get_pkg_id($pkg_name); - if($pkg_id == -1) return -1; // This package doesn't really exist - exit the function. + if($pkg_id == -1) + return -1; // This package doesn't really exist - exit the function. } else { $pkg_id = $pkg_name; - if(!isset($config['installedpackages']['package'][$pkg_id])) - return; // No package belongs to the pkg_id passed to this function. + if(empty($config['installedpackages']['package'][$pkg_id])) + return; // No package belongs to the pkg_id passed to this function. } if (is_array($config['installedpackages']['package'][$pkg_id])) - $package = $config['installedpackages']['package'][$pkg_id]; + $package =& $config['installedpackages']['package'][$pkg_id]; else - return; /* empty package tag */ + return; /* empty package tag */ if(!file_exists("/usr/local/pkg/" . $package['configurationfile'])) { log_error(sprintf(gettext("The %s package is missing its configuration file and must be reinstalled."), $package['name'])); force_remove_package($package['name']); @@ -328,7 +344,6 @@ function sync_package($pkg_name, $sync_depends = true, $show_message = false) { else { /* XXX: What the heck is this?! */ log_error(sprintf(gettext("Could not locate %s."), $include_file)); - install_package($package['name']); uninstall_package_from_name($package['name']); install_package($package['name']); } @@ -337,7 +352,8 @@ function sync_package($pkg_name, $sync_depends = true, $show_message = false) { /* XXX: Zend complains about the next line "Wrong break depth" * The code is obviously wrong, but I'm not sure what it's supposed to do? */ - if(isset($pkg_config['nosync'])) continue; + if(isset($pkg_config['nosync'])) + continue; if(!empty($pkg_config['custom_php_global_functions'])) eval($pkg_config['custom_php_global_functions']); if(!empty($pkg_config['custom_php_resync_config_command'])) @@ -349,19 +365,20 @@ function sync_package($pkg_name, $sync_depends = true, $show_message = false) { if(!file_exists($item)) { file_notice($package['name'], sprintf(gettext("The %s package is missing required dependencies and must be reinstalled."), $package['name']), "Packages", "/pkg_mgr_install.php?mode=reinstallpkg&pkg={$package['name']}", 1); log_error(sprintf(gettext("Could not find %s. Reinstalling package."), $item)); - install_package($pkg_name); uninstall_package_from_name($pkg_name); install_package($pkg_name); } else { $item_config = parse_xml_config_pkg($item, "packagegui"); - if(isset($item_config['nosync'])) continue; - if($item_config['custom_php_command_before_form'] <> "") { + if (empty($item_config)) + continue; + if(isset($item_config['nosync'])) + continue; + if($item_config['custom_php_command_before_form'] <> "") eval($item_config['custom_php_command_before_form']); - } - if($item_config['custom_php_resync_config_command'] <> "") { + if($item_config['custom_php_resync_config_command'] <> "") eval($item_config['custom_php_resync_config_command']); - } - if($show_message == true) print " " . $item_config['name']; + if($show_message == true) + print " " . $item_config['name']; } } } @@ -375,15 +392,16 @@ function sync_package($pkg_name, $sync_depends = true, $show_message = false) { * * XXX: This function needs to return where a pkg_add fails. Our current error messages aren't very descriptive. */ -function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = 'http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.4-release/Latest') { +function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = 'http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-8.1-release/Latest') { global $pkgent, $static_output, $g, $fd_log; + $pkg_extension = strrchr($filename, '.'); $static_output .= "\n" . str_repeat(" ", $dependlevel * 2) . $pkgname . " "; - $fetchto = "{$g['tmp_path']}/apkg_" . $pkgname . $pkg_extension; - download_file_with_progress_bar($base_url . '/' . $filename, $fetchto); + $fetchto = "{$g['tmp_path']}/apkg_{$pkgname}{$pkg_extension}"; + download_file_with_progress_bar("{$base_url}/{$filename}", $fetchto); $static_output .= " (extracting)"; update_output_window($static_output); - $slaveout = ""; + $slaveout = ""; exec("/usr/bin/tar --fast-read -O -f {$fetchto} -x +CONTENTS 2>&1", $slaveout); $workingdir = preg_grep("/instmp/", $slaveout); $workingdir = $workingdir[0]; @@ -398,20 +416,22 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = if(is_freebsd_pkg_installed($working_depend[1]) === false) { pkg_fetch_recursive($working_depend[1], $depend_filename, $dependlevel + 1, $base_url); } else { -// $dependlevel++; + //$dependlevel++; $static_output .= "\n" . str_repeat(" ", $dependlevel * 2) . $working_depend[1] . " "; @fwrite($fd_log, $working_depend[1] . "\n"); } } } $pkgaddout = ""; - exec("cat {$g['tmp_path']}/y | /usr/sbin/pkg_add -fv {$fetchto} 2>&1", $pkgaddout); + exec("/bin/cat {$g['tmp_path']}/y | /usr/sbin/pkg_add -fv {$fetchto} 2>&1", $pkgaddout); @fwrite($fd_log, $pkgname . " " . print_r($pkgaddout, true) . "\n"); + return true; } function install_package($package, $pkg_info = "") { global $g, $config, $pkg_interface, $fd_log, $static_output, $pkg_interface, $restart_sync; + /* safe side. Write config below will send to ro again. */ conf_mount_rw(); @@ -424,7 +444,7 @@ function install_package($package, $pkg_info = "") { } } /* fetch package information if needed */ - if(!$pkg_info or !is_array($pkg_info[$package])) { + if(empty($pkg_info) or !is_array($pkg_info[$package])) { $pkg_info = get_pkg_info(array($package)); $pkg_info = $pkg_info[$package]; // We're only dealing with one package, so we can strip away the extra array. } @@ -512,6 +532,7 @@ function eval_once($toeval) { function install_package_xml($pkg) { global $g, $config, $fd_log, $static_output, $pkg_interface; + if(($pkgid = get_pkg_id($pkg)) == -1) { $static_output .= sprintf(gettext("The %s package is not installed.%sInstallation aborted."), $pkg, "\n\n"); update_output_window($static_output); @@ -521,9 +542,9 @@ function install_package_xml($pkg) { } sleep(1); return; - } else { + } else $pkg_info = $config['installedpackages']['package'][$pkgid]; - } + /* set up logging if needed */ if(!$fd_log) { if(!$fd_log = fopen("{$g['tmp_path']}/pkg_mgr_{$pkg}.log", "w")) { @@ -559,11 +580,11 @@ function install_package_xml($pkg) { update_output_window($static_output); foreach((array) $pkg_info['depends_on_package'] as $pkgdep) { $pkg_name = substr(reverse_strrchr($pkgdep, "."), 0, -1); - if(isset($pkg_info['skip_install_checks'])) { + if(isset($pkg_info['skip_install_checks'])) $pkg_installed = true; - } else { + else $pkg_installed = is_freebsd_pkg_installed($pkg_name); - } + if($pkg_installed == false) pkg_fetch_recursive($pkg_name, $pkgdep, 0, $pkg_info['depends_on_package_base_url']); $static_output = $static_orig . gettext("done.") . "\n" . gettext("Checking for successful package installation... "); @@ -619,16 +640,16 @@ function install_package_xml($pkg) { update_output_window($static_output); foreach($pkg_config['additional_files_needed'] as $afn) { $filename = get_filename_from_url($afn['item'][0]); - if($afn['chmod'] <> "") { + if($afn['chmod'] <> "") $pkg_chmod = $afn['chmod']; - } else { + else $pkg_chmod = ""; - } - if($afn['prefix'] <> "") { + + if($afn['prefix'] <> "") $prefix = $afn['prefix']; - } else { + else $prefix = "/usr/local/pkg/"; - } + if(!is_dir($prefix)) safe_mkdir($prefix); $static_output .= $filename . " "; @@ -740,14 +761,17 @@ function install_package_xml($pkg) { function delete_package($pkg, $pkgid) { global $g, $config, $fd_log, $static_output; + update_status(gettext("Removing package...")); $static_output .= gettext("Removing package... "); update_output_window($static_output); - $pkgid = get_pkg_id($pkgid); - $pkg_info = $config['installedpackages']['package'][$pkgid]; + if (!is_array($config['installedpackages']['package'])) + return; - $configfile = $pkg_info['configurationfile']; - if(empty($configfile)) + $pkg_info =& $config['installedpackages']['package'][$pkgid]; + if (empty($pkg_info)) + return; + if (empty($pkg_info['configurationfile'])) return; $static_output .= sprintf(gettext("%sStarting package deletion for %s...%s"), "\n", $pkg_info['name'], "\n"); @@ -756,11 +780,13 @@ function delete_package($pkg, $pkgid) { delete_package_recursive($pkg); $static_output .= gettext("done.") . "\n"; update_output_window($static_output); + return; } function delete_package_recursive($pkg) { global $config, $g; + $fd = fopen("{$g['tmp_path']}/y", "w"); for($line = 0; $line < 10; $line++) { fwrite($fd, "y\n"); @@ -782,9 +808,11 @@ function delete_package_recursive($pkg) { function delete_package_xml($pkg) { global $g, $config, $fd_log, $static_output, $pkg_interface; + conf_mount_rw(); - if(($pkgid = get_pkg_id($pkg)) == -1) { + $pkgid = get_pkg_id($pkg); + if ($pkgid == -1) { $static_output .= sprintf(gettext("The %s package is not installed.%sDeletion aborted."), $pkg, "\n\n"); update_output_window($static_output); if($pkg_interface <> "console") { @@ -815,13 +843,16 @@ function delete_package_xml($pkg) { $pkg_config = parse_xml_config_pkg("/usr/local/pkg/" . $packages[$pkgid]['configurationfile'], "packagegui"); /* remove tab items */ if(is_array($pkg_config['tabs'])) { - $static_output .= "\t" . gettext("Menu items... "); + $static_output .= "\t" . gettext("Tabs items... "); update_output_window($static_output); if(is_array($pkg_config['tabs']['tab']) && is_array($tabs)) { foreach($pkg_config['tabs']['tab'] as $tab) { - foreach($tabs as $key => $insttab) - if($insttab['name'] == $tab['name']) + foreach($tabs as $key => $insttab) { + if($insttab['name'] == $tab['name']) { unset($tabs[$key]); + break; + } + } } } $static_output .= gettext("done.") . "\n"; @@ -833,9 +864,12 @@ function delete_package_xml($pkg) { update_output_window($static_output); if (is_array($pkg_config['menu']) && is_array($menus)) { foreach($pkg_config['menu'] as $menu) { - foreach($menus as $key => $instmenu) - if($instmenu['name'] == $menu['name']) + foreach($menus as $key => $instmenu) { + if($instmenu['name'] == $menu['name']) { unset($menus[$key]); + break; + } + } } } $static_output .= gettext("done.") . "\n"; @@ -858,9 +892,16 @@ function delete_package_xml($pkg) { $static_output .= gettext("done.") . "\n"; update_output_window($static_output); } - /* if a require exists, include it. this will - * show us where an error exists in a package - * instead of making us blindly guess + /* + * XXX: Otherwise inclusion of config.inc again invalidates actions taken. + * Same is done during installation. + */ + write_config(); + + /* + * If a require exists, include it. this will + * show us where an error exists in a package + * instead of making us blindly guess */ if($pkg_config['include_file'] <> "") { $static_output = gettext("Loading package instructions..."); @@ -879,9 +920,9 @@ function delete_package_xml($pkg) { if(is_array($pkg_config['modify_system']['item'])) { $static_output .= "\t" . gettext("System files... "); update_output_window($static_output); - foreach($pkg_config['modify_system']['item'] as $ms) { + foreach($pkg_config['modify_system']['item'] as $ms) if($ms['textneeded']) remove_text_from_file($ms['modifyfilename'], $ms['textneeded']); - } + $static_output .= gettext("done.") . "\n"; update_output_window($static_output); } @@ -916,14 +957,12 @@ function delete_package_xml($pkg) { update_output_window($static_output); foreach($pkg_config['additional_files_needed'] as $afn) { $filename = get_filename_from_url($afn['item'][0]); - if($afn['prefix'] <> "") { + if($afn['prefix'] <> "") $prefix = $afn['prefix']; - } else { + else $prefix = "/usr/local/pkg/"; - } + unlink_if_exists($prefix . $filename); - if(file_exists($prefix . $filename)) - mwexec("rm -rf {$prefix}{$filename}"); } $static_output .= gettext("done.") . "\n"; update_output_window($static_output); @@ -945,13 +984,13 @@ function delete_package_xml($pkg) { write_config(sprintf(gettext("Removed %s package."), $pkg)); /* file cleanup */ $ctag = file("/etc/crontab"); - foreach($ctag as $line) { - if(trim($line) != "") $towrite[] = $line; - } + foreach($ctag as $line) + if(trim($line) != "") + $towrite[] = $line; + $tmptab = fopen("{$g['tmp_path']}/crontab", "w"); - foreach($towrite as $line) { + foreach($towrite as $line) fwrite($tmptab, $line); - } fclose($tmptab); // Go RW again since the write_config above will put it back to RO diff --git a/etc/inc/service-utils.inc b/etc/inc/service-utils.inc index cc342c5..281da52 100644 --- a/etc/inc/service-utils.inc +++ b/etc/inc/service-utils.inc @@ -34,64 +34,70 @@ */ /* - pfSense_BUILDER_BINARIES: /usr/bin/killall /bin/sh /bin/ps + pfSense_BUILDER_BINARIES: /bin/pkill /bin/pgrep /bin/sh /usr/bin/killall pfSense_MODULE: utils */ +$rcfileprefix = "/usr/local/etc/rc.d/"; function write_rcfile($params) { - $fileprefix = "/usr/local/etc/rc.d/"; - if(!(is_writable($fileprefix . $params['file']) or $params['start'])) return false; - $towrite .= "#!/bin/sh\n# " . gettext("This file was automatically generated") . "\n# " . gettext("by the") . " {$g['product_website']} service handler.\n\n"; + global $g; + + if (!is_writable("{$rcfileprefix}{$params['file']}") || empty($params['start'])) + return false; + $towrite = "#!/bin/sh\n"; + $towrite .= "# This file was automatically generated\n# by the {$g['product_website']} service handler.\n\n"; + /* write our rc functions */ - $towrite .= "rc_start() {\n\t" . $params['start'] . "\n}\n\n"; - if($params['stop']) { + $towrite .= "rc_start() {\n"; + $towrite .= "\t{$params['start']}\n"; + $towrite .= "}\n\n"; + if(!empty($params['stop'])) { $tokill =& $params['stop']; - } elseif($params['executable']) { + } else if(!empty($params['executable'])) { /* just nuke the executable */ $tokill = "/usr/bin/killall {$params['executable']}"; } else { /* make an educated guess (bad) */ $tokill = array_pop(explode('/', array_shift(explode(' ', $params['start'])))); } - $towrite .= "rc_stop() {\n\t" . $tokill . "\n}\n\n"; + $towrite .= "rc_stop() {\n"; + $towrite .= "\t{$tokill}\n"; + $towrite .= "}\n\n"; /* begin rcfile logic */ - $towrite .= "case $1 in\n\tstart)\n\t\trc_start\n\t\t;;\n\tstop)\n\t\trc_stop\n\t\t;;\n\trestart)\n\t\trc_stop\n\t\trc_start\n\t\t;;\nesac\n\n"; - $fout = fopen($fileprefix . $params['file'], "w"); - fwrite($fout, $towrite); - fclose($fout); - chmod($fileprefix . $params['file'], 0755); + $towrite .= "case \$1 in\n\tstart)\n\t\trc_start\n\t\t;;\n\tstop)\n\t\trc_stop\n\t\t;;\n\trestart)\n\t\trc_stop\n\t\trc_start\n\t\t;;\nesac\n\n"; + + file_put_contents("{$rcfileprefix}{$params['file']}", $towrite); + @chmod("{$rcfileprefix}{$params['file']}", 0755); + return; } function start_service($name) { global $config; + /* make sure service is stopped before starting */ stop_service($name); sleep(2); - if(file_exists("/usr/local/etc/rc.d/{$name}.sh")) { - exec("/bin/sh /usr/local/etc/rc.d/{$name}.sh start"); + + if(file_exists("{$rcfileprefix}{$name}.sh")) { + exec("/bin/sh {$rcfileprefix}{$name}.sh start"); return; } if($config['installedpackages']['service']) { foreach($config['installedpackages']['service'] as $service) { if(strtolower($service['name']) == strtolower($name)) { if($service['rcfile']) { - if($service['prefix']) { + $prefix = $rcfileprefix; + if (!empty($service['prefix'])) { $prefix =& $service['prefix']; - } else { - $prefix = "/usr/local/etc/rc.d/"; } - if(file_exists($prefix . $service['rcfile'])) { - mwexec_bg($prefix . $service['rcfile'] . " start"); - } else { - if(file_exists("/usr/local/etc/rc.d/{$name}.sh")) - mwexec_bg("/usr/local/etc/rc.d/{$name}.sh start"); + if(file_exists("{$prefix}{$service['rcfile']}")) { + mwexec_bg("{$prefix}{$service['rcfile']} start"); } } - if($service['startcmd']) { + if (!empty($service['startcmd'])) eval($service['startcmd']); - } break; } } @@ -100,20 +106,20 @@ function start_service($name) { function stop_service($name) { global $config; - if($config['installedpackages']['service']) { + + if ($config['installedpackages']['service']) { foreach($config['installedpackages']['service'] as $service) { if(strtolower($service['name']) == strtolower($name)) { if($service['rcfile']) { - if($service['prefix']) { + $prefix = $rcfileprefix; + if(!empty($service['prefix'])) { $prefix =& $service['prefix']; - } else { - $prefix = "/usr/local/etc/rc.d/"; } - mwexec_bg($prefix . $service['rcfile'] . " stop"); + mwexec_bg("{$prefix}{$service['rcfile']} stop"); } - if($service['stopcmd']) { + if (!empty($service['stopcmd'])) eval($service['stopcmd']); - } + if(!($service['rcfile'] or $service['stopcmd'])) { if(is_process_running("{$service['executable']}")) mwexec_bg("/usr/bin/killall {$service['executable']}"); @@ -124,14 +130,16 @@ function stop_service($name) { } } /* finally if we get here lets simply kill the service name */ -if(is_process_running("{$name}")) - mwexec_bg("/usr/bin/killall {$name}"); + if(is_process_running("{$name}")) + mwexec_bg("/usr/bin/killall {$name}"); } function restart_service($name) { global $config; + stop_service($name); start_service($name); + if($config['installedpackages']['service']) { foreach($config['installedpackages']['service'] as $service) { if(strtolower($service['name']) == strtolower($name)) { @@ -145,9 +153,11 @@ function restart_service($name) { } function is_pid_running($pidfile) { - $pid = trim(file_get_contents($pidfile)); - $running = (trim(shell_exec("/usr/bin/procstat {$pid} 2>/dev/null")) != ''); - return $running; + if (!file_exists($pidfile)) + return false; + $running = shell_exec("/bin/pgrep -F {$pidfile} 2>/dev/null"); + + return (!empty($running)); } function is_dhcp_running($interface) { @@ -166,33 +176,28 @@ function restart_service_if_running($service) { function is_service_running($service, $ps = "") { global $config; - /* - if(!$ps) { - exec("/bin/ps ax | awk '{ print $5 }'", $psout); - } - */ + if(is_array($config['installedpackages']['service'])) { foreach($config['installedpackages']['service'] as $aservice) { if(strtolower($service) == strtolower($aservice['name'])) { - if($aservice['custom_php_service_status_command'] <> "") { - $_cmd=explode(';', $aservice['custom_php_service_status_command']); - foreach($_cmd as $_acmd) { - if($_acmd) eval('$rc='.$_acmd.';'); - } + if ($aservice['custom_php_service_status_command'] <> "") { + eval("\$rc={$aservice['custom_php_service_status_command']};"); return $rc; } - if(!$aservice['executable']) return false; - /* - if(count(preg_grep("/{$aservice['executable']}/i", $ps))) { - return true; - } else { + if(empty($aservice['executable'])) return false; - } - */ - return is_process_running($aservice['executable']) ? true : false; + if (is_process_running($aservice['executable'])) + return true; + + return false; } } } + + if (is_process_running($service)) + return true; + + return false; } ?> diff --git a/etc/inc/system.inc b/etc/inc/system.inc index c21be19..0e725c9 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -355,12 +355,10 @@ function system_routing_configure($interface = "") { $gateways_arr = return_gateways_array(); foreach ($config['staticroutes']['route'] as $rtent) { - if (!empty($interface) && $interface != $rtent['interface']) - continue; $gatewayip = ""; if (isset($gateways_arr[$rtent['gateway']])) { $gatewayip = $gateways_arr[$rtent['gateway']]['gateway']; - $interfacegw = get_real_interface($rtent['interface']); + $interfacegw = $gateways_arr[$rtent['gateway']]['interface']; } else if (is_ipaddr($rtent['gateway'])) { $gatewayip = $rtent['gateway']; } else { @@ -668,12 +666,12 @@ function system_webgui_start() { // Ensure that we have a webConfigurator CERT $cert =& lookup_cert($config['system']['webgui']['ssl-certref']); if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) { - if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); - $a_ca =& $config['system']['ca']; - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); - $a_cert =& $config['system']['cert']; + if (!is_array($config['ca'])) + $config['ca'] = array(); + $a_ca =& $config['ca']; + if (!is_array($config['cert'])) + $config['cert'] = array(); + $a_cert =& $config['cert']; echo gettext("Creating SSL Certificate... "); $cert = array(); $cert['refid'] = uniqid(); @@ -1114,7 +1112,7 @@ function system_timezone_configure() { function system_ntp_configure() { global $config, $g; - $syscfg = $config['system']; + $syscfg =& $config['system']; /* open configuration for wrting or bail */ $fd = fopen("{$g['varetc_path']}/ntpd.conf","w"); @@ -1154,16 +1152,16 @@ function system_ntp_configure() { /* if openntpd is running, kill it */ while(is_process_running("ntpd")) { - mwexec("/usr/bin/killall ntpd", true); + killbyname("ntpd"); } /* if /var/empty does not exist, create it */ if(!is_dir("/var/empty")) exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/."); - if($g['booting']) + if ($g['booting']) return; - + /* start opentpd, set time now and use /var/etc/ntpd.conf */ exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf"); diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index cd7d75a..e604987 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1311,10 +1311,10 @@ function upgrade_050_to_051() { function upgrade_051_to_052() { global $config; $config['openvpn'] = array(); - if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); + if (!is_array($config['ca'])) + $config['ca'] = array(); + if (!is_array($config['cert'])) + $config['cert'] = array(); $vpnid = 1; @@ -1336,7 +1336,7 @@ function upgrade_051_to_052() { $ca['name'] = "OpenVPN Server CA #{$index}"; $ca['crt'] = $server['ca_cert']; $ca['crl'] = $server['crl']; - $config['system']['ca'][] = $ca; + $config['ca'][] = $ca; /* create ca reference */ unset($server['ca_cert']); @@ -1349,7 +1349,7 @@ function upgrade_051_to_052() { $cert['name'] = "OpenVPN Server Certificate #{$index}"; $cert['crt'] = $server['server_cert']; $cert['prv'] = $server['server_key']; - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; /* create cert reference */ unset($server['server_cert']); @@ -1466,7 +1466,7 @@ function upgrade_051_to_052() { $ca['name'] = "OpenVPN Client CA #{$index}"; $ca['crt'] = $client['ca_cert']; $ca['crl'] = $client['crl']; - $config['system']['ca'][] = $ca; + $config['ca'][] = $ca; /* create ca reference */ unset($client['ca_cert']); @@ -1479,7 +1479,7 @@ function upgrade_051_to_052() { $cert['name'] = "OpenVPN Client Certificate #{$index}"; $cert['crt'] = $client['client_cert']; $cert['prv'] = $client['client_key']; - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; /* create cert reference */ unset($client['client_cert']); @@ -1629,10 +1629,10 @@ function upgrade_051_to_052() { function upgrade_052_to_053() { global $config; - if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); + if (!is_array($config['ca'])) + $config['ca'] = array(); + if (!is_array($config['cert'])) + $config['cert'] = array(); /* migrate advanced admin page webui ssl to certifcate mngr */ if ($config['system']['webgui']['certificate'] && @@ -1644,7 +1644,7 @@ function upgrade_052_to_053() { $cert['name'] = "webConfigurator SSL Certificate"; $cert['crt'] = $config['system']['webgui']['certificate']; $cert['prv'] = $config['system']['webgui']['private-key']; - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; /* create cert reference */ unset($config['system']['webgui']['certificate']); @@ -1853,10 +1853,10 @@ function upgrade_054_to_055() { function upgrade_055_to_056() { global $config; - if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); + if (!is_array($config['ca'])) + $config['ca'] = array(); + if (!is_array($config['cert'])) + $config['cert'] = array(); /* migrate ipsec ca's to cert manager */ if (is_array($config['ipsec']['cacert'])) { @@ -1868,7 +1868,7 @@ function upgrade_055_to_056() { else $ca['crt'] = $cacert['cert']; $ca['name'] = $cacert['ident']; - $config['system']['ca'][] = $ca; + $config['ca'][] = $ca; } unset($config['ipsec']['cacert']); } @@ -1884,7 +1884,7 @@ function upgrade_055_to_056() { else $cert['crt'] = $ph1ent['cert']; $cert['prv'] = $ph1ent['private-key']; - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; $ph1ent['certref'] = $cert['refid']; if ($ph1ent['cert']) unset($ph1ent['cert']); @@ -1940,9 +1940,9 @@ function upgrade_058_to_059() { function upgrade_059_to_060() { global $config; require_once("/etc/inc/certs.inc"); - if (is_array($config['system']['ca'])) { + if (is_array($config['ca'])) { /* Locate issuer for all CAs */ - foreach ($config['system']['ca'] as & $ca) { + foreach ($config['ca'] as & $ca) { $subject = cert_get_subject($ca['crt']); $issuer = cert_get_issuer($ca['crt']); if($issuer <> $subject) { @@ -1953,8 +1953,8 @@ function upgrade_059_to_060() { } /* Locate issuer for all certificates */ - if (is_array($config['system']['cert'])) { - foreach ($config['system']['cert'] as & $cert) { + if (is_array($config['cert'])) { + foreach ($config['cert'] as & $cert) { $subject = cert_get_subject($cert['crt']); $issuer = cert_get_issuer($cert['crt']); if($issuer <> $subject) { @@ -2146,4 +2146,84 @@ function upgrade_065_to_066() { } } +function upgrade_066_to_067() { + global $config; + if (isset($config['system']['ca'])) { + $config['ca'] = $config['system']['ca']; + } + if (isset($config['system']['cert'])) { + $config['cert'] = $config['system']['cert']; + } +} + +function upgrade_067_to_068() { + global $config; + + if (!empty($config['pppoe'])) { + $config['pppoes'] = array(); + $config['pppoes']['pppoe'] = array(); + $config['pppoes']['pppoe'][] = $config['pppoe'][0]; + + if (is_array($config['pppoe']['user'])) { + $username = array(); + foreach ($config['pppoe']['user'] as $user) { + $usr = $user['name'] . ":" . base64_encode($user['password']); + if ($user['ip']) + $usr .= ":{$user['ip']}"; + $username[] = $usr; + } + $config['pppoes']['pppoe'][0]['username'] = implode(" ", $username); + } + unset($config['pppoe']); + } +} + +function upgrade_068_to_069() { + global $config; + if (!is_array($config['system']['user'])) + return; + foreach ($config['system']['user'] as & $user) { + if (!is_array($user['cert'])) + continue; + $rids = array(); + foreach ($user['cert'] as $id => $cert) { + if (!isset($cert['name'])) + continue; + $tcert = $cert; + // Make sure each cert gets a refid + if (!isset($tcert['refid'])) + $tcert['refid'] = uniqid(); + // Keep the cert references for this user + $rids[] = $tcert['refid']; + $config['cert'][] = $tcert; + } + // Replace user certs with cert references instead. + if (count($rids) > 0) + $user['cert'] = $rids; + } +} + +function upgrade_069_to_070() { + global $config; + + /* Convert NAT 1:1 rules */ + if (is_array($config['nat']['onetoone'])) { + $a_nat = &$config['nat']['onetoone']; + + foreach ($a_nat as &$natent) { + if ($natent['subnet'] == 32) + $natent['source'] = array("address" => $natent['internal']); + else + $natent['source'] = array("address" => $natent['internal'] . "/" . $natent['subnet']); + + $natent['destination'] = array("any" => true); + + unset($natent['internal']); + unset($natent['subnet']); + } + + unset($natent); + } +} + ?> diff --git a/etc/inc/util.inc b/etc/inc/util.inc index 8a9db4f..a8e9c01 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -50,27 +50,22 @@ function isvalidpid($pid) { } function is_process_running($process) { - $running = shell_exec("/bin/pgrep -x {$process}"); + $output = ""; + exec("/bin/pgrep -x {$process}", $output, $retval); - return !empty($running); + return (intval($retval) == 0); } function isvalidproc($proc) { - $running = is_process_running($proc); - if (intval($running) >= 1) - return true; - else - return false; + return is_process_running($proc); } /* sigkill a process by pid file */ /* return 1 for success and 0 for a failure */ function sigkillbypid($pidfile, $sig) { - if (is_file($pidfile)) { - $pid = trim(file_get_contents($pidfile)); - if(isvalidpid($pid)) - return mwexec("/bin/kill -s $sig {$pid}", true); - } + if (is_file($pidfile)) + return mwexec("/bin/pkill -{$sig} -F {$pidfile}", true); + return 0; } @@ -142,6 +137,36 @@ function unlock($cfglckkey = 0) { return; } +function send_event($cmd) { + global $g; + + $fd = fsockopen($g['event_address']); + if ($fd) { + fwrite($fd, $cmd); + $resp = fread($fd, 4096); + if ($resp != "OK\n") + log_error("send_event: sent {$cmd} got {$resp}"); + fclose($fd); + } +} + +function send_multiple_events($cmds) { + global $g; + + if (!is_array($cmds)) + return; + $fd = fsockopen($g['event_address']); + if ($fd) { + foreach ($cmds as $cmd) { + fwrite($fd, $cmd); + $resp = fread($fd, 4096); + if ($resp != "OK\n") + log_error("send_event: sent {$cmd} got {$resp}"); + } + fclose($fd); + } +} + function refcount_init($reference) { $shmid = shmop_open($reference, "c", 0644, 10); shmop_write($shmid, 0, 0); @@ -1181,8 +1206,6 @@ function start_devd() { exec("/sbin/devd"); sleep(1); - if(file_exists("{$g['tmp_path']}/rc.linkup")) - unlink("{$g['tmp_path']}/rc.linkup"); } function is_interface_mismatch() { @@ -1212,7 +1235,7 @@ function is_interface_mismatch() { /* sync carp entries to other firewalls */ function carp_sync_client() { global $g; - touch($g['tmp_path'] . "/filter_sync"); + send_event("filter sync"); } /****f* util/isAjax diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index e746d8a..58c6dc5 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -33,6 +33,60 @@ /* include all configuration functions */ +function xmlrpc_sync_used_voucher($voucher_received, $syncip, $port, $password, $username) { + global $g, $config; + require_once("xmlrpc.inc"); + if($port == "443") + $url = "https://{$syncip}:{$port}"; + else + $url = "http://{$syncip}:{$port}"; + + /* Construct code that is run on remote machine */ + $method = 'pfsense.exec_php'; + $execcmd = <<<EOF + require_once('/etc/inc/voucher.inc'); + \$timeleft = voucher_auth($voucher_received); + \$toreturn = array(); + \$toreturn['timeleft'] = \$timeleft; + \$toreturn['voucher']['roll'] = \$config['voucher']['roll']; + +EOF; + + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("Captive Portal Voucher XMLRPC sync data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("CaptivePortalVoucherSync", $error, "Communications error occurred", ""); + return array("timeleft" => "0"); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("CaptivePortalVoucherSync", $error, "Error code received", ""); + return array("timeleft" => "0"); + } else { + log_error("CaptivePortalVoucherSync XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } + $toreturn = XML_RPC_Decode($resp->value()); + if(count($toreturn['voucher']['roll']) <> count($config['voucher']['roll'])) { + $config['voucher']['roll'] = $toreturn['voucher']['roll']; + write_config("Captive Portal Voucher database synchronized with {$url}"); + voucher_configure(); + } + return $toreturn['timeleft']; +} + /* *Authenticate a voucher and return the remaining time credit in minutes * if $test is set, don't mark the voucher as used nor add it to the list @@ -47,6 +101,16 @@ function voucher_auth($voucher_received, $test = 0) { $voucherlck = lock('voucher'); + // XMLRPC Call over to the master Voucher node + $a_voucher = &$config['voucher']; + if($a_voucher['vouchersyncdbip']) { + $syncip = $a_voucher['vouchersyncdbip']; + $syncport = $a_voucher['vouchersyncport']; + $syncpass = $a_voucher['vouchersyncpass']; + $vouchersyncusername = $a_voucher['vouchersyncusername']; + $remote_time_used = xmlrpc_sync_used_voucher($voucher_received, $syncip, $syncport, $syncpass, $vouchersyncusername); + } + // read rolls into assoc array with rollid as key and minutes as value $a_roll = &$config['voucher']['roll']; foreach ($a_roll as $rollent) { @@ -127,7 +191,7 @@ function voucher_auth($voucher_received, $test = 0) { } else { $test_result[] = sprintf(gettext("Access granted for %d Minutes in total."), $total_minutes); } - unlock($voucherlck); + unlock($voucherlck); return $test_result; } @@ -142,17 +206,10 @@ function voucher_auth($voucher_received, $test = 0) { return $total_minutes; // well, at least one voucher had errors. Say NO ACCESS } - // XMLRPC Call over to the master Voucher node - $a_voucher = &$config['voucher']; - if($a_voucher['vouchersyncdbip']) { - $syncip = $a_voucher['vouchersyncdbip']; - $syncport = $a_voucher['vouchersyncport']; - $syncpass = $a_voucher['vouchersyncpass']; - $syncpass = $a_voucher['vouchersyncusername']; - $remote_time_used = sync_used_voucher($voucher_received, $syncip, $syncport, $syncpass, $vouchersyncusername); - if($remote_time_used['timeleft'] < 1) + // If we did a XMLRPC sync earlier check the timeleft + if($a_voucher['vouchersyncdbip']) + if($remote_time_used['timeleft'] < $total_minutes) $total_minutes = $remote_time_used['timeleft']; - } // All given vouchers were valid and this isn't simply a test. // Write back the used DB's @@ -191,54 +248,6 @@ function voucher_auth($voucher_received, $test = 0) { return $total_minutes; } -function sync_used_voucher($voucher_received, $syncip, $port, $password, $username) { - require_once("xmlrpc.inc"); - if($port == "443") - $url = "https://{$syncip}:{$port}"; - else - $url = "http://{$syncip}:{$port}"; - - /* Construct code that is run on remote machine */ - $method = 'pfsense.exec_php'; - $execcmd = <<<EOF - require_once('/etc/inc/voucher.inc'); - \$timeleft = voucher_auth($voucher_received); - \$toreturn = array(); - \$toreturn['timeleft'] = \$timeleft; - -EOF; - - /* assemble xmlrpc payload */ - $params = array( - XML_RPC_encode($password), - XML_RPC_encode($execcmd) - ); - - log_error("voucher XMLRPC sync data {$url}:{$port}."); - $msg = new XML_RPC_Message($method, $params); - $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $cli->setCredentials('admin', $password); - $resp = $cli->send($msg, "250"); - if(!$resp) { - $error = "A communications error occurred while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; - log_error($error); - file_notice("CaptivePortalVoucherSync", $error, "Communications error occurred", ""); - return array("timeleft" => "0"); - } elseif($resp->faultCode()) { - $cli->setDebug(1); - $resp = $cli->send($msg, "250"); - $error = "An error code was received while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); - log_error($error); - file_notice("CaptivePortalVoucherSync", $error, "Error code received", ""); - return array("timeleft" => "0"); - } else { - log_error("CaptivePortalVoucherSync XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); - } - $timeleft = XML_RPC_Decode($resp->value()); - //print_r($timeleft); - return $timeleft; -} - function voucher_configure() { global $config, $g; diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index ce7d501..d3ec496 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -206,8 +206,8 @@ function vpn_ipsec_configure($ipchg = false) } /* generate CA certificates files */ - if (is_array($config['system']['ca']) && count($config['system']['ca'])) { - foreach ($config['system']['ca'] as $ca) { + if (is_array($config['ca']) && count($config['ca'])) { + foreach ($config['ca'] as $ca) { if (!isset($ca['crt'])) { log_error(sprintf(gettext("Error: Invalid certificate info for %s"), $ca['name'])); continue; @@ -371,8 +371,10 @@ function vpn_ipsec_configure($ipchg = false) if ($a_client['wins_server2']) $racoonconf .= "\twins4 {$a_client['wins_server2']};\n"; - if ($a_client['dns_domain']) + if ($a_client['dns_domain']) { $racoonconf .= "\tdefault_domain \"{$a_client['dns_domain']}\";\n"; + $racoonconf .= "\tsplit_dns \"{$a_client['dns_domain']}\";\n"; + } if ($a_client['pfs_group']) $racoonconf .= "\tpfs_group {$a_client['pfs_group']};\n"; @@ -883,7 +885,7 @@ EOD; /* start dnswatch, if necessary */ if (count($dnswatch_list) > 0) { $interval = 60; - if ($ipseccfg['dns-interval']) + if (!empty($ipseccfg['dns-interval']) && is_numeric($ipseccfg['dns-interval'])) $interval = $ipseccfg['dns-interval']; $hostnames = ""; @@ -943,7 +945,7 @@ function vpn_setup() { vpn_pptpd_configure(); /* start pppoe server */ - vpn_pppoe_configure(); + vpn_pppoes_configure(); /* setup l2tp */ vpn_l2tp_configure(); @@ -1154,15 +1156,23 @@ EOD; return 0; } -function vpn_pppoe_configure() { +function vpn_pppoes_configure() { + global $config; + + if (is_array($config['pppoes']['pppoe'])) { + foreach ($config['pppoes']['pppoe'] as $pppoe) + vpn_pppoe_configure($pppoe); + } +} + +function vpn_pppoe_configure(&$pppoecfg) { global $config, $g; $syscfg = $config['system']; - $pppoecfg = $config['pppoe']; /* create directory if it does not exist */ - if (!is_dir("{$g['varetc_path']}/pppoe-vpn")) - mkdir("{$g['varetc_path']}/pppoe-vpn"); + if (!is_dir("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn")) + mkdir("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn"); if ($g['booting']) { if (!$pppoecfg['mode'] || ($pppoecfg['mode'] == "off")) @@ -1171,22 +1181,18 @@ function vpn_pppoe_configure() { echo gettext("Configuring PPPoE VPN service... "); } else { /* kill mpd */ - killbypid("{$g['varrun_path']}/pppoe-vpn.pid"); + killbypid("{$g['varrun_path']}/pppoe{$pppoecfg['pppoeid']}-vpn.pid"); /* wait for process to die */ sleep(2); } - /* make sure pppoe-vpn directory exists */ - if (!file_exists("{$g['varetc_path']}/pppoe-vpn")) - mkdir("{$g['varetc_path']}/pppoe-vpn"); - switch ($pppoecfg['mode']) { case 'server' : - $pppoe_interface = interface_translate_type_to_real($pppoecfg['interface']); + $pppoe_interface = get_real_interface($pppoecfg['interface']); if ($pppoecfg['paporchap'] == "chap") $paporchap = "set link enable chap"; @@ -1194,19 +1200,16 @@ function vpn_pppoe_configure() { $paporchap = "set link enable pap"; /* write mpd.conf */ - $fd = fopen("{$g['varetc_path']}/pppoe-vpn/mpd.conf", "w"); + $fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.conf", "w"); if (!$fd) { printf(gettext("Error: cannot open mpd.conf in vpn_pppoe_configure().") . "\n"); return 1; } $mpdconf = "\n\n"; - $mpdconf .=<<<EOD -pppoe: - -EOD; + $mpdconf .= "pppoe:\n"; for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) { - $mpdconf .= " load pppoe{$i}\n"; + $mpdconf .= " load poes{$pppoecfg['pppoeid']}{$i}\n"; } for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) { @@ -1221,8 +1224,8 @@ EOD; $mpdconf .=<<<EOD -pppoe{$i}: - new -i ppoed{$i} pppoe{$i} pppoe{$i} +poes{$pppoecfg['pppoeid']}{$i}: + new -i poes{$pppoecfg['pppoeid']}{$i} poes{$pppoecfg['pppoeid']}{$i} poes{$pppoecfg['pppoeid']}{$i} {$isssue_ip_type} load pppoe_standart @@ -1294,7 +1297,7 @@ EOD; fclose($fd); /* write mpd.links */ - $fd = fopen("{$g['varetc_path']}/pppoe-vpn/mpd.links", "w"); + $fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.links", "w"); if (!$fd) { printf(gettext("Error: cannot open mpd.links in vpn_pppoe_configure().") . "\n"); return 1; @@ -1305,7 +1308,7 @@ EOD; for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) { $mpdlinks .=<<<EOD -pppoe{$i}: +poes{$pppoecfg['pppoeid']}{$i}: set phys type pppoe set pppoe iface {$pppoe_interface} set pppoe service "*" @@ -1318,31 +1321,33 @@ EOD; fwrite($fd, $mpdlinks); fclose($fd); - /* write mpd.secret */ - $fd = fopen("{$g['varetc_path']}/pppoe-vpn/mpd.secret", "w"); - if (!$fd) { - printf(gettext("Error: cannot open mpd.secret in vpn_pppoe_configure().") . "\n"); - return 1; - } + if ($pppoecfg['username']) { + /* write mpd.secret */ + $fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", "w"); + if (!$fd) { + printf(gettext("Error: cannot open mpd.secret in vpn_pppoe_configure().") . "\n"); + return 1; + } - $mpdsecret = "\n\n"; + $mpdsecret = "\n\n"; - if (is_array($pppoecfg['user'])) { - foreach ($pppoecfg['user'] as $user) - $mpdsecret .= "{$user['name']} \"{$user['password']}\" {$user['ip']}\n"; - } + if (!empty($pppoecfg['username'])) { + $item = explode(" ", $pppoecfg['username']); + foreach($item as $userdata) { + $data = explode(":", $userdata); + $mpdsecret .= "{$data[0]} \"" . base64_decode($data[1]) . "\" {$data[2]}\n"; + } + } - fwrite($fd, $mpdsecret); - fclose($fd); - chmod("{$g['varetc_path']}/pppoe-vpn/mpd.secret", 0600); + fwrite($fd, $mpdsecret); + fclose($fd); + chmod("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", 0600); + } /* fire up mpd */ - mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pppoe-vpn -p {$g['varrun_path']}/pppoe-vpn.pid -s pppoe pppoe"); + mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn -p {$g['varrun_path']}/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s pppoe pppoe"); break; - - case 'redir' : - break; } if ($g['booting']) diff --git a/etc/inc/xmlparse.inc b/etc/inc/xmlparse.inc index 013f81d..79bbad0 100644 --- a/etc/inc/xmlparse.inc +++ b/etc/inc/xmlparse.inc @@ -44,7 +44,7 @@ function listtags() { "lbaction lbpool l7rules lbprotocol ". "member menu tab mobilekey monitor_type mount ntpserver onetoone ". "openvpn-server openvpn-client openvpn-csc " . - "option ppp package passthrumac phase1 phase2 priv proxyarpnet qinqentry queue ". + "option package passthrumac phase1 phase2 ppp pppoe priv proxyarpnet qinqentry queue ". "pages pipe roll route row rrddatafile rule schedule service servernat servers ". "serversdisabled earlyshellcmd shellcmd staticmap subqueue timerange ". "tunnel user vip virtual_server vlan winsserver wolentry widget" diff --git a/etc/inc/xmlreader.inc b/etc/inc/xmlreader.inc index e53c668..f1450b8 100644 --- a/etc/inc/xmlreader.inc +++ b/etc/inc/xmlreader.inc @@ -48,7 +48,7 @@ function listtags() { "lbaction lbpool l7rules lbprotocol ". "member menu tab mobilekey monitor_type mount ntpserver onetoone ". "openvpn-server openvpn-client openvpn-csc " . - "option ppp package passthrumac phase1 phase2 priv proxyarpnet qinqentry queue ". + "option package passthrumac phase1 phase2 ppp pppoe priv proxyarpnet qinqentry queue ". "pages pipe roll route row rrddatafile rule schedule service servernat servers ". "serversdisabled earlyshellcmd shellcmd staticmap subqueue timerange ". "tunnel user vip virtual_server vlan winsserver wolentry widget" diff --git a/etc/pfSense.obsoletedfiles b/etc/pfSense.obsoletedfiles index 04b9a77..7688453 100644 --- a/etc/pfSense.obsoletedfiles +++ b/etc/pfSense.obsoletedfiles @@ -3,6 +3,7 @@ /etc/phpshellsessions/cvssync /etc/inc/regdomain.inc /etc/inc/sysctl.inc +/usr/local/www/diag_showbogons.php /usr/local/www/interfaces_wan.php /usr/local/www/interfaces_lan.php /usr/local/www/interfaces_opt.php @@ -25,6 +26,8 @@ /usr/local/www/services_captiveportal_users_edit.php /usr/local/www/system_advanced.php /usr/local/www/system_advanced_create_certs.php +/usr/local/www/vpn_pppoe_users.php +/usr/local/www/vpn_pppoe_users_edit.php /usr/local/www/vpn_ipsec_ca.php /usr/local/www/vpn_ipsec_ca_edit.php /usr/local/www/vpn_ipsec_ca_edit_create_cert.php @@ -42,3 +45,4 @@ /usr/local/www/dfuife.cgi /usr/local/www/fred.png /usr/local/www/index.html +/usr/local/www/system_usermanager_addcert.php
\ No newline at end of file @@ -360,8 +360,6 @@ rm -rf /usr/local/pkg/pf/CVS # Remove stale files that have already been processed by bootup # scripts -rm -f /tmp/filter_dirty -rm -f /tmp/rc.linkup nohup /usr/bin/nice -n20 /usr/local/sbin/check_reload_status 2>/dev/null & # Start ping handler every 240 seconds diff --git a/etc/rc.bootup b/etc/rc.bootup index 38310b4..3e5647b 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -305,7 +305,7 @@ services_dnsmasq_configure(); system_dhcpleases_configure(); /* start dyndns service */ -@touch("{$g['tmp_path']}/update_dyndns"); +send_event("service reload dyndnsall"); /* start DHCP relay */ services_dhcrelay_configure(); diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize index 7731302..b8ab26a 100755 --- a/etc/rc.filter_synchronize +++ b/etc/rc.filter_synchronize @@ -165,8 +165,6 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens case 'virtualip': $xml[$section] = backup_vip_config_section(); break; - case 'cert': - case 'ca': case 'user': case 'group': $xml['system'][$section] = $config_copy['system'][$section]; @@ -270,8 +268,14 @@ if (is_array($config['installedpackages']['carpsettings']['config'])) { $sections[] = 'ipsec'; if ($carp['synchronizeopenvpn'] != "" and is_array($config['openvpn'])) { $sections[] = 'openvpn'; - $mergesections[] = 'cert'; - $mergesections[] = 'ca'; + $sections[] = 'cert'; + $sections[] = 'ca'; + } + if ($carp['synchronizecerts'] != "") { + if (is_array($config['cert'])) + $sections[] = 'cert'; + if (is_array($config['ca'])) + $sections[] = 'ca'; } if ($carp['synchronizeusers'] != "") { $mergesections[] = 'user'; diff --git a/etc/rc.newwanip b/etc/rc.newwanip index a6b1bcb..9cb42f8 100755 --- a/etc/rc.newwanip +++ b/etc/rc.newwanip @@ -85,7 +85,7 @@ if (is_ipaddr($oldip) && $curwanip == $oldip) services_dnsupdate_process($interface); /* signal dyndns update */ -file_put_contents("{$g['tmp_path']}/update_dyndns", $interface); +send_event("service reload dyndns {$interface}"); /* reconfigure IPsec tunnels */ vpn_ipsec_force_reload(); @@ -93,6 +93,9 @@ vpn_ipsec_force_reload(); /* start OpenVPN server & clients */ openvpn_resync_all($interface); +/* reconfigure our gateway monitor */ +setup_gateways_monitor(); + /* signal filter reload */ unlink_if_exists("/tmp/config.cache"); filter_configure(); @@ -100,10 +103,6 @@ filter_configure(); /* reload graphing functions */ enable_rrd_graphing(); -/* reconfigure our gateway monitor */ -setup_gateways_monitor(); - - /* restart packages */ mwexec_bg("/usr/local/sbin/ntpdate_sync_once.sh"); mwexec_bg("/etc/rc.start_packages"); diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup index a54b1f4..34d89cf 100755 --- a/etc/rc.php_ini_setup +++ b/etc/rc.php_ini_setup @@ -219,17 +219,20 @@ if [ "$RAM" -lt "97" ]; then suhosin.get.max_array_depth = 5000 suhosin.get.max_array_index_length = 256 suhosin.get.max_vars = 5000 +suhosin.get.max_value_length = 500000 suhosin.post.max_array_depth = 5000 suhosin.post.max_array_index_length = 256 suhosin.post.max_vars = 5000 +suhosin.post.max_value_length = 500000 suhosin.request.max_array_depth = 5000 suhosin.request.max_array_index_length = 256 suhosin.request.max_vars = 5000 +suhosin.request.max_value_length = 500000 EOF fi -if [ $RAM -gt 96 ]; then +if [ "$RAM" -gt 96 ]; then cat >>/usr/local/lib/php.ini <<EOF @@ -242,12 +245,15 @@ apc.shm_size="${APCSHMEMSIZE}" suhosin.get.max_array_depth = 5000 suhosin.get.max_array_index_length = 256 suhosin.get.max_vars = 5000 +suhosin.get.max_value_length = 500000 suhosin.post.max_array_depth = 5000 suhosin.post.max_array_index_length = 256 suhosin.post.max_vars = 5000 +suhosin.post.max_value_length = 500000 suhosin.request.max_array_depth = 5000 suhosin.request.max_array_index_length = 256 suhosin.request.max_vars = 5000 +suhosin.request.max_value_length = 500000 EOF diff --git a/etc/version_base b/etc/version_base index 986084f..b8eb026 100644 --- a/etc/version_base +++ b/etc/version_base @@ -1 +1 @@ -7.1
