diff options
Diffstat (limited to 'src/usr/local/www/system_gateway_groups_edit.php')
-rw-r--r-- | src/usr/local/www/system_gateway_groups_edit.php | 356 |
1 files changed, 356 insertions, 0 deletions
diff --git a/src/usr/local/www/system_gateway_groups_edit.php b/src/usr/local/www/system_gateway_groups_edit.php new file mode 100644 index 0000000..70d46e8 --- /dev/null +++ b/src/usr/local/www/system_gateway_groups_edit.php @@ -0,0 +1,356 @@ +<?php +/* $Id$ */ +/* + system_gateway_groups_edit.php + part of pfSense (https://www.pfsense.org) + + Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>. + Copyright (C) 2013-2015 Electric Sheep Fencing, LP + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: routing +*/ + +##|+PRIV +##|*IDENT=page-system-gateways-editgatewaygroups +##|*NAME=System: Gateways: Edit Gateway Groups page +##|*DESCR=Allow access to the 'System: Gateways: Edit Gateway Groups' page. +##|*MATCH=system_gateway_groups_edit.php* +##|-PRIV + +require("guiconfig.inc"); +require_once("ipsec.inc"); +require_once("vpn.inc"); + +if (!is_array($config['gateways']['gateway_group'])) + $config['gateways']['gateway_group'] = array(); + +$a_gateway_groups = &$config['gateways']['gateway_group']; +$a_gateways = return_gateways_array(); + +$categories = array( + 'down' => gettext("Member Down"), + 'downloss' => gettext("Packet Loss"), + 'downlatency' => gettext("High Latency"), + 'downlosslatency' => gettext("Packet Loss or High Latency")); + +if (is_numericint($_GET['id'])) { + $id = $_GET['id']; +} +if (isset($_POST['id']) && is_numericint($_POST['id'])) { + $id = $_POST['id']; +} + +if (isset($_GET['dup']) && is_numericint($_GET['dup'])) { + $id = $_GET['dup']; +} + +if (isset($id) && $a_gateway_groups[$id]) { + $pconfig['name'] = $a_gateway_groups[$id]['name']; + $pconfig['item'] = &$a_gateway_groups[$id]['item']; + $pconfig['descr'] = $a_gateway_groups[$id]['descr']; + $pconfig['trigger'] = $a_gateway_groups[$id]['trigger']; +} + +if (isset($_GET['dup']) && is_numericint($_GET['dup'])) { + unset($id); +} + +if ($_POST) { + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "name"); + $reqdfieldsn = explode(",", "Name"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); + + if (!isset($_POST['name'])) { + $input_errors[] = gettext("A valid gateway group name must be specified."); + } + if (!is_validaliasname($_POST['name'])) { + $input_errors[] = gettext("The gateway name must not contain invalid characters."); + } + + if (isset($_POST['name'])) { + /* check for overlaps */ + if (is_array($a_gateway_groups)) { + foreach ($a_gateway_groups as $gateway_group) { + if (isset($id) && ($a_gateway_groups[$id]) && ($a_gateway_groups[$id] === $gateway_group)) { + if ($gateway_group['name'] != $_POST['name']) { + $input_errors[] = gettext("Changing name on a gateway group is not allowed."); + } + continue; + } + + if ($gateway_group['name'] == $_POST['name']) { + $input_errors[] = sprintf(gettext('A gateway group with this name "%s" already exists.'), $_POST['name']); + break; + } + } + } + } + + /* Build list of items in group with priority */ + $pconfig['item'] = array(); + foreach ($a_gateways as $gwname => $gateway) { + if ($_POST[$gwname] > 0) { + $vipname = "{$gwname}_vip"; + /* we have a priority above 0 (disabled), add item to list */ + $pconfig['item'][] = "{$gwname}|{$_POST[$gwname]}|{$_POST[$vipname]}"; + } + /* check for overlaps */ + if ($_POST['name'] == $gwname) { + $input_errors[] = sprintf(gettext('A gateway group cannot have the same name with a gateway "%s" please choose another name.'), $_POST['name']); + } + + } + if (count($pconfig['item']) == 0) { + $input_errors[] = gettext("No gateway(s) have been selected to be used in this group"); + } + + if (!$input_errors) { + $gateway_group = array(); + $gateway_group['name'] = $_POST['name']; + $gateway_group['item'] = $pconfig['item']; + $gateway_group['trigger'] = $_POST['trigger']; + $gateway_group['descr'] = $_POST['descr']; + + if (isset($id) && $a_gateway_groups[$id]) { + $a_gateway_groups[$id] = $gateway_group; + } else { + $a_gateway_groups[] = $gateway_group; + } + + mark_subsystem_dirty('staticroutes'); + mark_subsystem_dirty('gwgroup.' . $gateway_group['name']); + + write_config(); + + header("Location: system_gateway_groups.php"); + exit; + } +} + +$pgtitle = array(gettext("System"), gettext("Gateways"), gettext("Edit gateway group")); +$shortcut_section = "gateway-groups"; + +function build_gateway_protocol_map (&$a_gateways) { + $result = array(); + foreach ($a_gateways as $gwname => $gateway) { + $result[$gwname] = $gateway['ipprotocol']; + } + + return $result; +} + +function