\ No newline at end of file +8.1 diff --git a/etc/version_kernel b/etc/version_kernel index 986084f..b8eb026 100644 --- a/etc/version_kernel +++ b/etc/version_kernel @@ -1 +1 @@ -7.1
\ No newline at end of file +8.1 diff --git a/sbin/dhclient-script b/sbin/dhclient-script index 132946d..7f1862e 100755 --- a/sbin/dhclient-script +++ b/sbin/dhclient-script @@ -81,10 +81,7 @@ add_new_address() { echo $new_routers > /tmp/${interface}_router cp /var/db/${interface}_ip /tmp/rc.newwanip_oldip 2>/dev/null -# echo $new_ip_address > /var/db/${interface}_ip - - echo $interface > /tmp/rc.newwanip -# echo $new_ip_address >> /tmp/rc.newwanip + /usr/local/sbin/pfSctl -c "'interface reload $interface'" } @@ -186,7 +183,7 @@ add_new_resolv_conf() { echo $new_domain_name >/var/etc/defaultdomain.conf fi - echo $interface > /tmp/rc.newwanip + /usr/local/sbin/pfSctl -c "'interface reload $interface'" return 0 } diff --git a/usr/local/sbin/ovpn-linkdown b/usr/local/sbin/ovpn-linkdown index e3c7400..112317f 100755 --- a/usr/local/sbin/ovpn-linkdown +++ b/usr/local/sbin/ovpn-linkdown @@ -4,4 +4,4 @@ /bin/rm -f /var/etc/nameserver_$1 /bin/rm -f /tmp/$1_router /bin/rm -f /tmp/$1up -/usr/bin/touch /tmp/filter_dirty +/usr/local/sbin/pfSctl -c 'filter reload' diff --git a/usr/local/sbin/ovpn-linkup b/usr/local/sbin/ovpn-linkup index 2ade032..354623e 100755 --- a/usr/local/sbin/ovpn-linkup +++ b/usr/local/sbin/ovpn-linkup @@ -3,9 +3,9 @@ # write nameservers to file needs dns fidnings?! # let the configuration system know that the ip has changed. -#/bin/echo $1 > /tmp/rc.newwanip +#/usr/local/sbin/pfSctl -c "'interface reload $interface'" /bin/echo $4 > /tmp/$1_router /usr/bin/touch /tmp/$1up # reload filter -/usr/bin/touch /tmp/filter_dirty +/usr/local/sbin/pfSctl -c 'filter reload' exit 0 diff --git a/usr/local/sbin/ppp-linkdown b/usr/local/sbin/ppp-linkdown index 06e24fa..59b2ce0 100755 --- a/usr/local/sbin/ppp-linkdown +++ b/usr/local/sbin/ppp-linkdown @@ -10,4 +10,4 @@ fi # Do not remove gateway used during filter reload. # /bin/rm -f /tmp/$1_router /bin/rm -f /tmp/$1up -/usr/bin/touch /tmp/resolv_conf_generate +/usr/local/sbin/pfSctl -c 'service reload dns' diff --git a/usr/local/sbin/ppp-linkup b/usr/local/sbin/ppp-linkup index f15f082..67b0832 100755 --- a/usr/local/sbin/ppp-linkup +++ b/usr/local/sbin/ppp-linkup @@ -1,24 +1,20 @@ #!/bin/sh -# unset CGI environment variables so as not to confuse PHP -unset CONTENT_TYPE GATEWAY_INTERFACE REMOTE_USER REMOTE_ADDR AUTH_TYPE -unset HTTP_USER_AGENT CONTENT_LENGTH SCRIPT_FILENAME HTTP_HOST -unset SERVER_SOFTWARE HTTP_REFERER SERVER_PROTOCOL REQUEST_METHOD -unset SERVER_PORT SCRIPT_NAME SERVER_NAME - # write nameservers to file if [ $6 = "dns1" ]; then echo $7 > /var/etc/nameserver_$1 + /sbin/route delete $7 /sbin/route add $7 $4 fi if [ $8 = "dns2" ]; then echo $9 >> /var/etc/nameserver_$1 + /sbin/route delete $9 /sbin/route add $9 $4 fi # let the configuration system know that the ip has changed. -/bin/echo $1 > /tmp/rc.newwanip +/usr/local/sbin/pfSctl -c "'interface reload $1'" /bin/echo $4 > /tmp/$1_router /usr/bin/touch /tmp/$1up exit 0 diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index 85d4050..ad96ed3 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -80,7 +80,7 @@ function add_base_packages_menu_items() { } } if($modified_config) { - write_confg(gettext("Restored base_package menus after configuration restore.")); + write_config(gettext("Restored base_package menus after configuration restore.")); $config = parse_config(true); } } diff --git a/usr/local/www/diag_showbogons.php b/usr/local/www/diag_showbogons.php deleted file mode 100644 index 94b3946..0000000 --- a/usr/local/www/diag_showbogons.php +++ /dev/null @@ -1,110 +0,0 @@ -<?php -/* $Id$ */ -/* - diag_showbogons.php - Copyright (C) 2009 Scott Ullrich - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/* - pfSense_BUILDER_BINARIES: /bin/ps /usr/bin/grep - pfSense_MODULE: filter -*/ - -##|+PRIV -##|*IDENT=page-diag-showbogons -##|*NAME=Diagnostics: System Activity -##|*DESCR=Allows access to the 'Diagnostics: Show Bogons' page -##|*MATCH=diag_showbogons.php -##|-PRIV - -require("guiconfig.inc"); - -if($_POST['Download']) { - mwexec_bg("/etc/rc.update_bogons.sh now"); - $maxtimetowait = 0; - $loading = true; - while($loading == true) { - $isrunning = `/bin/ps awwwux | /usr/bin/grep -v grep | /usr/bin/grep bogons`; - if($isrunning == "") - $loading = false; - $maxtimetowait++; - if($maxtimetowait > 89) - $loading = false; - sleep(1); - } - if($maxtimetowait < 90) - $savemsg = gettext("The bogons database has been updated."); -} - -$bogons = file_get_contents(trim("/etc/bogons")); -$pgtitle = array(gettext("Diagnostics"),gettext("Show Bogons")); - -include("head.inc"); -?> -<body link="#000000" vlink="#000000" alink="#000000"> - -<?php - -include("fbegin.inc"); - -?> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<style type="text/css"> -pre { font-size: 1.15em; } -</style> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<?php if ($savemsg) print_info_box($savemsg); ?> -<form method="post" action="diag_showbogons.php"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> - <table id="backuptable" class="tabcont" align="left" width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td> - <table> - <tr> - <td> - <font size="+1"> - <b><?=gettext("Currently loaded bogons table:");?></b><p/> - <pre> -<?php echo $bogons; ?> - </pre> - </font> - </td> - </tr> - </table> - </td> - </tr> - </table> - </div> - </td> - </tr> -</table> -<p/> -<input type="submit" name="Download" value="<?=gettext("Download");?>"><?=gettext("latest bogon data.");?> -</form> -<?php include("fend.inc"); ?> -</body> -</html> diff --git a/usr/local/www/diag_tables.php b/usr/local/www/diag_tables.php index 9551e51..eba3d5f 100644 --- a/usr/local/www/diag_tables.php +++ b/usr/local/www/diag_tables.php @@ -69,6 +69,23 @@ if($_REQUEST['deleteall']) { } } +if(($tablename == "bogons") && ($_POST['Download'])) { + mwexec_bg("/etc/rc.update_bogons.sh now"); + $maxtimetowait = 0; + $loading = true; + while($loading == true) { + $isrunning = `/bin/ps awwwux | /usr/bin/grep -v grep | /usr/bin/grep bogons`; + if($isrunning == "") + $loading = false; + $maxtimetowait++; + if($maxtimetowait > 89) + $loading = false; + sleep(1); + } + if($maxtimetowait < 90) + $savemsg = gettext("The bogons database has been updated."); +} + exec("/sbin/pfctl -t $tablename -T show", $entries); exec("/sbin/pfctl -sT", $tables); @@ -77,6 +94,7 @@ include("fbegin.inc"); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> <form method='post'> <script src="/javascript/scriptaculous/prototype.js" type="text/javascript"></script> @@ -118,8 +136,10 @@ include("fbegin.inc"); <?php echo $entry; ?> </td> <td> + <?php if ($tablename != "bogons") { ?> <a onClick='del_entry("<?=$entry?>");'> <img img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif"> + <?php } ?> </a> </td> </tr> @@ -133,8 +153,10 @@ include("fbegin.inc"); <?php if($count > 0) - echo "<p/>" . gettext("Delete") . " <a href='diag_tables.php?deleteall=true&type={$tablename}'>" . gettext("all") . "</a> " . gettext("entries in this table."); - + if($tablename == "bogons") + echo "<input name='Download' type='submit' class='formbtn' value='" . gettext("Download") . "'> " . gettext(" the latest bogon data."); + else + echo "<p/>" . gettext("Delete") . " <a href='diag_tables.php?deleteall=true&type={$tablename}'>" . gettext("all") . "</a> " . gettext("entries in this table."); ?> <?php include("fend.inc"); ?> diff --git a/usr/local/www/edit.php b/usr/local/www/edit.php index 6b71ad2..9236c3f 100644 --- a/usr/local/www/edit.php +++ b/usr/local/www/edit.php @@ -1,5 +1,4 @@ <?php -/* $Id$ */ /* edit.php Copyright (C) 2004, 2005 Scott Ullrich @@ -56,7 +55,7 @@ if($_REQUEST['action']) { echo "|" . gettext("No file name specified") . ".|"; } else { conf_mount_rw(); - $_REQUEST['data'] = str_replace("\r", "", $_REQUEST['data']); + $_REQUEST['data'] = str_replace("\r", "", base64_decode($_REQUEST['data'])); $ret = file_put_contents($_REQUEST['file'], $_REQUEST['data']); conf_mount_ro(); if($_REQUEST['file'] == "config.xml") @@ -78,6 +77,7 @@ if($_REQUEST['action']) { require("head.inc"); outputCSSFileInline("code-syntax-highlighter/SyntaxHighlighter.css"); outputJavaScriptFileInline("filebrowser/browser.js"); +outputJavaScriptFileInline("javascript/base64.js"); ?> @@ -131,7 +131,7 @@ outputJavaScriptFileInline("filebrowser/browser.js"); $("fileStatus").innerHTML = "<?=gettext("Saving file"); ?> ..."; Effect.Appear("fileStatusBox", { duration: 0.5 }); - var fileContent = escape($("fileContent").value); + var fileContent = Base64.encode($("fileContent").value); fileContent = fileContent.replace(/\+/g,"%2B"); new Ajax.Request( diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index 48cbe83..47ff2ed 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -191,7 +191,6 @@ $diagnostics_menu[] = array("Ping", "/diag_ping.php"); $diagnostics_menu[] = array("pfTOP", "/diag_system_pftop.php"); $diagnostics_menu[] = array("Reboot", "/reboot.php"); $diagnostics_menu[] = array("Routes", "/diag_routes.php"); -$diagnostics_menu[] = array("Show Bogons", "/diag_showbogons.php"); $diagnostics_menu[] = array("SMART Status", "/diag_smart.php"); $diagnostics_menu[] = array("States", "/diag_dump_states.php"); $diagnostics_menu[] = array("States Summary", "/diag_states_summary.php"); diff --git a/usr/local/www/firewall_nat_1to1.php b/usr/local/www/firewall_nat_1to1.php index 494d34e..94132f2 100755 --- a/usr/local/www/firewall_nat_1to1.php +++ b/usr/local/www/firewall_nat_1to1.php @@ -102,8 +102,9 @@ include("head.inc"); <tr> <td width="10%" class="listhdrr"><?=gettext("Interface"); ?></td> <td width="20%" class="listhdrr"><?=gettext("External IP"); ?></td> - <td width="20%" class="listhdrr"><?=gettext("Internal IP"); ?></td> - <td width="40%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="15%" class="listhdrr"><?=gettext("Source IP"); ?></td> + <td width="15%" class="listhdrr"><?=gettext("Destination IP"); ?></td> + <td width="30%" class="listhdr"><?=gettext("Description"); ?></td> <td width="10%" class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> @@ -124,12 +125,13 @@ include("head.inc"); ?> </td> <td class="listr" ondblclick="document.location='firewall_nat_1to1_edit.php?id=<?=$i;?>';"> - <?php echo $natent['external']; - if ($natent['subnet']) echo "/" . $natent['subnet']; ?> + <?php echo $natent['external']; ?> </td> <td class="listr" ondblclick="document.location='firewall_nat_1to1_edit.php?id=<?=$i;?>';"> - <?php echo $natent['internal']; - if ($natent['subnet']) echo "/" . $natent['subnet']; ?> + <?php echo pprint_address($natent['source']); ?> + </td> + <td class="listr" ondblclick="document.location='firewall_nat_1to1_edit.php?id=<?=$i;?>';"> + <?php echo pprint_address($natent['destination']); ?> </td> <td class="listbg" ondblclick="document.location='firewall_nat_1to1_edit.php?id=<?=$i;?>';"> <?=htmlspecialchars($natent['descr']);?> @@ -145,7 +147,7 @@ include("head.inc"); </tr> <?php $i++; endforeach; ?> <tr> - <td class="list" colspan="4"></td> + <td class="list" colspan="5"></td> <td class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> diff --git a/usr/local/www/firewall_nat_1to1_edit.php b/usr/local/www/firewall_nat_1to1_edit.php index 5057959..f04c736 100755 --- a/usr/local/www/firewall_nat_1to1_edit.php +++ b/usr/local/www/firewall_nat_1to1_edit.php @@ -54,9 +54,17 @@ function nat_1to1_rules_sort() { } require("guiconfig.inc"); +require_once("interfaces.inc"); require("filter.inc"); require("shaper.inc"); +$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn"); +$ifdisp = get_configured_interface_with_descr(); +foreach ($ifdisp as $kif => $kdescr) { + $specialsrcdst[] = "{$kif}"; + $specialsrcdst[] = "{$kif}ip"; +} + if (!is_array($config['nat']['onetoone'])) { $config['nat']['onetoone'] = array(); } @@ -67,21 +75,25 @@ if (isset($_POST['id'])) $id = $_POST['id']; if (isset($id) && $a_1to1[$id]) { - $pconfig['external'] = $a_1to1[$id]['external']; - $pconfig['internal'] = $a_1to1[$id]['internal']; + $pconfig['disabled'] = isset($a_1to1[$id]['disabled']); + + address_to_pconfig($a_1to1[$id]['source'], $pconfig['src'], + $pconfig['srcmask'], $pconfig['srcnot'], + $pconfig['srcbeginport'], $pconfig['srcendport']); + + address_to_pconfig($a_1to1[$id]['destination'], $pconfig['dst'], + $pconfig['dstmask'], $pconfig['dstnot'], + $pconfig['dstbeginport'], $pconfig['dstendport']); + $pconfig['interface'] = $a_1to1[$id]['interface']; if (!$pconfig['interface']) $pconfig['interface'] = "wan"; - if (!$a_1to1[$id]['subnet']) - $pconfig['subnet'] = 32; - else - $pconfig['subnet'] = $a_1to1[$id]['subnet']; + + $pconfig['external'] = $a_1to1[$id]['external']; $pconfig['descr'] = $a_1to1[$id]['descr']; $pconfig['natreflection'] = $a_1to1[$id]['natreflection']; -} else { - $pconfig['subnet'] = 32; +} else $pconfig['interface'] = "wan"; -} if ($_POST) { @@ -89,27 +101,67 @@ if ($_POST) { $pconfig = $_POST; /* input validation */ - $reqdfields = explode(" ", "interface external internal"); - $reqdfieldsn = array(gettext("Interface"),gettext("External subnet"),gettext("Internal subnet")); + $reqdfields = explode(" ", "interface external"); + $reqdfieldsn = array(gettext("Interface"), gettext("External subnet")); + if ($_POST['srctype'] == "single" || $_POST['srctype'] == "network") { + $reqdfields[] = "src"; + $reqdfieldsn[] = gettext("Source address"); + } + if ($_POST['dsttype'] == "single" || $_POST['dsttype'] == "network") { + $reqdfields[] = "dst"; + $reqdfieldsn[] = gettext("Destination address"); + } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - if (($_POST['external'] && !is_ipaddr($_POST['external']))) { + if (is_specialnet($_POST['srctype'])) { + $_POST['src'] = $_POST['srctype']; + $_POST['srcmask'] = 0; + } else if ($_POST['srctype'] == "single") { + $_POST['srcmask'] = 32; + } + if (is_specialnet($_POST['dsttype'])) { + $_POST['dst'] = $_POST['dsttype']; + $_POST['dstmask'] = 0; + } else if ($_POST['dsttype'] == "single") { + $_POST['dstmask'] = 32; + } else if (is_ipaddr($_POST['dsttype'])) { + $_POST['dst'] = $_POST['dsttype']; + $_POST['dstmask'] = 32; + $_POST['dsttype'] = "single"; + } + + if (($_POST['external'] && !is_ipaddroralias($_POST['external']))) $input_errors[] = gettext("A valid external subnet must be specified."); - } - if (($_POST['internal'] && !is_ipaddr($_POST['internal']))) { - $input_errors[] = gettext("A valid internal subnet must be specified."); - } + + /* if user enters an alias and selects "network" then disallow. */ + if( ($_POST['srctype'] == "network" && is_alias($_POST['src']) ) + || ($_POST['dsttype'] == "network" && is_alias($_POST['dst']) ) ) + $input_errors[] = gettext("You must specify single host or alias for alias entries."); + + if (!is_specialnet($_POST['srctype'])) { + if (($_POST['src'] && !is_ipaddroralias($_POST['src']))) { + $input_errors[] = sprintf(gettext("%s is not a valid source IP address or alias."), $_POST['src']); + } + if (($_POST['srcmask'] && !is_numericint($_POST['srcmask']))) { + $input_errors[] = gettext("A valid source bit count must be specified."); + } + } + if (!is_specialnet($_POST['dsttype'])) { + if (($_POST['dst'] && !is_ipaddroralias($_POST['dst']))) { + $input_errors[] = sprintf(gettext("%s is not a valid destination IP address or alias."), $_POST['dst']); + } + if (($_POST['dstmask'] && !is_numericint($_POST['dstmask']))) { + $input_errors[] = gettext("A valid destination bit count must be specified."); + } + } /* check for overlaps with other 1:1 */ foreach ($a_1to1 as $natent) { if (isset($id) && ($a_1to1[$id]) && ($a_1to1[$id] === $natent)) continue; - if (check_subnets_overlap($_POST['external'], $_POST['subnet'], $natent['external'], $natent['subnet'])) { - //$input_errors[] = "Another 1:1 rule overlaps with the specified external subnet."; - //break; - } else if (check_subnets_overlap($_POST['internal'], $_POST['subnet'], $natent['internal'], $natent['subnet'])) { + if (check_subnets_overlap($_POST['internal'], $_POST['subnet'], $natent['internal'], $natent['subnet'])) { //$input_errors[] = "Another 1:1 rule overlaps with the specified internal subnet."; //break; } @@ -118,12 +170,17 @@ if ($_POST) { if (!$input_errors) { $natent = array(); + $natent['disabled'] = isset($_POST['disabled']) ? true:false; $natent['external'] = $_POST['external']; - $natent['internal'] = $_POST['internal']; - $natent['subnet'] = $_POST['subnet']; $natent['descr'] = $_POST['descr']; $natent['interface'] = $_POST['interface']; + pconfig_to_address($natent['source'], $_POST['src'], + $_POST['srcmask'], $_POST['srcnot']); + + pconfig_to_address($natent['destination'], $_POST['dst'], + $_POST['dstmask'], $_POST['dstnot']); + if ($_POST['natreflection'] == "enable" || $_POST['natreflection'] == "disable") $natent['natreflection'] = $_POST['natreflection']; else @@ -150,6 +207,49 @@ include("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<script type="text/javascript" src="/javascript/suggestions.js"> +</script> +<script type="text/javascript" src="/javascript/autosuggest.js"> +</script> +<script type="text/javascript"> +function typesel_change() { + switch (document.iform.srctype.selectedIndex) { + case 1: /* single */ + document.iform.src.disabled = 0; + document.iform.srcmask.value = ""; + document.iform.srcmask.disabled = 1; + break; + case 2: /* network */ + document.iform.src.disabled = 0; + document.iform.srcmask.disabled = 0; + break; + default: + document.iform.src.value = ""; + document.iform.src.disabled = 1; + document.iform.srcmask.value = ""; + document.iform.srcmask.disabled = 1; + break; + } + switch (document.iform.dsttype.selectedIndex) { + case 1: /* single */ + document.iform.dst.disabled = 0; + document.iform.dstmask.value = ""; + document.iform.dstmask.disabled = 1; + break; + case 2: /* network */ + document.iform.dst.disabled = 0; + document.iform.dstmask.disabled = 0; + break; + default: + document.iform.dst.value = ""; + document.iform.dst.disabled = 1; + document.iform.dstmask.value = ""; + document.iform.dstmask.disabled = 1; + break; + } +} +</script> + <?php include("fbegin.inc"); ?> <?php if ($input_errors) print_input_errors($input_errors); ?> <form action="firewall_nat_1to1_edit.php" method="post" name="iform" id="iform"> @@ -157,85 +257,205 @@ include("head.inc"); <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit NAT 1:1 entry"); ?></td> </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td> - <td width="78%" class="vtable"> - <select name="interface" class="formselect"> - <?php - $iflist = get_configured_interface_with_descr(); - foreach ($iflist as $if => $ifdesc) - if(have_ruleint_access($if)) - $interfaces[$if] = $ifdesc; - - if ($config['l2tp']['mode'] == "server") - if(have_ruleint_access("l2tp")) - $interfaces['l2tp'] = "L2TP VPN"; - - if ($config['pptpd']['mode'] == "server") - if(have_ruleint_access("pptp")) - $interfaces['pptp'] = "PPTP VPN"; - - if ($config['pppoe']['mode'] == "server") - if(have_ruleint_access("pppoe")) - $interfaces['pppoe'] = "PPPoE VPN"; - - /* add ipsec interfaces */ - if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable'])) - if(have_ruleint_access("enc0")) - $interfaces["enc0"] = "IPsec"; - - /* add openvpn/tun interfaces */ - if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) - $interfaces["openvpn"] = "OpenVPN"; - - foreach ($interfaces as $iface => $ifacename): - ?> - <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>> - <?=htmlspecialchars($ifacename);?> - </option> - <?php endforeach; ?> - </select><br> - <span class="vexpl"><?=gettext("Choose which interface this rule applies to"); ?>.<br> - <?=gettext("Hint: in most cases, you'll want to use WAN here"); ?>.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("External subnet"); ?></td> - <td width="78%" class="vtable"> - <input name="external" type="text" class="formfld unknown" id="external" size="20" value="<?=htmlspecialchars($pconfig['external']);?>"> - <select name="subnet" class="formselect" id="subnet" > - <?php for ($i = 32; $i >= 0; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['subnet']) echo "selected"; ?>> - <?=$i;?> - </option> - <?php endfor; ?> - </select> - <br> - <span class="vexpl"><?=gettext("Enter the external (WAN) subnet for the 1:1 mapping. You may map single IP addresses by specifying a /32 subnet."); ?></span></td> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td> + <td width="78%" class="vtable"> + <input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked"; ?>> + <strong><?=gettext("Disable this rule"); ?></strong><br /> + <span class="vexpl"><?=gettext("Set this option to disable this rule without removing it from the list."); ?></span> + </td> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td> + <td width="78%" class="vtable"> + <select name="interface" class="formselect"> + <?php + foreach ($ifdisp as $if => $ifdesc) + if(have_ruleint_access($if)) + $interfaces[$if] = $ifdesc; + + if ($config['l2tp']['mode'] == "server") + if(have_ruleint_access("l2tp")) + $interfaces['l2tp'] = "L2TP VPN"; + + if ($config['pptpd']['mode'] == "server") + if(have_ruleint_access("pptp")) + $interfaces['pptp'] = "PPTP VPN"; + + if ($config['pppoe']['mode'] == "server") + if(have_ruleint_access("pppoe")) + $interfaces['pppoe'] = "PPPoE VPN"; + + /* add ipsec interfaces */ + if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable'])) + if(have_ruleint_access("enc0")) + $interfaces["enc0"] = "IPsec"; + + /* add openvpn/tun interfaces */ + if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) + $interfaces["openvpn"] = "OpenVPN"; + + foreach ($interfaces as $iface => $ifacename): + ?> + <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>> + <?=htmlspecialchars($ifacename);?> + </option> + <?php endforeach; ?> + </select><br> + <span class="vexpl"><?=gettext("Choose which interface this rule applies to"); ?>.<br> + <?=gettext("Hint: in most cases, you'll want to use WAN here"); ?>.</span></td> + </tr> + <tr id="srctable" name="srctable"> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Source"); ?></td> + <td width="78%" class="vtable"> + <input name="srcnot" type="checkbox" id="srcnot" value="yes" <?php if ($pconfig['srcnot']) echo "checked"; ?>> + <strong><?=gettext("not"); ?></strong> + <br /> + <?=gettext("Use this option to invert the sense of the match."); ?> + <br /> + <br /> + <table border="0" cellspacing="0" cellpadding="0"> + <tr> + <td><?=gettext("Type:"); ?> </td> + <td> + <select name="srctype" class="formselect" onChange="typesel_change()"> +<?php + $sel = is_specialnet($pconfig['src']); ?> + <option value="any" <?php if ($pconfig['src'] == "any") { echo "selected"; } ?>><?=gettext("any"); ?></option> + <option value="single" <?php if (($pconfig['srcmask'] == 32) && !$sel) { echo "selected"; $sel = 1; } ?>><?=gettext("Single host"); ?></option> + <option value="network" <?php if (!$sel) echo "selected"; ?>><?=gettext("Network"); ?></option> + <?php if(have_ruleint_access("pptp")): ?> + <option value="pptp" <?php if ($pconfig['src'] == "pptp") { echo "selected"; } ?>><?=gettext("PPTP clients"); ?></option> + <?php endif; ?> + <?php if(have_ruleint_access("pppoe")): ?> + <option value="pppoe" <?php if ($pconfig['src'] == "pppoe") { echo "selected"; } ?>><?=gettext("PPPoE clients"); ?></option> + <?php endif; ?> + <?php if(have_ruleint_access("l2tp")): ?> + <option value="l2tp" <?php if ($pconfig['src'] == "l2tp") { echo "selected"; } ?>><?=gettext("L2TP clients"); ?></option> + <?php endif; ?> +<?php + foreach ($ifdisp as $ifent => $ifdesc): ?> + <?php if(have_ruleint_access($ifent)): ?> + <option value="<?=$ifent;?>" <?php if ($pconfig['src'] == $ifent) { echo "selected"; } ?>><?=htmlspecialchars($ifdesc);?> <?=gettext("subnet"); ?></option> + <option value="<?=$ifent;?>ip"<?php if ($pconfig['src'] == $ifent . "ip") { echo "selected"; } ?>> + <?=$ifdesc?> <?=gettext("address");?> + </option> + <?php endif; endforeach; ?> + </select> + </td> + </tr> + <tr> + <td><?=gettext("Address:"); ?> </td> + <td> + <input name="src" type="text" class="formfld unknown" id="src" size="20" value="<?php if (!is_specialnet($pconfig['src'])) echo htmlspecialchars($pconfig['src']);?>"> / + <select name="srcmask" class="formselect" id="srcmask"> +<?php for ($i = 31; $i > 0; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['srcmask']) echo "selected"; ?>><?=$i;?></option> +<?php endfor; ?> + </select> + </td> + </tr> + </table> + <br/> + <span class="vexpl"><?=gettext("Enter the internal (LAN) subnet for the 1:1 mapping. The subnet size specified for the external subnet also applies to the internal subnet (they have to be the same)."); ?></span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Destination"); ?></td> + <td width="78%" class="vtable"> + <input name="dstnot" type="checkbox" id="dstnot" value="yes" <?php if ($pconfig['dstnot']) echo "checked"; ?>> + <strong><?=gettext("not"); ?></strong> + <br /> + <?=gettext("Use this option to invert the sense of the match."); ?> + <br /> + <br /> + <table border="0" cellspacing="0" cellpadding="0"> + <tr> + <td><?=gettext("Type:"); ?> </td> + <td> + <select name="dsttype" class="formselect" onChange="typesel_change()"> +<?php + $sel = is_specialnet($pconfig['dst']); ?> + <option value="any" <?php if ($pconfig['dst'] == "any") { echo "selected"; } ?>><?=gettext("any"); ?></option> + <option value="single" <?php if (($pconfig['dstmask'] == 32) && !$sel) { echo "selected"; $sel = 1; } ?>><?=gettext("Single host or alias"); ?></option> + <option value="network" <?php if (!$sel) echo "selected"; ?>><?=gettext("Network"); ?></option> + <?php if(have_ruleint_access("pptp")): ?> + <option value="pptp" <?php if ($pconfig['dst'] == "pptp") { echo "selected"; } ?>><?=gettext("PPTP clients"); ?></option> + <?php endif; ?> + <?php if(have_ruleint_access("pppoe")): ?> + <option value="pppoe" <?php if ($pconfig['dst'] == "pppoe") { echo "selected"; } ?>><?=gettext("PPPoE clients"); ?></option> + <?php endif; ?> + <?php if(have_ruleint_access("l2tp")): ?> + <option value="l2tp" <?php if ($pconfig['dst'] == "l2tp") { echo "selected"; } ?>><?=gettext("L2TP clients"); ?></option> + <?php endif; ?> + +<?php foreach ($ifdisp as $if => $ifdesc): ?> + <?php if(have_ruleint_access($if)): ?> + <option value="<?=$if;?>" <?php if ($pconfig['dst'] == $if) { echo "selected"; } ?>><?=htmlspecialchars($ifdesc);?> <?=gettext("subnet"); ?></option> + <option value="<?=$if;?>ip"<?php if ($pconfig['dst'] == $if . "ip") { echo "selected"; } ?>> + <?=$ifdesc;?> <?=gettext("address");?> + </option> +<?php endif; endforeach; + if (is_array($config['virtualip']['vip'])): + foreach ($config['virtualip']['vip'] as $sn): + if ($sn['mode'] == "proxyarp" && $sn['type'] == "network"): + $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); + $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); + $len = $end - $start; + for ($i = 0; $i <= $len; $i++): + $snip = long2ip32($start+$i); +?> + <option value="<?=$snip;?>" <?php if ($snip == $pconfig['dst']) echo "selected"; ?>><?=htmlspecialchars("{$snip} ({$sn['descr']})");?></option> +<?php endfor; + else: +?> + <option value="<?=$sn['subnet'];?>" <?php if ($sn['subnet'] == $pconfig['dst']) echo "selected"; ?>><?=htmlspecialchars("{$sn['subnet']} ({$sn['descr']})");?></option> +<?php endif; + endforeach; + endif; +?> + </select> + </td> + </tr> + <tr> + <td><?=gettext("Address:"); ?> </td> + <td> + <input name="dst" type="text" class="formfldalias" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>"> + / + <select name="dstmask" class="formselect" id="dstmask"> +<?php + for ($i = 31; $i > 0; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['dstmask']) echo "selected"; ?>><?=$i;?></option> +<?php endfor; ?> + </select> + </td> + </tr> + </table> + <br/> </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Internal subnet"); ?></td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("External subnet"); ?></td> <td width="78%" class="vtable"> - <input name="internal" type="text" class="formfld unknown" id="internal" size="20" value="<?=htmlspecialchars($pconfig['internal']);?>"> - <br> - <span class="vexpl"><?=gettext("Enter the internal (LAN) subnet for the 1:1 mapping. The subnet size specified for the external subnet also applies to the internal subnet (they have to be the same)."); ?></span></td> + <input name="external" type="text" class="formfldalias" id="external" size="20" value="<?=htmlspecialchars($pconfig['external']);?>"> + <br/> + </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> <td width="78%" class="vtable"> <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> - <br> <span class="vexpl"><?=gettext("You may enter a description here " . + <br/> <span class="vexpl"><?=gettext("You may enter a description here " . "for your reference (not parsed)."); ?></span></td> </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("NAT reflection"); ?></td> - <td width="78%" class="vtable"> - <select name="natreflection" class="formselect"> - <option value="default" <?php if ($pconfig['natreflection'] != "enable" && $pconfig['natreflection'] != "disable") echo "selected"; ?>><?=gettext("use system default"); ?></option> - <option value="enable" <?php if ($pconfig['natreflection'] == "enable") echo "selected"; ?>><?=gettext("enable"); ?></option> - <option value="disable" <?php if ($pconfig['natreflection'] == "disable") echo "selected"; ?>><?=gettext("disable"); ?></option> - </select> - </td> - </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("NAT reflection"); ?></td> + <td width="78%" class="vtable"> + <select name="natreflection" class="formselect"> + <option value="default" <?php if ($pconfig['natreflection'] != "enable" && $pconfig['natreflection'] != "disable") echo "selected"; ?>><?=gettext("use system default"); ?></option> + <option value="enable" <?php if ($pconfig['natreflection'] == "enable") echo "selected"; ?>><?=gettext("enable"); ?></option> + <option value="disable" <?php if ($pconfig['natreflection'] == "disable") echo "selected"; ?>><?=gettext("disable"); ?></option> + </select> + </td> + </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> @@ -247,6 +467,38 @@ include("head.inc"); </tr> </table> </form> +<script language="JavaScript"> + typesel_change(); +</script> +<?php +$isfirst = 0; +$aliases = ""; +$addrisfirst = 0; +$aliasesaddr = ""; +if($config['aliases']['alias'] <> "") + foreach($config['aliases']['alias'] as $alias_name) { + switch ($alias_name['type']) { + case "host": + case "network": + case "openvpn": + case "urltable": + if($addrisfirst == 1) $aliasesaddr .= ","; + $aliasesaddr .= "'" . $alias_name['name'] . "'"; + $addrisfirst = 1; + break; + default: + break; + } + } +?> +<script language="JavaScript"> +<!-- + var addressarray=new Array(<?php echo $aliasesaddr; ?>); + + var oTextbox1 = new AutoSuggestControl(document.getElementById("external"), new StateSuggestions(addressarray)); + var oTextbox3 = new AutoSuggestControl(document.getElementById("dst"), new StateSuggestions(addressarray)); +//--> +</script> <?php include("fend.inc"); ?> </body> </html> diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index 3c2ccd6..616bc10 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -51,48 +51,6 @@ require_once("shaper.inc"); $pgtitle = array(gettext("Firewall"),gettext("Rules")); -function check_for_advanced_options(&$item) { - $item_set = ""; - if($item['max']) - $item_set .= "max {$item['max']} "; - if($item['max-src-nodes']) - $item_set .= "max-src-nodes {$item['max-src-nodes']} "; - if($item['max-src-conn']) - $item_set .= "max-src-conn {$item['max-src-conn']} "; - if($item['max-src-states']) - $item_set .= "max-src-states {$item['max-src-states']} "; - if($item['statetype'] != "keep state" && $item['statetype'] != "") - $item_set .= "statetype {$item['statetype']} "; - if($item['statetimeout']) - $item_set .= "statetimeout {$item['statetimeout']} "; - if($item['nosync']) - $item_set .= "nosync "; - if($item['max-src-conn-rate']) - $item_set .= "max-src-conn-rate {$item['max-src-conn-rate']} "; - if($item['max-src-conn-rates']) - $item_set .= "max-src-conn-rates {$item['max-src-conn-rates']} "; - if($item['gateway']) - $item_set .= "gateway {$item['gateway']} "; - if($item['dnpipe']) - $item_set .= "limiter {$item['dnpipe']} "; - if($item['pdnpipe']) - $item_set .= "limiter {$item['pdnpipe']} "; - if($item['l7container']) - $item_set .= "layer7 {$item['l7container']} "; - if($item['tag']) - $item_set .= "tag {$item['tag']} "; - if($item['tagged']) - $item_set .= "tagged {$item['tagged']} "; - if(isset($item['allowopts'])) - $item_set .= "allowopts "; - if(isset($item['disablereplyto'])) - $item_set .= "disable reply-to "; - if($item['tcpflags_any'] || $item['tcpflags1'] || $item['tcpflags2']) - $item_set .= "tcpflags set"; - - return $item_set; -} - function delete_nat_association($id) { global $config; @@ -455,7 +413,7 @@ if($_REQUEST['undodrag']) { continue; if (isset($filterent['floating']) && "FloatingRules" != $if) continue; - $isadvset = check_for_advanced_options($filterent); + $isadvset = firewall_check_for_advanced_options($filterent); if($isadvset) $advanced_set = "<img src=\"./themes/{$g['theme']}/images/icons/icon_advanced.gif\" title=\"" . gettext("advanced settings set") . ": {$isadvset}\" border=\"0\">"; else diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 34cfc5d..813842c 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -854,7 +854,7 @@ include("head.inc"); </tr> </table> <br /> - <span class="vexpl"><?=gettext("Specify the source port or port range for this rule."); ?> <b><?=gettext("This is usually"); ?> <em><?=gettext("random"); ?></em> <?=gettext("and almost never equal to the destination port range (and should usually be"); ?> "<?=gettext("any"); ?>"</b>).<br />.<?=gettext("Hint: you can leave the"); ?> <em><?=gettext("\"to\""); ?></em> <?=gettext("field empty if you only want to filter a single port.");?></span><br/> + <span class="vexpl"><?=gettext("Specify the source port or port range for this rule."); ?> <b><?=gettext("This is usually"); ?> <em><?=gettext("random"); ?></em> <?=gettext("and almost never equal to the destination port range (and should usually be"); ?> "<?=gettext("any"); ?>").</b><br /><?=gettext("Hint: you can leave the"); ?> <em><?=gettext("'to'"); ?></em> <?=gettext("field empty if you only want to filter a single port.");?></span><br/> </td> </tr> <tr> @@ -969,6 +969,7 @@ include("head.inc"); <span class="vexpl"><?=gettext("You may enter a description here for your reference.");?></span> </td> </tr> +<?php if (!isset($id) || !($a_filter[$id] && firewall_check_for_advanced_options($a_filter[$id]) <> "")): ?> <tr> <td width="22%" valign="top"> </td> <td width="78%"> @@ -980,6 +981,7 @@ include("head.inc"); <input name="after" type="hidden" value="<?=$after;?>"> </td> </tr> +<?php endif; ?> <tr> <td> </td> </tr> diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index ec15fdf..c3607ec 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -62,30 +62,32 @@ if ($_POST) { $pconfig = $_POST; if ($_POST['apply']) { - $toapplylist = array(); - if (file_exists("{$g['tmp_path']}/firewall_virtual_ip.apply")) - $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/firewall_virtual_ip.apply")); - foreach ($toapplylist as $vid) { - if ($a_vip[$vid]) { - switch ($a_vip[$vid]['mode']) { - case "ipalias": - interface_ipalias_configure($a_vip[$vid]); - break; - case "proxyarp": - interface_proxyarp_configure($a_vip[$vid]['interface']); - break; - case "carp": - interface_carp_configure($a_vip[$vid]); - break; - case "carpdev-dhcp": - interface_carpdev_configure($a_vip[$vid]); - break; - default: - break; - } - } - } - @unlink("{$g['tmp_path']}/firewall_virtual_ip.apply"); + if (file_exists("{$g['tmp_path']}/.firewall_virtual_ip.apply")) { + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply")); + foreach ($toapplylist as $vid => $ovip) { + if (!empty($ovip)) + interface_vip_bring_down($ovip); + if ($a_vip[$vid]) { + switch ($a_vip[$vid]['mode']) { + case "ipalias": + interface_ipalias_configure($a_vip[$vid]); + break; + case "proxyarp": + interface_proxyarp_configure($a_vip[$vid]['interface']); + break; + case "carp": + interface_carp_configure($a_vip[$vid]); + break; + case "carpdev-dhcp": + interface_carpdev_configure($a_vip[$vid]); + break; + default: + break; + } + } + } + @unlink("{$g['tmp_path']}/.firewall_virtual_ip.apply"); + } $retval = 0; $retval |= filter_configure(); $savemsg = get_std_save_message($retval); @@ -108,7 +110,7 @@ if ($_GET['act'] == "del") { } } - if ($a_vip[$_GET['id']]['mode'] == "proxyarp") { + if ($a_vip[$_GET['id']]['mode'] == "ipalias") { $vipiface = $a_vip[$_GET['id']]['interface']; foreach ($a_vip as $vip) { if ($vip['interface'] == $vipiface && $vip['mode'] == "carp") @@ -117,11 +119,13 @@ if ($_GET['act'] == "del") { } } + if (!$input_errors) { // Special case since every proxyarp vip is handled by the same daemon. if ($a_vip[$_GET['id']]['mode'] == "proxyarp") { + $viface = $a_vip[$_GET['id']]['interface']; unset($a_vip[$_GET['id']]); - interface_proxyarp_configure(); + interface_proxyarp_configure($viface); } else { interface_vip_bring_down($a_vip[$_GET['id']]); unset($a_vip[$_GET['id']]); @@ -129,7 +133,6 @@ if ($_GET['act'] == "del") { if (count($config['virtualip']['vip']) == 0) unset($config['virtualip']['vip']); write_config(); - mark_subsystem_dirty('vip'); header("Location: firewall_virtual_ip.php"); exit; } diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index 8951435..79398bd 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -109,9 +109,12 @@ if ($_POST) { $input_errors[] = gettext("A valid IP address must be specified."); $natiflist = get_configured_interface_with_descr(); - foreach ($natiflist as $natif => $natdescr) + foreach ($natiflist as $natif => $natdescr) { + if ($_POST['interface'] == $natif && empty($config['interfaces'][$natif]['ipaddr'])) + $input_errors[] = gettext("The interface chosen for the VIP has no ip configured so it cannot be used as a parent for the VIP."); if ($_POST['subnet'] == get_interface_ip($natif)) $input_errors[] = sprintf(gettext("The %s IP address may not be used in a virtual entry."),$natdescr); + } if($_POST['subnet_bits'] == "32" and $_POST['type'] == "carp") $input_errors[] = gettext("The /32 subnet mask is invalid for CARP IPs."); @@ -146,11 +149,7 @@ if ($_POST) { if (!ip_in_subnet($_POST['subnet'], gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn) && !ip_in_interface_alias_subnet($_POST['interface'], $_POST['subnet'])) { $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); - } else if ($parent_sn != $_POST['subnet_bits']) - $input_errors[] = gettext("Subnet bits needs to be the same as the parent interface."); - - if (isset($id) && ($a_vip[$id]) && $a_vip[$id]['vhid'] != $_POST['vhid']) - interface_vip_bring_down($a_vip[$id]); + } } if (isset($id) && ($a_vip[$id])) { @@ -160,18 +159,12 @@ if ($_POST) { $vipiface = $a_vip[$id]['interface']; foreach ($a_vip as $vip) { if ($vip['interface'] == $vipiface && $vip['mode'] == "carp") { - if (ip_in_subnet($vip['subnet'], gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']) . "/" . $a_vip[$id]['subnet_bits'])) { + if (ip_in_subnet($vip['subnet'], gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']) . "/" . $a_vip[$id]['subnet_bits'])) $input_errors[] = gettext("This entry cannot be modified because it is still referenced by CARP") . " {$vip['descr']}."; - $bringdown = false; - } } } } - if (bringdown == false) - interface_vip_bring_down($a_vip[$id]); } - if ($a_vip[$id]['interface'] != $_POST['interface']) - interface_vip_bring_down($a_vip[$id]); } if (!$input_errors) { @@ -217,27 +210,27 @@ if ($_POST) { unset($vipent['alias-subnet']); } - if (isset($id) && $a_vip[$id]) { + if (!isset($id)) + $id = count($a_vip); + if (file_exists("{$g['tmp_path']}/.firewall_virtual_ip.apply")) + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply")); + else + $toapplylist = array(); + + $toapplylist[$id] = $a_vip[$id]; + if (!empty($a_vip[$id])) { /* modify all virtual IP rules with this address */ for ($i = 0; isset($config['nat']['rule'][$i]); $i++) { if ($config['nat']['rule'][$i]['destination']['address'] == $a_vip[$id]['subnet']) $config['nat']['rule'][$i]['destination']['address'] = $vipent['subnet']; } - $a_vip[$id] = $vipent; - } else - $a_vip[] = $vipent; + } + $a_vip[$id] = $vipent; mark_subsystem_dirty('vip'); write_config(); - if (!isset($id)) - $id = count($a_vip) - 1; - if (file_exists("{$g['tmp_path']}/firewall_virtual_ip.apply")) - $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/firewall_virtual_ip.apply")); - else - $toapplylist = array(); - $toapplylist[] = $id; - file_put_contents("{$g['tmp_path']}/firewall_virtual_ip.apply", serialize($toapplylist)); + file_put_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply", serialize($toapplylist)); header("Location: firewall_virtual_ip.php"); exit; } diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 229b032..458488e 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -477,6 +477,48 @@ function filter_rules_sort() { unset($config['filter']['rule'][$i]['seq']); } +function firewall_check_for_advanced_options(&$item) { + $item_set = ""; + if($item['max']) + $item_set .= "max {$item['max']} "; + if($item['max-src-nodes']) + $item_set .= "max-src-nodes {$item['max-src-nodes']} "; + if($item['max-src-conn']) + $item_set .= "max-src-conn {$item['max-src-conn']} "; + if($item['max-src-states']) + $item_set .= "max-src-states {$item['max-src-states']} "; + if($item['statetype'] != "keep state" && $item['statetype'] != "") + $item_set .= "statetype {$item['statetype']} "; + if($item['statetimeout']) + $item_set .= "statetimeout {$item['statetimeout']} "; + if($item['nosync']) + $item_set .= "nosync "; + if($item['max-src-conn-rate']) + $item_set .= "max-src-conn-rate {$item['max-src-conn-rate']} "; + if($item['max-src-conn-rates']) + $item_set .= "max-src-conn-rates {$item['max-src-conn-rates']} "; + if($item['gateway']) + $item_set .= "gateway {$item['gateway']} "; + if($item['dnpipe']) + $item_set .= "limiter {$item['dnpipe']} "; + if($item['pdnpipe']) + $item_set .= "limiter {$item['pdnpipe']} "; + if($item['l7container']) + $item_set .= "layer7 {$item['l7container']} "; + if($item['tag']) + $item_set .= "tag {$item['tag']} "; + if($item['tagged']) + $item_set .= "tagged {$item['tagged']} "; + if(isset($item['allowopts'])) + $item_set .= "allowopts "; + if(isset($item['disablereplyto'])) + $item_set .= "disable reply-to "; + if($item['tcpflags_any'] || $item['tcpflags1'] || $item['tcpflags2']) + $item_set .= "tcpflags set"; + + return $item_set; +} + function gentitle($title) { global $navlevelsep; if(!is_array($title)) diff --git a/usr/local/www/head.inc b/usr/local/www/head.inc index 3bc1e25..12f38b8 100755 --- a/usr/local/www/head.inc +++ b/usr/local/www/head.inc @@ -1,93 +1,93 @@ -<?php
-/*
- pfSense_MODULE: header
-*/
-
-/*
- * if user has selected a custom template, use it.
- * otherwise default to pfsense tempalte
- */
-if($config['theme'] <> "")
- $g['theme'] = $config['theme'];
-else
- $g['theme'] = "pfsense";
-
-/*
- * If this device is an apple ipod/iphone
- * switch the theme to one that works with it.
- */
-$apple_ua = array("iPhone","iPod", "iPad");
-foreach($apple_ua as $useragent)
- if(strstr($_SERVER['HTTP_USER_AGENT'], $useragent))
- $g['theme'] = "pfsense";
-
-$pagetitle = gentitle( $pgtitle );
-
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html>
-<head>
- <title><?php echo($config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pagetitle); ?></title>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
- <link rel="apple-touch-icon" href="/themes/<?php echo $g['theme']; ?>/apple-touch-icon.png"/>
- <?php if (strpos($_SERVER["SCRIPT_FILENAME"], "wizard.php") !== false &&
- file_exists("{$g['www_path']}/themes/{$g['theme']}/wizard.css")): ?>
- <?php echo "<style type=\"text/css\" src=\"/themes/{$g['theme']}/wizard.css\"></style>"; ?>
- <?php else: ?>
- <link rel="stylesheet" href="/themes/<?php echo $g['theme']; ?>/all.css" media="all" />
- <?php endif; ?>
- <link rel="stylesheet" type="text/css" href="/niftycssCode.css">
- <link rel="stylesheet" type="text/css" href="/niftycssprintCode.css" media="print">
- <link rel="stylesheet" type="text/css" href="/themes/<?=$g['theme']?>/new_tab_menu.css" media="all">
- <script type="text/javascript" src="/javascript/niftyjsCode.js"></script>
- <script type="text/javascript">
- var theme = "<?php echo $g['theme']; ?>";
- </script>
- <?php echo "\t<script type=\"text/javascript\" src=\"/themes/{$g['theme']}/loader.js\"></script>\n"; ?>
-<?php
- if($_GET['enablefirebuglite']) {
- echo "\t<script type=\"text/javascript\" src=\"/javascript/pi.js\"></script>\n";
- echo "\t<script type=\"text/javascript\" src=\"/javascript/firebug-lite.js\"></script>\n";
- }
- echo "\t<script type=\"text/javascript\" src=\"/javascript/scriptaculous/prototype.js\"></script>\n";
- echo "\t<script type=\"text/javascript\" src=\"/javascript/scriptaculous/scriptaculous.js\"></script>\n";
- echo "\t<script type=\"text/javascript\" src=\"/javascript/scriptaculous/effects.js\"></script>\n";
- echo "\t<script type=\"text/javascript\" src=\"/javascript/scriptaculous/dragdrop.js\"></script>\n";
- if(file_exists("{$g['www_path']}/javascript/global.js"))
- echo "\t<script type=\"text/javascript\" src=\"/javascript/global.js\"></script>\n";
- /*
- * Find all javascript files that need to be included
- * for this page ... from the arrays ... :)
- * Coded by: Erik Kristensen
- */
-
- $dir = trim(basename($_SERVER["SCRIPT_FILENAME"]), '.php');
- $path = "{$g['www_path']}/javascript/" . $dir . "/";
- if (is_dir($path)) {
- if ($dh = opendir($path)) {
- while (($file = readdir($dh)) !== false) {
- if (is_dir($file))
- continue;
- echo "\t<script type=\"text/javascript\" src=\"/javascript/{$dir}/{$file}\"></script>\n";
- }
- closedir($dh);
- }
- }
-
-if (!isset($closehead))
- echo "</head>";
-
-/* If this page is being remotely managed then do not allow the loading of the contents. */
-if($config['remote_managed_pages']['item']) {
- foreach($config['remote_managed_pages']['item'] as $rmp) {
- if($rmp == $_SERVER['SCRIPT_NAME']) {
- include("fbegin.inc");
- print_info_box_np("This page is currently being managed by a remote machine.");
- include("fend.inc");
- exit;
- }
- }
-}
-
+<?php +/* + pfSense_MODULE: header +*/ + +/* + * if user has selected a custom template, use it. + * otherwise default to pfsense tempalte + */ +if($config['theme'] <> "") + $g['theme'] = $config['theme']; +else + $g['theme'] = "pfsense"; + +/* + * If this device is an apple ipod/iphone + * switch the theme to one that works with it. + */ +$apple_ua = array("iPhone","iPod", "iPad"); +foreach($apple_ua as $useragent) + if(strstr($_SERVER['HTTP_USER_AGENT'], $useragent)) + $g['theme'] = "pfsense"; + +$pagetitle = gentitle( $pgtitle ); + +?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html> +<head> + <title><?php echo($config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pagetitle); ?></title> + <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> + <link rel="apple-touch-icon" href="/themes/<?php echo $g['theme']; ?>/apple-touch-icon.png"/> + <?php if (strpos($_SERVER["SCRIPT_FILENAME"], "wizard.php") !== false && + file_exists("{$g['www_path']}/themes/{$g['theme']}/wizard.css")): ?> + <?php echo "<style type=\"text/css\" src=\"/themes/{$g['theme']}/wizard.css\"></style>"; ?> + <?php else: ?> + <link rel="stylesheet" href="/themes/<?php echo $g['theme']; ?>/all.css" media="all" /> + <?php endif; ?> + <link rel="stylesheet" type="text/css" href="/niftycssCode.css"> + <link rel="stylesheet" type="text/css" href="/niftycssprintCode.css" media="print"> + <link rel="stylesheet" type="text/css" href="/themes/<?=$g['theme']?>/new_tab_menu.css" media="all"> + <script type="text/javascript" src="/javascript/niftyjsCode.js"></script> + <script type="text/javascript"> + var theme = "<?php echo $g['theme']; ?>"; + </script> + <?php echo "\t<script type=\"text/javascript\" src=\"/themes/{$g['theme']}/loader.js\"></script>\n"; ?> +<?php + if($_GET['enablefirebuglite']) { + echo "\t<script type=\"text/javascript\" src=\"/javascript/pi.js\"></script>\n"; + echo "\t<script type=\"text/javascript\" src=\"/javascript/firebug-lite.js\"></script>\n"; + } + echo "\t<script type=\"text/javascript\" src=\"/javascript/scriptaculous/prototype.js\"></script>\n"; + echo "\t<script type=\"text/javascript\" src=\"/javascript/scriptaculous/scriptaculous.js\"></script>\n"; + echo "\t<script type=\"text/javascript\" src=\"/javascript/scriptaculous/effects.js\"></script>\n"; + echo "\t<script type=\"text/javascript\" src=\"/javascript/scriptaculous/dragdrop.js\"></script>\n"; + if(file_exists("{$g['www_path']}/javascript/global.js")) + echo "\t<script type=\"text/javascript\" src=\"/javascript/global.js\"></script>\n"; + /* + * Find all javascript files that need to be included + * for this page ... from the arrays ... :) + * Coded by: Erik Kristensen + */ + + $dir = trim(basename($_SERVER["SCRIPT_FILENAME"]), '.php'); + $path = "{$g['www_path']}/javascript/" . $dir . "/"; + if (is_dir($path)) { + if ($dh = opendir($path)) { + while (($file = readdir($dh)) !== false) { + if (is_dir($file)) + continue; + echo "\t<script type=\"text/javascript\" src=\"/javascript/{$dir}/{$file}\"></script>\n"; + } + closedir($dh); + } + } + +if (!isset($closehead)) + echo "</head>"; + +/* If this page is being remotely managed then do not allow the loading of the contents. */ +if($config['remote_managed_pages']['item']) { + foreach($config['remote_managed_pages']['item'] as $rmp) { + if($rmp == $_SERVER['SCRIPT_NAME']) { + include("fbegin.inc"); + print_info_box_np("This page is currently being managed by a remote machine."); + include("fend.inc"); + exit; + } + } +} + ?>
\ No newline at end of file diff --git a/usr/local/www/help.php b/usr/local/www/help.php index bb990b7..89a5feb 100644 --- a/usr/local/www/help.php +++ b/usr/local/www/help.php @@ -68,7 +68,7 @@ $helppages = array( 'diag_patterns.php' => 'http://doc.pfsense.org/index.php/Layer7_Pattern_Diagnostics', 'diag_ping.php' => 'http://doc.pfsense.org/index.php/Ping_Host', 'diag_pkglogs.php' => 'http://doc.pfsense.org/index.php/Package_Logs', - 'diag_showbogons.php' => 'http://doc.pfsense.org/index.php/Show_Bogons', + 'diag_tables.php' => 'http://doc.pfsense.org/index.php/Tables', 'diag_system_activity.php' => 'http://doc.pfsense.org/index.php/System_Activity', 'diag_traceroute.php' => 'http://doc.pfsense.org/index.php/Traceroute', 'easyrule.php' => 'http://doc.pfsense.org/index.php/Easy_Rule', @@ -146,7 +146,6 @@ $helppages = array( 'system_groupmanager.php' => 'http://doc.pfsense.org/index.php/Group_Manager', 'system_groupmanager_addprivs.php' => 'http://doc.pfsense.org/index.php/Group_Manager', 'system_usermanager.php' => 'http://doc.pfsense.org/index.php/User_Manager', - 'system_usermanager_addcert.php' => 'http://doc.pfsense.org/index.php/User_Manager', 'system_usermanager_addprivs.php' => 'http://doc.pfsense.org/index.php/User_Manager', 'system_usermanager_settings.php' => 'http://doc.pfsense.org/index.php/User_Manager', 'system_usermanager_settings_ldapacpicker.php' => 'http://doc.pfsense.org/index.php/User_Manager', diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index a451954..27b38e0 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -374,10 +374,17 @@ if ($_POST) { $reqdfields = explode(" ", "ipaddr subnet gateway"); $reqdfieldsn = array(gettext("IP address"),gettext("Subnet bit count"),gettext("Gateway")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + break; case "none": + if(is_array($config['virtualip']['vip'])) { + foreach ($config['virtualip']['vip'] as $vip) { + if ($vip['interface'] == $if) + $input_errors[] = gettext("This interface is referenced by VIPs please delete those before setting the interface to 'none' configuration."); + } + } case "dhcp": if (in_array($wancfg['ipaddr'], array("ppp", "pppoe", "pptp", "l2tp"))) - $input_errors[] = "You have to reassign the interface to be able to configure as {$_POST['type']}."; + $input_errors[] = gettext("You have to reassign the interface to be able to configure as {$_POST['type']}."); break; case "ppp": $reqdfields = explode(" ", "port phone"); diff --git a/usr/local/www/interfaces_groups_edit.php b/usr/local/www/interfaces_groups_edit.php index b72a442..1906a69 100755 --- a/usr/local/www/interfaces_groups_edit.php +++ b/usr/local/www/interfaces_groups_edit.php @@ -97,26 +97,30 @@ if ($_POST) { if (isset($id) && $a_ifgroups[$id] && $_POST['ifname'] != $a_ifgroups[$id]['ifname']) { - foreach ($config['filter']['rule'] as $ridx => $rule) { - if (isset($rule['floating'])) { - $rule_ifs = explode(",", $rule['interface']); - $rule_changed = false; - foreach ($rule_ifs as $rule_if_id => $rule_if) { - if ($rule_if == $a_ifgroups[$id]['ifname']) { - $rule_ifs[$rule_if_id] = $_POST['ifname']; - $rule_changed = true; + if (!empty($config['filter']) && is_array($config['filter']['rule'])) { + foreach ($config['filter']['rule'] as $ridx => $rule) { + if (isset($rule['floating'])) { + $rule_ifs = explode(",", $rule['interface']); + $rule_changed = false; + foreach ($rule_ifs as $rule_if_id => $rule_if) { + if ($rule_if == $a_ifgroups[$id]['ifname']) { + $rule_ifs[$rule_if_id] = $_POST['ifname']; + $rule_changed = true; + } } + if ($rule_changed) + $config['filter']['rule'][$ridx]['interface'] = implode(",", $rule_ifs); + } else { + if ($rule['interface'] == $a_ifgroups[$id]['ifname']) + $config['filter']['rule'][$ridx]['interface'] = $_POST['ifname']; } - if ($rule_changed) - $config['filter']['rule'][$ridx]['interface'] = implode(",", $rule_ifs); - } else { - if ($rule['interface'] == $a_ifgroups[$id]['ifname']) - $config['filter']['rule'][$ridx]['interface'] = $_POST['ifname']; } } - foreach ($config['nat']['rule'] as $ridx => $rule) { - if ($rule['interface'] == $a_ifgroups[$id]['ifname']) - $config['nat']['rule'][$ridx]['interface'] = $_POST['ifname']; + if (!empty($config['nat']) && is_array($config['nat']['rule'])) { + foreach ($config['nat']['rule'] as $ridx => $rule) { + if ($rule['interface'] == $a_ifgroups[$id]['ifname']) + $config['nat']['rule'][$ridx]['interface'] = $_POST['ifname']; + } } $omembers = explode(" ", $a_ifgroups[$id]['members']); if (count($omembers) > 0) { diff --git a/usr/local/www/javascript/row_helper.js b/usr/local/www/javascript/row_helper.js index 476602b..5e8df31 100755 --- a/usr/local/www/javascript/row_helper.js +++ b/usr/local/www/javascript/row_helper.js @@ -26,6 +26,8 @@ var addRowTo = (function() { td = d.createElement("td"); if(rowtype[i] == 'textbox') { td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input size='" + rowsize[i] + "' class='formfld unknown' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; + } else if(rowtype[i] == 'password') { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input type='password' size='" + rowsize[i] + "' class='formfld pwd' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; } else if(rowtype[i] == 'select') { td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select size='1' name='" + rowname[i] + totalrows + "'><option value=\"32\" selected>32</option><option value=\"31\" >31</option><option value=\"30\" >30</option><option value=\"29\" >29</option><option value=\"28\" >28</option><option value=\"27\" >27</option><option value=\"26\" >26</option><option value=\"25\" >25</option><option value=\"24\" >24</option><option value=\"23\" >23</option><option value=\"22\" >22</option><option value=\"21\" >21</option><option value=\"20\" >20</option><option value=\"19\" >19</option><option value=\"18\" >18</option><option value=\"17\" >17</option><option value=\"16\" >16</option><option value=\"15\" >15</option><option value=\"14\" >14</option><option value=\"13\" >13</option><option value=\"12\" >12</option><option value=\"11\" >11</option><option value=\"10\" >10</option><option value=\"9\" >9</option><option value=\"8\" >8</option><option value=\"7\" >7</option><option value=\"6\" >6</option><option value=\"5\" >5</option><option value=\"4\" >4</option><option value=\"3\" >3</option><option value=\"2\" >2</option><option value=\"1\" >1</option></select> "; } else if(rowtype[i] == 'select_source') { diff --git a/usr/local/www/pkg_mgr_install.php b/usr/local/www/pkg_mgr_install.php index 9e9b5d7..5e17150 100755 --- a/usr/local/www/pkg_mgr_install.php +++ b/usr/local/www/pkg_mgr_install.php @@ -181,8 +181,7 @@ switch($_GET['mode']) { $static_output = ""; if($pkgtodo['name']) { update_output_window($static_output); - delete_package($pkgtodo['name'] . '-' . $pkgtodo['version'], $pkg_id); - delete_package_xml($pkgtodo['name']); + uninstall_package_from_name($pkgtodo['name']); install_package($pkgtodo['name']); $pkg_id++; } diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php index 152877d..e2ce65b 100755 --- a/usr/local/www/services_dhcp.php +++ b/usr/local/www/services_dhcp.php @@ -233,7 +233,7 @@ if ($_POST) { $input_errors[] = gettext("A valid IP address must be specified for the primary/secondary NTP servers."); if (($_POST['domain'] && !is_domain($_POST['domain']))) $input_errors[] = gettext("A valid domain name must be specified for the DNS domain."); - if (($_POST['tftp'] && (!is_ipaddr($_POST['tftp']) && !is_domain($_POST['tftp'])))) + if ($_POST['tftp'] && !is_ipaddr($_POST['tftp']) && !is_domain($_POST['tftp']) && !is_URL($_POST['tftp'])) $input_errors[] = gettext("A valid IP address or hostname must be specified for the TFTP server."); if (($_POST['nextserver'] && !is_ipaddr($_POST['nextserver']))) $input_errors[] = gettext("A valid IP address must be specified for the network boot server."); diff --git a/usr/local/www/services_dhcp_edit.php b/usr/local/www/services_dhcp_edit.php index 51da0f4..cccbd2a 100755 --- a/usr/local/www/services_dhcp_edit.php +++ b/usr/local/www/services_dhcp_edit.php @@ -111,6 +111,12 @@ if ($_POST) { $_POST['mac'] = strtolower(str_replace("-", ":", $_POST['mac'])); if ($_POST['hostname']) { + preg_match("/^[0-9]/", $_POST['hostname'], $matches); + if($matches) + $input_errors[] = gettext("The hostname cannot start with a numeric character according to RFC952"); + preg_match("/\-\$/", $_POST['hostname'], $matches); + if($matches) + $input_errors[] = gettext("The hostname cannot end with a hyphen according to RFC952"); if (!is_hostname($_POST['hostname'])) { $input_errors[] = gettext("The hostname can only contain the characters A-Z, 0-9 and '-'."); } else { @@ -251,4 +257,4 @@ include("head.inc"); </form> <?php include("fend.inc"); ?> </body> -</html> +</html>
\ No newline at end of file diff --git a/usr/local/www/services_dyndns.php b/usr/local/www/services_dyndns.php index d591a20..c1a25d4 100755 --- a/usr/local/www/services_dyndns.php +++ b/usr/local/www/services_dyndns.php @@ -114,8 +114,8 @@ include("head.inc"); </td> <td class="listlr"> <?php - $types = explode(",", "DNS-O-Matic, DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNSexit, OpenDNS"); - $vals = explode(" ", "dnsomatic dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsexit opendns"); + $types = explode(",", "DNS-O-Matic, DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNSexit, OpenDNS, Namecheap"); + $vals = explode(" ", "dnsomatic dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsexit opendns namecheap"); $j = 0; for ($j = 0; $j < count($vals); $j++) if ($vals[$j] == $dyndns['type']) { echo htmlspecialchars($types[$j]); diff --git a/usr/local/www/services_dyndns_edit.php b/usr/local/www/services_dyndns_edit.php index 24c0267..c221e97 100644 --- a/usr/local/www/services_dyndns_edit.php +++ b/usr/local/www/services_dyndns_edit.php @@ -80,14 +80,18 @@ if ($_POST) { /* input validation */ $reqdfields = array(); $reqdfieldsn = array(); - $reqdfields = array_merge($reqdfields, explode(" ", "host username password type")); - $reqdfieldsn = array_merge($reqdfieldsn, array(gettext("Hostname"),gettext("Username"),gettext("Password"),gettext("Service type"))); + $reqdfields = array("host", "password", "type"); + $reqdfieldsn = array(gettext("Hostname"),gettext("Password"),gettext("Service type")); + if ($pconfig['type'] != "namecheap") { + $reqdfields[] = "username"; + $reqdfieldsn[] = gettext("Username"); + } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if (($_POST['mx'] && !is_domain($_POST['mx']))) $input_errors[] = gettext("The MX contains invalid characters."); - if (($_POST['username'] && !is_dyndns_username($_POST['username'])) || $_POST['username'] == "") + if (($_POST['username'] && !is_dyndns_username($_POST['username'])) || (($pconfig['type'] != "namecheap") && ($_POST['username'] == ""))) $input_errors[] = gettext("The username contains invalid characters."); if (!$input_errors) { @@ -153,8 +157,8 @@ include("head.inc"); <td width="78%" class="vtable"> <select name="type" class="formselect" id="type"> <?php - $types = explode(",", "DNS-O-Matic, DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNSexit, OpenDNS"); - $vals = explode(" ", "dnsomatic dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsexit opendns"); + $types = explode(",", "DNS-O-Matic, DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNSexit, OpenDNS, Namecheap"); + $vals = explode(" ", "dnsomatic dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsexit opendns namecheap"); $j = 0; for ($j = 0; $j < count($vals); $j++): ?> <option value="<?=$vals[$j];?>" <?php if ($vals[$j] == $pconfig['type']) echo "selected";?>> <?=htmlspecialchars($types[$j]);?> @@ -206,6 +210,7 @@ include("head.inc"); <td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td> <td width="78%" class="vtable"> <input name="username" type="text" class="formfld user" id="username" size="20" value="<?=htmlspecialchars($pconfig['username']);?>"> + <br/><?= gettext("Username is required for all types except Namecheap and FreeDNS.");?> </td> </tr> <tr> diff --git a/usr/local/www/status_filter_reload.php b/usr/local/www/status_filter_reload.php index 3d97c8e..0420857 100644 --- a/usr/local/www/status_filter_reload.php +++ b/usr/local/www/status_filter_reload.php @@ -50,6 +50,11 @@ if($_GET['getstatus']) { echo "|{$status}|"; exit; } +if($_GET['reloadfilter']) { + send_event("filter reload"); + header("Location: status_filter_reload.php"); + exit; +} include("head.inc"); ?> @@ -57,7 +62,9 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> - +<br/> +<a href="/status_filter_reload.php?reloadfilter=true"><input type="button" value="Reload Filter" id="reloadfilter"></a> +<br/><br/><br/> <div id="status" name="status" style="padding:5px; border:1px dashed #990000; background-color: #ffffff; color: #000000;"> <?php echo $status; ?> </div> diff --git a/usr/local/www/status_services.php b/usr/local/www/status_services.php index 536a953..cfeb959 100755 --- a/usr/local/www/status_services.php +++ b/usr/local/www/status_services.php @@ -37,7 +37,8 @@ ##|*MATCH=status_services.php* ##|-PRIV -require("guiconfig.inc"); +require_once("guiconfig.inc"); +require_once("captiveportal.inc"); require_once("service-utils.inc"); require_once("ipsec.inc"); require_once("vpn.inc"); @@ -58,9 +59,14 @@ function get_pkg_descr($package_name) { return gettext("Not available."); } -if($_GET['mode'] == "restartservice" and $_GET['service']) { +if($_GET['mode'] == "restartservice" and !empty($_GET['service'])) { switch($_GET['service']) { + case 'captiveportal': + killbypid("{$g['varrun_path']}/lighty-CaptivePortal.pid"); + captiveportal_init_webgui(); + break; case 'ntpd': + case 'openntpd': system_ntp_configure(); break; case 'bsnmpd': @@ -79,20 +85,18 @@ if($_GET['mode'] == "restartservice" and $_GET['service']) { upnp_action('restart'); break; case 'racoon': - exec("/usr/bin/killall -9 racoon"); - sleep(1); vpn_ipsec_force_reload(); break; case 'openvpn': $vpnmode = $_GET['vpnmode']; - if (($vpnmode == "server") or ($vpnmode == "client")) { + if ($vpnmode == "server" || $vpnmode == "client") { $id = $_GET['id']; - if (is_numeric($id)) { - $pidfile = $g['varrun_path'] . "/openvpn_{$vpnmode}{$id}.pid"; + $configfile = "{$g['varetc_path']}/openvpn/{$vpnmode}{$id}.conf"; + $pidfile = $g['varrun_path'] . "/openvpn_{$vpnmode}{$id}.pid"; + if (file_exists($configfile)) { killbypid($pidfile); sleep(1); - $configfile = $g['varetc_path'] . "/openvpn_{$vpnmode}{$id}.conf"; - mwexec_bg("/usr/local/sbin/openvpn --config $configfile"); + mwexec_bg("/usr/local/sbin/openvpn --config {$configfile}"); } } break; @@ -104,9 +108,13 @@ if($_GET['mode'] == "restartservice" and $_GET['service']) { sleep(5); } -if($_GET['mode'] == "startservice" and $_GET['service']) { +if($_GET['mode'] == "startservice" and !empty($_GET['service'])) { switch($_GET['service']) { + case 'captiveportal': + captiveportal_init_webgui(); + break; case 'ntpd': + case 'openntpd': system_ntp_configure(); break; case 'bsnmpd': @@ -125,18 +133,15 @@ if($_GET['mode'] == "startservice" and $_GET['service']) { upnp_action('start'); break; case 'racoon': - exec("killall -9 racoon"); - sleep(1); vpn_ipsec_force_reload(); break; case 'openvpn': $vpnmode = $_GET['vpnmode']; - if (($vpnmode == "server") or ($vpnmode == "client")) { + if (($vpnmode == "server") || ($vpnmode == "client")) { $id = $_GET['id']; - if (is_numeric($id)) { - $configfile = $g['varetc_path'] . "/openvpn_{$vpnmode}{$id}.conf"; - mwexec_bg("/usr/local/sbin/openvpn --config $configfile"); - } + $configfile = "{$g['varetc_path']}/openvpn/{$vpnmode}{$id}.conf"; + if (file_exists($configfile)) + mwexec_bg("/usr/local/sbin/openvpn --config {$configfile}"); } break; default: @@ -148,11 +153,17 @@ if($_GET['mode'] == "startservice" and $_GET['service']) { } /* stop service */ -if($_GET['mode'] == "stopservice" && $_GET['service']) { +if($_GET['mode'] == "stopservice" && !empty($_GET['service'])) { switch($_GET['service']) { + case 'captiveportal': + killbypid("{$g['varrun_path']}/lighty-CaptivePortal.pid"); + break; case 'ntpd': killbyname("ntpd"); break; + case 'openntpd': + killbyname("openntpd"); + break; case 'bsnmpd': killbypid("{$g['varrun_path']}/snmpd.pid"); break; @@ -174,9 +185,6 @@ if($_GET['mode'] == "stopservice" && $_GET['service']) { case 'miniupnpd': upnp_action('stop'); break; - case 'openntpd': - killbyname("openntpd"); - break; case 'sshd': killbyname("sshd"); break; @@ -187,22 +195,21 @@ if($_GET['mode'] == "stopservice" && $_GET['service']) { $vpnmode = $_GET['vpnmode']; if (($vpnmode == "server") or ($vpnmode == "client")) { $id = $_GET['id']; - if (is_numeric($id)) { - $pidfile = $g['varrun_path'] . "/openvpn_{$vpnmode}{$id}.pid"; - killbypid($pidfile); - } + $pidfile = "{$g['varrun_path']}/openvpn_{$vpnmode}{$id}.pid"; + killbypid($pidfile); } break; default: stop_service($_GET['service']); break; } - $savemsg = sprintf(gettext("%s has been stopped."),$_GET['service']); + $savemsg = sprintf(gettext("%s has been stopped."), $_GET['service']); sleep(5); } /* batch mode, allow other scripts to call this script */ -if($_GET['batch']) exit; +if($_GET['batch']) + exit; $pgtitle = array(gettext("Status"),gettext("Services")); include("head.inc"); @@ -231,35 +238,31 @@ include("fbegin.inc"); <?php -exec("/bin/ps ax | awk '{ print $5 }'", $psout); -array_shift($psout); -foreach($psout as $line) { - $ps[] = trim(array_pop(explode(' ', array_pop(explode('/', $line))))); -} - -$services = $config['installedpackages']['service']; +if (is_array($config['installedpackages']['service'])) + $services = $config['installedpackages']['service']; +else + $services = array(); /* Add services that are in the base. * */ if(isset($config['dnsmasq']['enable'])) { + $pconfig = array(); $pconfig['name'] = "dnsmasq"; $pconfig['description'] = gettext("DNS Forwarder"); $services[] = $pconfig; - unset($pconfig); } +$pconfig = array(); $pconfig['name'] = "ntpd"; $pconfig['description'] = gettext("NTP clock sync"); $services[] = $pconfig; -unset($pconfig); if(isset($config['captiveportal']['enable'])) { - $pconfig['name'] = "lighttpd"; + $pconfig = array(); + $pconfig['name'] = "captiveportal"; $pconfig['description'] = gettext("Captive Portal"); $services[] = $pconfig; - $pconfig = ""; - unset($pconfig); } $iflist = array(); @@ -276,75 +279,78 @@ foreach($iflist as $if) { } if($show_dhcprelay == true) { + $pconfig = array(); $pconfig['name'] = "dhcrelay"; $pconfig['description'] = gettext("DHCP Relay"); $services[] = $pconfig; - unset($pconfig); } if(is_dhcp_server_enabled()) { + $pconfig = array(); $pconfig['name'] = "dhcpd"; $pconfig['description'] = gettext("DHCP Service"); $services[] = $pconfig; - unset($pconfig); } if(isset($config['snmpd']['enable'])) { + $pconfig = array(); $pconfig['name'] = "bsnmpd"; $pconfig['description'] = gettext("SNMP Service"); $services[] = $pconfig; - unset($pconfig); } if (count($config['igmpproxy']['igmpentry']) > 0) { + $pconfig = array(); $pconfig['name'] = "igmpproxy"; $pconfig['descritption'] = gettext("IGMP proxy"); $services[] = $pconfig; - unset($pconfig); } if($config['installedpackages']['miniupnpd']['config'][0]['enable']) { + $pconfig = array(); $pconfig['name'] = "miniupnpd"; $pconfig['description'] = gettext("UPnP Service"); $services[] = $pconfig; - unset($pconfig); } if (isset($config['ipsec']['enable'])) { + $pconfig = array(); $pconfig['name'] = "racoon"; $pconfig['description'] = gettext("IPsec VPN"); $services[] = $pconfig; - unset($pconfig); } foreach (array('server', 'client') as $mode) { - if (is_array($config['installedpackages']["openvpn$mode"]['config'])) { - foreach ($config['installedpackages']["openvpn$mode"]['config'] as $id => $settings) { - $setting = $config['installedpackages']["openvpn$mode"]['config'][$id]; - if (!$setting['disable']) { + if (is_array($config['openvpn']["openvpn-{$mode}"])) { + foreach ($config['openvpn']["openvpn-{$mode}"] as $id => $setting) { + if (!isset($setting['disable'])) { + $pconfig = array(); $pconfig['name'] = "openvpn"; $pconfig['mode'] = $mode; $pconfig['id'] = $id; + $pconfig['vpnid'] = $setting['vpnid']; $pconfig['description'] = gettext("OpenVPN") . " ".$mode.": ".htmlspecialchars($setting['description']); $services[] = $pconfig; - unset($pconfig); } } } } -if($services) { +if (count($services) > 0) { foreach($services as $service) { - if(!$service['name']) continue; - if(!$service['description']) $service['description'] = get_pkg_descr($service['name']); + if (empty($service['name'])) + continue; + if (empty($service['description'])) + $service['description'] = get_pkg_descr($service['name']); echo '<tr><td class="listlr">' . $service['name'] . '</td>'; echo '<td class="listr">' . $service['description'] . '</td>'; - if ($service['name'] == "openvpn") { - $running = (is_pid_running($g['varrun_path'] . "/openvpn_{$service['mode']}{$service['id']}.pid") ); - } else { - $running = (is_service_running($service['name'], $ps) or is_process_running($service['name']) ); - } + if ($service['name'] == "openvpn") + $running = is_pid_running("{$g['varrun_path']}/openvpn_{$service['mode']}{$service['vpnid']}.pid"); + else if ($service['name'] == "captiveportal") + $running = is_pid_running("{$g['varrun_path']}/lighty-CaptivePortal.pid"); + else + $running = is_service_running($service['name']); if($running) { echo '<td class="listr"><center>'; echo "<img src=\"/themes/" . $g["theme"] . "/images/icons/icon_pass.gif\"> " . gettext("Running") . "</td>"; @@ -355,13 +361,13 @@ if($services) { echo '<td valign="middle" class="list" nowrap>'; if($running) { if ($service['name'] == "openvpn") { - echo "<a href='status_services.php?mode=restartservice&service={$service['name']}&vpnmode={$service['mode']}&id={$service['id']}'>"; + echo "<a href='status_services.php?mode=restartservice&service={$service['name']}&vpnmode={$service['mode']}&id={$service['vpnid']}'>"; } else { echo "<a href='status_services.php?mode=restartservice&service={$service['name']}'>"; } echo "<img title='" . gettext("Restart Service") . "' border='0' src='./themes/".$g['theme']."/images/icons/icon_service_restart.gif'></a> "; if ($service['name'] == "openvpn") { - echo "<a href='status_services.php?mode=stopservice&service={$service['name']}&vpnmode={$service['mode']}&id={$service['id']}'>"; + echo "<a href='status_services.php?mode=stopservice&service={$service['name']}&vpnmode={$service['mode']}&id={$service['vpnid']}'>"; } else { echo "<a href='status_services.php?mode=stopservice&service={$service['name']}'> "; } @@ -369,7 +375,7 @@ if($services) { echo "</a>"; } else { if ($service['name'] == "openvpn") { - echo "<a href='status_services.php?mode=startservice&service={$service['name']}&vpnmode={$service['mode']}&id={$service['id']}'>"; + echo "<a href='status_services.php?mode=startservice&service={$service['name']}&vpnmode={$service['mode']}&id={$service['vpnid']}'>"; } else { echo "<a href='status_services.php?mode=startservice&service={$service['name']}'> "; } @@ -389,7 +395,8 @@ if($services) { </td> </tr></table> </div> - +</p> +</form> <?php include("fend.inc"); ?> </body> </html> diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index e7ae297..e7c217b 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -62,7 +62,7 @@ $pconfig['enablesshd'] = $config['system']['enablesshd']; $pconfig['sshport'] = $config['system']['ssh']['port']; $pconfig['sshdkeyonly'] = isset($config['system']['ssh']['sshdkeyonly']); -$a_cert =& $config['system']['cert']; +$a_cert =& $config['cert']; $certs_available = false; if (is_array($a_cert) && count($a_cert)) @@ -461,7 +461,7 @@ if ($restart_sshd) { if ($config['system']['enablesshd']) { log_error(gettext("secure shell configuration has changed. Restarting sshd.")); - touch("{$g['tmp_path']}/start_sshd"); + send_event("service restart sshd"); } } if ($restart_webgui) { diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index 369f7b6..17f7bd8 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -52,15 +52,15 @@ $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; -if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); +if (!is_array($config['ca'])) + $config['ca'] = array(); -$a_ca =& $config['system']['ca']; +$a_ca =& $config['ca']; -if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); +if (!is_array($config['cert'])) + $config['cert'] = array(); -$a_cert =& $config['system']['cert']; +$a_cert =& $config['cert']; $act = $_GET['act']; if ($_POST['act']) diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 4fd51e7..2f953f6 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -41,27 +41,38 @@ require("guiconfig.inc"); require_once("certs.inc"); $cert_methods = array( - "existing" => gettext("Import an existing Certificate"), + "import" => gettext("Import an existing Certificate"), "internal" => gettext("Create an internal Certificate"), - "external" => gettext("Create a Certificate Signing Request")); + "external" => gettext("Create a Certificate Signing Request"), +); $cert_keylens = array( "512", "1024", "2048", "4096"); $pgtitle = array(gettext("System"), gettext("Certificate Manager")); +$userid = $_GET['userid']; +if (isset($_POST['userid'])) + $userid = $_POST['userid']; +if ($userid) { + $cert_methods["existing"] = gettext("Choose an existing certificate"); + if (!is_array($config['system']['user'])) + $config['system']['user'] = array(); + $a_user =& $config['system']['user']; +} + $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; -if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); +if (!is_array($config['ca'])) + $config['ca'] = array(); -$a_ca =& $config['system']['ca']; +$a_ca =& $config['ca']; -if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); +if (!is_array($config['cert'])) + $config['cert'] = array(); -$a_cert =& $config['system']['cert']; +$a_cert =& $config['cert']; $internal_ca_count = 0; foreach ($a_ca as $ca) @@ -139,14 +150,12 @@ if ($act == "csr") { } if ($_POST) { - if ($_POST['save'] == gettext("Save")) { - unset($input_errors); $pconfig = $_POST; /* input validation */ - if ($pconfig['method'] == "existing") { + if ($pconfig['method'] == "import") { $reqdfields = explode(" ", "name cert key"); $reqdfieldsn = array( @@ -187,6 +196,11 @@ if ($_POST) { gettext("Distinguished name Common Name")); } + if ($pconfig['method'] == "existing") { + $reqdfields = array("certref"); + $reqdfieldsn = array(gettext("Existing Certificate Choice")); + } + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); /* if this is an AJAX caller then handle via JSON */ @@ -198,49 +212,57 @@ if ($_POST) { /* save modifications */ if (!