build_carp_list() { + global $carplist; + + $list = array('address' => gettext('Interface Address')); + + foreach($carplist as $vip => $address) { + if(($gateway['ipprotocol'] == "inet") && (!is_ipaddrv4($address))) + continue; + if(($gateway['ipprotocol'] == "inet6") && (!is_ipaddrv6($address))) + continue; + + $list[$vip] = "$vip - $address"; + } + + return($list); +} + +include("head.inc"); + +$gateway_protocol = build_gateway_protocol_map($a_gateways); +$gateway_array = array_keys($a_gateways); +$protocol_array = array_values($gateway_protocol); +$protocol_array = array_values(array_unique($gateway_protocol)); + +if ($input_errors) + print_input_errors($input_errors); + +require('classes/Form.class.php'); + +$form = new Form(); + +$section = new Form_Section('Edit gateway group entry'); + +$section->addInput(new Form_Input( + 'nentries', + 'Group Name', + 'text' +)); + + +$carplist = get_configured_carp_interface_list($interface); +$row == 0; +$numrows = count($a_gateways) - 1; + +foreach($a_gateways as $gwname => $gateway) { + if(!empty($pconfig['item'])) { + $af = explode("|", $pconfig['item'][0]); + $family = $a_gateways[$af[0]]['ipprotocol']; + if($gateway['ipprotocol'] != $family) { + $rows++; + continue; + } + } + + $interface = $gateway['friendlyiface']; + $selected = array(); + + foreach((array)$pconfig['item'] as $item) { + $itemsplit = explode("|", $item); + if($itemsplit[0] == $gwname) { + $selected[$itemsplit[1]] = "selected=\"selected\""; + break; + } else { + $selected[0] = "selected=\"selected\""; + } + } + + $group = new Form_Group($row == 0 ? 'Gateway Priority':null); + $group->addClass($gateway['ipprotocol']); + + $group->add(new Form_Input( + 'gwname' . $row, + 'Group Name', + 'text', + $gateway['name'] + ))->setHelp($row == $numrows ? 'Gateway':null); + + $group->add(new Form_Select( + $gwname, + 'Tier', + isset($pconfig['filterdescriptions']) ? $pconfig['filterdescriptions']:'0', + array( + '0' => 'Never', + '1' => 'Tier 1', + '2' => 'Tier 2', + '3' => 'Tier 3', + '4' => 'Tier 4', + '5' => 'Tier 5' + ) + ))->setHelp($row == $numrows ? 'Tier':null)->addClass('row')->addClass($gateway['ipprotocol']); + + $group->add(new Form_Select( + $gwname . '_vip', + 'Virtual IP', + !isset($pconfig['filterdescriptions']) ? '0':$pconfig['filterdescriptions'], + build_carp_list() + ))->setHelp($row == $numrows ? 'Virtual IP':null); + + $group->add(new Form_Input( + 'nentries', + 'Group Name', + 'text', + $gateway['descr'] + ))->setWidth(3)->setHelp($row == $numrows ? 'Description':null); + + $section->add($group); + + $row++; +} // e-o-forwach + +$section->addInput(new Form_StaticText( + 'Link Priority', + 'The priority selected here defines in what order failover and balancing of links will be done. ' . + 'Multiple links of the same priority will balance connections until all links in the priority will be exhausted. ' . + 'If all links in a priority level are exhausted we will use the next available link(s) in the next priority level.' +)); + +$section->addInput(new Form_StaticText( + 'Virtual IP', + 'The virtual IP field selects which (virtual) IP should be used when this group applies to a local Dynamic DNS, IPsec or OpenVPN endpoint.' +)); + +$section->addInput(new Form_Select( + 'trigger', + 'Trigger Level', + $pconfig['trigger'], + array( + '0' => 'Member down', + '1' => 'Packet Loss', + '2' => 'High Latency', + '3' => 'Packet Loss or High latency' + ) +))->setHelp('When to trigger exclusion of a member'); + +$section->addInput(new Form_Input( + 'descr', + 'Description', + 'text', + $pconfig['descr'] +))->setHelp('You may enter a description here for your reference (not parsed).'); + +if (isset($id) && $a_gateway_groups[$id]){ + $section->addInput(new Form_Input( + 'id', + null, + 'hidden', + $id + )); +} + +$form->add($section); + +print($form); +?> + +<script type="text/javascript"> +//<![CDATA[ +events.push(function(){ + // Hides all elements of the specified class. This will usually be a section or group + function hideClass(s_class, hide) { + if(hide) + $('.' + s_class).hide(); + else + $('.' + s_class).show(); + } + + // On changing a Tier selector on any row, find which protocol it uses (class) + // and disable the opposite + $('.row').on('change', function() { + // If user selects 'Never', unhide all rows + if($(this).find(":selected").index() == 0) { + hideClass('inet', false); + hideClass('inet6', false); + } + else { // Otherwise hide the rows that are ont of 'this' protocol + if($(this).hasClass('inet6')) + hideClass('inet', true); + else + hideClass('inet6', true); + } + }); +}); +//]]> +</script> + +<?php +include("foot.inc");
\ No newline at end of file |