$input_errors) { - $cert = array(); - $cert['refid'] = uniqid(); - if (isset($id) && $a_cert[$id]) - $cert = $a_cert[$id]; - - $cert['name'] = $pconfig['name']; - - if ($pconfig['method'] == "existing") - cert_import($cert, $pconfig['cert'], $pconfig['key']); - - if ($pconfig['method'] == "internal") { - $dn = array( - 'countryName' => $pconfig['dn_country'], - 'stateOrProvinceName' => $pconfig['dn_state'], - 'localityName' => $pconfig['dn_city'], - 'organizationName' => $pconfig['dn_organization'], - 'emailAddress' => $pconfig['dn_email'], - 'commonName' => $pconfig['dn_commonname']); - - cert_create($cert, $pconfig['caref'], $pconfig['keylen'], - $pconfig['lifetime'], $dn); - } - - if ($pconfig['method'] == "external") { - $dn = array( - 'countryName' => $pconfig['csr_dn_country'], - 'stateOrProvinceName' => $pconfig['csr_dn_state'], - 'localityName' => $pconfig['csr_dn_city'], - 'organizationName' => $pconfig['csr_dn_organization'], - 'emailAddress' => $pconfig['csr_dn_email'], - 'commonName' => $pconfig['csr_dn_commonname']); - - csr_generate($cert, $pconfig['csr_keylen'], $dn); + if ($pconfig['method'] == "existing") { + $cert = lookup_cert($pconfig['certref']); + if ($cert && $a_user) + $a_user[$userid]['cert'][] = $cert['refid']; + } else { + $cert = array(); + $cert['refid'] = uniqid(); + if (isset($id) && $a_cert[$id]) + $cert = $a_cert[$id]; + + $cert['name'] = $pconfig['name']; + + if ($pconfig['method'] == "import") + cert_import($cert, $pconfig['cert'], $pconfig['key']); + + if ($pconfig['method'] == "internal") { + $dn = array( + 'countryName' => $pconfig['dn_country'], + 'stateOrProvinceName' => $pconfig['dn_state'], + 'localityName' => $pconfig['dn_city'], + 'organizationName' => $pconfig['dn_organization'], + 'emailAddress' => $pconfig['dn_email'], + 'commonName' => $pconfig['dn_commonname']); + + cert_create($cert, $pconfig['caref'], $pconfig['keylen'], + $pconfig['lifetime'], $dn); + } + + if ($pconfig['method'] == "external") { + $dn = array( + 'countryName' => $pconfig['csr_dn_country'], + 'stateOrProvinceName' => $pconfig['csr_dn_state'], + 'localityName' => $pconfig['csr_dn_city'], + 'organizationName' => $pconfig['csr_dn_organization'], + 'emailAddress' => $pconfig['csr_dn_email'], + 'commonName' => $pconfig['csr_dn_commonname']); + + csr_generate($cert, $pconfig['csr_keylen'], $dn); + } + if (isset($id) && $a_cert[$id]) + $a_cert[$id] = $cert; + else + $a_cert[] = $cert; + if (isset($a_user) && isset($userid)) + $a_user[$userid]['cert'][] = $cert['refid']; } - if (isset($id) && $a_cert[$id]) - $a_cert[$id] = $cert; - else - $a_cert[] = $cert; - write_config(); -// pfSenseHeader("system_certmanager.php"); + if ($userid) + pfSenseHeader("system_usermanager.php?act=edit&id={$userid}"); } } @@ -308,21 +330,35 @@ function method_change() { switch (method) { case 0: - document.getElementById("existing").style.display=""; + document.getElementById("import").style.display=""; document.getElementById("internal").style.display="none"; document.getElementById("external").style.display="none"; + document.getElementById("existing").style.display="none"; + document.getElementById("descriptivename").style.display=""; document.getElementById("submit").style.display=""; break; case 1: - document.getElementById("existing").style.display="none"; + document.getElementById("import").style.display="none"; document.getElementById("internal").style.display=""; document.getElementById("external").style.display="none"; + document.getElementById("existing").style.display="none"; + document.getElementById("descriptivename").style.display=""; document.getElementById("submit").style.display="<?=$submit_style;?>"; break; case 2: - document.getElementById("existing").style.display="none"; + document.getElementById("import").style.display="none"; document.getElementById("internal").style.display="none"; document.getElementById("external").style.display=""; + document.getElementById("existing").style.display="none"; + document.getElementById("descriptivename").style.display=""; + document.getElementById("submit").style.display=""; + break; + case 3: + document.getElementById("import").style.display="none"; + document.getElementById("internal").style.display="none"; + document.getElementById("external").style.display="none"; + document.getElementById("existing").style.display=""; + document.getElementById("descriptivename").style.display="none"; document.getElementById("submit").style.display=""; break; } @@ -346,6 +382,7 @@ function internalca_change() { document.iform.dn_state.value = "<?=$subject[1]['v'];?>"; document.iform.dn_city.value = "<?=$subject[2]['v'];?>"; document.iform.dn_organization.value = "<?=$subject[3]['v'];?>"; + document.iform.dn_email.value = "<?=$subject[4]['v'];?>"; break; <?php endforeach; ?> } @@ -379,12 +416,6 @@ function internalca_change() { <form action="system_certmanager.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td> - <td width="78%" class="vtable"> - <input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/> - </td> - </tr> <?php if (!isset($id)): ?> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td> @@ -402,14 +433,24 @@ function internalca_change() { </td> </tr> <?php endif; ?> + <tr id="descriptivename"> + <?php + if ($a_user && empty($pconfig['name'])) + $pconfig['name'] = $a_user[$userid]['name']; + ?> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td> + <td width="78%" class="vtable"> + <input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/> + </td> + </tr> </table> - <table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing"> + <table width="100%" border="0" cellpadding="6" cellspacing="0" id="import"> <tr> <td colspan="2" class="list" height="12"></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate");?></td> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Import Certificate");?></td> </tr> <tr> @@ -531,6 +572,10 @@ function internalca_change() { <tr> <td align="right"><?=gettext("Common Name");?> : </td> <td align="left"> + <?php + if ($a_user && empty($pconfig['dn_commonname'])) + $pconfig['dn_commonname'] = $a_user[$userid]['name']; + ?> <input name="dn_commonname" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_commonname']);?>"/> <em>ex:</em> @@ -640,6 +685,42 @@ function internalca_change() { </tr> </table> + <table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing"> + <tr> + <td colspan="2" class="list" height="12"></td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Choose an Existing Certificate");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Existing Certificates");?></td> + <td width="78%" class="vtable"> + <?php if (isset($userid) && $a_user): ?> + <input name="userid" type="hidden" value="<?=$userid;?>" /> + <?php endif;?> + <select name='certref' class="formselect"> + <?php + foreach ($config['cert'] as $cert): + $selected = ""; + $caname = ""; + $inuse = ""; + if (in_array($cert['refid'], $config['system']['user'][$userid]['cert'])) + continue; + $ca = lookup_ca($cert['caref']); + if ($ca) + $caname = " (CA: {$ca['name']})"; + if ($pconfig['certref'] == $cert['refid']) + $selected = "selected"; + if (cert_in_use($cert['refid'])) + $inuse = " *In Use"; + ?> + <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['name'] . $caname . $inuse;?></option> + <?php endforeach; ?> + </select> + </td> + </tr> + </table> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td width="22%" valign="top"> </td> @@ -703,9 +784,10 @@ function internalca_change() { <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="20%" class="listhdrr"><?=gettext("Name");?></td> - <td width="20%" class="listhdrr"><?=gettext("Issuer");?></td> + <td width="15%" class="listhdrr"><?=gettext("Name");?></td> + <td width="15%" class="listhdrr"><?=gettext("Issuer");?></td> <td width="40%" class="listhdrr"><?=gettext("Distinguished Name");?></td> + <td width="10%" class="listhdrr"><?=gettext("In Use");?></td> <td width="10%" class="list"></td> </tr> <?php @@ -752,6 +834,23 @@ function internalca_change() { </td> <td class="listr"><?=$caname;?> </td> <td class="listr"><?=$subj;?> </td> + <td class="listr"> + <?php if (is_webgui_cert($cert['refid'])): ?> + webConfigurator<br/> + <?php endif; ?> + <?php if (is_user_cert($cert['refid'])): ?> + User Cert<br/> + <?php endif; ?> + <?php if (is_openvpn_server_cert($cert['refid'])): ?> + OpenVPN Server<br/> + <?php endif; ?> + <?php if (is_openvpn_client_cert($cert['refid'])): ?> + OpenVPN Client<br/> + <?php endif; ?> + <?php if (is_ipsec_cert($cert['refid'])): ?> + IPsec Tunnel<br/> + <?php endif; ?> + </td> <td valign="middle" nowrap class="list"> <a href="system_certmanager.php?act=exp&id=<?=$i;?>"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export cert");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" /> @@ -759,9 +858,11 @@ function internalca_change() { <a href="system_certmanager.php?act=key&id=<?=$i;?>"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export key");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" /> </a> + <?php if (!cert_in_use($cert['refid'])): ?> <a href="system_certmanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate?");?>')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete cert");?>" alt="<?=gettext("delete cert");?>" width="17" height="17" border="0" /> </a> + <?php endif; ?> <?php if ($cert['csr']): ?> <a href="system_certmanager.php?act=csr&id=<?=$i;?>"> @@ -775,13 +876,17 @@ function internalca_change() { endforeach; ?> <tr> - <td class="list" colspan="3"></td> + <td class="list" colspan="4"></td> <td class="list"> <a href="system_certmanager.php?act=new"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add or import ca");?>" alt="<?=gettext("add ca");?>" width="17" height="17" border="0" /> </a> </td> </tr> + <tr> + <td> </td> + <td colspan="3">NOTE: You can only delete a certificate if it is not currently in use.</td> + </tr> </table> <?php endif; ?> diff --git a/usr/local/www/system_routes.php b/usr/local/www/system_routes.php index 454e613..84f5de0 100755 --- a/usr/local/www/system_routes.php +++ b/usr/local/www/system_routes.php @@ -59,6 +59,14 @@ if ($_POST) { $retval = 0; + if (file_exists("{$g['tmp_path']}/.system_routes.apply")) { + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.system_routes.apply")); + foreach ($toapplylist as $toapply) + mwexec("{$toapply}"); + + @unlink("{$g['tmp_path']}/.system_routes.apply"); + } + $retval = system_routing_configure(); $retval |= filter_configure(); /* reconfigure our gateway monitor */ @@ -92,7 +100,6 @@ if ($_GET['act'] == "del") { mwexec("/sbin/route delete " . escapeshellarg($a_routes[$_GET['id']]['network'])); unset($a_routes[$_GET['id']]); write_config($changedesc); - mark_subsystem_dirty('staticroutes'); header("Location: system_routes.php"); exit; } diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index af50af2..9895d0e 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -1,5 +1,4 @@ <?php -/* $Id$ */ /* system_routes_edit.php part of m0n0wall (http://m0n0.ch/wall) @@ -122,10 +121,23 @@ if ($_POST) { $route['gateway'] = $_POST['gateway']; $route['descr'] = $_POST['descr']; - if (isset($id) && $a_routes[$id]) - $a_routes[$id] = $route; - else - $a_routes[] = $route; + if (!isset($id)) + $id = count($a_routes); + if (file_exists("{$g['tmp_path']}/.system_routes.apply")) + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.system_routes.apply")); + else + $toapplylist = array(); + $oroute = $a_routes[$id]; + + $a_routes[$id] = $route; + + if (!empty($oroute)) { + $osn = explode('/', $oroute['network']); + $sn = explode('/', $route['network']); + if ($oroute['network'] <> $route['network']) + $toapplylist[] = "/sbin/route delete {$oroute['network']}"; + } + file_put_contents("{$g['tmp_path']}/.system_routes.apply", serialize($toapplylist)); staticroutes_sort(); mark_subsystem_dirty('staticroutes'); diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 746cf37..0527594 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -100,7 +100,7 @@ if (isAllowedPage("system_usermanager")) { exit; } - $cert =& $a_user[$id]['cert'][$_GET['certid']]; + $cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]); $exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.crt"); $exp_data = base64_decode($cert['crt']); @@ -120,7 +120,7 @@ if (isAllowedPage("system_usermanager")) { exit; } - $cert =& $a_user[$id]['cert'][$_GET['certid']]; + $cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]); $exp_name = urlencode("{$a_user[$id]['name']}-{$cert['name']}.key"); $exp_data = base64_decode($cert['prv']); @@ -140,12 +140,13 @@ if (isAllowedPage("system_usermanager")) { exit; } - $certdeleted = $a_user[$id]['cert'][$_GET['certid']]['name']; + $certdeleted = lookup_cert($a_user[$id]['cert'][$_GET['certid']]); + $certdeleted = $certdeleted['name']; unset($a_user[$id]['cert'][$_GET['certid']]); write_config(); $_GET['act'] = "edit"; $savemsg = gettext("Certificate")." {$certdeleted} ". - gettext("successfully deleted")."<br/>"; + gettext("association removed.")."<br/>"; } if ($_GET['act'] == "edit") { @@ -298,6 +299,7 @@ if (isAllowedPage("system_usermanager")) { else { if (!empty($_POST['name'])) { $cert = array(); + $cert['refid'] = uniqid(); $userent['cert'] = array(); $cert['name'] = $_POST['name']; @@ -315,7 +317,10 @@ if (isAllowedPage("system_usermanager")) { cert_create($cert, $_POST['caref'], $_POST['keylen'], (int)$_POST['lifetime'], $dn); - $userent['cert'][] = $cert; + if (!is_array($config['cert'])) + $config['cert'] = array(); + $config['cert'][] = $cert; + $userent['cert'][] = $cert['refid']; } $userent['uid'] = $config['system']['nextuid']++; /* Add the user to All Users group. */ @@ -633,8 +638,9 @@ function sshkeyClicked(obj) { $a_cert = $a_user[$id]['cert']; if(is_array($a_cert)): $i = 0; - foreach ($a_cert as $cert): - $ca = lookup_ca($cert['caref']); + foreach ($a_cert as $certref): + $cert = lookup_cert($certref); + $ca = lookup_ca($cert['caref']); ?> <tr> <td class="listlr"> @@ -650,7 +656,7 @@ function sshkeyClicked(obj) { <a href="system_usermanager.php?act=expcert&id=<?=$id;?>&certid=<?=$i;?>"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export cert"); ?>" alt="<?=gettext("export cert"); ?>" width="17" height="17" border="0" /> </a> - <a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this certificate?");?>')"> + <a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to remove this certificate association?") .'\n'. gettext("(Certificate will not be deleted)");?>')"> <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="<?=gettext("delete cert");?>" /> </a> </td> @@ -663,7 +669,7 @@ function sshkeyClicked(obj) { <tr> <td class="list" colspan="2"></td> <td class="list"> - <a href="system_usermanager_addcert.php?userid=<?=$id?>"> + <a href="system_certmanager.php?act=new&userid=<?=$id?>"> <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" /> </a> </td> @@ -673,8 +679,8 @@ function sshkeyClicked(obj) { </tr> <?php else : ?> - <?php if (is_array($config['system']['ca']) && count($config['system']['ca']) > 0): ?> - <?php $i = 0; foreach( $config['system']['ca'] as $ca) { + <?php if (is_array($config['ca']) && count($config['ca']) > 0): ?> + <?php $i = 0; foreach( $config['ca'] as $ca) { if (!$ca['prv']) continue; $i++; @@ -705,7 +711,7 @@ function sshkeyClicked(obj) { <td width="78%" class="vtable"> <select name='caref' id='caref' class="formselect" onChange='internalca_change()'> <?php - foreach( $config['system']['ca'] as $ca): + foreach( $config['ca'] as $ca): if (!$ca['prv']) continue; ?> diff --git a/usr/local/www/system_usermanager_addcert.php b/usr/local/www/system_usermanager_addcert.php deleted file mode 100644 index d48e4ad..0000000 --- a/usr/local/www/system_usermanager_addcert.php +++ /dev/null @@ -1,289 +0,0 @@ -<?php -/* - system_usermanager_addcert.php - - Copyright (C) 2008 Shrew Soft Inc. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ -/* - pfSense_MODULE: certificate_manager -*/ - -##|+PRIV -##|*IDENT=page-system-usermanager_addcert -##|*NAME=System: User Manager: Add Certificate -##|*DESCR=Allow access to the 'User Manager: Add Certificate' page. -##|*MATCH=system_usermanager_addcert.php* -##|-PRIV - -require("guiconfig.inc"); -require("certs.inc"); - -$cert_keylens = array( "512", "1024", "2048", "4096"); - -$pgtitle = array(gettext("System"), gettext("User Manager: Add Certificate")); - -$userid = $_GET['userid']; -if (isset($_POST['userid'])) - $userid = $_POST['userid']; - -if (!is_array($config['system']['user'])) - $config['system']['user'] = array(); - -$a_user =& $config['system']['user']; - -if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); - -$a_ca =& $config['system']['ca']; - -$internal_ca_count = 0; -foreach ($a_ca as $ca) - if ($ca['prv']) - $internal_ca_count++; - -if ($_GET) { - $pconfig['keylen'] = "2048"; - $pconfig['lifetime'] = "3650"; -} - -if ($_POST) { - conf_mount_rw(); - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - if ($pconfig['method'] == "existing") { - $reqdfields = explode(" ", - "name cert key"); - $reqdfieldsn = array( - gettext("Descriptive name"), - gettext("Certificate data"), - gettext("Key data")); - } - - if ($pconfig['method'] == "internal") { - $reqdfields = explode(" ", - "name caref keylen lifetime"); - $reqdfieldsn = array( - gettext("Descriptive name"), - gettext("Certificate authority"), - gettext("Key length"), - gettext("Lifetime")); - } - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - $ca = lookup_ca($pconfig['caref']); - if (!$ca) - $input_errors[] = sprintf(gettext("Invalid internal Certificate Authority%s"),"\n"); - - /* if this is an AJAX caller then handle via JSON */ - if (isAjax() && is_array($input_errors)) { - input_errors2Ajax($input_errors); - conf_mount_ro(); - exit; - } - - /* save modifications */ - if (!$input_errors) { - - $cert = array(); - if (!is_array($a_user[$userid]['cert'])) - $a_user[$userid]['cert'] = array(); - - $cert['name'] = $pconfig['name']; - - $subject = cert_get_subject_array($ca['crt']); - - $dn = array( - 'countryName' => $subject[0]['v'], - 'stateOrProvinceName' => $subject[1]['v'], - 'localityName' => $subject[2]['v'], - 'organizationName' => $subject[3]['v'], - 'emailAddress' => $subject[4]['v'], - 'commonName' => $a_user[$userid]['name']); - - cert_create($cert, $pconfig['caref'], $pconfig['keylen'], - $pconfig['lifetime'], $dn); - - $a_user[$userid]['cert'][] = $cert; - - write_config(); - - conf_mount_ro(); - - pfSenseHeader("system_usermanager.php?act=edit&id={$userid}"); - } -} - -include("head.inc"); -?> - -<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>"> -<?php include("fbegin.inc"); ?> -<script type="text/javascript"> -<!-- - -<?php if ($internal_ca_count): ?> -function internalca_change() { - - index = document.iform.caref.selectedIndex; - caref = document.iform.caref[index].value; - - switch (caref) { -<?php - foreach ($a_ca as $ca): - if (!$ca['prv']) - continue; - $subject = cert_get_subject_array($ca['crt']); -?> - case "<?=$ca['refid'];?>": - document.iform.dn_country.value = "<?=$subject[0]['v'];?>"; - document.iform.dn_state.value = "<?=$subject[1]['v'];?>"; - document.iform.dn_city.value = "<?=$subject[2]['v'];?>"; - document.iform.dn_organization.value = "<?=$subject[3]['v'];?>"; - break; -<?php endforeach; ?> - } -} -<?php endif; ?> - -//--> -</script> -<?php - if ($input_errors) - print_input_errors($input_errors); - if ($savemsg) - print_info_box($savemsg); -?> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> - <?php - $tab_array = array(); - $tab_array[] = array(gettext("Users"), true, "system_usermanager.php"); - $tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php"); - $tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php"); - $tab_array[] = array(gettext("Servers"), false, "system_authservers.php"); - display_top_tabs($tab_array); - ?> - </td> - </tr> - <tr> - <td id="mainarea"> - <div class="tabcont"> - <form action="system_usermanager_addcert.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - - <?php if (!$internal_ca_count): ?> - - <tr> - <td colspan="2" align="center" class="vtable"> - <?=gettext("No internal Certificate Authorities have been defined. You must");?> - <a href="system_camanager.php?act=new&method=internal"><?=gettext("create");?></a> - <?=gettext("an internal CA before creating an internal certificate.");?> - </td> - </tr> - - <?php else: ?> - - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td> - <td width="78%" class="vtable"> - <input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate authority");?></td> - <td width="78%" class="vtable"> - <select name='caref' id='caref' class="formselect" onChange='internalca_change()'> - <?php - foreach( $a_ca as $ca): - if (!$ca['prv']) - continue; - $selected = ""; - if ($pconfig['caref'] == $ca['refid']) - $selected = "selected"; - ?> - <option value="<?=$ca['refid'];?>"<?=$selected;?>><?=$ca['name'];?></option> - <?php endforeach; ?> - </select> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td> - <td width="78%" class="vtable"> - <select name='keylen' class="formselect"> - <?php - foreach( $cert_keylens as $len): - $selected = ""; - if ($pconfig['keylen'] == $len) - $selected = "selected"; - ?> - <option value="<?=$len;?>"<?=$selected;?>><?=$len;?></option> - <?php endforeach; ?> - </select> - <?=gettext("bits");?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td> - <td width="78%" class="vtable"> - <input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/> - <?=gettext("days");?> - </td> - </tr> - - <?php endif; ?> - - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <?php if ($internal_ca_count): ?> - <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> - <input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" /> - <?php endif; ?> - <?php if (isset($userid) && $a_user[$userid]): ?> - <input name="userid" type="hidden" value="<?=$userid;?>" /> - <?php endif;?> - </td> - </tr> - </table> - </form> - </div> - </td> - </tr> -</table> -<?php include("fend.inc");?> -<script type="text/javascript"> -<!-- - -internalca_change(); - -//--> -</script> - -</body> diff --git a/usr/local/www/themes/code-red/all.css b/usr/local/www/themes/code-red/all.css index 92d4425..516598f 100755 --- a/usr/local/www/themes/code-red/all.css +++ b/usr/local/www/themes/code-red/all.css @@ -1,1241 +1,1241 @@ -/* Element CSS Definitions */
-html, body, td, th, input, select {
- font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
- font-size: 0.9em;
-
-}
-
-.infobox {
- width:100%;
-}
-
-.infoboxsave {
- padding-right: 10px;
-}
-
-.infoboxnptd2 {
- width:100%;
- color:white;
- background-color:#990000;
- padding-right: 10px;
-}
-
-.infoboxnptd {
- width:8%;
- background-color:#990000;
-}
-
-.infoboxnptable {
- height:32px;
- width:100%;
- background-color:#990000;
-}
-
-.infoboxnptable2 {
- height:32px;
- width:100%;
- background-color:#990000;
-}
-
-.infoboxnp {
- background-color:#990000;
- width:100%;
-}
-
-.infoboxnpimg {
- vertical-align:middle;
- width:28px;
- height:32px;
- background-color:#990000;
-}
-
-.inputerrorsleft {
- background-color: #990000;
- width: 36px;
-}
-
-.inputerrorsright {
- background-color: #FFD9D1;
- color: #000000;
- font-size: 11px;
- padding-left: 8px;
- padding-top: 6px;
-}
-
-div.GraphLink {
- position: relative;
-}
-
-span.GraphLinkLine {
- position: absolute;
- background-color: #990000;
- width: 100%;
-}
-
-/* DOM Tooltip CSS definitions */
-div.niceTitle
-{
- background-color: #333333;
- color: #FFFFFF;
- font-weight: bold;
- font-size: 13px;
- font-family: "Trebuchet MS", sans-serif;
- width: 220px;
- left: 0;
- top: 0;
- padding: 4px;
- position: absolute;
- text-align: left;
- z-index: 20;
- -moz-border-radius: 0 10px 10px 10px;
- filter: progid:DXImageTransform.Microsoft.Alpha(opacity=87);
- -moz-opacity: .87;
- -khtml-opacity: .87;
- opacity: .87;
-}
-div.niceTitle h1
-{
- background: #990000;
- border-bottom: 1px dotted #FFFFFF;
- font-weight: bold;
- font-size: 13px;
- font-family: "Trebuchet MS", sans-serif;
- margin: 3px;
- padding-top: 1px;
- padding-bottom: 1px;
- padding-left: 3px;
- text-align: left;
- left: 0;
- top: 0;
- -moz-border-radius: 0 8px 0 0;
- -moz-opacity: 1;
-}
-div.niceTitle .contents
-{
- margin: 0;
- padding: 0 3px;
- filter: progid:DXImageTransform.Microsoft.Alpha(opacity=100);
- -moz-opacity: 1;
- -khtml-opacity: 1;
- opacity: 1;
-}
-div.niceTitle p
-{
- background: #FFFFFF;
- border: 1px solid #990000;
- color: #000000;
- font-size: 11px;
- font-family: "Trebuchet MS", sans-serif;
- padding: 5px;
- margin: 3px;
- text-align: left;
- -moz-opacity: 1;
- -moz-border-radius: 0 0 8px 8px;
-}
-
-body {
- margin: 0px auto;
- background: url('images/background.gif') no-repeat;
- background-position : center 0px;
- background-color: #4a0203;
-}
-
-form {
- margin: 0px;
-}
-a {
- text-decoration: none;
-}
-form input {
- font-size: 1.1em;
-}
-
-iframe {
- z-index: 1;
- border: 1px dashed #990000;
-}
-.iframe {
- background-color: #FFFFFF;
-}
-
-/* ID Based CSS Definitions */
-#wrapper {
- width: 810px;
- margin: 0px auto;
-}
-
-#header {
- background: url('images/header.png') no-repeat;
- background-position: 0px;
- height: 102px;
- width: 810px;
- margin-bottom: 5px;
- z-index: 2;
-}
-#header-left {
- position: relative;
- /* background: url('images/logo.gif') no-repeat; */
- background-position: center;
- height: 65px;
- width: 145px;
- left: 10px;
- float: left;
-}
-#header-left #status-link {
- position: relative;
- top: 10px;
- left: 6px;
-}
-#header-right {
- position: relative;
- /* background: url('images/header.gif') no-repeat; */
- height: 70px;
- color: #fff;
- left: 0px;
- margin-left: 165px;
-}
-#header-right .alert {
- position: relative;
- /* background: url('images/alert.gif') no-repeat; */
- background-position: 4px 2px;
- color: #fff;
- height: 17px;
- width: 500px;
- padding: 4px;
- padding-left: 27px;
- float: left;
-}
-#header-right .container {
- position: relative;
-}
-#header-right .container .left {
- position: relative;
- float: left;
- font-size: 1.3em;
- font-weight: bold;
- top: 15px;
- left: 4px;
- display: none;
-}
-#header-right .container .right {
- position: relative;
- float: right;
- top: 29px;
- padding-right: 4px;
- z-index: 1;
-}
-
-#header-right .container .right #alerts {
- position: relative;
- background: url('images/alert_bgr.png') no-repeat;
- height: 39px;
- width: 431px;
- z-index: 1;
- padding-top: 22px;
- padding-left: 5px;
- margin: 0px;
-}
-#header-right .container .right #hostname {
- position: relative;
- height: 39px;
- width: 431px;
- z-index: 1;
- padding-left: 5px;
- margin: 0px;
- top: 15px;
- left: 210px;
- font-size: 14px;
- color: #990000;
- font-weight: bold;
-}
-
-
-
-table#marquee {
- position: relative;
- top: -6px;
- left: -5px;
- border: 0;
- padding: 0;
- margin: 0;
- width: 424px;
- background-color: transparent;
- padding: 2px;
- border: 0px;
-}
-span#marquee-container {
- position: absolute;
- visibility: hidden;
- top: -100px;
- left: -10000px;
-}
-div#marquee-text {
- font-size: 1.18em;
- font-weight: normal;
- font-family: Verdana;
- color: #990000;
-}
-table#marquee div#container {
- position: relative;
- overflow: hidden;
- width: 418px;
- height: 20px;
-}
-table#marquee div#container div#scroller {
- position: absolute;
- left: 0px;
- top: 0px;
-}
-
-
-
-
-
-#content {
- position: relative;
- top: -5px;
- left: 0px;
- margin-top: 0px;
- margin-left: 0px;
- padding-top: 0px;
- width: 810px;
- background-color: #ffffff;
-}
-
-#left {
- width: 810px;
- height: 1px;
-}
-#right {
- position: relative;
- top: -10px;
- width: 770px;
- margin-top: 0px;
- margin-left: 5px;
- margin-right: 5px;
- padding-top: 5px;
- padding-left: 10px;
- padding-right: 10px;
- padding-bottom: 20px;
- min-height: 400px;
-}
-
-#footer {
- position: relative;
- background: url('images/footer.png') no-repeat;
- top: -18px;
- left: 0px;
- width: 810px;
- height: 82px;
- color: #999999;
- text-align: center;;
- font-size: 0.9em;
- padding-top: 17px;
- margin-bottom: 20px;
- clear: both;
-}
-#footer p {
- padding: 0px;
- margin: 0px;
-}
-
-/* Style the List */
-#navigation {
- /* background: url('images/menu.gif') no-repeat; */
- /* width: 693px; */
- position: relative;
- top: -35px;
- left: 3px;
- width: 810px;
- padding: 0px;
- height: 28px;
- z-index: 3;
-}
-#navigation ul {
- padding: 0;
- margin: 0;
- list-style: none;
- text-align: center;
-}
-#navigation ul#menu {
- padding-top: 3px;
- padding-left: 5px;
-}
-
-/* Style the List Elements */
-#navigation ul li {
- float: left;
- position: relative;
- width: 7.5em;
-}
-#navigation ul li div {
- font-size: 1em;
- font-weight: bold;
-}
-/* Make the List inside the List Elements */
-/* initially hidden with absolute position */
-#navigation ul li ul {
- display: none;
- position: absolute;
-/* top: 2em;
- left: -2px; */
- width: 120px;
- font-weight: normal;
-/* background: transparent bottom left no-repeat; /* This is key to making the menu maintain visibility when not on a link */
- /* background-color: #202020; */
- background: url("images/menubgr_footer.png") no-repeat;
- background-position: bottom;
- */
- padding: 0em 0 0.4em 0;
- padding-top: 5px;
- padding-bottom: 10px;
-}
-/* to override top and left in browsers other than IE */
-/* which will position to the top right of the containing */
-/* li, rather than bottom left */
-#navigation ul li > ul {
- top: auto;
- left: auto;
- left: -1px !important;
-}
-/* Show initial drop down upon mouse over, but do not show */
-/* nested side drop menus within listed elements */
-#navigation ul li:hover ul {
- display: block;
- cursor: pointer;
-}
-#navigation ul li:hover {
- cursor: pointer;
- cursor: pointer;
-}
-#navigation ul li:hover div {
- text-decoration: none;
-}
-
-#navigation ul li {
- background-color: transparent;
- color: #FFF;
-}
-#navigation ul li ul li {
- border: 0px solid #990000;
- width: 8.8em;
- height: 1.6em;
- line-height: 1.6em;
-/* background-color: #990000; */
- background: url(images/menubgr.png) repeat-y;
- z-index: 2;
-/* color: #FFF; */
-}
-#navigation ul li ul li:hover {
-/* background-color: #666666; */
- background-image: url(images/menubgr_highlight.png);
- background-repeat: repeat-y;
-}
-
-#navigation li li a {
- display: block;
- padding-left: 10px;
- padding-right: 10px;
-}
-
-#navigation ul li ul li a.navlnk:hover {
- text-decoration: none;
-}
-#navigation ul li.first {
- border-right: 0px;
-}
-#navigation ul li.middle {
- border-right: 0px;
-}
-#navigation ul li.last {
-
-}
-
-#navigation ul li.dropfirst {
- border-bottom: 0px;
-}
-#navigation ul li.dropmiddle {
- border-bottom: 0px;
-}
-#navigation ul li.droplast {
-}
-
-#wzdtabcont {
- float: left;
- background-color: #FFFFFF;
- color: #000000;
- padding: 0;
-}
-
-ul#wzdnav {
- font-size: 0.96em;
- float: left;
- width: 14.5em;
- margin: 0;
- padding-left: 18px;
-}
-
-ul#wzdnav li {
- list-style: none;
- margin: 0;
- padding-bottom: 0.2em;
- padding-left: 0;
-}
-
-ul#wzdnav a {
- display: block;
- padding: 0.3em;
- font-weight: normal;
-}
-
-#wzdnavbold a {
- display: block;
- padding: 0.3em;
- font-weight: bold ! important;
-}
-
-ul#wzdnav a:link {
- color: black;
- background-color: #eee;
-}
-
-ul#wzdnav a:visited {
- color: #666;
- background-color: #eee;
-}
-
-ul#wzdnav a:hover {
- color: black;
- background-color: white;
-}
-
-ul#wzdnav a:active {
- color: white;
- background-color: gray;
-}
-
-#graph {
- position: relative;
- z-index: 10;
-}
-
-#logoutbtn {
- position: absolute;
- left: 95%;
- vertical-align: middle;
-}
-
-
-#graph {
- position: relative;
- z-index: 10;
-}
-
-
-
-/* Class Based CSS Definitions */
-.pgtitle {
- font-size: 18px;
- color: #777777;
- font-weight: bold;
-}
-.tfrtitle {
- font-size: 18px;
- color: #ffffff;
- font-weight: bold;
-}
-.vncell {
- background-color: #DDDDDD;
- padding-right: 20px;
- padding-left: 8px;
- border-bottom: 1px solid #999999;
-}
-.formfld {
- padding-left: 19px;
- font-size: small;
-}
-.formselect {
- font-size: 1.0em;
-}
-.langopt {
- padding-left: 34px;
- padding-top: 2px;
- padding-bottom: 2px;
-}
-.saved {
- /* background: url('/themes/nione/images/icons/icon_wzd_saved.png') no-repeat 0 1px #FFFFFF; */
- list-style-image: url('/themes/nervecenter/images/icons/icon_wzd_saved.png') ! important;
-}
-.notsaved {
- /* background: url('/themes/nione/images/icons/icon_wzd_nsaved.png') no-repeat 0 1px #FFFFFF; */
- list-style-image: url('/themes/nervecenter/images/icons/icon_wzd_nsaved.png') ! important;
-}
-.en {
- background: url('/themes/nervecenter/images/icons/icon_flag_en.png') no-repeat 0 1px #FFFFFF;
-}
-.de {
- background: url('/themes/nervecenter/images/icons/icon_flag_de.png') no-repeat 0 1px #FFFFFF;
-}
-.es {
- background: url('/themes/nervecenter/images/icons/icon_flag_es.png') no-repeat 0 1px #FFFFFF;
-}
-.pt_BR {
- background: url('/themes/nervecenter/images/icons/icon_flag_pt_BR.png') no-repeat 0 1px #FFFFFF;
-}
-.host {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_host.png') no-repeat 0 1px #FFFFFF;
-}
-.search {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_search.png') no-repeat 0 1px #FFFFFF;
-}
-.file {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_file.png') no-repeat 0 1px #FFFFFF;
-}
-.mail {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_mail.png') no-repeat 0 1px #FFFFFF;
-}
-.imp {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_imp.png') no-repeat 0 1px #FFFFFF;
-}
-.pwd {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_pwd.png') no-repeat 0 1px #FFFFFF;
-}
-.user {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_user.png') no-repeat 0 1px #FFFFFF ;
-}
-.group {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_group.png') no-repeat 0 1px #FFFFFF;
-}
-.url {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_url.png') no-repeat 0 1px #FFFFFF;
-}
-.time {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_time.png') no-repeat 0 1px #FFFFFF;
-}
-.unknown {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_unknown.png') no-repeat 0 1px #FFFFFF;
-}
-.formfld_cert {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_cert.png') no-repeat 0 1px #FFFFFF;
- padding-left: 28px;
- font-family: Courier New, Courier, monospaced;
- font-size: 11px;
-}
-.formfldalias {
- background-color: #990000;
- color: #FFFFFF;
-}
-.formpre {
- font-family: Courier New, Courier, monospaced;
- font-size: 10px;
-}
-.formbtn {
- font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
- font-size: 13px;
- font-weight: bold;
-}
-.formbtns {
- font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
- font-size: 10px;
- font-weight: bold;
-}
-.vvcell {
- background-color: #FFFFC6;
-}
-.errmsg {
- font-weight: bold;
- color: #CC0000;
-}
-.red {
- color: #CC0000;
-}
-.gray {
- color: #A0A0A0;
-}
-.vexpl {
- font-size: 11px;
-}
-.navlnk {
- color: #FFFFFF;
- text-decoration: none;
- font-size: 13px;
-}
-.navlnks {
- color: #FFFFFF;
- text-decoration: none;
- font-size: 11px;
-}
-.redlnk {
- color: #990000;
- text-decoration: none;
-}
-.tblnk {
- color: #999999;
- text-decoration: none;
-}
-.vncellreq {
- background-color: #DDDDDD;
- padding-right: 20px;
- padding-left: 8px;
- font-weight: bold;
- border-bottom: 1px solid #999999;
-}
-.vncellt {
- background-color: #DDDDDD;
- padding-right: 20px;
- padding-left: 8px;
- padding-top: 4px;
- padding-bottom: 4px;
- font-weight: bold;
- border-bottom: 1px solid #999999;
-}
-.vtable {
- border-bottom: 1px solid #999999;
-}
-.vnsepcell {
- background-color: #BBBBBB;
- padding-right: 20px;
- padding-left: 8px;
- font-weight: bold;
- border-bottom: 1px solid #999999;
- font-size: 11px;
-}
-.cpline {
- font-size: 11px;
- color: #FFFFFF;
-}
-.hostname {
- font-size: 11px;
- color: #990000;
- font-weight: bold;
-}
-.vnsepcellr {
- background-color: #BBBBBB;
- padding-right: 20px;
- padding-left: 8px;
- font-weight: bold;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
-}
-.listrborder {
- background-color: #FFFFFF;
- border-right: 1px solid #999999;
- border-left: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-right: 6px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listr {
- background-color: #FFFFFF;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-right: 6px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listrpad {
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-right: 16px;
- padding-left: 10px;
- padding-top: 8px;
- padding-bottom: 8px;
-}
-.listn {
- font-size: 11px;
- padding-right: 16px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listbg {
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- color: #FFFFFF;
- background-color: #990000;
- padding-right: 16px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listbggrey {
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- background-color: #999999;
- padding-right: 16px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listhdr {
- background-color: #BBBBBB;
- padding-right: 16px;
- padding-left: 6px;
- font-weight: bold;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-.listhdr a {
- color: #000000;
-}
-.listhdrr {
- background-color: #BBBBBB;
- padding-right: 16px;
- padding-left: 6px;
- font-weight: bold;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-.listhdrr a {
- color: #000000;
-}
-.listlr {
- background-color: #FFFFFF;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- border-left: 1px solid #999999;
- font-size: 11px;
- padding-right: 6px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listlrns {
- background-color: #FFFFFF;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- border-left: 1px solid #999999;
- font-size: 11px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.list {
- font-size: 11px;
- padding-left: 6px;
- padding-top: 2px;
- padding-bottom: 2px;
-}
-.listt {
- font-size: 11px;
- padding-top: 5px;
-}
-.listhdrrns {
- background-color: #BBBBBB;
- padding-left: 6px;
- padding-top: 5px;
- padding-bottom: 5px;
- padding-right: 6px;
- font-weight: bold;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
-}
-.listbgns {
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- background-color: #D9DEE8;
- padding-left: 6px;
- padding-right: 4px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listtopic {
- border-right: 1px solid #999999;
- font-size: 11px;
- background-color: #990000;
- padding-right: 16px;
- padding-left: 6px;
- color: #FFFFFF;
- font-weight: bold;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-
-.optsect_t {
- border-right: 1px solid #999999;
- background-color: #990000;
- padding-right: 6px;
- padding-left: 6px;
- padding-top: 2px;
- padding-bottom: 2px;
-}
-.optsect_s {
- font-size: 11px;
- color: #FFFFFF;
- font-weight: bold;
-}
-.tabnavtbl {
-}
-
-
-/* MISC CSS Definitions */
-ul#tabnav {
- font-size: 11px;
- font-weight: bold;
- list-style-type: none;
- margin: 0;
- padding: 0;
-}
-ul#tabnav li.tabinact1 {
- float: left;
- background-color: #777777;
- color: #FFFFFF;
- padding: 0;
- white-space: nowrap;
-}
-ul#tabnav li.tabinact {
- float: left;
- border-left: 1px solid #999999;
- background-color: #777777;
- color: #FFFFFF;
- padding: 0;
- white-space: nowrap;
-}
-ul#tabnav li.tabinact a {
- float: left;
- display: block;
- text-decoration: none;
- padding: 5px 8px 5px 8px;
- color: #FFFFFF;
-}
-ul#tabnav li.tabinact1 a {
- float: left;
- display: block;
- text-decoration: none;
- padding: 5px 8px 5px 8px;
- color: #FFFFFF;
-}
-ul#tabnav li.tabact {
- float: left;
- background-color: #EEEEEE;
- color: #000000;
- padding: 5px 8px 5px 8px;
- white-space: nowrap;
-}
-.tabcont {
- background-color: #DDDDDD;
- padding-right: 12px;
- padding-left: 12px;
- padding-top: 12px;
- padding-bottom: 12px;
-}
-.tabact {
- float: left;
- background-color: #EEEEEE;
- color: #000000;
- padding: 5px 8px 5px 8px;
- white-space: nowrap;
-}
-.tabinact {
- font-weight: bold;
- float: left;
- border-left: 1px solid #999999;
- background-color: #777777;
- color: #FFFFFF;
- padding: 0;
- white-space: nowrap;
-}
-.menu {
- background-color: #000000;
- white-space: nowrap;
- padding: 0px 5px 0px 5px;
- width: 100%;
- vertical-align: top;
-}
-
-
-/* Auto Complete Suggestions */
-div.suggestions {
- -moz-box-sizing: border-box;
- /* box-sizing: border-box; */
- border: 1px solid black;
- position: absolute;
- background-color: #990000;
- color: #FFF;
-}
-
-div.suggestions div {
- cursor: default;
- padding: 0px 3px;
- background-color: #990000;
- color: #FFF;
-}
-
-div.suggestions div.current {
- background-color: #3366cc;
- color: #FFF;
-}
-/* End Auto Complete Suggestions */
-
-
-/* Nifty Corners Crap */
-.rtop,.artop{display:block}
-.rtop *,.artop *{display:block;height:1px;overflow:hidden;font-size:1px}
-.artop *{border-style: solid;border-width:0 1px}
-.r1,.rl1,.re1,.rel1{margin-left:5px}
-.r1,.rr1,.re1,.rer1{margin-right:5px}
-.r2,.rl2,.re2,.rel2,.ra1,.ral1{margin-left:3px}
-.r2,.rr2,.re2,.rer2,.ra1,.rar1{margin-right:3px}
-.r3,.rl3,.re3,.rel3,.ra2,.ral2,.rs1,.rsl1,.res1,.resl1{margin-left:2px}
-.r3,.rr3,.re3,.rer3,.ra2,.rar2,.rs1,.rsr1,.res1,.resr1{margin-right:2px}
-.r4,.rl4,.rs2,.rsl2,.re4,.rel4,.ra3,.ral3,.ras1,.rasl1,.res2,.resl2{margin-left:1px}
-.r4,.rr4,.rs2,.rsr2,.re4,.rer4,.ra3,.rar3,.ras1,.rasr1,.res2,.resr2{margin-right:1px}
-.rx1,.rxl1{border-left-width:5px}
-.rx1,.rxr1{border-right-width:5px}
-.rx2,.rxl2{border-left-width:3px}
-.rx2,.rxr2{border-right-width:3px}
-.re2,.rel2,.ra1,.ral1,.rx3,.rxl3,.rxs1,.rxsl1{border-left-width:2px}
-.re2,.rer2,.ra1,.rar1,.rx3,.rxr3,.rxs1,.rxsr1{border-right-width:2px}
-.rxl1,.rxl2,.rxl3,.rxl4,.rxsl1,.rxsl2,.ral1,.ral2,.ral3,.ral4,.rasl1,.rasl2{border-right-width:0}
-.rxr1,.rxr2,.rxr3,.rxr4,.rxsr1,.rxsr2,.rar1,.rar2,.rar3,.rar4,.rasr1,.rasr2{border-left-width:0}
-.r4,.rl4,.rr4,.re4,.rel4,.rer4,.ra4,.rar4,.ral4,.rx4,.rxl4,.rxr4{height:2px}
-.rer1,.rel1,.re1,.res1,.resl1,.resr1{border-width:1px 0 0;height:0px !important;height /**/:1px}
-/* End Nifty Corners Crap */
-
-
-
-/* CSS for Dynamic Log Viewer */
-/* Author: Erik Kristensen */
-div#log div.log-entry {
- clear: both;
-}
-
-div#log div.log-entry span,
-div#log div.log-header span {
- padding: 3px 2px 3px 2px;
- padding-left: 8px;
-}
-
-div#log div.log-entry span.log-action {
- padding-bottom: 6px;
- padding-left: 5px;
- padding-right: 5px;
-}
-
-div#log div.log-header span {
- border-top: 1px solid #999;
- background-color: #bbb;
- font-weight: bold;
- text-align: left;
-}
-
-div#log span.log-action,
-div#log span.log-time,
-div#log span.log-interface,
-div#log span.log-source,
-div#log span.log-destination,
-div#log span.log-protocol {
- float: left;
- text-align: left;
- border-left: 1px solid #999;
- border-bottom: 1px solid #999;
-
-}
-
-div#log span.log-general {
-
-}
-
-div#log span.log-protocol {
- border-right: 1px solid #999;
-}
-
-div#log span.log-action {
- width: 2em;
- text-align: center;
-}
-
-div#log span.log-time {
- width: 12.5em;
-}
-
-div#log span.log-interface {
- width: 5em;
-}
-
-div#log span.log-source,
-div#log span.log-destination {
- width: 17.6em;
-}
-
-div#log span.log-protocol {
- width: 5.5em;
-}
-/* END CSS FOR DYNAMIC LOG VIEWER */
-
-#login {
- background: #cccccc;
- border: 0px solid #666666;
- margin: 5em auto;
- padding: 0em;
- width: 340px;
-}
-
-#login h1 {
- background: url(images/misc/logon.png) no-repeat top left;
- margin-top: 0;
- display: block;
- text-indent: -1000px;
- height: 50px;
- border-bottom: none;
-}
-
-#login p {
- font-size: 1em;
- font-weight: bold;
- padding: 3px;
- margin: 0em;
- text-indent: 10px;
-}
-
-#login span {
- font-size: 1em;
- font-weight: bold;
- width: 20%;
- padding: 3px;
- margin: 0em;
- text-indent: 10px;
-}
-
-#login p#text {
- font-size: 1em;
- font-weight: normal;
- padding: 3px;
- margin: 0em;
- text-indent: 10px;
-}
-
-#login #username, #password {
- font-size: 1em;
- width: 60%;
- padding: 3px;
- margin: 0em;
-}
-
-#login #submit {
- font-size: 1em;
- font-weight: bold;
- padding: 3px;
- margin: 0em;
- text-indent: 10px;
-}
-
-/* Widget CSS */
-.widgetsubheader {
- border-right: 1px solid #999999;
- font-size: 11px;
- background-color: #B1B1B1;
- padding-right: 6px;
- padding-left: 6px;
- color: #000000;
- font-weight: bold;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-.widgetheader {
- border-right: 1px solid #999999;
- font-size: 11px;
- background-color: #990000;
- padding-right: 6px;
- padding-left: 6px;
- color: #FFFFFF;
- font-weight: bold;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-.widgetdiv{
- margin:5px;
- padding: 5px;
- background:#CCCCCC;
-}
-.widgetconfigdiv{
- background:#BBBBBB;
- font-size: 11px;
- color: #000000;
- padding-right: 5px;
- padding-left: 5px;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-
-div#log div.log-entry-mini {
- clear: both;
-}
-
-div#log div.log-entry-mini span {
- padding: 2px 2px 2px 2px;
- padding-left: 8px;
-}
-
-div#log span.log-action-mini-header,
-div#log span.log-interface-mini-header,
-div#log span.log-source-mini-header,
-div#log span.log-destination-mini-header,
-div#log span.log-protocol-mini-header {
- float: left;
- text-align: left;
- background-color: #B1B1B1;
- font-size: 12px;
- border-left: 1px solid #999;
- border-bottom: 1px solid #999;
-}
-
-div#log span.log-action-mini,
-div#log span.log-time-mini,
-div#log span.log-interface-mini,
-div#log span.log-source-mini,
-div#log span.log-destination-mini,
-div#log span.log-protocol-mini {
- float: left;
- text-align: left;
- background-color: #FFFFFF;
- font-size: 11px;
- border-left: 1px solid #999;
- border-bottom: 1px solid #999;
-}
-
-div#log span.log-action-mini,
-div#log span.log-action-mini-header {
- width: 6%;
-}
-
-div#log span.log-interface-mini,
-div#log span.log-interface-mini-header {
- width: 8%;
-}
-
-div#log span.log-source-mini,
-div#log span.log-destination-mini,
-div#log span.log-source-mini-header,
-div#log span.log-destination-mini-header {
- width: 31%;
-}
-
-div#log span.log-protocol-mini,
-div#log span.log-protocol-mini-header {
- width: 8%;
- border-right: 1px solid #999;
-}
-
-/* Sortable tables */
-table.sortable thead {
- background-color:#eee;
- color:#666666;
- font-weight: bold;
- cursor: default;
-}
+/* Element CSS Definitions */ +html, body, td, th, input, select { + font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-size: 0.9em; + +} + +.infobox { + width:100%; +} + +.infoboxsave { + padding-right: 10px; +} + +.infoboxnptd2 { + width:100%; + color:white; + background-color:#990000; + padding-right: 10px; +} + +.infoboxnptd { + width:8%; + background-color:#990000; +} + +.infoboxnptable { + height:32px; + width:100%; + background-color:#990000; +} + +.infoboxnptable2 { + height:32px; + width:100%; + background-color:#990000; +} + +.infoboxnp { + background-color:#990000; + width:100%; +} + +.infoboxnpimg { + vertical-align:middle; + width:28px; + height:32px; + background-color:#990000; +} + +.inputerrorsleft { + background-color: #990000; + width: 36px; +} + +.inputerrorsright { + background-color: #FFD9D1; + color: #000000; + font-size: 11px; + padding-left: 8px; + padding-top: 6px; +} + +div.GraphLink { + position: relative; +} + +span.GraphLinkLine { + position: absolute; + background-color: #990000; + width: 100%; +} + +/* DOM Tooltip CSS definitions */ +div.niceTitle +{ + background-color: #333333; + color: #FFFFFF; + font-weight: bold; + font-size: 13px; + font-family: "Trebuchet MS", sans-serif; + width: 220px; + left: 0; + top: 0; + padding: 4px; + position: absolute; + text-align: left; + z-index: 20; + -moz-border-radius: 0 10px 10px 10px; + filter: progid:DXImageTransform.Microsoft.Alpha(opacity=87); + -moz-opacity: .87; + -khtml-opacity: .87; + opacity: .87; +} +div.niceTitle h1 +{ + background: #990000; + border-bottom: 1px dotted #FFFFFF; + font-weight: bold; + font-size: 13px; + font-family: "Trebuchet MS", sans-serif; + margin: 3px; + padding-top: 1px; + padding-bottom: 1px; + padding-left: 3px; + text-align: left; + left: 0; + top: 0; + -moz-border-radius: 0 8px 0 0; + -moz-opacity: 1; +} +div.niceTitle .contents +{ + margin: 0; + padding: 0 3px; + filter: progid:DXImageTransform.Microsoft.Alpha(opacity=100); + -moz-opacity: 1; + -khtml-opacity: 1; + opacity: 1; +} +div.niceTitle p +{ + background: #FFFFFF; + border: 1px solid #990000; + color: #000000; + font-size: 11px; + font-family: "Trebuchet MS", sans-serif; + padding: 5px; + margin: 3px; + text-align: left; + -moz-opacity: 1; + -moz-border-radius: 0 0 8px 8px; +} + +body { + margin: 0px auto; + background: url('images/background.gif') no-repeat; + background-position : center 0px; + background-color: #4a0203; +} + +form { + margin: 0px; +} +a { + text-decoration: none; +} +form input { + font-size: 1.1em; +} + +iframe { + z-index: 1; + border: 1px dashed #990000; +} +.iframe { + background-color: #FFFFFF; +} + +/* ID Based CSS Definitions */ +#wrapper { + width: 810px; + margin: 0px auto; +} + +#header { + background: url('images/header.png') no-repeat; + background-position: 0px; + height: 102px; + width: 810px; + margin-bottom: 5px; + z-index: 2; +} +#header-left { + position: relative; + /* background: url('images/logo.gif') no-repeat; */ + background-position: center; + height: 65px; + width: 145px; + left: 10px; + float: left; +} +#header-left #status-link { + position: relative; + top: 10px; + left: 6px; +} +#header-right { + position: relative; + /* background: url('images/header.gif') no-repeat; */ + height: 70px; + color: #fff; + left: 0px; + margin-left: 165px; +} +#header-right .alert { + position: relative; + /* background: url('images/alert.gif') no-repeat; */ + background-position: 4px 2px; + color: #fff; + height: 17px; + width: 500px; + padding: 4px; + padding-left: 27px; + float: left; +} +#header-right .container { + position: relative; +} +#header-right .container .left { + position: relative; + float: left; + font-size: 1.3em; + font-weight: bold; + top: 15px; + left: 4px; + display: none; +} +#header-right .container .right { + position: relative; + float: right; + top: 29px; + padding-right: 4px; + z-index: 1; +} + +#header-right .container .right #alerts { + position: relative; + background: url('images/alert_bgr.png') no-repeat; + height: 39px; + width: 431px; + z-index: 1; + padding-top: 22px; + padding-left: 5px; + margin: 0px; +} +#header-right .container .right #hostname { + position: relative; + height: 39px; + width: 431px; + z-index: 1; + padding-left: 5px; + margin: 0px; + top: 15px; + left: 210px; + font-size: 14px; + color: #990000; + font-weight: bold; +} + + + +table#marquee { + position: relative; + top: -6px; + left: -5px; + border: 0; + padding: 0; + margin: 0; + width: 424px; + background-color: transparent; + padding: 2px; + border: 0px; +} +span#marquee-container { + position: absolute; + visibility: hidden; + top: -100px; + left: -10000px; +} +div#marquee-text { + font-size: 1.18em; + font-weight: normal; + font-family: Verdana; + color: #990000; +} +table#marquee div#container { + position: relative; + overflow: hidden; + width: 418px; + height: 20px; +} +table#marquee div#container div#scroller { + position: absolute; + left: 0px; + top: 0px; +} + + + + + +#content { + position: relative; + top: -5px; + left: 0px; + margin-top: 0px; + margin-left: 0px; + padding-top: 0px; + width: 810px; + background-color: #ffffff; +} + +#left { + width: 810px; + height: 1px; +} +#right { + position: relative; + top: -10px; + width: 770px; + margin-top: 0px; + margin-left: 5px; + margin-right: 5px; + padding-top: 5px; + padding-left: 10px; + padding-right: 10px; + padding-bottom: 20px; + min-height: 400px; +} + +#footer { + position: relative; + background: url('images/footer.png') no-repeat; + top: -18px; + left: 0px; + width: 810px; + height: 82px; + color: #999999; + text-align: center;; + font-size: 0.9em; + padding-top: 17px; + margin-bottom: 20px; + clear: both; +} +#footer p { + padding: 0px; + margin: 0px; +} + +/* Style the List */ +#navigation { + /* background: url('images/menu.gif') no-repeat; */ + /* width: 693px; */ + position: relative; + top: -35px; + left: 3px; + width: 810px; + padding: 0px; + height: 28px; + z-index: 3; +} +#navigation ul { + padding: 0; + margin: 0; + list-style: none; + text-align: center; +} +#navigation ul#menu { + padding-top: 3px; + padding-left: 5px; +} + +/* Style the List Elements */ +#navigation ul li { + float: left; + position: relative; + width: 7.5em; +} +#navigation ul li div { + font-size: 1em; + font-weight: bold; +} +/* Make the List inside the List Elements */ +/* initially hidden with absolute position */ +#navigation ul li ul { + display: none; + position: absolute; +/* top: 2em; + left: -2px; */ + width: 120px; + font-weight: normal; +/* background: transparent bottom left no-repeat; /* This is key to making the menu maintain visibility when not on a link */ + /* background-color: #202020; */ + background: url("images/menubgr_footer.png") no-repeat; + background-position: bottom; + */ + padding: 0em 0 0.4em 0; + padding-top: 5px; + padding-bottom: 10px; +} +/* to override top and left in browsers other than IE */ +/* which will position to the top right of the containing */ +/* li, rather than bottom left */ +#navigation ul li > ul { + top: auto; + left: auto; + left: -1px !important; +} +/* Show initial drop down upon mouse over, but do not show */ +/* nested side drop menus within listed elements */ +#navigation ul li:hover ul { + display: block; + cursor: pointer; +} +#navigation ul li:hover { + cursor: pointer; + cursor: pointer; +} +#navigation ul li:hover div { + text-decoration: none; +} + +#navigation ul li { + background-color: transparent; + color: #FFF; +} +#navigation ul li ul li { + border: 0px solid #990000; + width: 8.8em; + height: 1.6em; + line-height: 1.6em; +/* background-color: #990000; */ + background: url(images/menubgr.png) repeat-y; + z-index: 2; +/* color: #FFF; */ +} +#navigation ul li ul li:hover { +/* background-color: #666666; */ + background-image: url(images/menubgr_highlight.png); + background-repeat: repeat-y; +} + +#navigation li li a { + display: block; + padding-left: 10px; + padding-right: 10px; +} + +#navigation ul li ul li a.navlnk:hover { + text-decoration: none; +} +#navigation ul li.first { + border-right: 0px; +} +#navigation ul li.middle { + border-right: 0px; +} +#navigation ul li.last { + +} + +#navigation ul li.dropfirst { + border-bottom: 0px; +} +#navigation ul li.dropmiddle { + border-bottom: 0px; +} +#navigation ul li.droplast { +} + +#wzdtabcont { + float: left; + background-color: #FFFFFF; + color: #000000; + padding: 0; +} + +ul#wzdnav { + font-size: 0.96em; + float: left; + width: 14.5em; + margin: 0; + padding-left: 18px; +} + +ul#wzdnav li { + list-style: none; + margin: 0; + padding-bottom: 0.2em; + padding-left: 0; +} + +ul#wzdnav a { + display: block; + padding: 0.3em; + font-weight: normal; +} + +#wzdnavbold a { + display: block; + padding: 0.3em; + font-weight: bold ! important; +} + +ul#wzdnav a:link { + color: black; + background-color: #eee; +} + +ul#wzdnav a:visited { + color: #666; + background-color: #eee; +} + +ul#wzdnav a:hover { + color: black; + background-color: white; +} + +ul#wzdnav a:active { + color: white; + background-color: gray; +} + +#graph { + position: relative; + z-index: 10; +} + +#logoutbtn { + position: absolute; + left: 95%; + vertical-align: middle; +} + + +#graph { + position: relative; + z-index: 10; +} + + + +/* Class Based CSS Definitions */ +.pgtitle { + font-size: 18px; + color: #777777; + font-weight: bold; +} +.tfrtitle { + font-size: 18px; + color: #ffffff; + font-weight: bold; +} +.vncell { + background-color: #DDDDDD; + padding-right: 20px; + padding-left: 8px; + border-bottom: 1px solid #999999; +} +.formfld { + padding-left: 19px; + font-size: small; +} +.formselect { + font-size: 1.0em; +} +.langopt { + padding-left: 34px; + padding-top: 2px; + padding-bottom: 2px; +} +.saved { + /* background: url('/themes/nione/images/icons/icon_wzd_saved.png') no-repeat 0 1px #FFFFFF; */ + list-style-image: url('/themes/nervecenter/images/icons/icon_wzd_saved.png') ! important; +} +.notsaved { + /* background: url('/themes/nione/images/icons/icon_wzd_nsaved.png') no-repeat 0 1px #FFFFFF; */ + list-style-image: url('/themes/nervecenter/images/icons/icon_wzd_nsaved.png') ! important; +} +.en { + background: url('/themes/nervecenter/images/icons/icon_flag_en.png') no-repeat 0 1px #FFFFFF; +} +.de { + background: url('/themes/nervecenter/images/icons/icon_flag_de.png') no-repeat 0 1px #FFFFFF; +} +.es { + background: url('/themes/nervecenter/images/icons/icon_flag_es.png') no-repeat 0 1px #FFFFFF; +} +.pt_BR { + background: url('/themes/nervecenter/images/icons/icon_flag_pt_BR.png') no-repeat 0 1px #FFFFFF; +} +.host { + background: url('/themes/nervecenter/images/icons/icon_frmfld_host.png') no-repeat 0 1px #FFFFFF; +} +.search { + background: url('/themes/nervecenter/images/icons/icon_frmfld_search.png') no-repeat 0 1px #FFFFFF; +} +.file { + background: url('/themes/nervecenter/images/icons/icon_frmfld_file.png') no-repeat 0 1px #FFFFFF; +} +.mail { + background: url('/themes/nervecenter/images/icons/icon_frmfld_mail.png') no-repeat 0 1px #FFFFFF; +} +.imp { + background: url('/themes/nervecenter/images/icons/icon_frmfld_imp.png') no-repeat 0 1px #FFFFFF; +} +.pwd { + background: url('/themes/nervecenter/images/icons/icon_frmfld_pwd.png') no-repeat 0 1px #FFFFFF; +} +.user { + background: url('/themes/nervecenter/images/icons/icon_frmfld_user.png') no-repeat 0 1px #FFFFFF ; +} +.group { + background: url('/themes/nervecenter/images/icons/icon_frmfld_group.png') no-repeat 0 1px #FFFFFF; +} +.url { + background: url('/themes/nervecenter/images/icons/icon_frmfld_url.png') no-repeat 0 1px #FFFFFF; +} +.time { + background: url('/themes/nervecenter/images/icons/icon_frmfld_time.png') no-repeat 0 1px #FFFFFF; +} +.unknown { + background: url('/themes/nervecenter/images/icons/icon_frmfld_unknown.png') no-repeat 0 1px #FFFFFF; +} +.formfld_cert { + background: url('/themes/nervecenter/images/icons/icon_frmfld_cert.png') no-repeat 0 1px #FFFFFF; + padding-left: 28px; + font-family: Courier New, Courier, monospaced; + font-size: 11px; +} +.formfldalias { + background-color: #990000; + color: #FFFFFF; +} +.formpre { + font-family: Courier New, Courier, monospaced; + font-size: 10px; +} +.formbtn { + font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-size: 13px; + font-weight: bold; +} +.formbtns { + font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-size: 10px; + font-weight: bold; +} +.vvcell { + background-color: #FFFFC6; +} +.errmsg { + font-weight: bold; + color: #CC0000; +} +.red { + color: #CC0000; +} +.gray { + color: #A0A0A0; +} +.vexpl { + font-size: 11px; +} +.navlnk { + color: #FFFFFF; + text-decoration: none; + font-size: 13px; +} +.navlnks { + color: #FFFFFF; + text-decoration: none; + font-size: 11px; +} +.redlnk { + color: #990000; + text-decoration: none; +} +.tblnk { + color: #999999; + text-decoration: none; +} +.vncellreq { + background-color: #DDDDDD; + padding-right: 20px; + padding-left: 8px; + font-weight: bold; + border-bottom: 1px solid #999999; +} +.vncellt { + background-color: #DDDDDD; + padding-right: 20px; + padding-left: 8px; + padding-top: 4px; + padding-bottom: 4px; + font-weight: bold; + border-bottom: 1px solid #999999; +} +.vtable { + border-bottom: 1px solid #999999; +} +.vnsepcell { + background-color: #BBBBBB; + padding-right: 20px; + padding-left: 8px; + font-weight: bold; + border-bottom: 1px solid #999999; + font-size: 11px; +} +.cpline { + font-size: 11px; + color: #FFFFFF; +} +.hostname { + font-size: 11px; + color: #990000; + font-weight: bold; +} +.vnsepcellr { + background-color: #BBBBBB; + padding-right: 20px; + padding-left: 8px; + font-weight: bold; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; +} +.listrborder { + background-color: #FFFFFF; + border-right: 1px solid #999999; + border-left: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-right: 6px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listr { + background-color: #FFFFFF; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-right: 6px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listrpad { + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-right: 16px; + padding-left: 10px; + padding-top: 8px; + padding-bottom: 8px; +} +.listn { + font-size: 11px; + padding-right: 16px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listbg { + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + color: #FFFFFF; + background-color: #990000; + padding-right: 16px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listbggrey { + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + background-color: #999999; + padding-right: 16px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listhdr { + background-color: #BBBBBB; + padding-right: 16px; + padding-left: 6px; + font-weight: bold; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-top: 5px; + padding-bottom: 5px; +} +.listhdr a { + color: #000000; +} +.listhdrr { + background-color: #BBBBBB; + padding-right: 16px; + padding-left: 6px; + font-weight: bold; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-top: 5px; + padding-bottom: 5px; +} +.listhdrr a { + color: #000000; +} +.listlr { + background-color: #FFFFFF; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + border-left: 1px solid #999999; + font-size: 11px; + padding-right: 6px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listlrns { + background-color: #FFFFFF; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + border-left: 1px solid #999999; + font-size: 11px; + padding-top: 4px; + padding-bottom: 4px; +} +.list { + font-size: 11px; + padding-left: 6px; + padding-top: 2px; + padding-bottom: 2px; +} +.listt { + font-size: 11px; + padding-top: 5px; +} +.listhdrrns { + background-color: #BBBBBB; + padding-left: 6px; + padding-top: 5px; + padding-bottom: 5px; + padding-right: 6px; + font-weight: bold; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; +} +.listbgns { + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + background-color: #D9DEE8; + padding-left: 6px; + padding-right: 4px; + padding-top: 4px; + padding-bottom: 4px; +} +.listtopic { + border-right: 1px solid #999999; + font-size: 11px; + background-color: #990000; + padding-right: 16px; + padding-left: 6px; + color: #FFFFFF; + font-weight: bold; + padding-top: 5px; + padding-bottom: 5px; +} + +.optsect_t { + border-right: 1px solid #999999; + background-color: #990000; + padding-right: 6px; + padding-left: 6px; + padding-top: 2px; + padding-bottom: 2px; +} +.optsect_s { + font-size: 11px; + color: #FFFFFF; + font-weight: bold; +} +.tabnavtbl { +} + + +/* MISC CSS Definitions */ +ul#tabnav { + font-size: 11px; + font-weight: bold; + list-style-type: none; + margin: 0; + padding: 0; +} +ul#tabnav li.tabinact1 { + float: left; + background-color: #777777; + color: #FFFFFF; + padding: 0; + white-space: nowrap; +} +ul#tabnav li.tabinact { + float: left; + border-left: 1px solid #999999; + background-color: #777777; + color: #FFFFFF; + padding: 0; + white-space: nowrap; +} +ul#tabnav li.tabinact a { + float: left; + display: block; + text-decoration: none; + padding: 5px 8px 5px 8px; + color: #FFFFFF; +} +ul#tabnav li.tabinact1 a { + float: left; + display: block; + text-decoration: none; + padding: 5px 8px 5px 8px; + color: #FFFFFF; +} +ul#tabnav li.tabact { + float: left; + background-color: #EEEEEE; + color: #000000; + padding: 5px 8px 5px 8px; + white-space: nowrap; +} +.tabcont { + background-color: #DDDDDD; + padding-right: 12px; + padding-left: 12px; + padding-top: 12px; + padding-bottom: 12px; +} +.tabact { + float: left; + background-color: #EEEEEE; + color: #000000; + padding: 5px 8px 5px 8px; + white-space: nowrap; +} +.tabinact { + font-weight: bold; + float: left; + border-left: 1px solid #999999; + background-color: #777777; + color: #FFFFFF; + padding: 0; + white-space: nowrap; +} +.menu { + background-color: #000000; + white-space: nowrap; + padding: 0px 5px 0px 5px; + width: 100%; + vertical-align: top; +} + + +/* Auto Complete Suggestions */ +div.suggestions { + -moz-box-sizing: border-box; + /* box-sizing: border-box; */ + border: 1px solid black; + position: absolute; + background-color: #990000; + color: #FFF; +} + +div.suggestions div { + cursor: default; + padding: 0px 3px; + background-color: #990000; + color: #FFF; +} + +div.suggestions div.current { + background-color: #3366cc; + color: #FFF; +} +/* End Auto Complete Suggestions */ + + +/* Nifty Corners Crap */ +.rtop,.artop{display:block} +.rtop *,.artop *{display:block;height:1px;overflow:hidden;font-size:1px} +.artop *{border-style: solid;border-width:0 1px} +.r1,.rl1,.re1,.rel1{margin-left:5px} +.r1,.rr1,.re1,.rer1{margin-right:5px} +.r2,.rl2,.re2,.rel2,.ra1,.ral1{margin-left:3px} +.r2,.rr2,.re2,.rer2,.ra1,.rar1{margin-right:3px} +.r3,.rl3,.re3,.rel3,.ra2,.ral2,.rs1,.rsl1,.res1,.resl1{margin-left:2px} +.r3,.rr3,.re3,.rer3,.ra2,.rar2,.rs1,.rsr1,.res1,.resr1{margin-right:2px} +.r4,.rl4,.rs2,.rsl2,.re4,.rel4,.ra3,.ral3,.ras1,.rasl1,.res2,.resl2{margin-left:1px} +.r4,.rr4,.rs2,.rsr2,.re4,.rer4,.ra3,.rar3,.ras1,.rasr1,.res2,.resr2{margin-right:1px} +.rx1,.rxl1{border-left-width:5px} +.rx1,.rxr1{border-right-width:5px} +.rx2,.rxl2{border-left-width:3px} +.rx2,.rxr2{border-right-width:3px} +.re2,.rel2,.ra1,.ral1,.rx3,.rxl3,.rxs1,.rxsl1{border-left-width:2px} +.re2,.rer2,.ra1,.rar1,.rx3,.rxr3,.rxs1,.rxsr1{border-right-width:2px} +.rxl1,.rxl2,.rxl3,.rxl4,.rxsl1,.rxsl2,.ral1,.ral2,.ral3,.ral4,.rasl1,.rasl2{border-right-width:0} +.rxr1,.rxr2,.rxr3,.rxr4,.rxsr1,.rxsr2,.rar1,.rar2,.rar3,.rar4,.rasr1,.rasr2{border-left-width:0} +.r4,.rl4,.rr4,.re4,.rel4,.rer4,.ra4,.rar4,.ral4,.rx4,.rxl4,.rxr4{height:2px} +.rer1,.rel1,.re1,.res1,.resl1,.resr1{border-width:1px 0 0;height:0px !important;height /**/:1px} +/* End Nifty Corners Crap */ + + + +/* CSS for Dynamic Log Viewer */ +/* Author: Erik Kristensen */ +div#log div.log-entry { + clear: both; +} + +div#log div.log-entry span, +div#log div.log-header span { + padding: 3px 2px 3px 2px; + padding-left: 8px; +} + +div#log div.log-entry span.log-action { + padding-bottom: 6px; + padding-left: 5px; + padding-right: 5px; +} + +div#log div.log-header span { + border-top: 1px solid #999; + background-color: #bbb; + font-weight: bold; + text-align: left; +} + +div#log span.log-action, +div#log span.log-time, +div#log span.log-interface, +div#log span.log-source, +div#log span.log-destination, +div#log span.log-protocol { + float: left; + text-align: left; + border-left: 1px solid #999; + border-bottom: 1px solid #999; + +} + +div#log span.log-general { + +} + +div#log span.log-protocol { + border-right: 1px solid #999; +} + +div#log span.log-action { + width: 2em; + text-align: center; +} + +div#log span.log-time { + width: 12.5em; +} + +div#log span.log-interface { + width: 5em; +} + +div#log span.log-source, +div#log span.log-destination { + width: 17.6em; +} + +div#log span.log-protocol { + width: 5.5em; +} +/* END CSS FOR DYNAMIC LOG VIEWER */ + +#login { + background: #cccccc; + border: 0px solid #666666; + margin: 5em auto; + padding: 0em; + width: 340px; +} + +#login h1 { + background: url(images/misc/logon.png) no-repeat top left; + margin-top: 0; + display: block; + text-indent: -1000px; + height: 50px; + border-bottom: none; +} + +#login p { + font-size: 1em; + font-weight: bold; + padding: 3px; + margin: 0em; + text-indent: 10px; +} + +#login span { + font-size: 1em; + font-weight: bold; + width: 20%; + padding: 3px; + margin: 0em; + text-indent: 10px; +} + +#login p#text { + font-size: 1em; + font-weight: normal; + padding: 3px; + margin: 0em; + text-indent: 10px; +} + +#login #username, #password { + font-size: 1em; + width: 60%; + padding: 3px; + margin: 0em; +} + +#login #submit { + font-size: 1em; + font-weight: bold; + padding: 3px; + margin: 0em; + text-indent: 10px; +} + +/* Widget CSS */ +.widgetsubheader { + border-right: 1px solid #999999; + font-size: 11px; + background-color: #B1B1B1; + padding-right: 6px; + padding-left: 6px; + color: #000000; + font-weight: bold; + padding-top: 5px; + padding-bottom: 5px; +} +.widgetheader { + border-right: 1px solid #999999; + font-size: 11px; + background-color: #990000; + padding-right: 6px; + padding-left: 6px; + color: #FFFFFF; + font-weight: bold; + padding-top: 5px; + padding-bottom: 5px; +} +.widgetdiv{ + margin:5px; + padding: 5px; + background:#CCCCCC; +} +.widgetconfigdiv{ + background:#BBBBBB; + font-size: 11px; + color: #000000; + padding-right: 5px; + padding-left: 5px; + padding-top: 5px; + padding-bottom: 5px; +} + +div#log div.log-entry-mini { + clear: both; +} + +div#log div.log-entry-mini span { + padding: 2px 2px 2px 2px; + padding-left: 8px; +} + +div#log span.log-action-mini-header, +div#log span.log-interface-mini-header, +div#log span.log-source-mini-header, +div#log span.log-destination-mini-header, +div#log span.log-protocol-mini-header { + float: left; + text-align: left; + background-color: #B1B1B1; + font-size: 12px; + border-left: 1px solid #999; + border-bottom: 1px solid #999; +} + +div#log span.log-action-mini, +div#log span.log-time-mini, +div#log span.log-interface-mini, +div#log span.log-source-mini, +div#log span.log-destination-mini, +div#log span.log-protocol-mini { + float: left; + text-align: left; + background-color: #FFFFFF; + font-size: 11px; + border-left: 1px solid #999; + border-bottom: 1px solid #999; +} + +div#log span.log-action-mini, +div#log span.log-action-mini-header { + width: 6%; +} + +div#log span.log-interface-mini, +div#log span.log-interface-mini-header { + width: 8%; +} + +div#log span.log-source-mini, +div#log span.log-destination-mini, +div#log span.log-source-mini-header, +div#log span.log-destination-mini-header { + width: 31%; +} + +div#log span.log-protocol-mini, +div#log span.log-protocol-mini-header { + width: 8%; + border-right: 1px solid #999; +} + +/* Sortable tables */ +table.sortable thead { + background-color:#eee; + color:#666666; + font-weight: bold; + cursor: default; +} diff --git a/usr/local/www/themes/code-red/graphlink.css b/usr/local/www/themes/code-red/graphlink.css index ba62832..13f65f0 100755 --- a/usr/local/www/themes/code-red/graphlink.css +++ b/usr/local/www/themes/code-red/graphlink.css @@ -1,43 +1,43 @@ -/*******************************************************************************
- $Id$
-
- This file is part of the GraphLink software.
- GraphLink is distributed under the MIT License.
- Copyright (C) 2005-2006 Max Khitrov <max@mxsoft.org>
-*******************************************************************************/
-
-/**
- * Defines the background image used for the graph, as well as the actual data
- * locations.
- * Use padding-left and padding-top to align the data area correctly with your
- * background image.
- * Width and height should same as the dimensions of the image, minus the
- * padding values in both directions.
- */
-div.GraphLink {
- width: 212px;
- height: 60px;
- padding-left: 38px;
- padding-top: 10px;
- background-image: url(/themes/nervecenter/images/misc/graph.png);
- overflow: hidden;
-}
-
-/**
- * Defines the data display area. Modify to fit your background image.
- */
-div.GraphLinkData {
- width: 200px;
- height: 50px;
- overflow: hidden;
-}
-
-/**
- * Defines the look of one bar. Nothing to change here other than the color.
- */
-span.GraphLinkBar {
- background-color: #990000;
- height: 100%;
- float: left;
- overflow: hidden;
-}
+/******************************************************************************* + $Id$ + + This file is part of the GraphLink software. + GraphLink is distributed under the MIT License. + Copyright (C) 2005-2006 Max Khitrov <max@mxsoft.org> +*******************************************************************************/ + +/** + * Defines the background image used for the graph, as well as the actual data + * locations. + * Use padding-left and padding-top to align the data area correctly with your + * background image. + * Width and height should same as the dimensions of the image, minus the + * padding values in both directions. + */ +div.GraphLink { + width: 212px; + height: 60px; + padding-left: 38px; + padding-top: 10px; + background-image: url(/themes/nervecenter/images/misc/graph.png); + overflow: hidden; +} + +/** + * Defines the data display area. Modify to fit your background image. + */ +div.GraphLinkData { + width: 200px; + height: 50px; + overflow: hidden; +} + +/** + * Defines the look of one bar. Nothing to change here other than the color. + */ +span.GraphLinkBar { + background-color: #990000; + height: 100%; + float: left; + overflow: hidden; +} diff --git a/usr/local/www/themes/code-red/javascript/ie7/ie7-server.css b/usr/local/www/themes/code-red/javascript/ie7/ie7-server.css index d070bb5..47c7edd 100755 --- a/usr/local/www/themes/code-red/javascript/ie7/ie7-server.css +++ b/usr/local/www/themes/code-red/javascript/ie7/ie7-server.css @@ -1,43 +1,43 @@ -body, td, dd {font: 10pt Verdana, Arial, Helvetica, sans-serif; color: black;}
-body {margin: 8px; background: #333;}
-h1 {margin: 0;}
-h1 a:hover {background-color: transparent;}
-h2 {font-size: 1.75em;}
-h3 {font-size: 1.1em;}
-a:active {color: #ff0000;}
-a:link {color: #0a6cce;}
-a:visited {color: #0a6cce;}
-code, *.code {font-family: monospace; font-size: 100%; font-style: normal; white-space: nowrap;
- padding: 0 1px; background: #f2f3f8; border: #d6d9e9 1px solid;}
-code.box {display: block; padding: 10px; margin: 0.5em 0;}
-ul {list-style-type: square;}
-dd {margin: .2em 0 .5em 1em;}
-dl.library dt {display: list-item; margin-left: 3em; list-style-type: square;}
-dl.library dd {font-style: italic; margin-left: 3em;}
-dt {font-weight: bold;}
-dt.pack {color: brown;}
-a img {border-style: none;}
-hr {height: 1px; color: #000; border-style: solid;}
-hr.short {height: 2px; width: 100px;}
-div.document {background: #eef; padding: 20px 20px 5px 20px; width: 600px; border: 1px solid black;}
-hr {border-bottom-width: 0px;}
-div.header hr {color: #0a6cce; background-color: #0a6cce;}
-div.content {min-height: 100px;}
-div.footer hr {color: #898e79; background-color: #898e79; }
-div.header, div.header a:link, div.header a:visited, h3 a:link, h3 a:visited {text-decoration: none;}
-a:hover {color: #fff; background-color: #0a6cce; text-decoration: none;}
-div.footer a:hover {background-color: transparent; text-decoration: none;}
-div.header .menu {text-align: right;}
-div.footer {font-size: x-small; margin-top: 8px;}
-div.footnote {font-family: "times new roman", times; font-style: italic; margin-top: 10px;}
-#license {margin-top: 5px; font-size: xx-small;}
-table {border-top: 1px solid #000; border-left: 1px solid #000;}
-th {background-color: #fff; text-align: left;}
-th, td {border-right: 1px solid #000; border-bottom: 1px solid #000;}
-th.small {width: 100px;}
-th.medium {width: 200px;}
-th.large {width: 270px;}
-th.x-large {width: 408px;}
-table.fixed {table-layout: fixed;}
-span.comment {color: #666;}
-
+body, td, dd {font: 10pt Verdana, Arial, Helvetica, sans-serif; color: black;} +body {margin: 8px; background: #333;} +h1 {margin: 0;} +h1 a:hover {background-color: transparent;} +h2 {font-size: 1.75em;} +h3 {font-size: 1.1em;} +a:active {color: #ff0000;} +a:link {color: #0a6cce;} +a:visited {color: #0a6cce;} +code, *.code {font-family: monospace; font-size: 100%; font-style: normal; white-space: nowrap; + padding: 0 1px; background: #f2f3f8; border: #d6d9e9 1px solid;} +code.box {display: block; padding: 10px; margin: 0.5em 0;} +ul {list-style-type: square;} +dd {margin: .2em 0 .5em 1em;} +dl.library dt {display: list-item; margin-left: 3em; list-style-type: square;} +dl.library dd {font-style: italic; margin-left: 3em;} +dt {font-weight: bold;} +dt.pack {color: brown;} +a img {border-style: none;} +hr {height: 1px; color: #000; border-style: solid;} +hr.short {height: 2px; width: 100px;} +div.document {background: #eef; padding: 20px 20px 5px 20px; width: 600px; border: 1px solid black;} +hr {border-bottom-width: 0px;} +div.header hr {color: #0a6cce; background-color: #0a6cce;} +div.content {min-height: 100px;} +div.footer hr {color: #898e79; background-color: #898e79; } +div.header, div.header a:link, div.header a:visited, h3 a:link, h3 a:visited {text-decoration: none;} +a:hover {color: #fff; background-color: #0a6cce; text-decoration: none;} +div.footer a:hover {background-color: transparent; text-decoration: none;} +div.header .menu {text-align: right;} +div.footer {font-size: x-small; margin-top: 8px;} +div.footnote {font-family: "times new roman", times; font-style: italic; margin-top: 10px;} +#license {margin-top: 5px; font-size: xx-small;} +table {border-top: 1px solid #000; border-left: 1px solid #000;} +th {background-color: #fff; text-align: left;} +th, td {border-right: 1px solid #000; border-bottom: 1px solid #000;} +th.small {width: 100px;} +th.medium {width: 200px;} +th.large {width: 270px;} +th.x-large {width: 408px;} +table.fixed {table-layout: fixed;} +span.comment {color: #666;} + diff --git a/usr/local/www/themes/code-red/javascript/transmenu-body.php b/usr/local/www/themes/code-red/javascript/transmenu-body.php index e9bacbc..ada3d0c 100755 --- a/usr/local/www/themes/code-red/javascript/transmenu-body.php +++ b/usr/local/www/themes/code-red/javascript/transmenu-body.php @@ -1,51 +1,51 @@ -<?php
-/* $Id$ */
-/* DISABLE_PHP_LINT_CHECKING */
-/* ========================================================================== */
-/*
- transmenu.php
- Copyright (C) 2006 Daniel S. Haischt <me@daniel.stefan.haischt.name>
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Originally part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
-
-function nervecenterTransmenuGetBodyJS() {
- global $rootmenu;
-
- if (isset($rootmenu)) {
- return $rootmenu->getMenuJScript();
- } else if (empty($rootmenu)) {
- return "alert('No rootmenu object found.');";
- } else {
- return "alert('No JavaScript attached to rootmenu object.');";
- }
-}
-
-?>
+<?php +/* $Id$ */ +/* DISABLE_PHP_LINT_CHECKING */ +/* ========================================================================== */ +/* + transmenu.php + Copyright (C) 2006 Daniel S. Haischt <me@daniel.stefan.haischt.name> + All rights reserved. + */ +/* ========================================================================== */ +/* + Originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +function nervecenterTransmenuGetBodyJS() { + global $rootmenu; + + if (isset($rootmenu)) { + return $rootmenu->getMenuJScript(); + } else if (empty($rootmenu)) { + return "alert('No rootmenu object found.');"; + } else { + return "alert('No JavaScript attached to rootmenu object.');"; + } +} + +?> diff --git a/usr/local/www/themes/code-red/javascript/transmenu-head.php b/usr/local/www/themes/code-red/javascript/transmenu-head.php index a2b9cf1..6eea15d 100755 --- a/usr/local/www/themes/code-red/javascript/transmenu-head.php +++ b/usr/local/www/themes/code-red/javascript/transmenu-head.php @@ -1,85 +1,85 @@ -<?php
-/* $Id$ */
-/* DISABLE_PHP_LINT_CHECKING */
-/* ========================================================================== */
-/*
- transmenu.php
- Copyright (C) 2006 Daniel S. Haischt <me@daniel.stefan.haischt.name>
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Originally part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
-
-function nervecenterTransmenuGetHeadJS() {
- global $g, $rootmenu;
-
- $transmenu_stub =<<<EOD
- function tmenuinit() {
- //==========================================================================================
- // if supported, initialize TransMenus
- //==========================================================================================
- // Check isSupported() so that menus aren't accidentally sent to non-supporting browsers.
- // This is better than server-side checking because it will also catch browsers which would
- // normally support the menus but have javascript disabled.
- //
- // If supported, call initialize() and then hook whatever image rollover code you need to do
- // to the .onactivate and .ondeactivate events for each menu.
- //==========================================================================================
- if (TransMenu.isSupported()) {
- TransMenu.initialize();
-
- // hook all the highlight swapping of the main toolbar to menu activation/deactivation
- // instead of simple rollover to get the effect where the button stays hightlit until
- // the menu is closed.
- @@CHILD_JSCRIPT@@
- }
- } // end function
-EOD;
-
- if (empty($rootmenu)) {
- require_once("menudef.inc");
- }
-
- $childJScript = "";
- foreach ($rootmenu->getChildren() as $component) {
- $id = "mnua_" . str_replace(" ", "", strtolower($component->getID()));
-
- $childJScript .=<<<EOD
- {$id}.onactivate = function() { document.getElementById("{$id}").className = "hover"; };
- {$id}.ondeactivate = function() { document.getElementById("{$id}").className = ""; };
-
-EOD;
- }
-
- $transmenu_stub = basename($_SERVER['PHP_SELF']) != "wizard.php" ? str_replace("@@CHILD_JSCRIPT@@", $childJScript, $transmenu_stub) : "";
-
- return $transmenu_stub;
-}
-
-?>
+<?php +/* $Id$ */ +/* DISABLE_PHP_LINT_CHECKING */ +/* ========================================================================== */ +/* + transmenu.php + Copyright (C) 2006 Daniel S. Haischt <me@daniel.stefan.haischt.name> + All rights reserved. + */ +/* ========================================================================== */ +/* + Originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +function nervecenterTransmenuGetHeadJS() { + global $g, $rootmenu; + + $transmenu_stub =<<<EOD + function tmenuinit() { + //========================================================================================== + // if supported, initialize TransMenus + //========================================================================================== + // Check isSupported() so that menus aren't accidentally sent to non-supporting browsers. + // This is better than server-side checking because it will also catch browsers which would + // normally support the menus but have javascript disabled. + // + // If supported, call initialize() and then hook whatever image rollover code you need to do + // to the .onactivate and .ondeactivate events for each menu. + //========================================================================================== + if (TransMenu.isSupported()) { + TransMenu.initialize(); + + // hook all the highlight swapping of the main toolbar to menu activation/deactivation + // instead of simple rollover to get the effect where the button stays hightlit until + // the menu is closed. + @@CHILD_JSCRIPT@@ + } + } // end function +EOD; + + if (empty($rootmenu)) { + require_once("menudef.inc"); + } + + $childJScript = ""; + foreach ($rootmenu->getChildren() as $component) { + $id = "mnua_" . str_replace(" ", "", strtolower($component->getID())); + + $childJScript .=<<<EOD + {$id}.onactivate = function() { document.getElementById("{$id}").className = "hover"; }; + {$id}.ondeactivate = function() { document.getElementById("{$id}").className = ""; }; + +EOD; + } + + $transmenu_stub = basename($_SERVER['PHP_SELF']) != "wizard.php" ? str_replace("@@CHILD_JSCRIPT@@", $childJScript, $transmenu_stub) : ""; + + return $transmenu_stub; +} + +?> diff --git a/usr/local/www/themes/code-red/login.css b/usr/local/www/themes/code-red/login.css index 9500fba..6ccdd42 100755 --- a/usr/local/www/themes/code-red/login.css +++ b/usr/local/www/themes/code-red/login.css @@ -1,1136 +1,1136 @@ -/* Element CSS Definitions */
-html, body, td, th, input, select {
- font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
- font-size: 0.9em;
-
-}
-
-.infoboxnptd2 {
- width:100%;
- color:white;
- background-color:#990000;
- padding-right: 10px;
-}
-
-.infoboxnptd {
- width:8%;
- background-color:#990000;
-}
-
-.infoboxnptable {
- height:32px;
- width:100%;
- background-color:#990000;
-}
-
-.infoboxnptable2 {
- height:32px;
- width:100%;
- background-color:#990000;
-}
-
-.infoboxnp {
- background-color:#990000;
- width:100%;
-}
-
-.infoboxnpimg {
- vertical-align:middle;
- width:28px;
- height:32px;
- background-color:#990000;
-}
-
-/* please adjust the bgcolor to be used together with niftycorners! */
-.rtop, .artop {
- background-color: #999999;
-}
-
-div.GraphLink {
- position: relative;
-}
-
-span.GraphLinkLine {
- position: absolute;
- background-color: #990000;
- width: 100%;
-}
-
-/* DOM Tooltip CSS definitions */
-div.niceTitle
-{
- background-color: #333333;
- color: #FFFFFF;
- border-bottom: 1px dotted #FFFFFF;
- font-weight: bold;
- font-size: 13px;
- font-family: "Trebuchet MS", sans-serif;
- width: 250px;
- left: 0;
- top: 0;
- padding: 4px;
- position: absolute;
- text-align: left;
- z-index: 20;
- -moz-border-radius: 0 10px 10px 10px;
- filter: progid:DXImageTransform.Microsoft.Alpha(opacity=87);
- -moz-opacity: .87;
- -khtml-opacity: .87;
- opacity: .87;
-}
-div.niceTitle h1
-{
- background: #990000;
- border-bottom: 1px dotted #FFFFFF;
- font-weight: bold;
- font-size: 13px;
- font-family: "Trebuchet MS", sans-serif;
- margin: 3px;
- padding-top: 1px;
- padding-bottom: 1px;
- padding-left: 3px;
- text-align: left;
- left: 0;
- top: 0;
- -moz-border-radius: 0 8px 0 0;
- -moz-opacity: 1;
-}
-div.niceTitle .contents
-{
- margin: 0;
- padding: 0 3px;
- filter: progid:DXImageTransform.Microsoft.Alpha(opacity=100);
- -moz-opacity: 1;
- -khtml-opacity: 1;
- opacity: 1;
-}
-div.niceTitle p
-{
- background: #FFFFFF;
- border: 1px solid #990000;
- color: #000000;
- font-size: 9px;
- padding: 5px;
- margin: 3px;
- text-align: left;
- -moz-opacity: 1;
- -moz-border-radius: 0 0 8px 8px;
-}
-
-body {
- margin: 0px auto;
- background: url('images/logon-background.gif') no-repeat;
- background-position : center 0px;
- background-color: #4a0203;
-}
-
-form {
- margin: 0px;
-}
-a {
- text-decoration: none;
-}
-form input {
- font-size: 1.1em;
-}
-
-iframe {
- z-index: 1;
- border: 1px dashed #990000;
-}
-.iframe {
- background-color: #FFFFFF;
-}
-
-/* ID Based CSS Definitions */
-#wrapper {
- width: 810px;
- margin: 0px auto;
-}
-
-#header {
- background: url('images/header.png') no-repeat;
- background-position: 0px;
- height: 102px;
- width: 810px;
- margin-bottom: 5px;
- z-index: 2;
-}
-#header-left {
- position: relative;
- /* background: url('images/logo.gif') no-repeat; */
- background-position: center;
- height: 65px;
- width: 145px;
- left: 10px;
- float: left;
-}
-#header-left #status-link {
- position: relative;
- top: 10px;
- left: 6px;
-}
-#header-right {
- position: relative;
- /* background: url('images/header.gif') no-repeat; */
- height: 70px;
- color: #fff;
- left: 0px;
- margin-left: 165px;
-}
-#header-right .alert {
- position: relative;
- /* background: url('images/alert.gif') no-repeat; */
- background-position: 4px 2px;
- color: #fff;
- height: 17px;
- width: 500px;
- padding: 4px;
- padding-left: 27px;
- float: left;
-}
-#header-right .container {
- position: relative;
-}
-#header-right .container .left {
- position: relative;
- float: left;
- font-size: 1.3em;
- font-weight: bold;
- top: 15px;
- left: 4px;
- display: none;
-}
-#header-right .container .right {
- position: relative;
- float: right;
- top: 22px;
- padding-right: 4px;
- z-index: 1;
-}
-
-#header-right .container .right #alerts {
- position: relative;
- background: url('images/alert_bgr.png') no-repeat;
- height: 39px;
- width: 431px;
- z-index: 1;
- padding-top: 20px;
- padding-left: 5px;
- margin: 0px;
-}
-#header-right .container .right #hostname {
- position: relative;
- height: 39px;
- width: 431px;
- z-index: 1;
- padding-left: 5px;
- margin: 0px;
- top: 25px;
- left: 230px;
- font-size: 14px;
- color: #cccccc;
- font-weight: bold;
-}
-
-
-
-table#marquee {
- position: relative;
- top: -6px;
- left: -5px;
- border: 0;
- padding: 0;
- margin: 0;
- width: 424px;
- background-color: transparent;
- padding: 2px;
- border: 0px;
-}
-span#marquee-container {
- position: absolute;
- visibility: hidden;
- top: -100px;
- left: -10000px;
-}
-div#marquee-text {
- font-size: 1.18em;
- font-weight: normal;
- font-family: Verdana;
- color: #ffffff;
-}
-table#marquee div#container {
- position: relative;
- overflow: hidden;
- width: 418px;
- height: 20px;
-}
-table#marquee div#container div#scroller {
- position: absolute;
- left: 0px;
- top: 0px;
-}
-
-
-
-
-
-#content {
- position: relative;
- top: -15px;
- left: 0px;
- margin-top: 0px;
- margin-left: 0px;
- padding-top: 0px;
- width: 810px;
- background-color: #ffffff;
-}
-
-#left {
- width: 810px;
- height: 1px;
-}
-#right {
- position: relative;
- top: -10px;
- width: 770px;
- margin-top: 0px;
- margin-left: 5px;
- margin-right: 5px;
- padding-top: 5px;
- padding-left: 10px;
- padding-right: 10px;
- padding-bottom: 20px;
- min-height: 400px;
-}
-
-#footer {
- position: relative;
- background: url('images/footer.png') no-repeat;
- top: -18px;
- left: 0px;
- width: 810px;
- height: 75px;
- color: #ffffff;
- text-align: center;;
- font-size: 0.9em;
- padding-top: 17px;
- margin-bottom: 20px;
- clear: both;
-}
-#footer p {
- padding: 0px;
- margin: 0px;
-}
-
-/* Style the List */
-#navigation {
- /* background: url('images/menu.gif') no-repeat; */
- /* width: 693px; */
- position: relative;
- top: -25px;
- left: 3px;
- width: 810px;
- padding: 0px;
- height: 28px;
- z-index: 3;
-}
-#navigation ul {
- padding: 0;
- margin: 0;
- list-style: none;
- text-align: center;
-}
-#navigation ul#menu {
- padding-top: 3px;
- padding-left: 5px;
-}
-
-/* Style the List Elements */
-#navigation ul li {
- float: left;
- position: relative;
- /* width: 7.5em; */
- width: 8.77em;
-}
-#navigation ul li div {
- font-size: 1em;
- font-weight: bold;
-}
-/* Make the List inside the List Elements */
-/* initially hidden with absolute position */
-#navigation ul li ul {
- display: none;
- position: absolute;
- top: 2em;
- left: -2px;
- width: 9em;
- font-weight: normal;
- background: transparent bottom left no-repeat; /* This is key to making the menu maintain visibility when not on a link */
- /* background-color: #202020;
- background: url("images/menu_footer.gif") no-repeat;
- background-position: bottom;
- */
- padding: 0em 0 0.4em 0;
- padding-top: 0.3em;
-}
-/* to override top and left in browsers other than IE */
-/* which will position to the top right of the containing */
-/* li, rather than bottom left */
-#navigation ul li > ul {
- top: auto;
- left: auto;
- left: -1px !important;
-}
-/* Show initial drop down upon mouse over, but do not show */
-/* nested side drop menus within listed elements */
-#navigation ul li:hover ul {
- display: block;
- cursor: pointer;
-}
-#navigation ul li:hover {
- cursor: pointer;
- cursor: pointer;
-}
-#navigation ul li:hover div {
- text-decoration: none;
-}
-
-#navigation ul li {
- background-color: transparent;
- color: #FFF;
-}
-#navigation ul li ul li {
- border: 1px solid #990000;
- width: 8.8em;
- height: 1.6em;
- line-height: 1.6em;
- background-color: #990000;
- color: #FFF;
-}
-#navigation ul li ul li:hover {
- background-color: #666666;
-}
-
-#navigation li li a {
- display: block;
- padding-left: 10px;
- padding-right: 10px;
-}
-
-#navigation ul li ul li a.navlnk:hover {
- text-decoration: none;
-}
-#navigation ul li.first {
- border-right: 0px;
-}
-#navigation ul li.middle {
- border-right: 0px;
-}
-#navigation ul li.last {
-
-}
-
-#navigation ul li.dropfirst {
- border-bottom: 0px;
-}
-#navigation ul li.dropmiddle {
- border-bottom: 0px;
-}
-#navigation ul li.droplast {
-}
-
-#wzdtabcont {
- float: left;
- background-color: #FFFFFF;
- color: #000000;
- padding: 0;
-}
-
-ul#wzdnav {
- font-size: 0.96em;
- float: left;
- width: 14.5em;
- margin: 0;
- padding-left: 18px;
-}
-
-ul#wzdnav li {
- list-style: none;
- margin: 0;
- padding-bottom: 0.2em;
- padding-left: 0;
-}
-
-ul#wzdnav a {
- display: block;
- padding: 0.3em;
- font-weight: normal;
-}
-
-#wzdnavbold a {
- display: block;
- padding: 0.3em;
- font-weight: bold ! important;
-}
-
-ul#wzdnav a:link {
- color: black;
- background-color: #eee;
-}
-
-ul#wzdnav a:visited {
- color: #666;
- background-color: #eee;
-}
-
-ul#wzdnav a:hover {
- color: black;
- background-color: white;
-}
-
-ul#wzdnav a:active {
- color: white;
- background-color: gray;
-}
-
-#graph {
- position: relative;
- z-index: 10;
-}
-
-#logoutbtn {
- position: absolute;
- left: 95%;
- vertical-align: middle;
-}
-
-
-#graph {
- position: relative;
- z-index: 10;
-}
-
-
-
-/* Class Based CSS Definitions */
-.pgtitle {
- font-size: 18px;
- color: #777777;
- font-weight: bold;
-}
-.tfrtitle {
- font-size: 18px;
- color: #ffffff;
- font-weight: bold;
-}
-.vncell {
- background-color: #DDDDDD;
- padding-right: 20px;
- padding-left: 8px;
- border-bottom: 1px solid #999999;
-}
-.formfld {
- padding-left: 19px;
- font-size: small;
-}
-.formselect {
- font-size: 1.0em;
-}
-.langopt {
- padding-left: 34px;
- padding-top: 2px;
- padding-bottom: 2px;
-}
-.saved {
- /* background: url('/themes/nione/images/icons/icon_wzd_saved.png') no-repeat 0 1px #FFFFFF; */
- list-style-image: url('/themes/nervecenter/images/icons/icon_wzd_saved.png') ! important;
-}
-.notsaved {
- /* background: url('/themes/nione/images/icons/icon_wzd_nsaved.png') no-repeat 0 1px #FFFFFF; */
- list-style-image: url('/themes/nervecenter/images/icons/icon_wzd_nsaved.png') ! important;
-}
-.en {
- background: url('/themes/nervecenter/images/icons/icon_flag_en.png') no-repeat 0 1px #FFFFFF;
-}
-.de {
- background: url('/themes/nervecenter/images/icons/icon_flag_de.png') no-repeat 0 1px #FFFFFF;
-}
-.es {
- background: url('/themes/nervecenter/images/icons/icon_flag_es.png') no-repeat 0 1px #FFFFFF;
-}
-.pt_BR {
- background: url('/themes/nervecenter/images/icons/icon_flag_pt_BR.png') no-repeat 0 1px #FFFFFF;
-}
-.host {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_host.png') no-repeat 0 1px #FFFFFF;
-}
-.search {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_search.png') no-repeat 0 1px #FFFFFF;
-}
-.file {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_file.png') no-repeat 0 1px #FFFFFF;
-}
-.mail {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_mail.png') no-repeat 0 1px #FFFFFF;
-}
-.imp {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_imp.png') no-repeat 0 1px #FFFFFF;
-}
-.pwd {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_pwd.png') no-repeat 0 1px #FFFFFF;
-}
-.user {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_user.png') no-repeat 0 1px #FFFFFF ;
-}
-.group {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_group.png') no-repeat 0 1px #FFFFFF;
-}
-.url {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_url.png') no-repeat 0 1px #FFFFFF;
-}
-.time {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_time.png') no-repeat 0 1px #FFFFFF;
-}
-.unknown {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_unknown.png') no-repeat 0 1px #FFFFFF;
-}
-.formfld_cert {
- background: url('/themes/nervecenter/images/icons/icon_frmfld_cert.png') no-repeat 0 1px #FFFFFF;
- padding-left: 28px;
- font-family: Courier New, Courier, monospaced;
- font-size: 11px;
-}
-.formfldalias {
- background-color: #990000;
- color: #FFFFFF;
-}
-.formpre {
- font-family: Courier New, Courier, monospaced;
- font-size: 10px;
-}
-.formbtn {
- font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
- font-size: 13px;
- font-weight: bold;
-}
-.formbtns {
- font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
- font-size: 10px;
- font-weight: bold;
-}
-.vvcell {
- background-color: #FFFFC6;
-}
-.errmsg {
- font-weight: bold;
- color: #CC0000;
-}
-.red {
- color: #CC0000;
-}
-.gray {
- color: #A0A0A0;
-}
-.vexpl {
- font-size: 11px;
-}
-.navlnk {
- color: #FFFFFF;
- text-decoration: none;
- font-size: 13px;
-}
-.navlnks {
- color: #FFFFFF;
- text-decoration: none;
- font-size: 11px;
-}
-.redlnk {
- color: #990000;
- text-decoration: none;
-}
-.tblnk {
- color: #FFFFFF;
- text-decoration: none;
-}
-.vncellreq {
- background-color: #DDDDDD;
- padding-right: 20px;
- padding-left: 8px;
- font-weight: bold;
- border-bottom: 1px solid #999999;
-}
-.vncellt {
- background-color: #DDDDDD;
- padding-right: 20px;
- padding-left: 8px;
- padding-top: 4px;
- padding-bottom: 4px;
- font-weight: bold;
- border-bottom: 1px solid #999999;
-}
-.vtable {
- border-bottom: 1px solid #999999;
-}
-.vnsepcell {
- background-color: #BBBBBB;
- padding-right: 20px;
- padding-left: 8px;
- font-weight: bold;
- border-bottom: 1px solid #999999;
- font-size: 11px;
-}
-.cpline {
- font-size: 11px;
- color: #FFFFFF;
-}
-.hostname {
- font-size: 11px;
- color: #990000;
- font-weight: bold;
-}
-.vnsepcellr {
- background-color: #BBBBBB;
- padding-right: 20px;
- padding-left: 8px;
- font-weight: bold;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
-}
-.listr {
- background-color: #FFFFFF;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-right: 6px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listrpad {
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-right: 16px;
- padding-left: 10px;
- padding-top: 8px;
- padding-bottom: 8px;
-}
-.listn {
- font-size: 11px;
- padding-right: 16px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listbg {
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- background-color: #990000;
- padding-right: 16px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listbggrey {
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- background-color: #999999;
- padding-right: 16px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listhdr {
- background-color: #BBBBBB;
- padding-right: 16px;
- padding-left: 6px;
- font-weight: bold;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-.listhdr a {
- color: #000000;
-}
-.listhdrr {
- background-color: #BBBBBB;
- padding-right: 16px;
- padding-left: 6px;
- font-weight: bold;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-.listhdrr a {
- color: #000000;
-}
-.listlr {
- background-color: #FFFFFF;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- border-left: 1px solid #999999;
- font-size: 11px;
- padding-right: 6px;
- padding-left: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listlrns {
- background-color: #FFFFFF;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- border-left: 1px solid #999999;
- font-size: 11px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.list {
- font-size: 11px;
- padding-left: 6px;
- padding-top: 2px;
- padding-bottom: 2px;
-}
-.listt {
- font-size: 11px;
- padding-top: 5px;
-}
-.listhdrrns {
- background-color: #BBBBBB;
- padding-left: 6px;
- padding-top: 5px;
- padding-bottom: 5px;
- padding-right: 6px;
- font-weight: bold;
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
-}
-.listbgns {
- border-right: 1px solid #999999;
- border-bottom: 1px solid #999999;
- font-size: 11px;
- background-color: #D9DEE8;
- padding-left: 6px;
- padding-right: 4px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-.listtopic {
- border-right: 1px solid #999999;
- font-size: 11px;
- background-color: #990000;
- padding-right: 16px;
- padding-left: 6px;
- color: #FFFFFF;
- font-weight: bold;
- padding-top: 5px;
- padding-bottom: 5px;
-}
-.optsect_t {
- border-right: 1px solid #999999;
- background-color: #990000;
- padding-right: 6px;
- padding-left: 6px;
- padding-top: 2px;
- padding-bottom: 2px;
-}
-.optsect_s {
- font-size: 11px;
- color: #FFFFFF;
- font-weight: bold;
-}
-.tabnavtbl {
-}
-
-
-/* MISC CSS Definitions */
-ul#tabnav {
- font-size: 11px;
- font-weight: bold;
- list-style-type: none;
- margin: 0;
- padding: 0;
-}
-ul#tabnav li.tabinact1 {
- float: left;
- background-color: #777777;
- color: #FFFFFF;
- padding: 0;
- white-space: nowrap;
-}
-ul#tabnav li.tabinact {
- float: left;
- border-left: 1px solid #999999;
- background-color: #777777;
- color: #FFFFFF;
- padding: 0;
- white-space: nowrap;
-}
-ul#tabnav li.tabinact a {
- float: left;
- display: block;
- text-decoration: none;
- padding: 5px 8px 5px 8px;
- color: #FFFFFF;
-}
-ul#tabnav li.tabinact1 a {
- float: left;
- display: block;
- text-decoration: none;
- padding: 5px 8px 5px 8px;
- color: #FFFFFF;
-}
-ul#tabnav li.tabact {
- float: left;
- background-color: #EEEEEE;
- color: #000000;
- padding: 5px 8px 5px 8px;
- white-space: nowrap;
-}
-.tabcont {
- background-color: #EEEEEE;
- padding-right: 12px;
- padding-left: 12px;
- padding-top: 12px;
- padding-bottom: 12px;
-}
-.tabact {
- float: left;
- background-color: #EEEEEE;
- color: #000000;
- padding: 5px 8px 5px 8px;
- white-space: nowrap;
-}
-.tabinact {
- font-weight: bold;
- float: left;
- border-left: 1px solid #999999;
- background-color: #777777;
- color: #FFFFFF;
- padding: 0;
- white-space: nowrap;
-}
-.menu {
- background-color: #000000;
- white-space: nowrap;
- padding: 0px 5px 0px 5px;
- width: 100%;
- vertical-align: top;
-}
-
-
-/* Auto Complete Suggestions */
-div.suggestions {
- -moz-box-sizing: border-box;
- /* box-sizing: border-box; */
- border: 1px solid black;
- position: absolute;
- background-color: #990000;
- color: #FFF;
-}
-
-div.suggestions div {
- cursor: default;
- padding: 0px 3px;
- background-color: #990000;
- color: #FFF;
-}
-
-div.suggestions div.current {
- background-color: #3366cc;
- color: #FFF;
-}
-/* End Auto Complete Suggestions */
-
-
-/* Nifty Corners Crap */
-.rtop,.artop{display:block}
-.rtop *,.artop *{display:block;height:1px;overflow:hidden;font-size:1px}
-.artop *{border-style: solid;border-width:0 1px}
-.r1,.rl1,.re1,.rel1{margin-left:5px}
-.r1,.rr1,.re1,.rer1{margin-right:5px}
-.r2,.rl2,.re2,.rel2,.ra1,.ral1{margin-left:3px}
-.r2,.rr2,.re2,.rer2,.ra1,.rar1{margin-right:3px}
-.r3,.rl3,.re3,.rel3,.ra2,.ral2,.rs1,.rsl1,.res1,.resl1{margin-left:2px}
-.r3,.rr3,.re3,.rer3,.ra2,.rar2,.rs1,.rsr1,.res1,.resr1{margin-right:2px}
-.r4,.rl4,.rs2,.rsl2,.re4,.rel4,.ra3,.ral3,.ras1,.rasl1,.res2,.resl2{margin-left:1px}
-.r4,.rr4,.rs2,.rsr2,.re4,.rer4,.ra3,.rar3,.ras1,.rasr1,.res2,.resr2{margin-right:1px}
-.rx1,.rxl1{border-left-width:5px}
-.rx1,.rxr1{border-right-width:5px}
-.rx2,.rxl2{border-left-width:3px}
-.rx2,.rxr2{border-right-width:3px}
-.re2,.rel2,.ra1,.ral1,.rx3,.rxl3,.rxs1,.rxsl1{border-left-width:2px}
-.re2,.rer2,.ra1,.rar1,.rx3,.rxr3,.rxs1,.rxsr1{border-right-width:2px}
-.rxl1,.rxl2,.rxl3,.rxl4,.rxsl1,.rxsl2,.ral1,.ral2,.ral3,.ral4,.rasl1,.rasl2{border-right-width:0}
-.rxr1,.rxr2,.rxr3,.rxr4,.rxsr1,.rxsr2,.rar1,.rar2,.rar3,.rar4,.rasr1,.rasr2{border-left-width:0}
-.r4,.rl4,.rr4,.re4,.rel4,.rer4,.ra4,.rar4,.ral4,.rx4,.rxl4,.rxr4{height:2px}
-.rer1,.rel1,.re1,.res1,.resl1,.resr1{border-width:1px 0 0;height:0px !important;height /**/:1px}
-/* End Nifty Corners Crap */
-
-
-
-/* CSS for Dynamic Log Viewer */
-/* Author: Erik Kristensen */
-div#log div.log-entry {
- clear: both;
-}
-
-div#log div.log-entry span,
-div#log div.log-header span {
- padding: 3px 2px 3px 2px;
- padding-left: 8px;
-}
-
-div#log div.log-entry span.log-action {
- padding-bottom: 6px;
- padding-left: 5px;
- padding-right: 5px;
-}
-
-div#log div.log-header span {
- border-top: 1px solid #999;
- background-color: #bbb;
- font-weight: bold;
- text-align: left;
-}
-
-div#log span.log-action,
-div#log span.log-time,
-div#log span.log-interface,
-div#log span.log-source,
-div#log span.log-destination,
-div#log span.log-protocol {
- float: left;
- text-align: left;
- border-left: 1px solid #999;
- border-bottom: 1px solid #999;
-}
-
-div#log span.log-general {
-
-}
-
-div#log span.log-protocol {
- border-right: 1px solid #999;
-}
-
-div#log span.log-action {
- width: 2em;
- text-align: center;
-}
-
-div#log span.log-time {
- width: 12.5em;
-}
-
-div#log span.log-interface {
- width: 5em;
-}
-
-div#log span.log-source,
-div#log span.log-destination {
- width: 17.6em;
-}
-
-div#log span.log-protocol {
- width: 5.5em;
-}
-/* END CSS FOR DYNAMIC LOG VIEWER */
-
-
-#login {
-/* background: #cccccc; */
- background-color: transparent;
- border: 0px solid #cccccc;
- margin: 5em auto;
- padding: 0em;
- width: 400px;
-/* filter:alpha(opacity=60);
- -moz-opacity:0.6;
- -khtml-opacity: 0.6;
- opacity: 0.6; */
-}
-
-#login h1 {
- background: url(images/misc/logon.png) no-repeat top left;
-/* background: #ffffff; */
- margin-top: 0;
- display: block;
- text-indent: -1000px;
- height: 400px;
- border-bottom: none;
-}
-
-#login p {
- font-size: 1em;
- font-weight: bold;
- padding: -40px;
- margin: 0em;
-/* text-indent: 10px; */
- position: relative;
- top: -390px;
- left: 60px;
-}
-
-#login span {
- font-size: 1em;
- font-weight: bold;
- width: 20%;
- padding: 3px;
- margin: 0em;
-/* text-indent: 10px; */
-}
-
-#login p#text {
- font-size: 1em;
- font-weight: normal;
- padding: 3px;
- margin: 0em;
-/* text-indent: 10px;
- position: relative;
- top: -300px; */
-}
-
-#login #username, #password {
- font-size: 1em;
- width: 60%;
- padding: 3px;
- margin: 0em;
-/* text-indent: 10px;
- position: relative;
- left: 10px;
- top: -300px; */
-}
-
-#login #submit {
- font-size: 1em;
- font-weight: bold;
- text-align: center;
- padding: 3px;
- margin: 0em;
-/* text-indent: 10px; */
- position: relative;
- top: -20px;
- left: 170px;
-}
-
-/* loginerror box follows */
-
-#login #inputerrors {
- background-color: transparent;
- border: 0px solid #666666;
- margin: 5em auto;
- vertical-align: middle;
- padding: 0em;
- width: 330px;
- height: 50px;
- position: relative;
- top: -112px;
+/* Element CSS Definitions */ +html, body, td, th, input, select { + font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-size: 0.9em; + +} + +.infoboxnptd2 { + width:100%; + color:white; + background-color:#990000; + padding-right: 10px; +} + +.infoboxnptd { + width:8%; + background-color:#990000; +} + +.infoboxnptable { + height:32px; + width:100%; + background-color:#990000; +} + +.infoboxnptable2 { + height:32px; + width:100%; + background-color:#990000; +} + +.infoboxnp { + background-color:#990000; + width:100%; +} + +.infoboxnpimg { + vertical-align:middle; + width:28px; + height:32px; + background-color:#990000; +} + +/* please adjust the bgcolor to be used together with niftycorners! */ +.rtop, .artop { + background-color: #999999; +} + +div.GraphLink { + position: relative; +} + +span.GraphLinkLine { + position: absolute; + background-color: #990000; + width: 100%; +} + +/* DOM Tooltip CSS definitions */ +div.niceTitle +{ + background-color: #333333; + color: #FFFFFF; + border-bottom: 1px dotted #FFFFFF; + font-weight: bold; + font-size: 13px; + font-family: "Trebuchet MS", sans-serif; + width: 250px; + left: 0; + top: 0; + padding: 4px; + position: absolute; + text-align: left; + z-index: 20; + -moz-border-radius: 0 10px 10px 10px; + filter: progid:DXImageTransform.Microsoft.Alpha(opacity=87); + -moz-opacity: .87; + -khtml-opacity: .87; + opacity: .87; +} +div.niceTitle h1 +{ + background: #990000; + border-bottom: 1px dotted #FFFFFF; + font-weight: bold; + font-size: 13px; + font-family: "Trebuchet MS", sans-serif; + margin: 3px; + padding-top: 1px; + padding-bottom: 1px; + padding-left: 3px; + text-align: left; + left: 0; + top: 0; + -moz-border-radius: 0 8px 0 0; + -moz-opacity: 1; +} +div.niceTitle .contents +{ + margin: 0; + padding: 0 3px; + filter: progid:DXImageTransform.Microsoft.Alpha(opacity=100); + -moz-opacity: 1; + -khtml-opacity: 1; + opacity: 1; +} +div.niceTitle p +{ + background: #FFFFFF; + border: 1px solid #990000; + color: #000000; + font-size: 9px; + padding: 5px; + margin: 3px; + text-align: left; + -moz-opacity: 1; + -moz-border-radius: 0 0 8px 8px; +} + +body { + margin: 0px auto; + background: url('images/logon-background.gif') no-repeat; + background-position : center 0px; + background-color: #4a0203; +} + +form { + margin: 0px; +} +a { + text-decoration: none; +} +form input { + font-size: 1.1em; +} + +iframe { + z-index: 1; + border: 1px dashed #990000; +} +.iframe { + background-color: #FFFFFF; +} + +/* ID Based CSS Definitions */ +#wrapper { + width: 810px; + margin: 0px auto; +} + +#header { + background: url('images/header.png') no-repeat; + background-position: 0px; + height: 102px; + width: 810px; + margin-bottom: 5px; + z-index: 2; +} +#header-left { + position: relative; + /* background: url('images/logo.gif') no-repeat; */ + background-position: center; + height: 65px; + width: 145px; + left: 10px; + float: left; +} +#header-left #status-link { + position: relative; + top: 10px; + left: 6px; +} +#header-right { + position: relative; + /* background: url('images/header.gif') no-repeat; */ + height: 70px; + color: #fff; + left: 0px; + margin-left: 165px; +} +#header-right .alert { + position: relative; + /* background: url('images/alert.gif') no-repeat; */ + background-position: 4px 2px; + color: #fff; + height: 17px; + width: 500px; + padding: 4px; + padding-left: 27px; + float: left; +} +#header-right .container { + position: relative; +} +#header-right .container .left { + position: relative; + float: left; + font-size: 1.3em; + font-weight: bold; + top: 15px; + left: 4px; + display: none; +} +#header-right .container .right { + position: relative; + float: right; + top: 22px; + padding-right: 4px; + z-index: 1; +} + +#header-right .container .right #alerts { + position: relative; + background: url('images/alert_bgr.png') no-repeat; + height: 39px; + width: 431px; + z-index: 1; + padding-top: 20px; + padding-left: 5px; + margin: 0px; +} +#header-right .container .right #hostname { + position: relative; + height: 39px; + width: 431px; + z-index: 1; + padding-left: 5px; + margin: 0px; + top: 25px; + left: 230px; + font-size: 14px; + color: #cccccc; + font-weight: bold; +} + + + +table#marquee { + position: relative; + top: -6px; + left: -5px; + border: 0; + padding: 0; + margin: 0; + width: 424px; + background-color: transparent; + padding: 2px; + border: 0px; +} +span#marquee-container { + position: absolute; + visibility: hidden; + top: -100px; + left: -10000px; +} +div#marquee-text { + font-size: 1.18em; + font-weight: normal; + font-family: Verdana; + color: #ffffff; +} +table#marquee div#container { + position: relative; + overflow: hidden; + width: 418px; + height: 20px; +} +table#marquee div#container div#scroller { + position: absolute; + left: 0px; + top: 0px; +} + + + + + +#content { + position: relative; + top: -15px; + left: 0px; + margin-top: 0px; + margin-left: 0px; + padding-top: 0px; + width: 810px; + background-color: #ffffff; +} + +#left { + width: 810px; + height: 1px; +} +#right { + position: relative; + top: -10px; + width: 770px; + margin-top: 0px; + margin-left: 5px; + margin-right: 5px; + padding-top: 5px; + padding-left: 10px; + padding-right: 10px; + padding-bottom: 20px; + min-height: 400px; +} + +#footer { + position: relative; + background: url('images/footer.png') no-repeat; + top: -18px; + left: 0px; + width: 810px; + height: 75px; + color: #ffffff; + text-align: center;; + font-size: 0.9em; + padding-top: 17px; + margin-bottom: 20px; + clear: both; +} +#footer p { + padding: 0px; + margin: 0px; +} + +/* Style the List */ +#navigation { + /* background: url('images/menu.gif') no-repeat; */ + /* width: 693px; */ + position: relative; + top: -25px; + left: 3px; + width: 810px; + padding: 0px; + height: 28px; + z-index: 3; +} +#navigation ul { + padding: 0; + margin: 0; + list-style: none; + text-align: center; +} +#navigation ul#menu { + padding-top: 3px; + padding-left: 5px; +} + +/* Style the List Elements */ +#navigation ul li { + float: left; + position: relative; + /* width: 7.5em; */ + width: 8.77em; +} +#navigation ul li div { + font-size: 1em; + font-weight: bold; +} +/* Make the List inside the List Elements */ +/* initially hidden with absolute position */ +#navigation ul li ul { + display: none; + position: absolute; + top: 2em; + left: -2px; + width: 9em; + font-weight: normal; + background: transparent bottom left no-repeat; /* This is key to making the menu maintain visibility when not on a link */ + /* background-color: #202020; + background: url("images/menu_footer.gif") no-repeat; + background-position: bottom; + */ + padding: 0em 0 0.4em 0; + padding-top: 0.3em; +} +/* to override top and left in browsers other than IE */ +/* which will position to the top right of the containing */ +/* li, rather than bottom left */ +#navigation ul li > ul { + top: auto; + left: auto; + left: -1px !important; +} +/* Show initial drop down upon mouse over, but do not show */ +/* nested side drop menus within listed elements */ +#navigation ul li:hover ul { + display: block; + cursor: pointer; +} +#navigation ul li:hover { + cursor: pointer; + cursor: pointer; +} +#navigation ul li:hover div { + text-decoration: none; +} + +#navigation ul li { + background-color: transparent; + color: #FFF; +} +#navigation ul li ul li { + border: 1px solid #990000; + width: 8.8em; + height: 1.6em; + line-height: 1.6em; + background-color: #990000; + color: #FFF; +} +#navigation ul li ul li:hover { + background-color: #666666; +} + +#navigation li li a { + display: block; + padding-left: 10px; + padding-right: 10px; +} + +#navigation ul li ul li a.navlnk:hover { + text-decoration: none; +} +#navigation ul li.first { + border-right: 0px; +} +#navigation ul li.middle { + border-right: 0px; +} +#navigation ul li.last { + +} + +#navigation ul li.dropfirst { + border-bottom: 0px; +} +#navigation ul li.dropmiddle { + border-bottom: 0px; +} +#navigation ul li.droplast { +} + +#wzdtabcont { + float: left; + background-color: #FFFFFF; + color: #000000; + padding: 0; +} + +ul#wzdnav { + font-size: 0.96em; + float: left; + width: 14.5em; + margin: 0; + padding-left: 18px; +} + +ul#wzdnav li { + list-style: none; + margin: 0; + padding-bottom: 0.2em; + padding-left: 0; +} + +ul#wzdnav a { + display: block; + padding: 0.3em; + font-weight: normal; +} + +#wzdnavbold a { + display: block; + padding: 0.3em; + font-weight: bold ! important; +} + +ul#wzdnav a:link { + color: black; + background-color: #eee; +} + +ul#wzdnav a:visited { + color: #666; + background-color: #eee; +} + +ul#wzdnav a:hover { + color: black; + background-color: white; +} + +ul#wzdnav a:active { + color: white; + background-color: gray; +} + +#graph { + position: relative; + z-index: 10; +} + +#logoutbtn { + position: absolute; + left: 95%; + vertical-align: middle; +} + + +#graph { + position: relative; + z-index: 10; +} + + + +/* Class Based CSS Definitions */ +.pgtitle { + font-size: 18px; + color: #777777; + font-weight: bold; +} +.tfrtitle { + font-size: 18px; + color: #ffffff; + font-weight: bold; +} +.vncell { + background-color: #DDDDDD; + padding-right: 20px; + padding-left: 8px; + border-bottom: 1px solid #999999; +} +.formfld { + padding-left: 19px; + font-size: small; +} +.formselect { + font-size: 1.0em; +} +.langopt { + padding-left: 34px; + padding-top: 2px; + padding-bottom: 2px; +} +.saved { + /* background: url('/themes/nione/images/icons/icon_wzd_saved.png') no-repeat 0 1px #FFFFFF; */ + list-style-image: url('/themes/nervecenter/images/icons/icon_wzd_saved.png') ! important; +} +.notsaved { + /* background: url('/themes/nione/images/icons/icon_wzd_nsaved.png') no-repeat 0 1px #FFFFFF; */ + list-style-image: url('/themes/nervecenter/images/icons/icon_wzd_nsaved.png') ! important; +} +.en { + background: url('/themes/nervecenter/images/icons/icon_flag_en.png') no-repeat 0 1px #FFFFFF; +} +.de { + background: url('/themes/nervecenter/images/icons/icon_flag_de.png') no-repeat 0 1px #FFFFFF; +} +.es { + background: url('/themes/nervecenter/images/icons/icon_flag_es.png') no-repeat 0 1px #FFFFFF; +} +.pt_BR { + background: url('/themes/nervecenter/images/icons/icon_flag_pt_BR.png') no-repeat 0 1px #FFFFFF; +} +.host { + background: url('/themes/nervecenter/images/icons/icon_frmfld_host.png') no-repeat 0 1px #FFFFFF; +} +.search { + background: url('/themes/nervecenter/images/icons/icon_frmfld_search.png') no-repeat 0 1px #FFFFFF; +} +.file { + background: url('/themes/nervecenter/images/icons/icon_frmfld_file.png') no-repeat 0 1px #FFFFFF; +} +.mail { + background: url('/themes/nervecenter/images/icons/icon_frmfld_mail.png') no-repeat 0 1px #FFFFFF; +} +.imp { + background: url('/themes/nervecenter/images/icons/icon_frmfld_imp.png') no-repeat 0 1px #FFFFFF; +} +.pwd { + background: url('/themes/nervecenter/images/icons/icon_frmfld_pwd.png') no-repeat 0 1px #FFFFFF; +} +.user { + background: url('/themes/nervecenter/images/icons/icon_frmfld_user.png') no-repeat 0 1px #FFFFFF ; +} +.group { + background: url('/themes/nervecenter/images/icons/icon_frmfld_group.png') no-repeat 0 1px #FFFFFF; +} +.url { + background: url('/themes/nervecenter/images/icons/icon_frmfld_url.png') no-repeat 0 1px #FFFFFF; +} +.time { + background: url('/themes/nervecenter/images/icons/icon_frmfld_time.png') no-repeat 0 1px #FFFFFF; +} +.unknown { + background: url('/themes/nervecenter/images/icons/icon_frmfld_unknown.png') no-repeat 0 1px #FFFFFF; +} +.formfld_cert { + background: url('/themes/nervecenter/images/icons/icon_frmfld_cert.png') no-repeat 0 1px #FFFFFF; + padding-left: 28px; + font-family: Courier New, Courier, monospaced; + font-size: 11px; +} +.formfldalias { + background-color: #990000; + color: #FFFFFF; +} +.formpre { + font-family: Courier New, Courier, monospaced; + font-size: 10px; +} +.formbtn { + font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-size: 13px; + font-weight: bold; +} +.formbtns { + font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-size: 10px; + font-weight: bold; +} +.vvcell { + background-color: #FFFFC6; +} +.errmsg { + font-weight: bold; + color: #CC0000; +} +.red { + color: #CC0000; +} +.gray { + color: #A0A0A0; +} +.vexpl { + font-size: 11px; +} +.navlnk { + color: #FFFFFF; + text-decoration: none; + font-size: 13px; +} +.navlnks { + color: #FFFFFF; + text-decoration: none; + font-size: 11px; +} +.redlnk { + color: #990000; + text-decoration: none; +} +.tblnk { + color: #FFFFFF; + text-decoration: none; +} +.vncellreq { + background-color: #DDDDDD; + padding-right: 20px; + padding-left: 8px; + font-weight: bold; + border-bottom: 1px solid #999999; +} +.vncellt { + background-color: #DDDDDD; + padding-right: 20px; + padding-left: 8px; + padding-top: 4px; + padding-bottom: 4px; + font-weight: bold; + border-bottom: 1px solid #999999; +} +.vtable { + border-bottom: 1px solid #999999; +} +.vnsepcell { + background-color: #BBBBBB; + padding-right: 20px; + padding-left: 8px; + font-weight: bold; + border-bottom: 1px solid #999999; + font-size: 11px; +} +.cpline { + font-size: 11px; + color: #FFFFFF; +} +.hostname { + font-size: 11px; + color: #990000; + font-weight: bold; +} +.vnsepcellr { + background-color: #BBBBBB; + padding-right: 20px; + padding-left: 8px; + font-weight: bold; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; +} +.listr { + background-color: #FFFFFF; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-right: 6px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listrpad { + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-right: 16px; + padding-left: 10px; + padding-top: 8px; + padding-bottom: 8px; +} +.listn { + font-size: 11px; + padding-right: 16px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listbg { + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + background-color: #990000; + padding-right: 16px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listbggrey { + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + background-color: #999999; + padding-right: 16px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listhdr { + background-color: #BBBBBB; + padding-right: 16px; + padding-left: 6px; + font-weight: bold; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-top: 5px; + padding-bottom: 5px; +} +.listhdr a { + color: #000000; +} +.listhdrr { + background-color: #BBBBBB; + padding-right: 16px; + padding-left: 6px; + font-weight: bold; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-top: 5px; + padding-bottom: 5px; +} +.listhdrr a { + color: #000000; +} +.listlr { + background-color: #FFFFFF; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + border-left: 1px solid #999999; + font-size: 11px; + padding-right: 6px; + padding-left: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +.listlrns { + background-color: #FFFFFF; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + border-left: 1px solid #999999; + font-size: 11px; + padding-top: 4px; + padding-bottom: 4px; +} +.list { + font-size: 11px; + padding-left: 6px; + padding-top: 2px; + padding-bottom: 2px; +} +.listt { + font-size: 11px; + padding-top: 5px; +} +.listhdrrns { + background-color: #BBBBBB; + padding-left: 6px; + padding-top: 5px; + padding-bottom: 5px; + padding-right: 6px; + font-weight: bold; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; +} +.listbgns { + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + background-color: #D9DEE8; + padding-left: 6px; + padding-right: 4px; + padding-top: 4px; + padding-bottom: 4px; +} +.listtopic { + border-right: 1px solid #999999; + font-size: 11px; + background-color: #990000; + padding-right: 16px; + padding-left: 6px; + color: #FFFFFF; + font-weight: bold; + padding-top: 5px; + padding-bottom: 5px; +} +.optsect_t { + border-right: 1px solid #999999; + background-color: #990000; + padding-right: 6px; + padding-left: 6px; + padding-top: 2px; + padding-bottom: 2px; +} +.optsect_s { + font-size: 11px; + color: #FFFFFF; + font-weight: bold; +} +.tabnavtbl { +} + + +/* MISC CSS Definitions */ +ul#tabnav { + font-size: 11px; + font-weight: bold; + list-style-type: none; + margin: 0; + padding: 0; +} +ul#tabnav li.tabinact1 { + float: left; + background-color: #777777; + color: #FFFFFF; + padding: 0; + white-space: nowrap; +} +ul#tabnav li.tabinact { + float: left; + border-left: 1px solid #999999; + background-color: #777777; + color: #FFFFFF; + padding: 0; + white-space: nowrap; +} +ul#tabnav li.tabinact a { + float: left; + display: block; + text-decoration: none; + padding: 5px 8px 5px 8px; + color: #FFFFFF; +} +ul#tabnav li.tabinact1 a { + float: left; + display: block; + text-decoration: none; + padding: 5px 8px 5px 8px; + color: #FFFFFF; +} +ul#tabnav li.tabact { + float: left; + background-color: #EEEEEE; + color: #000000; + padding: 5px 8px 5px 8px; + white-space: nowrap; +} +.tabcont { + background-color: #EEEEEE; + padding-right: 12px; + padding-left: 12px; + padding-top: 12px; + padding-bottom: 12px; +} +.tabact { + float: left; + background-color: #EEEEEE; + color: #000000; + padding: 5px 8px 5px 8px; + white-space: nowrap; +} +.tabinact { + font-weight: bold; + float: left; + border-left: 1px solid #999999; + background-color: #777777; + color: #FFFFFF; + padding: 0; + white-space: nowrap; +} +.menu { + background-color: #000000; + white-space: nowrap; + padding: 0px 5px 0px 5px; + width: 100%; + vertical-align: top; +} + + +/* Auto Complete Suggestions */ +div.suggestions { + -moz-box-sizing: border-box; + /* box-sizing: border-box; */ + border: 1px solid black; + position: absolute; + background-color: #990000; + color: #FFF; +} + +div.suggestions div { + cursor: default; + padding: 0px 3px; + background-color: #990000; + color: #FFF; +} + +div.suggestions div.current { + background-color: #3366cc; + color: #FFF; +} +/* End Auto Complete Suggestions */ + + +/* Nifty Corners Crap */ +.rtop,.artop{display:block} +.rtop *,.artop *{display:block;height:1px;overflow:hidden;font-size:1px} +.artop *{border-style: solid;border-width:0 1px} +.r1,.rl1,.re1,.rel1{margin-left:5px} +.r1,.rr1,.re1,.rer1{margin-right:5px} +.r2,.rl2,.re2,.rel2,.ra1,.ral1{margin-left:3px} +.r2,.rr2,.re2,.rer2,.ra1,.rar1{margin-right:3px} +.r3,.rl3,.re3,.rel3,.ra2,.ral2,.rs1,.rsl1,.res1,.resl1{margin-left:2px} +.r3,.rr3,.re3,.rer3,.ra2,.rar2,.rs1,.rsr1,.res1,.resr1{margin-right:2px} +.r4,.rl4,.rs2,.rsl2,.re4,.rel4,.ra3,.ral3,.ras1,.rasl1,.res2,.resl2{margin-left:1px} +.r4,.rr4,.rs2,.rsr2,.re4,.rer4,.ra3,.rar3,.ras1,.rasr1,.res2,.resr2{margin-right:1px} +.rx1,.rxl1{border-left-width:5px} +.rx1,.rxr1{border-right-width:5px} +.rx2,.rxl2{border-left-width:3px} +.rx2,.rxr2{border-right-width:3px} +.re2,.rel2,.ra1,.ral1,.rx3,.rxl3,.rxs1,.rxsl1{border-left-width:2px} +.re2,.rer2,.ra1,.rar1,.rx3,.rxr3,.rxs1,.rxsr1{border-right-width:2px} +.rxl1,.rxl2,.rxl3,.rxl4,.rxsl1,.rxsl2,.ral1,.ral2,.ral3,.ral4,.rasl1,.rasl2{border-right-width:0} +.rxr1,.rxr2,.rxr3,.rxr4,.rxsr1,.rxsr2,.rar1,.rar2,.rar3,.rar4,.rasr1,.rasr2{border-left-width:0} +.r4,.rl4,.rr4,.re4,.rel4,.rer4,.ra4,.rar4,.ral4,.rx4,.rxl4,.rxr4{height:2px} +.rer1,.rel1,.re1,.res1,.resl1,.resr1{border-width:1px 0 0;height:0px !important;height /**/:1px} +/* End Nifty Corners Crap */ + + + +/* CSS for Dynamic Log Viewer */ +/* Author: Erik Kristensen */ +div#log div.log-entry { + clear: both; +} + +div#log div.log-entry span, +div#log div.log-header span { + padding: 3px 2px 3px 2px; + padding-left: 8px; +} + +div#log div.log-entry span.log-action { + padding-bottom: 6px; + padding-left: 5px; + padding-right: 5px; +} + +div#log div.log-header span { + border-top: 1px solid #999; + background-color: #bbb; + font-weight: bold; + text-align: left; +} + +div#log span.log-action, +div#log span.log-time, +div#log span.log-interface, +div#log span.log-source, +div#log span.log-destination, +div#log span.log-protocol { + float: left; + text-align: left; + border-left: 1px solid #999; + border-bottom: 1px solid #999; +} + +div#log span.log-general { + +} + +div#log span.log-protocol { + border-right: 1px solid #999; +} + +div#log span.log-action { + width: 2em; + text-align: center; +} + +div#log span.log-time { + width: 12.5em; +} + +div#log span.log-interface { + width: 5em; +} + +div#log span.log-source, +div#log span.log-destination { + width: 17.6em; +} + +div#log span.log-protocol { + width: 5.5em; +} +/* END CSS FOR DYNAMIC LOG VIEWER */ + + +#login { +/* background: #cccccc; */ + background-color: transparent; + border: 0px solid #cccccc; + margin: 5em auto; + padding: 0em; + width: 400px; +/* filter:alpha(opacity=60); + -moz-opacity:0.6; + -khtml-opacity: 0.6; + opacity: 0.6; */ +} + +#login h1 { + background: url(images/misc/logon.png) no-repeat top left; +/* background: #ffffff; */ + margin-top: 0; + display: block; + text-indent: -1000px; + height: 400px; + border-bottom: none; +} + +#login p { + font-size: 1em; + font-weight: bold; + padding: -40px; + margin: 0em; +/* text-indent: 10px; */ + position: relative; + top: -390px; + left: 60px; +} + +#login span { + font-size: 1em; + font-weight: bold; + width: 20%; + padding: 3px; + margin: 0em; +/* text-indent: 10px; */ +} + +#login p#text { + font-size: 1em; + font-weight: normal; + padding: 3px; + margin: 0em; +/* text-indent: 10px; + position: relative; + top: -300px; */ +} + +#login #username, #password { + font-size: 1em; + width: 60%; + padding: 3px; + margin: 0em; +/* text-indent: 10px; + position: relative; + left: 10px; + top: -300px; */ +} + +#login #submit { + font-size: 1em; + font-weight: bold; + text-align: center; + padding: 3px; + margin: 0em; +/* text-indent: 10px; */ + position: relative; + top: -20px; + left: 170px; +} + +/* loginerror box follows */ + +#login #inputerrors { + background-color: transparent; + border: 0px solid #666666; + margin: 5em auto; + vertical-align: middle; + padding: 0em; + width: 330px; + height: 50px; + position: relative; + top: -112px; }
\ No newline at end of file diff --git a/usr/local/www/themes/code-red/rrdcolors.inc.php b/usr/local/www/themes/code-red/rrdcolors.inc.php index 1ab0fd0..cdaff68 100755 --- a/usr/local/www/themes/code-red/rrdcolors.inc.php +++ b/usr/local/www/themes/code-red/rrdcolors.inc.php @@ -1,51 +1,51 @@ -<?php
-/* $Id$ */
-/*
- rrdcolors.inc.php
- Part of pfSense
- Copyright (C) 2006 Seth Mos <seth.mos@xs4all.nl>
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/* This file is included by the RRD graphing page and sets the colors */
-
-$colortrafficup = array("666666", "CCCCCC");
-$colortrafficdown = array("990000", "CC0000");
-$colorpacketsup = array("666666", "CCCCCC");
-$colorpacketsdown = array("990000", "CC0000");
-$colorstates = array('990000','a83c3c','b36666','bd9090','cccccc','000000');
-$colorprocessor = array('990000','a83c3c','b36666','bd9090','cccccc','000000');
-$colormemory = array('990000','a83c3c','b36666','bd9090','cccccc','000000');
-$colorqueuesup = array('000000','7B0000','990000','BB0000','CC0000','D90000','EE0000','FF0000','CC0000');
-$colorqueuesdown = array('000000','7B7B7B','999999','BBBBBB','CCCCCC','D9D9D9','EEEEEE','FFFFFF','CCCCCC');
-$colorqueuesdropup = array('000000','7B0000','990000','BB0000','CC0000','D90000','EE0000','FF0000','CC0000');
-$colorqueuesdropdown = array('000000','7B7B7B','999999','BBBBBB','CCCCCC','D9D9D9','EEEEEE','FFFFFF','CCCCCC');
-$colorqualityrtt = array('990000','a83c3c','b36666','bd9090','cccccc','000000');
-$colorqualityloss = "ee0000";
-$colorwireless = array('990000','a83c3c','b36666');
-$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
-$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
-$colorvpnusers = array('990000');
-
-?>
+<?php +/* $Id$ */ +/* + rrdcolors.inc.php + Part of pfSense + Copyright (C) 2006 Seth Mos <seth.mos@xs4all.nl> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +/* This file is included by the RRD graphing page and sets the colors */ + +$colortrafficup = array("666666", "CCCCCC"); +$colortrafficdown = array("990000", "CC0000"); +$colorpacketsup = array("666666", "CCCCCC"); +$colorpacketsdown = array("990000", "CC0000"); +$colorstates = array('990000','a83c3c','b36666','bd9090','cccccc','000000'); +$colorprocessor = array('990000','a83c3c','b36666','bd9090','cccccc','000000'); +$colormemory = array('990000','a83c3c','b36666','bd9090','cccccc','000000'); +$colorqueuesup = array('000000','7B0000','990000','BB0000','CC0000','D90000','EE0000','FF0000','CC0000'); +$colorqueuesdown = array('000000','7B7B7B','999999','BBBBBB','CCCCCC','D9D9D9','EEEEEE','FFFFFF','CCCCCC'); +$colorqueuesdropup = array('000000','7B0000','990000','BB0000','CC0000','D90000','EE0000','FF0000','CC0000'); +$colorqueuesdropdown = array('000000','7B7B7B','999999','BBBBBB','CCCCCC','D9D9D9','EEEEEE','FFFFFF','CCCCCC'); +$colorqualityrtt = array('990000','a83c3c','b36666','bd9090','cccccc','000000'); +$colorqualityloss = "ee0000"; +$colorwireless = array('990000','a83c3c','b36666'); +$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066'); +$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600'); +$colorvpnusers = array('990000'); + +?> diff --git a/usr/local/www/themes/code-red/styles/menustyles.css b/usr/local/www/themes/code-red/styles/menustyles.css index e30dc1e..06b3c7a 100755 --- a/usr/local/www/themes/code-red/styles/menustyles.css +++ b/usr/local/www/themes/code-red/styles/menustyles.css @@ -1,44 +1,44 @@ -#navigation {
- /* border:1px solid black; */
- width: 98%;
- vertical-align: middle;
- height: 16px;
- padding-top: 4px;
- }
-
-#menu {
- /* background: #990000; */
- /* border-bottom:1px solid white; */
- padding: 0 0 0 0;
- width: 98%;
- vertical-align: middle;
- height: 16px;
- }
-#menu a {
- padding: 2px 28px 4px 28px;
- text-decoration: none;
- font-weight: bold;
- font-size: 1.0em;
- color: #FFFFFF;
- width: 08%;
- height: 16px;
- }
-#menu a.hover {
- background: #AF2020;
- }
-#menu span {
- display: none;
- }
-
-#subnav {
- font-size: 10px;
- margin-bottom: 2em;
- }
-#subnav a {
- color: #FF0000; /* #FB3B00; */
- margin-right: 1em;
- }
-#subnav span {
- color: silver;
- margin-right: 1em;
- }
+#navigation { + /* border:1px solid black; */ + width: 98%; + vertical-align: middle; + height: 16px; + padding-top: 4px; + } + +#menu { + /* background: #990000; */ + /* border-bottom:1px solid white; */ + padding: 0 0 0 0; + width: 98%; + vertical-align: middle; + height: 16px; + } +#menu a { + padding: 2px 28px 4px 28px; + text-decoration: none; + font-weight: bold; + font-size: 1.0em; + color: #FFFFFF; + width: 08%; + height: 16px; + } +#menu a.hover { + background: #AF2020; + } +#menu span { + display: none; + } + +#subnav { + font-size: 10px; + margin-bottom: 2em; + } +#subnav a { + color: #FF0000; /* #FB3B00; */ + margin-right: 1em; + } +#subnav span { + color: silver; + margin-right: 1em; + } diff --git a/usr/local/www/themes/code-red/styles/transmenu.css b/usr/local/www/themes/code-red/styles/transmenu.css index af947b4..f683574 100755 --- a/usr/local/www/themes/code-red/styles/transmenu.css +++ b/usr/local/www/themes/code-red/styles/transmenu.css @@ -1,75 +1,75 @@ -/* this is the clipping region for the menu. it's width and height get set by script, depending on the size of the items table */
-.transMenu {
- position:absolute;
- overflow:hidden;
- left:-1000px;
- top:-1000px;
- }
-
-/* this is the main container for the menu itself. it's width and height get set by script, depending on the size of the items table */
-.transMenu .content {
- position:absolute;
- }
-
-/* this table comprises all menu items. each TR is one item. It is relatively positioned so that the shadow and background transparent divs can be positioned underneath it */
-.transMenu .items {
- position:relative;
- left:0px; top:0px;
- z-index:2;
- }
-
-.transMenu.top .items {
- border-top:none;
- }
-
-/* each TR.item is one menu item */
-.transMenu .item {
- color: #FFFFFF; /* #336; */
- font-size: 1.1em;
- font-weight: normal;
- font-family:sans-serif;
- text-decoration:none;
- /* this is a hack for mac/ie5, whom incorrectly cascades the border properties of the parent table to each row */
- border:none;
- cursor:pointer;
- cursor:hand;
- }
-
-/* this DIV is the semi-transparent white background of each menu. the -moz-opacity is a proprietary way to get transparency in mozilla, the filter is for IE/windows 5.0+. */
-/* we set the background color in script because ie mac does not use it; that browser only uses a semi-transparent white PNG that the spacer gif inside this DIV is replaced by */
-.transMenu .background {
- position:absolute;
- left:0px; top:0px;
- z-index:1;
- -moz-opacity:.8;
- filter:alpha(opacity=80);
- }
-
-/* same concept as .background, but this is the sliver of shadow on the right of the menu. It's left, height, and background are set by script. In IE5/mac, it uses a PNG */
-.transMenu .shadowRight {
- position:absolute;
- z-index:3;
- top:3px; width:2px;
- -moz-opacity:.4;
- filter:alpha(opacity=40);
- }
-
-/* same concept as .background, but this is the sliver of shadow on the bottom of the menu. It's top, width, and background are set by script. In IE5/mac, it uses a PNG */
-.transMenu .shadowBottom {
- position:absolute;
- z-index:1;
- left:3px; height:2px;
- -moz-opacity:.4;
- filter:alpha(opacity=40);
- }
-
-/* this is the class that is used when the mouse is over an item. script sets the row to this class when required. */
-.transMenu .item.hover {
- background:#fdfdfd;
- color:black;
- }
-
-/* this is either the dingbat that indicates there is a submenu, or a spacer gif in it's place. We give it extra margin to create some space between the text and the dingbat */
-.transMenu .item img {
- margin-left:10px;
+/* this is the clipping region for the menu. it's width and height get set by script, depending on the size of the items table */ +.transMenu { + position:absolute; + overflow:hidden; + left:-1000px; + top:-1000px; + } + +/* this is the main container for the menu itself. it's width and height get set by script, depending on the size of the items table */ +.transMenu .content { + position:absolute; + } + +/* this table comprises all menu items. each TR is one item. It is relatively positioned so that the shadow and background transparent divs can be positioned underneath it */ +.transMenu .items { + position:relative; + left:0px; top:0px; + z-index:2; + } + +.transMenu.top .items { + border-top:none; + } + +/* each TR.item is one menu item */ +.transMenu .item { + color: #FFFFFF; /* #336; */ + font-size: 1.1em; + font-weight: normal; + font-family:sans-serif; + text-decoration:none; + /* this is a hack for mac/ie5, whom incorrectly cascades the border properties of the parent table to each row */ + border:none; + cursor:pointer; + cursor:hand; + } + +/* this DIV is the semi-transparent white background of each menu. the -moz-opacity is a proprietary way to get transparency in mozilla, the filter is for IE/windows 5.0+. */ +/* we set the background color in script because ie mac does not use it; that browser only uses a semi-transparent white PNG that the spacer gif inside this DIV is replaced by */ +.transMenu .background { + position:absolute; + left:0px; top:0px; + z-index:1; + -moz-opacity:.8; + filter:alpha(opacity=80); + } + +/* same concept as .background, but this is the sliver of shadow on the right of the menu. It's left, height, and background are set by script. In IE5/mac, it uses a PNG */ +.transMenu .shadowRight { + position:absolute; + z-index:3; + top:3px; width:2px; + -moz-opacity:.4; + filter:alpha(opacity=40); + } + +/* same concept as .background, but this is the sliver of shadow on the bottom of the menu. It's top, width, and background are set by script. In IE5/mac, it uses a PNG */ +.transMenu .shadowBottom { + position:absolute; + z-index:1; + left:3px; height:2px; + -moz-opacity:.4; + filter:alpha(opacity=40); + } + +/* this is the class that is used when the mouse is over an item. script sets the row to this class when required. */ +.transMenu .item.hover { + background:#fdfdfd; + color:black; + } + +/* this is either the dingbat that indicates there is a submenu, or a spacer gif in it's place. We give it extra margin to create some space between the text and the dingbat */ +.transMenu .item img { + margin-left:10px; }
\ No newline at end of file diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php index 7c3300c..7ac7383 100644 --- a/usr/local/www/vpn_ipsec_phase1.php +++ b/usr/local/www/vpn_ipsec_phase1.php @@ -702,7 +702,7 @@ function dpdchkbox_change() { <td width="78%" class="vtable"> <select name='certref' class="formselect"> <?php - foreach ($config['system']['cert'] as $cert): + foreach ($config['cert'] as $cert): $selected = ""; if ($pconfig['certref'] == $cert['refid']) $selected = "selected"; @@ -721,7 +721,7 @@ function dpdchkbox_change() { <td width="78%" class="vtable"> <select name='caref' class="formselect"> <?php - foreach ($config['system']['ca'] as $ca): + foreach ($config['ca'] as $ca): $selected = ""; if ($pconfig['caref'] == $ca['refid']) $selected = "selected"; diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 1b6dc72..422e3c3 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -610,7 +610,7 @@ function autotls_change() { <td width="78%" class="vtable"> <select name='caref' class="formselect"> <?php - foreach ($config['system']['ca'] as $ca): + foreach ($config['ca'] as $ca): $selected = ""; if ($pconfig['caref'] == $ca['refid']) $selected = "selected"; @@ -625,7 +625,7 @@ function autotls_change() { <td width="78%" class="vtable"> <select name='certref' class="formselect"> <?php - foreach ($config['system']['cert'] as $cert): + foreach ($config['cert'] as $cert): $selected = ""; if ($pconfig['certref'] == $cert['refid']) $selected = "selected"; diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 222ed51..4eec76d 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -698,7 +698,7 @@ function netbios_change() { <td width="78%" class="vtable"> <select name='caref' class="formselect"> <?php - foreach ($config['system']['ca'] as $ca): + foreach ($config['ca'] as $ca): $selected = ""; if ($pconfig['caref'] == $ca['refid']) $selected = "selected"; @@ -713,7 +713,7 @@ function netbios_change() { <td width="78%" class="vtable"> <select name='certref' class="formselect"> <?php - foreach ($config['system']['cert'] as $cert): + foreach ($config['cert'] as $cert): $selected = ""; if (strstr($cert['name'], "webConfigurator")) continue; diff --git a/usr/local/www/vpn_pppoe.php b/usr/local/www/vpn_pppoe.php index 46e8c3e..8052466 100755 --- a/usr/local/www/vpn_pppoe.php +++ b/usr/local/www/vpn_pppoe.php @@ -1,21 +1,18 @@ <?php /* - vpn_pppoe.php - part of pfSense - - Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com) + Copyright (C) 2010 Ermal Luçi All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -27,6 +24,9 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +/* + pfSense_MODULE: pppoe +*/ ##|+PRIV ##|*IDENT=page-services-pppoeserver @@ -35,440 +35,120 @@ ##|*MATCH=vpn_pppoe.php* ##|-PRIV -require("guiconfig.inc"); +require_once("guiconfig.inc"); +require_once("filter.inc"); require_once("vpn.inc"); -if (!is_array($config['pppoe']['radius'])) { - $config['pppoe']['radius'] = array(); -} -$pppoecfg = &$config['pppoe']; - -$pconfig['remoteip'] = $pppoecfg['remoteip']; -$pconfig['localip'] = $pppoecfg['localip']; -$pconfig['mode'] = $pppoecfg['mode']; -$pconfig['interface'] = $pppoecfg['interface']; -$pconfig['n_pppoe_units'] = $pppoecfg['n_pppoe_units']; -$pconfig['pppoe_subnet'] = $pppoecfg['pppoe_subnet']; -$pconfig['pppoe_dns1'] = $pppoecfg['dns1']; -$pconfig['pppoe_dns2'] = $pppoecfg['dns2']; -$pconfig['radacct_enable'] = isset($pppoecfg['radius']['accounting']); -$pconfig['radiusissueips'] = isset($pppoecfg['radius']['radiusissueips']); -$pconfig['radiusenable'] = isset($pppoecfg['radius']['server']['enable']); -$pconfig['radiusserver'] = $pppoecfg['radius']['server']['ip']; -$pconfig['radiusserverport'] = $pppoecfg['radius']['server']['port']; -$pconfig['radiusserveracctport'] = $pppoecfg['radius']['server']['acctport']; -$pconfig['radiussecret'] = $pppoecfg['radius']['server']['secret']; -$pconfig['radiussecenable'] = isset($pppoecfg['radius']['server2']['enable']); -$pconfig['radiusserver2'] = $pppoecfg['radius']['server2']['ip']; -$pconfig['radiusserver2port'] = $pppoecfg['radius']['server2']['port']; -$pconfig['radiusserver2acctport'] = $pppoecfg['radius']['server2']['acctport']; -$pconfig['radiussecret2'] = $pppoecfg['radius']['server2']['secret2']; -$pconfig['radiusissueips'] = isset($pppoecfg['radius']['radiusissueips']); -$pconfig['radius_nasip'] = $pppoecfg['radius']['nasip']; -$pconfig['radius_acct_update'] = $pppoecfg['radius']['acct_update']; +if (!is_array($config['pppoes']['pppoe'])) + $config['pppoes']['pppoe'] = array(); +$a_pppoes = &$config['pppoes']['pppoe']; if ($_POST) { + $pconfig = $_POST; + + if ($_POST['apply']) { + if (file_exists("{$g['tmp_path']}/.vpn_pppoe.apply")) { + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.vpn_pppoe.apply")); + foreach ($toapplylist as $pppoeid) { + if (!is_numeric($pppoeid)) + continue; + if (is_array($config['pppoes']['pppoe'])) { + foreach ($config['pppoes']['pppoe'] as $pppoe) { + if ($pppoe['pppoeid'] == $pppoeid) { + vpn_pppoe_configure($pppoe); + break; + } + } + } + } + @unlink("{$g['tmp_path']}/.vpn_pppoe.apply"); + } + $retval = 0; + $retval |= filter_configure(); + $savemsg = get_std_save_message($retval); + clear_subsystem_dirty('vpnpppoe'); + } +} - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - if ($_POST['mode'] == "server") { - $reqdfields = explode(" ", "localip remoteip"); - $reqdfieldsn = array(gettext("Server address"),gettext("Remote start address")); - - if ($_POST['radiusenable']) { - $reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret")); - $reqdfieldsn = array_merge($reqdfieldsn, - array(gettext("RADIUS server address"),gettext("RADIUS shared secret"))); - } - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) { - $input_errors[] = gettext("A valid server address must be specified."); - } - if (($_POST['pppoe_subnet'] && !is_ipaddr($_POST['remoteip']))) { - $input_errors[] = gettext("A valid remote start address must be specified."); - } - if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) { - $input_errors[] = gettext("A valid RADIUS server address must be specified."); - } - - if (!$input_errors) { - $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['pppoe_subnet']); - $subnet_start = ip2ulong($_POST['remoteip']); - $subnet_end = ip2ulong($_POST['remoteip']) + $_POST['pppoe_subnet'] - 1; - - if ((ip2ulong($_POST['localip']) >= $subnet_start) && - (ip2ulong($_POST['localip']) <= $subnet_end)) { - $input_errors[] = gettext("The specified server address lies in the remote subnet."); - } - if ($_POST['localip'] == get_interface_ip("lan")) { - $input_errors[] = gettext("The specified server address is equal to the LAN interface address."); - } - } - } else { - /* turning pppoe off, lets dump any custom rules */ - $rules = &$config['filter']['rule']; - for($x=0; $x<count($rules); $x++) { - if($rules[$x]['interface'] == "pppoe") { - unset($rules[$x]); - } - } - unset($config['pppoe']); - } - - if (!$input_errors) { - $pppoecfg['remoteip'] = $_POST['remoteip']; - $pppoecfg['localip'] = $_POST['localip']; - $pppoecfg['mode'] = $_POST['mode']; - $pppoecfg['interface'] = $_POST['interface']; - $pppoecfg['n_pppoe_units'] = $_POST['n_pppoe_units']; - $pppoecfg['pppoe_subnet'] = $_POST['pppoe_subnet']; - $pppoecfg['radius']['server']['ip'] = $_POST['radiusserver']; - $pppoecfg['radius']['server']['secret'] = $_POST['radiussecret']; - $pppoecfg['radius']['server']['port'] = $_POST['radiusserverport']; - $pppoecfg['radius']['server']['acctport'] = $_POST['radiusserveracctport']; - $pppoecfg['radius']['server2']['ip'] = $_POST['radiusserver2']; - $pppoecfg['radius']['server2']['secret2'] = $_POST['radiussecret2']; - $pppoecfg['radius']['server2']['port'] = $_POST['radiusserver2port']; - $pppoecfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport']; - $pppoecfg['radius']['nasip'] = $_POST['radius_nasip']; - $pppoecfg['radius']['acct_update'] = $_POST['radius_acct_update']; - - if ($_POST['pppoe_dns1'] == "") - unset($pppoecfg['dns1']); - else - $pppoecfg['dns1'] = $_POST['pppoe_dns1']; - - if ($_POST['pppoe_dns2'] == "") - unset($pppoecfg['dns2']); - else - $pppoecfg['dns2'] = $_POST['pppoe_dns2']; - - if($_POST['radiusenable'] == "yes") - $pppoecfg['radius']['server']['enable'] = true; - else - unset($pppoecfg['radius']['server']['enable']); - - if($_POST['radiussecenable'] == "yes") - $pppoecfg['radius']['server2']['enable'] = true; - else - unset($pppoecfg['radius']['server2']['enable']); - - if($_POST['radacct_enable'] == "yes") - $pppoecfg['radius']['accounting'] = true; - else - unset($pppoecfg['radius']['accounting']); - - if($_POST['radiusissueips'] == "yes") { - $pppoecfg['radius']['radiusissueips'] = true; - } else - unset($pppoecfg['radius']['radiusissueips']); - +if ($_GET['act'] == "del") { + if ($a_pppoes[$_GET['id']]) { + if ("{$g['varrun_path']}/pppoe" . $a_pppoes[$_GET['id']]['pppoeid'] . "-vpn.pid") + killbypid("{$g['varrun_path']}/pppoe" . $a_pppoes[$_GET['id']]['pppoeid'] . "-vpn.pid"); + mwexec("/bin/rm -r {$g['varetc_path']}/pppoe" . $a_pppoes[$_GET['id']]['pppoeid']); + unset($a_pppoes[$_GET['id']]); write_config(); - - $retval = 0; - $retval = vpn_pppoe_configure(); - $savemsg = get_std_save_message($retval); + header("Location: vpn_pppoe.php"); + exit; } } -$pgtitle = array(gettext("Services"),gettext("PPPoE Server")); +$pgtitle = array(gettext("VPN"),gettext("PPPoE")); include("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> -<script language="JavaScript"> -<!-- -function get_radio_value(obj) -{ - for (i = 0; i < obj.length; i++) { - if (obj[i].checked) - return obj[i].value; - } - return null; -} - -function enable_change(enable_over) { - if ((get_radio_value(document.iform.mode) == "server") || enable_over) { - document.iform.remoteip.disabled = 0; - document.iform.localip.disabled = 0; - document.iform.radiusenable.disabled = 0; - document.iform.interface.disabled = 0; - document.iform.n_pppoe_units.disabled = 0; - document.iform.pppoe_subnet.disabled = 0; - document.iform.pppoe_dns1.disabled = 0; - document.iform.pppoe_dns2.disabled = 0; - if (document.iform.radiusenable.checked || enable_over) { - document.iform.radacct_enable.disabled = 0; - document.iform.radiusserver.disabled = 0; - document.iform.radiussecret.disabled = 0; - document.iform.radiusserverport.disabled = 0; - document.iform.radiusserveracctport.disabled = 0; - document.iform.radiusissueips.disabled = 0; - document.iform.radius_nasip.disabled = 0; - document.iform.radiusissueips.disabled = 0; - document.iform.radius_nasip.disabled = 0; - document.iform.radius_acct_update.disabled = 0; - document.iform.radiussecenable.disabled = 0; - if (document.iform.radiussecenable.checked || enable_over) { - document.iform.radiusserver2.disabled = 0; - document.iform.radiussecret2.disabled = 0; - document.iform.radiusserver2port.disabled = 0; - document.iform.radiusserver2acctport.disabled = 0; - } else { - - document.iform.radiusserver2.disabled = 1; - document.iform.radiussecret2.disabled = 1; - document.iform.radiusserver2port.disabled = 1; - document.iform.radiusserver2acctport.disabled = 1; - } - } else { - document.iform.radacct_enable.disabled = 1; - document.iform.radiusserver.disabled = 1; - document.iform.radiussecret.disabled = 1; - document.iform.radiusserverport.disabled = 1; - document.iform.radiusserveracctport.disabled = 1; - document.iform.radiusissueips.disabled = 1; - document.iform.radius_nasip.disabled = 1; - document.iform.radius_acct_update.disabled = 1; - document.iform.radiussecenable.disabled = 1; - } - } else { - document.iform.interface.disabled = 1; - document.iform.n_pppoe_units.disabled = 1; - document.iform.pppoe_subnet.disabled = 1; - document.iform.remoteip.disabled = 1; - document.iform.localip.disabled = 1; - document.iform.pppoe_dns1.disabled = 1; - document.iform.pppoe_dns2.disabled = 1; - document.iform.radiusenable.disabled = 1; - document.iform.radiussecenable.disabled = 1; - document.iform.radacct_enable.disabled = 1; - document.iform.radiusserver.disabled = 1; - document.iform.radiussecret.disabled = 1; - document.iform.radiusserverport.disabled = 1; - document.iform.radiusserveracctport.disabled = 1; - document.iform.radiusserver2.disabled = 1; - document.iform.radiussecret2.disabled = 1; - document.iform.radiusserver2port.disabled = 1; - document.iform.radiusserver2acctport.disabled = 1; - document.iform.radiusissueips.disabled = 1; - document.iform.radius_nasip.disabled = 1; - document.iform.radius_acct_update.disabled = 1; - } -} -//--> -</script> -<form action="vpn_pppoe.php" method="post" name="iform" id="iform"> -<?php if ($input_errors) print_input_errors($input_errors); ?> +<form action="vpn_pppoe.php" method="post"> <?php if ($savemsg) print_info_box($savemsg); ?> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr><td class="tabnavtbl"> -<?php - $tab_array = array(); - $tab_array[0] = array(gettext("Configuration"), true, "vpn_pppoe.php"); - $tab_array[1] = array(gettext("Users"), false, "vpn_pppoe_users.php"); - display_top_tabs($tab_array); -?> - </td></tr> - <tr> - <td> - <div id="mainarea"> - <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width="22%" valign="top" class="vtable"> </td> - <td width="78%" class="vtable"> - <input name="mode" type="radio" onclick="enable_change(false)" value="off" - <?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked";?>> - <?=gettext("Off"); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vtable"> </td> - <td width="78%" class="vtable"> - <input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>> - <?=gettext("Enable PPPoE server"); ?></td> - </tr> - - <tr> - <td width="22%" valign="top" class="vncell"><b><?=gettext("Interface"); ?></b></td> - <td width="78%" valign="top" class="vtable"> - - <select name="interface" class="formselect" id="interface"> - <?php - $interfaces = get_configured_interface_with_descr(); - - foreach ($interfaces as $iface => $ifacename): - ?> - <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>> - <?=htmlspecialchars($ifacename);?> - </option> - <?php endforeach; ?> - </select> <br> - - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Subnet netmask"); ?></td> - <td width="78%" class="vtable"> - <select id="pppoe_subnet" name="pppoe_subnet"> - <?php - for($x=0; $x<33; $x++) { - if($x == $pconfig['pppoe_subnet']) - $SELECTED = " SELECTED"; - else - $SELECTED = ""; - echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n"; - } - ?> - </select> - <br><?=gettext("Hint"); ?>: 24 <?=gettext("is"); ?> 255.255.255.0 - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("No. PPPoE users"); ?></td> - <td width="78%" class="vtable"> - <select id="n_pppoe_units" name="n_pppoe_units"> - <?php - for($x=0; $x<255; $x++) { - if($x == $pconfig['n_pppoe_units']) - $SELECTED = " SELECTED"; - else - $SELECTED = ""; - echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n"; - } - ?> - </select> - <br><?=gettext("Hint: 10 is ten PPPoE clients"); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Server address"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="localip" type="text" class="formfld unknown" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>"> - <br> - <?=gettext("Enter the IP address the PPPoE server should use on its side " . - "for all clients"); ?>.</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Remote address range"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld unknown" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>"> - <br> - <?=gettext("Specify the starting address for the client IP address subnet"); ?>.<br> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("DNS servers"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="pppoe_dns1" type="text" class="formfld unknown" id="pppoe_dns1" size="20" value="<?=htmlspecialchars($pconfig['pppoe_dns1']);?>"> - <br> - <input name="pppoe_dns2" type="text" class="formfld unknown" id="pppoe_dns2" size="20" value="<?=htmlspecialchars($pconfig['pppoe_dns2']);?>"> - <br> - <?=gettext("If entered they will be given to all PPPoE clients, else LAN DNS and one WAN DNS will go to all clients"); ?><br> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS"); ?></td> - <td width="78%" class="vtable"> - <input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked"; ?>> - <strong><?=gettext("Use a RADIUS server for authentication"); ?><br> - </strong><?=gettext("When set, all users will be authenticated using " . - "the RADIUS server specified below. The local user database " . - "will not be used"); ?>.<br> - <br> - <input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>> - <strong><?=gettext("Enable RADIUS accounting"); ?> <br> - <br> - </strong><?=gettext("Sends accounting packets to the RADIUS server"); ?>.<br> - <input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked"; ?>> - <strong><?=gettext("Use Backup RADIUS Server"); ?></strong><br> - <?=gettext("When set, if primary server fails all requests will be sent via backup server"); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("NAS IP Address"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="radius_nasip" type="text" class="formfld unknown" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>"> - <br><?=gettext("RADIUS server NAS IP Address"); ?><br> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("RADIUS Accounting Update"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="radius_acct_update" type="text" class="formfld unknown" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>"> - <br><?=gettext("RADIUS accounting update period in seconds"); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS issued IPs"); ?></td> - <td width="78%" valign="top" class="vtable"> - <input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " CHECKED"; ?>> - <br><?=gettext("Issue IP Addresses via RADIUS server"); ?>.</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS server Primary"); ?></td> - <td width="78%" class="vtable"> - <input name="radiusserver" type="text" class="formfld unknown" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>"> - <input name="radiusserverport" type="text" class="formfld unknown" id="radiusserverport" size="4" value="<?=htmlspecialchars($pconfig['radiusserverport']);?>"> - <input name="radiusserveracctport" type="text" class="formfld unknown" id="radiusserveracctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserveracctport']);?>"> - <br><?=gettext("Enter the IP address, authentication port and accounting port (optional) of the RADIUS server."); ?><br> - <br> <?=gettext("standard port 1812 and 1813 accounting"); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS primary shared secret"); ?></td> - <td width="78%" valign="top" class="vtable"> - <input name="radiussecret" type="password" class="formfld pwd" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>"> - <br><?=gettext("Enter the shared secret that will be used to authenticate " . - "to the RADIUS server"); ?>.</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS server Secondary"); ?></td> - <td width="78%" class="vtable"> - <input name="radiusserver2" type="text" class="formfld unknown" id="radiusserver2" size="20" value="<?=htmlspecialchars($pconfig['radiusserver2']);?>"> - <input name="radiusserver2port" type="text" class="formfld unknown" id="radiusserver2port" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2port']);?>"> - <input name="radiusserver2acctport" type="text" class="formfld unknown" id="radiusserver2acctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2acctport']);?>"> - <br><?=gettext("Enter the IP address, authentication port and accounting port (optional) of the backup RADIUS server."); ?><br> - <br> <?=gettext("standard port 1812 and 1813 accounting"); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS secondary shared secret"); ?></td> - <td width="78%" valign="top" class="vtable"> - <input name="radiussecret2" type="password" class="formfld pwd" id="radiussecret2" size="20" value="<?=htmlspecialchars($pconfig['radiussecret2']);?>"> - <br> - <?=gettext("Enter the shared secret that will be used to authenticate " . - "to the RADIUS server"); ?>.</td> - </tr> - <tr> - <td height="16" colspan="2" valign="top"></td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true)"> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note"); ?>:<br> - </strong></span><?=gettext("don't forget to add a firewall rule to permit " . - "traffic from PPPoE clients"); ?>!</span></td> - </tr> - </table> - </div> - </td> - </tr> +<?php if (is_subsystem_dirty('vpnpppoe')): ?><p> +<?php print_info_box_np(gettext("The PPPoE entry list has been changed") . ".<br>" . gettext("You must apply the changes in order for them to take effect."));?> +<?php endif; ?> + +<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> +<tr> + <td width="15%" class="listhdrr"><?=gettext("Interface");?></td> + <td width="10%" class="listhdrr"><?=gettext("Local ip");?></td> + <td width="25%" class="listhdrr"><?=gettext("Number of users");?></td> + <td width="25%" class="listhdr"><?=gettext("Description");?></td> + <td width="5%" class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle" width="17"> </td> + <td valign="middle"><a href="vpn_pppoe_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new pppoe instance");?>"></a></td> + </tr> + </table> + </td> +</tr> + <?php $i = 0; foreach ($a_pppoes as $pppoe): ?> +<tr> + <td class="listlr" ondblclick="document.location='vpn_pppoe_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars(strtoupper($pppoe['interface']));?> + </td> + <td class="listlr" ondblclick="document.location='vpn_pppoe_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($pppoe['localip']);?> + </td> + <td class="listr" ondblclick="document.location='vpn_pppoe_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($pppoe['n_pppoe_units']);?> + </td> + <td class="listbg" ondblclick="document.location='vpn_pppoe_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($pppoe['descr']);?> + </td> + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="vpn_pppoe_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit pppoe instance"); ?>"></a></td> + <td><a href="vpn_pppoe.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this entry? All elements that still use it will become invalid (e.g. filter rules)!");?>')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete pppoe instance");?>"></a></td> + </tr> + </table> + </td> +</tr> + <?php $i++; endforeach; ?> +<tr> + <td class="list" colspan="4"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle" width="17"> </td> + <td valign="middle"><a href="vpn_pppoe_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new pppoe instance");?>"></a></td> + </td> + </tr> + </table> + </td> +</tr> </table> </form> -<script language="JavaScript"> -<!-- -enable_change(false); -//--> -</script> <?php include("fend.inc"); ?> </body> </html> diff --git a/usr/local/www/vpn_pppoe_edit.php b/usr/local/www/vpn_pppoe_edit.php new file mode 100755 index 0000000..39de7fb --- /dev/null +++ b/usr/local/www/vpn_pppoe_edit.php @@ -0,0 +1,611 @@ +<?php +/* + vpn_pppoe_edit.php + part of pfSense + + Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com) + Copyright (C) 2010 Ermal Luçi + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +##|+PRIV +##|*IDENT=page-services-pppoeserver-eidt +##|*NAME=Services: PPPoE Server: Edit page +##|*DESCR=Allow access to the 'Services: PPPoE Server: Edit' page. +##|*MATCH=vpn_pppoe_edit.php* +##|-PRIV + +require("guiconfig.inc"); +require_once("vpn.inc"); + +function vpn_pppoe_get_id() { + global $config; + + $vpnid = 1; + if (!is_array($config['pppoes']['pppoe'])) { + foreach ($config['pppoes']['pppoe'] as $pppoe) { + if ($vpnid == $pppoe['id']) + $vpnid++; + else + return $vpnid; + } + } + + return $vpnid; +} + +if (!is_array($config['pppoes']['pppoe'])) { + $config['pppoes']['pppoe'] = array(); +} +$a_pppoes = &$config['pppoes']['pppoe']; + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (isset($id) && $a_pppoes[$id]) { + $pppoecfg =& $a_pppoes[$id]; + + $pconfig['remoteip'] = $pppoecfg['remoteip']; + $pconfig['localip'] = $pppoecfg['localip']; + $pconfig['mode'] = $pppoecfg['mode']; + $pconfig['interface'] = $pppoecfg['interface']; + $pconfig['n_pppoe_units'] = $pppoecfg['n_pppoe_units']; + $pconfig['pppoe_subnet'] = $pppoecfg['pppoe_subnet']; + $pconfig['pppoe_dns1'] = $pppoecfg['dns1']; + $pconfig['pppoe_dns2'] = $pppoecfg['dns2']; + $pconfig['descr'] = $pppoecfg['descr']; + $pconfig['username'] = $pppoecfg['username']; + $pconfig['pppoeid'] = $pppoecfg['pppoeid']; + if (is_array($pppoecfg['radius'])) { + $pconfig['radacct_enable'] = isset($pppoecfg['radius']['accounting']); + $pconfig['radiusissueips'] = isset($pppoecfg['radius']['radiusissueips']); + if (is_array($pppoecfg['radius']['server'])) { + $pconfig['radiusenable'] = isset($pppoecfg['radius']['server']['enable']); + $pconfig['radiusserver'] = $pppoecfg['radius']['server']['ip']; + $pconfig['radiusserverport'] = $pppoecfg['radius']['server']['port']; + $pconfig['radiusserveracctport'] = $pppoecfg['radius']['server']['acctport']; + $pconfig['radiussecret'] = $pppoecfg['radius']['server']['secret']; + } + if (is_array($pppoecfg['radius']['server2'])) { + $pconfig['radiussecenable'] = isset($pppoecfg['radius']['server2']['enable']); + $pconfig['radiusserver2'] = $pppoecfg['radius']['server2']['ip']; + $pconfig['radiusserver2port'] = $pppoecfg['radius']['server2']['port']; + $pconfig['radiusserver2acctport'] = $pppoecfg['radius']['server2']['acctport']; + $pconfig['radiussecret2'] = $pppoecfg['radius']['server2']['secret2']; + } + $pconfig['radiusissueips'] = isset($pppoecfg['radius']['radiusissueips']); + $pconfig['radius_nasip'] = $pppoecfg['radius']['nasip']; + $pconfig['radius_acct_update'] = $pppoecfg['radius']['acct_update']; + } +} + + +if ($_POST) { + + unset($input_errors); + //$pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "localip remoteip"); + $reqdfieldsn = array(gettext("Server address"),gettext("Remote start address")); + + if ($_POST['radiusenable']) { + $reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret")); + $reqdfieldsn = array_merge($reqdfieldsn, + array(gettext("RADIUS server address"),gettext("RADIUS shared secret"))); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) + $input_errors[] = gettext("A valid server address must be specified."); + if (($_POST['pppoe_subnet'] && !is_ipaddr($_POST['remoteip']))) + $input_errors[] = gettext("A valid remote start address must be specified."); + if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) + $input_errors[] = gettext("A valid RADIUS server address must be specified."); + + $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['pppoe_subnet']); + $subnet_start = ip2ulong($_POST['remoteip']); + $subnet_end = ip2ulong($_POST['remoteip']) + $_POST['pppoe_subnet'] - 1; + if ((ip2ulong($_POST['localip']) >= $subnet_start) && + (ip2ulong($_POST['localip']) <= $subnet_end)) + $input_errors[] = gettext("The specified server address lies in the remote subnet."); + if ($_POST['localip'] == get_interface_ip($_POST['interface'])) + $input_errors[] = gettext("The specified server address is equal to an interface ip address."); + + for($x=0; $x<4999; $x++) { + if ($_POST["username{$x}"]) { + if (empty($_POST["password{$x}"])) + $input_errors[] = gettext("No password specified for username ") . $_POST["username{$x}"]; + if ($_POST["ip{$x}"] <> "" && !is_ipaddr($_POST["ip{$x}"])) + $input_errors[] = gettext("Incorrect ip address specified for username ") . $_POST["username{$x}"]; + } + } + + if (!$input_errors) { + $pppoecfg = array(); + + $pppoecfg['remoteip'] = $_POST['remoteip']; + $pppoecfg['localip'] = $_POST['localip']; + $pppoecfg['mode'] = $_POST['mode']; + $pppoecfg['interface'] = $_POST['interface']; + $pppoecfg['n_pppoe_units'] = $_POST['n_pppoe_units']; + $pppoecfg['pppoe_subnet'] = $_POST['pppoe_subnet']; + $pppoecfg['descr'] = $_POST['descr']; + if ($_POST['radiusserver'] || $_POST['radiusserver2']) { + $pppoecfg['radius'] = array(); + + $pppoecfg['radius']['nasip'] = $_POST['radius_nasip']; + $pppoecfg['radius']['acct_update'] = $_POST['radius_acct_update']; + } + if ($_POST['radiusserver']) { + $pppoecfg['radius']['server'] = array(); + + $pppoecfg['radius']['server']['ip'] = $_POST['radiusserver']; + $pppoecfg['radius']['server']['secret'] = $_POST['radiussecret']; + $pppoecfg['radius']['server']['port'] = $_POST['radiusserverport']; + $pppoecfg['radius']['server']['acctport'] = $_POST['radiusserveracctport']; + } + if ($_POST['radiusserver']) { + $pppoecfg['radius']['server2'] = array(); + + $pppoecfg['radius']['server2']['ip'] = $_POST['radiusserver2']; + $pppoecfg['radius']['server2']['secret2'] = $_POST['radiussecret2']; + $pppoecfg['radius']['server2']['port'] = $_POST['radiusserver2port']; + $pppoecfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport']; + } + + if ($_POST['pppoe_dns1'] <> "") + $pppoecfg['dns1'] = $_POST['pppoe_dns1']; + + if ($_POST['pppoe_dns2'] <> "") + $pppoecfg['dns2'] = $_POST['pppoe_dns2']; + + if($_POST['radiusenable'] == "yes") + $pppoecfg['radius']['server']['enable'] = true; + + if($_POST['radiussecenable'] == "yes") + $pppoecfg['radius']['server2']['enable'] = true; + + if($_POST['radacct_enable'] == "yes") + $pppoecfg['radius']['accounting'] = true; + + if($_POST['radiusissueips'] == "yes") + $pppoecfg['radius']['radiusissueips'] = true; + + if($_POST['pppoeid']) + $pppoecfg['pppoeid'] = $_POST['pppoeid']; + else + $pppoecfg['pppoeid'] = vpn_pppoe_get_id(); + + $users = array(); + for($x=0; $x<4999; $x++) { + if ($_POST["username{$x}"]) { + $usernam = $_POST["username{$x}"] . ":" . base64_encode($_POST["password{$x}"]); + if ($_POST["ip{$x}"]) + $usernam .= ":" . $_POST["ip{$x}"]; + $users[] = $usernam; + } + } + if (count($users) > 0) + $pppoecfg['username'] = implode(" ", $users); + + if (!isset($id)) + $id = count($a_pppoes); + if (file_exists("{$g['tmp_path']}/.vpn_pppoe.apply")) + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.vpn_pppoe.apply")); + else + $toapplylist = array(); + + $toapplylist[] = $pppoecfg['pppoeid']; + $a_pppoes[$id] = $pppoecfg; + + write_config(); + mark_subsystem_dirty('vpnpppoe'); + file_put_contents("{$g['tmp_path']}/.vpn_pppoe.apply", serialize($toapplylist)); + header("Location: vpn_pppoe.php"); + exit; + } +} + +$pgtitle = array(gettext("Services"),gettext("PPPoE Server"), gettext("Edit")); +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<script type="text/javascript" src="/javascript/row_helper.js"> +</script> + +<input type='hidden' name='username' value='textbox' class="formfld unknown" /> +<input type='hidden' name='password' value='textbox' /> +<input type='hidden' name='ip' value='textbox' /> + +<script type="text/javascript"> + rowname[0] = "username"; + rowtype[0] = "textbox"; + rowsize[0] = "20"; + + rowname[1] = "password"; + rowtype[1] = "password"; + rowsize[1] = "20"; + + rowname[2] = "ip"; + rowtype[2] = "textbox"; + rowsize[2] = "10"; +</script> + +<script language="JavaScript"> +<!-- +function get_radio_value(obj) +{ + for (i = 0; i < obj.length; i++) { + if (obj[i].checked) + return obj[i].value; + } + return null; +} + +function enable_change(enable_over) { + if ((get_radio_value(document.iform.mode) == "server") || enable_over) { + document.iform.remoteip.disabled = 0; + document.iform.descr.disabled = 0; + document.iform.localip.disabled = 0; + document.iform.radiusenable.disabled = 0; + document.iform.interface.disabled = 0; + document.iform.n_pppoe_units.disabled = 0; + document.iform.pppoe_subnet.disabled = 0; + document.iform.pppoe_dns1.disabled = 0; + document.iform.pppoe_dns2.disabled = 0; + if (document.iform.radiusenable.checked || enable_over) { + document.iform.radacct_enable.disabled = 0; + document.iform.radiusserver.disabled = 0; + document.iform.radiussecret.disabled = 0; + document.iform.radiusserverport.disabled = 0; + document.iform.radiusserveracctport.disabled = 0; + document.iform.radiusissueips.disabled = 0; + document.iform.radius_nasip.disabled = 0; + document.iform.radiusissueips.disabled = 0; + document.iform.radius_nasip.disabled = 0; + document.iform.radius_acct_update.disabled = 0; + document.iform.radiussecenable.disabled = 0; + if (document.iform.radiussecenable.checked || enable_over) { + document.iform.radiusserver2.disabled = 0; + document.iform.radiussecret2.disabled = 0; + document.iform.radiusserver2port.disabled = 0; + document.iform.radiusserver2acctport.disabled = 0; + } else { + + document.iform.radiusserver2.disabled = 1; + document.iform.radiussecret2.disabled = 1; + document.iform.radiusserver2port.disabled = 1; + document.iform.radiusserver2acctport.disabled = 1; + } + } else { + document.iform.radacct_enable.disabled = 1; + document.iform.radiusserver.disabled = 1; + document.iform.radiussecret.disabled = 1; + document.iform.radiusserverport.disabled = 1; + document.iform.radiusserveracctport.disabled = 1; + document.iform.radiusissueips.disabled = 1; + document.iform.radius_nasip.disabled = 1; + document.iform.radius_acct_update.disabled = 1; + document.iform.radiussecenable.disabled = 1; + } + } else { + document.iform.interface.disabled = 1; + document.iform.n_pppoe_units.disabled = 1; + document.iform.pppoe_subnet.disabled = 1; + document.iform.remoteip.disabled = 1; + document.iform.descr.disabled = 1; + document.iform.localip.disabled = 1; + document.iform.pppoe_dns1.disabled = 1; + document.iform.pppoe_dns2.disabled = 1; + document.iform.radiusenable.disabled = 1; + document.iform.radiussecenable.disabled = 1; + document.iform.radacct_enable.disabled = 1; + document.iform.radiusserver.disabled = 1; + document.iform.radiussecret.disabled = 1; + document.iform.radiusserverport.disabled = 1; + document.iform.radiusserveracctport.disabled = 1; + document.iform.radiusserver2.disabled = 1; + document.iform.radiussecret2.disabled = 1; + document.iform.radiusserver2port.disabled = 1; + document.iform.radiusserver2acctport.disabled = 1; + document.iform.radiusissueips.disabled = 1; + document.iform.radius_nasip.disabled = 1; + document.iform.radius_acct_update.disabled = 1; + } +} +//--> +</script> +<form action="vpn_pppoe_edit.php" method="post" name="iform" id="iform"> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td height="16" colspan="2" class="listtopic" valign="top"><?php echo gettext("PPPoE server configuration"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vtable"> </td> + <td width="78%" class="vtable"> + <input name="mode" type="radio" onclick="enable_change(false)" value="off" + <?php if ($pconfig['mode'] != "server") echo "checked";?>> + <?=gettext("Off"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vtable"> </td> + <td width="78%" class="vtable"> + <input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>> + <?=gettext("Enable PPPoE server"); ?></td> + </tr> + + <tr> + <td width="22%" valign="top" class="vncell"><b><?=gettext("Interface"); ?></b></td> + <td width="78%" valign="top" class="vtable"> + + <select name="interface" class="formselect" id="interface"> + <?php + $interfaces = get_configured_interface_with_descr(); + + foreach ($interfaces as $iface => $ifacename): + ?> + <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>> + <?=htmlspecialchars($ifacename);?> + </option> + <?php endforeach; ?> + </select> <br> + + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Subnet netmask"); ?></td> + <td width="78%" class="vtable"> + <select id="pppoe_subnet" name="pppoe_subnet"> + <?php + for($x=0; $x<33; $x++) { + if($x == $pconfig['pppoe_subnet']) + $SELECTED = " SELECTED"; + else + $SELECTED = ""; + echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n"; + } + ?> + </select> + <br><?=gettext("Hint"); ?>: 24 <?=gettext("is"); ?> 255.255.255.0 + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("No. PPPoE users"); ?></td> + <td width="78%" class="vtable"> + <select id="n_pppoe_units" name="n_pppoe_units"> + <?php + for($x=0; $x<255; $x++) { + if($x == $pconfig['n_pppoe_units']) + $SELECTED = " SELECTED"; + else + $SELECTED = ""; + echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n"; + } + ?> + </select> + <br><?=gettext("Hint: 10 is ten PPPoE clients"); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Server address"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="localip" type="text" class="formfld unknown" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>"> + <br> + <?=gettext("Enter the IP address the PPPoE server should use on its side " . + "for all clients"); ?>.</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Remote address range"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld unknown" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>"> + <br> + <?=gettext("Specify the starting address for the client IP address subnet"); ?>.<br> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Description"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> + <br/> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("DNS servers"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="pppoe_dns1" type="text" class="formfld unknown" id="pppoe_dns1" size="20" value="<?=htmlspecialchars($pconfig['pppoe_dns1']);?>"> + <br> + <input name="pppoe_dns2" type="text" class="formfld unknown" id="pppoe_dns2" size="20" value="<?=htmlspecialchars($pconfig['pppoe_dns2']);?>"> + <br> + <?=gettext("If entered they will be given to all PPPoE clients, else LAN DNS and one WAN DNS will go to all clients"); ?><br> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS"); ?></td> + <td width="78%" class="vtable"> + <input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked"; ?>> + <strong><?=gettext("Use a RADIUS server for authentication"); ?><br> + </strong><?=gettext("When set, all users will be authenticated using " . + "the RADIUS server specified below. The local user database " . + "will not be used"); ?>.<br> + <br> + <input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>> + <strong><?=gettext("Enable RADIUS accounting"); ?> <br> + <br> + </strong><?=gettext("Sends accounting packets to the RADIUS server"); ?>.<br> + <input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked"; ?>> + <strong><?=gettext("Use Backup RADIUS Server"); ?></strong><br> + <?=gettext("When set, if primary server fails all requests will be sent via backup server"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("NAS IP Address"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="radius_nasip" type="text" class="formfld unknown" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>"> + <br><?=gettext("RADIUS server NAS IP Address"); ?><br> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("RADIUS Accounting Update"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="radius_acct_update" type="text" class="formfld unknown" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>"> + <br><?=gettext("RADIUS accounting update period in seconds"); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS issued IPs"); ?></td> + <td width="78%" valign="top" class="vtable"> + <input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " CHECKED"; ?>> + <br><?=gettext("Issue IP Addresses via RADIUS server"); ?>.</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS server Primary"); ?></td> + <td width="78%" class="vtable"> + <input name="radiusserver" type="text" class="formfld unknown" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>"> + <input name="radiusserverport" type="text" class="formfld unknown" id="radiusserverport" size="4" value="<?=htmlspecialchars($pconfig['radiusserverport']);?>"> + <input name="radiusserveracctport" type="text" class="formfld unknown" id="radiusserveracctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserveracctport']);?>"> + <br><?=gettext("Enter the IP address, authentication port and accounting port (optional) of the RADIUS server."); ?><br> + <br> <?=gettext("standard port 1812 and 1813 accounting"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS primary shared secret"); ?></td> + <td width="78%" valign="top" class="vtable"> + <input name="radiussecret" type="password" class="formfld pwd" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>"> + <br><?=gettext("Enter the shared secret that will be used to authenticate " . + "to the RADIUS server"); ?>.</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS server Secondary"); ?></td> + <td width="78%" class="vtable"> + <input name="radiusserver2" type="text" class="formfld unknown" id="radiusserver2" size="20" value="<?=htmlspecialchars($pconfig['radiusserver2']);?>"> + <input name="radiusserver2port" type="text" class="formfld unknown" id="radiusserver2port" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2port']);?>"> + <input name="radiusserver2acctport" type="text" class="formfld unknown" id="radiusserver2acctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2acctport']);?>"> + <br><?=gettext("Enter the IP address, authentication port and accounting port (optional) of the backup RADIUS server."); ?><br> + <br> <?=gettext("standard port 1812 and 1813 accounting"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS secondary shared secret"); ?></td> + <td width="78%" valign="top" class="vtable"> + <input name="radiussecret2" type="password" class="formfld pwd" id="radiussecret2" size="20" value="<?=htmlspecialchars($pconfig['radiussecret2']);?>"> + <br> + <?=gettext("Enter the shared secret that will be used to authenticate " . + "to the RADIUS server"); ?>.</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><div id="addressnetworkport"><?=gettext("User (s)");?></div></td> + <td width="78%" class="vtable"> + <table id="usertable"> + <tbody> + <tr> + <td><div id="onecolumn"><?=gettext("Username");?></div></td> + <td><div id="twocolumn"><?=gettext("Password");?></div></td> + <td><div id="thirdcolumn"><?=gettext("IP");?></div></td> + </tr> + <?php $counter = 0; + $usernames = $pconfig['username']; + if ($usernames <> "") { + $item = explode(" ", $usernames); + foreach($item as $ww) { + $wws = explode(":", $ww); + $user = $wws[0]; + $passwd = base64_decode($wws[1]); + $ip = $wws[2]; + $tracker = $counter; + ?> + <tr> + <td> + <input name="username<?php echo $tracker; ?>" type="text" class="formfld unknown" id="username<?php echo $tracker; ?>" size="20" value="<?=htmlspecialchars($user);?>" /> + </td> + <td> + <input name="password<?php echo $tracker; ?>" type="password" class="formfld pwd" id="password<?php echo $tracker; ?>" size="20" value="<?=htmlspecialchars($passwd);?>" /> + </td> + <td> + <input name="ip<?php echo $tracker; ?>" type="text" class="formfld unknown" id="ip<?php echo $tracker; ?>" size="10" value="<?=htmlspecialchars($ip);?>" /> + </td> + <td> + <input type="image" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="<?=gettext("Delete");?>" /> + </td> + </tr> + <?php + $counter++; + } // end foreach + } // end if + ?> + </tbody> + </table> + <a onclick="javascript:addRowTo('usertable'); return false;" href="#"> + <img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="<?=gettext("add another entry");?>" /> + </a> + </td> + </tr> + <tr> + <td height="16" colspan="2" valign="top"></td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <?php if (isset($id)) + echo "<input type='hidden' name='id' id='id' value='{$id}' >"; + ?> + <?php if (isset($pconfig['pppoeid'])) + echo "<input type='hidden' name='pppoeid' id='pppoeid' value='{$pppoeid}' >"; + ?> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> + <a href="vpn_pppoe.php"><input name="Cancel" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>"></a> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note"); ?>:<br> + </strong></span><?=gettext("don't forget to add a firewall rule to permit " . + "traffic from PPPoE clients"); ?>!</span></td> + </tr> + </table> + </div> + </td> + </tr> +</table> +</form> +<script type="text/javascript"> +enable_change(false); + +field_counter_js = 3; +rows = 1; +totalrows = <?php echo $counter; ?>; +loaded = <?php echo $counter; ?>; + +</script> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/vpn_pppoe_users.php b/usr/local/www/vpn_pppoe_users.php deleted file mode 100755 index f9395e5..0000000 --- a/usr/local/www/vpn_pppoe_users.php +++ /dev/null @@ -1,143 +0,0 @@ -<?php -/* - vpn_pppoe_users.php - part of pfSense - - Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com) - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -##|+PRIV -##|*IDENT=page-services-pppoeserver-users -##|*NAME=Services: PPPoE Server: Users page -##|*DESCR=Allow access to the 'Services: PPPoE Server: Users' page. -##|*MATCH=vpn_pppoe_users.php* -##|-PRIV - -require("guiconfig.inc"); -require_once("vpn.inc"); - -if (!is_array($config['pppoe']['user'])) { - $config['pppoe']['user'] = array(); -} -$a_secret = &$config['pppoe']['user']; - -if ($_POST) { - - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - $retval = vpn_setup(); - $savemsg = get_std_save_message($retval); - if ($retval == 0) { - if (is_subsystem_dirty('pppoeusers')) - clear_subsystem_dirty('pppoeusers'); - } - } -} - -if ($_GET['act'] == "del") { - if ($a_secret[$_GET['id']]) { - unset($a_secret[$_GET['id']]); - write_config(); - mark_subsystem_dirty('pppoeusers'); - header("Location: vpn_pppoe_users.php"); - exit; - } -} - -$pgtitle = array(gettext("Services"),gettext("PPPoE Server"),gettext("Users")); -include("head.inc"); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<form action="vpn_pppoe_users.php" method="post"> -<?php if ($savemsg) print_info_box($savemsg); ?> -<?php if (isset($config['pppoe']['radius']['enable'])) - print_info_box(gettext("Warning: RADIUS is enabled. The local user database will not be used.")); ?> -<?php if (is_subsystem_dirty('pppoeusers')): ?><p> -<?php print_info_box_np(gettext("The PPPoE user list has been modified") . ".<br>" . gettext("You must apply the changes in order for them to take effect") . ".<br><b>" . gettext("Warning: this will terminate all current PPPoE sessions") . "!</b>");?><br> -<?php endif; ?> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr><td class="tabnavtbl"> -<?php - $tab_array = array(); - $tab_array[0] = array(gettext("Configuration"), false, "vpn_pppoe.php"); - $tab_array[1] = array(gettext("Users"), true, "vpn_pppoe_users.php"); - display_top_tabs($tab_array); -?> </td></tr> - <tr> - <td> - <div id="mainarea"> - <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td class="listhdrr"><?=gettext("Username"); ?></td> - <td class="listhdr"><?=gettext("IP address"); ?></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td width="17"></td> - <td><a href="vpn_pppoe_users_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add user"); ?>" width="17" height="17" border="0"></a></td> - </tr> - </table> - </td> - </tr> - <?php $i = 0; foreach ($a_secret as $secretent): ?> - <tr> - <td class="listlr"> - <?=htmlspecialchars($secretent['name']);?> - </td> - <td class="listr"> - <?php if($secretent['ip'] == "") $secretent['ip'] = "Dynamic"; ?> - <?=htmlspecialchars($secretent['ip']);?> - </td> - <td class="list" nowrap> <a href="vpn_pppoe_users_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit user"); ?>" width="17" height="17" border="0"></a> - <a href="vpn_pppoe_users.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this user?"); ?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete user"); ?>" width="17" height="17" border="0"></a></td> - </tr> - <?php $i++; endforeach; ?> - <tr> - <td class="list" colspan="2"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td width="17"></td> - <td><a href="vpn_pppoe_users_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add user"); ?>" width="17" height="17" border="0"></a></td> - </tr> - </table> - </td> - </tr> - </table> -</div> - </td> - </tr> -</table> -</form> -<?php include("fend.inc"); ?> -</body> -</html> - - diff --git a/usr/local/www/vpn_pppoe_users_edit.php b/usr/local/www/vpn_pppoe_users_edit.php deleted file mode 100755 index 6c15d35..0000000 --- a/usr/local/www/vpn_pppoe_users_edit.php +++ /dev/null @@ -1,179 +0,0 @@ -<?php -/* - vpn_pppoe_users_edit.php - part of pfSense - - Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com) - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -##|+PRIV -##|*IDENT=page-services-pppoeserver-user-edit -##|*NAME=Services: PPPoE Server: User: Edit page -##|*DESCR=Allow access to the 'Services: PPPoE Server: User: Edit' page. -##|*MATCH=vpn_pppoe_users_edit.php* -##|-PRIV - -function pppoeusercmp($a, $b) { - return strcasecmp($a['name'], $b['name']); -} - -function pppoe_users_sort() { - global $config; - - if (!is_array($config['pppoe']['user'])) - return; - - usort($config['pppoe']['user'], "pppoeusercmp"); -} - -require("guiconfig.inc"); -require_once("vpn.inc"); - -if (!is_array($config['pppoe']['user'])) { - $config['pppoe']['user'] = array(); -} -$a_secret = &$config['pppoe']['user']; - -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; - -if (isset($id) && $a_secret[$id]) { - $pconfig['username'] = $a_secret[$id]['name']; - $pconfig['ip'] = $a_secret[$id]['ip']; -} - -if ($_POST) { - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - if (isset($id) && ($a_secret[$id])) { - $reqdfields = explode(" ", "username"); - $reqdfieldsn = array(gettext("Username")); - } else { - $reqdfields = explode(" ", "username password"); - $reqdfieldsn = array(gettext("Username"),gettext("Password")); - } - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if (preg_match("/[^a-zA-Z0-9\.\-\@_]/", $_POST['username'])) - $input_errors[] = gettext("The username contains invalid characters."); - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['password'])) - $input_errors[] = gettext("The password contains invalid characters."); - - if (($_POST['password']) && ($_POST['password'] != $_POST['password2'])) { - $input_errors[] = gettext("The passwords do not match."); - } - if (($_POST['ip'] && !is_ipaddr($_POST['ip']))) { - $input_errors[] = gettext("The IP address entered is not valid."); - } - - if (!$input_errors && !(isset($id) && $a_secret[$id])) { - /* make sure there are no dupes */ - foreach ($a_secret as $secretent) { - if ($secretent['name'] == $_POST['username']) { - $input_errors[] = gettext("Another entry with the same username already exists."); - break; - } - } - } - - if (!$input_errors) { - - if (isset($id) && $a_secret[$id]) - $secretent = $a_secret[$id]; - - $secretent['name'] = $_POST['username']; - $secretent['ip'] = $_POST['ip']; - - if ($_POST['password']) - $secretent['password'] = $_POST['password']; - - if (isset($id) && $a_secret[$id]) - $a_secret[$id] = $secretent; - else - $a_secret[] = $secretent; - pppoe_users_sort(); - - write_config(); - - $retval = vpn_setup(); - - header("Location: vpn_pppoe_users.php"); - exit; - } -} - -$pgtitle = array(gettext("Services"),gettext("PPPoE Server"),gettext("User"),gettext("Edit")); -include("head.inc"); - -?> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<?php if ($input_errors) print_input_errors($input_errors); ?> - <form action="vpn_pppoe_users_edit.php" method="post" name="iform" id="iform"> - <div id="mainarea"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Username"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="username" type="text" class="formfld user" id="username" size="20" value="<?=htmlspecialchars($pconfig['username']);?>"> - </td> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Password"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="password" type="password" class="formfld pwd" id="password" size="20"> - <br><?=$mandfldhtml;?><input name="password2" type="password" class="formfld pwd" id="password2" size="20"> - (<?=gettext("confirmation"); ?>)<?php if (isset($id) && $a_secret[$id]): ?><br> - <span class="vexpl"><?=gettext("If you want to change the users' password, " . - "enter it here twice"); ?>.</span><?php endif; ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("IP address"); ?></td> - <td width="78%" class="vtable"> - <input name="ip" type="text" class="formfld unknown" id="ip" size="20" value="<?=htmlspecialchars($pconfig['ip']);?>"> - <br><span class="vexpl"><?=gettext("If you want the user to be assigned a specific IP address, enter it here"); ?>.</span></td> - </tr> - <tr> - <td class="vncell" width="22%" valign="top"> </td> - <td class="vncell" width="78%"> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> - <?php if (isset($id) && $a_secret[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> - <?php endif; ?> - </td> - </tr> - </table> - </div> -</form> -<?php include("fend.inc"); ?> -</body> -</html> - - diff --git a/usr/local/www/widgets/widgets/services_status.widget.php b/usr/local/www/widgets/widgets/services_status.widget.php index 11d448e..11b3dce 100644 --- a/usr/local/www/widgets/widgets/services_status.widget.php +++ b/usr/local/www/widgets/widgets/services_status.widget.php @@ -175,7 +175,7 @@ if($services) { if(!$service['description']) $service['description'] = get_pkg_descr($service['name']); echo '<tr><td class="listlr">' . $service['name'] . "</td>\n"; echo '<td class="listr">' . substr($service['description'],0 ,20) . "</td>\n"; - if(is_service_running($service['name'], $ps) or is_process_running($service['name']) ) { + if(is_service_running($service['name'])) { echo '<td class="listr"><center>'; echo "<img src=\"/themes/" . $g["theme"] . "/images/icons/icon_pass.gif\"> Running</td>\n"; $running = true; diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index d4a2b02..d255725 100755 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -508,7 +508,7 @@ function showchange() { if($field['add_to_certca_selection'] == $value) $SELECTED = " SELECTED"; echo "<option value='" . $field['add_to_certca_selection'] . "'" . $SELECTED . ">" . $field['add_to_certca_selection'] . "</option>\n"; } - foreach($config['system']['ca'] as $ca) { + foreach($config['ca'] as $ca) { $name = htmlspecialchars($ca['name']); $SELECTED = ""; if ($value == $name) $SELECTED = " SELECTED"; @@ -546,7 +546,7 @@ function showchange() { if($field['add_to_cert_selection'] == $value) $SELECTED = " SELECTED"; echo "<option value='" . $field['add_to_cert_selection'] . "'" . $SELECTED . ">" . $field['add_to_cert_selection'] . "</option>\n"; } - foreach($config['system']['cert'] as $ca) { + foreach($config['cert'] as $ca) { if (stristr($ca['name'], "webconf")) continue; $name = htmlspecialchars($ca['name']); diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc index ff8175c..fc7d0c4 100644 --- a/usr/local/www/wizards/openvpn_wizard.inc +++ b/usr/local/www/wizards/openvpn_wizard.inc @@ -163,7 +163,7 @@ function step5_submitphpaction() { function step6_stepbeforeformdisplay() { global $stepid, $config; - if (count($config['system']['ca']) < 1) { + if (count($config['ca']) < 1) { $stepid++; } } @@ -185,8 +185,8 @@ function step7_submitphpaction() { $canames = array(); $cacns = array(); - if (is_array($config['system']['ca'])) { - foreach($config['system']['ca'] as $ca) { + if (is_array($config['ca'])) { + foreach($config['ca'] as $ca) { $canames[] = $ca['name']; $cainfo = cert_get_subject_hash($ca['crt']); $cacns[] = $cainfo["CN"]; @@ -213,8 +213,8 @@ function step7_submitphpaction() { function step8_stepbeforeformdisplay() { global $stepid, $config; - if (count($config['system']['cert']) < 1 || - (count($config['system']['cert']) == 1 && stristr($config['system']['cert'][0]['name'], "webconf"))) { + if (count($config['cert']) < 1 || + (count($config['cert']) == 1 && stristr($config['cert'][0]['name'], "webconf"))) { $stepid++; } } @@ -271,8 +271,8 @@ function step9_submitphpaction() { $certnames = array(); $certcns = array(); - if (is_array($config['system']['cert'])) { - foreach($config['system']['cert'] as $cert) { + if (is_array($config['cert'])) { + foreach($config['cert'] as $cert) { $certnames[] = $cert['name']; $certinfo = cert_get_subject_hash($cert['crt']); $certcns[] = $certinfo["CN"]; @@ -450,10 +450,10 @@ function step12_submitphpaction() { 'commonName' => $pconfig['step6']['certca']); ca_create($ca, $pconfig['step6']['keylength'], $pconfig['step6']['lifetime'], $dn); - if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); + if (!is_array($config['ca'])) + $config['ca'] = array(); - $config['system']['ca'][] = $ca; + $config['ca'][] = $ca; } else if (!isset($pconfig['step6']['uselist']) && empty($pconfig['step6']['authcertca'])) { $message = "Please choose a Certificate Authority."; header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=5&message={$message}"); @@ -477,10 +477,10 @@ function step12_submitphpaction() { 'commonName' => $pconfig['step9']['certname']); cert_create($cert, $ca['refid'], $pconfig['step9']['keylength'], $pconfig['step9']['lifetime'], $dn); - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); + if (!is_array($config['cert'])) + $config['cert'] = array(); - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; } else if (!isset($pconfig['step6']['uselist']) && empty($pconfig['step9']['authcertname'])) { $message = "Please choose a Certificate."; header("Location:wizard.php?xml=openvpn_wizard.xml&stepid=7&message={$message}"); diff --git a/usr/local/www/wizards/openvpn_wizard.xml b/usr/local/www/wizards/openvpn_wizard.xml index 6d46438..5e95b8b 100644 --- a/usr/local/www/wizards/openvpn_wizard.xml +++ b/usr/local/www/wizards/openvpn_wizard.xml @@ -1,11 +1,10 @@ <?xml version="1.0" encoding="utf-8" ?> <pfsensewizard> <copyright> -/* $Id$ */ /* part of pfSense (http://www.pfsense.org/) - Copyright (C) 2010 Ermal Lui + Copyright (C) 2010 Ermal Luci All rights reserved. Redistribution and use in source and binary forms, with or without @@ -943,4 +942,3 @@ <includefile>/usr/local/www/wizards/openvpn_wizard.inc</includefile> </step> </pfsensewizard> - diff --git a/usr/local/www/wizards/traffic_shaper_wizard.xml b/usr/local/www/wizards/traffic_shaper_wizard.xml index 002ed24..1279785 100644 --- a/usr/local/www/wizards/traffic_shaper_wizard.xml +++ b/usr/local/www/wizards/traffic_shaper_wizard.xml @@ -35,7 +35,9 @@ <id>1</id> <title>pfSense Traffic Shaper Wizard</title> <disableheader>true</disableheader> - <description>This wizard will guide you through setting up the pfSense traffic shaper.</description> + <description>This wizard will guide you through setting up the pfSense traffic shaper. + Please be aware that Custom Bandwidths should not exceed 30% of the interface/link bandwidth. Keep this in mind during the wizard. + </description> <fields> <field> <displayname>Enter number of WAN connections</displayname> diff --git a/usr/local/www/wizards/traffic_shaper_wizard_dedicated.xml b/usr/local/www/wizards/traffic_shaper_wizard_dedicated.xml index 56cd97d..8688db1 100755 --- a/usr/local/www/wizards/traffic_shaper_wizard_dedicated.xml +++ b/usr/local/www/wizards/traffic_shaper_wizard_dedicated.xml @@ -36,7 +36,9 @@ <id>1</id> <title>pfSense Traffic Shaper Wizard</title> <disableheader>true</disableheader> - <description>This wizard will guide you through setting up the pfSense traffic shaper.</description> + <description>This wizard will guide you through setting up the pfSense traffic shaper. + Please be aware that Custom Bandwidths should not exceed 30% of the interface/link bandwidth. Keep this in mind during the wizard. + </description> <fields> <field> <type>listtopic</type> diff --git a/usr/local/www/wizards/traffic_shaper_wizard_multi_all.xml b/usr/local/www/wizards/traffic_shaper_wizard_multi_all.xml index 2b42d92..a138054 100755 --- a/usr/local/www/wizards/traffic_shaper_wizard_multi_all.xml +++ b/usr/local/www/wizards/traffic_shaper_wizard_multi_all.xml @@ -36,7 +36,9 @@ <id>1</id> <title>pfSense Traffic Shaper Wizard</title> <disableheader>true</disableheader> - <description>This wizard will guide you through setting up the pfSense traffic shaper.</description> + <description>This wizard will guide you through setting up the pfSense traffic shaper. + Please be aware that Custom Bandwidths should not exceed 30% of the interface/link bandwidth. Keep this in mind during the wizard. + </description> <fields> <field> <type>listtopic</type> diff --git a/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.xml b/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.xml index f97932b..f99f9e7 100644 --- a/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.xml +++ b/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.xml @@ -36,7 +36,9 @@ <id>1</id> <title>pfSense Traffic Shaper Wizard</title> <disableheader>true</disableheader> - <description>This wizard will guide you through setting up the pfSense traffic shaper for the situation where you have 1 WAN connection and multiple LAN connections.</description> + <description>This wizard will guide you through setting up the pfSense traffic shaper for the situation where you have 1 WAN connection and multiple LAN connections. + Please be aware that Custom Bandwidths should not exceed 30% of the interface/link bandwidth. Keep this in mind during the wizard. + </description> <fields> <field> <displayname>Enter number of LAN type connections</displayname> |
