diff options
Diffstat (limited to 'src/usr/local/www')
-rw-r--r-- | src/usr/local/www/firewall_virtual_ip.php | 16 | ||||
-rw-r--r-- | src/usr/local/www/firewall_virtual_ip_edit.php | 58 | ||||
-rw-r--r-- | src/usr/local/www/interfaces_gre.php | 9 | ||||
-rw-r--r-- | src/usr/local/www/services_ntpd.php | 17 | ||||
-rw-r--r-- | src/usr/local/www/services_router_advertisements.php | 29 | ||||
-rw-r--r-- | src/usr/local/www/status_carp.php | 79 | ||||
-rw-r--r-- | src/usr/local/www/system_gateway_groups_edit.php | 66 | ||||
-rw-r--r-- | src/usr/local/www/vpn_ipsec.php | 13 | ||||
-rw-r--r-- | src/usr/local/www/vpn_ipsec_phase1.php | 15 | ||||
-rwxr-xr-x | src/usr/local/www/xmlrpc.php | 4 |
10 files changed, 139 insertions, 167 deletions
diff --git a/src/usr/local/www/firewall_virtual_ip.php b/src/usr/local/www/firewall_virtual_ip.php index 964ba69..4e8226c 100644 --- a/src/usr/local/www/firewall_virtual_ip.php +++ b/src/usr/local/www/firewall_virtual_ip.php @@ -302,10 +302,18 @@ display_top_tabs($tab_array); <tbody> <?php $interfaces = get_configured_interface_with_descr(false, true); -$carplist = get_configured_carp_interface_list(); - -foreach ($carplist as $cif => $carpip) { - $interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")"; +$viplist = get_configured_vip_list(); + +foreach ($viplist as $vipname => $address) { + $interfaces[$vipname] = $address; + $interfaces[$vipname] .= " ("; + if (get_vip_descr($address)) + $interfaces[$vipname] .= get_vip_descr($address); + else { + $vip = get_configured_vip($vipname); + $interfaces[$vipname] .= "vhid: {$vip['vhid']}"; + } + $interfaces[$vipname] .= ")"; } $interfaces['lo0'] = "Localhost"; diff --git a/src/usr/local/www/firewall_virtual_ip_edit.php b/src/usr/local/www/firewall_virtual_ip_edit.php index f459813..d3beb92 100644 --- a/src/usr/local/www/firewall_virtual_ip_edit.php +++ b/src/usr/local/www/firewall_virtual_ip_edit.php @@ -141,23 +141,18 @@ if ($_POST) { if (isset($id) && isset($a_vip[$id])) { $ignore_if = $a_vip[$id]['interface']; $ignore_mode = $a_vip[$id]['mode']; - if (isset($a_vip[$id]['uniqid'])) { + if (isset($a_vip[$id]['uniqid'])) $ignore_uniqid = $a_vip[$id]['uniqid']; - } } else { $ignore_if = $_POST['interface']; $ignore_mode = $_POST['mode']; } - if (!isset($ignore_uniqid)) { + if (!isset($ignore_uniqid)) $ignore_uniqid = $_POST['uniqid']; - } - if ($ignore_mode == 'carp') { + if ($ignore_mode == 'carp' || $ignore_mode == 'ipalias') $ignore_if = "_vip{$ignore_uniqid}"; - } else { - $ignore_if .= "_virtualip{$id}"; - } if (is_ipaddr_configured($_POST['subnet'], $ignore_if)) { $input_errors[] = gettext("This IP address is being used by another interface or VIP."); @@ -215,37 +210,18 @@ if ($_POST) { if ($_POST['interface'] == 'lo0') { $input_errors[] = gettext("For this type of vip localhost is not allowed."); - } else if (strpos($_POST['interface'], '_vip')) { + } else if (strstr($_POST['interface'], '_vip')) { $input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs."); } break; case 'ipalias': - if (strstr($_POST['interface'], "_vip")) { - if (is_ipaddrv4($_POST['subnet'])) { - $parent_ip = get_interface_ip($_POST['interface']); - $parent_sn = get_interface_subnet($_POST['interface']); - $subnet = gen_subnet($parent_ip, $parent_sn); - } else if (is_ipaddrv6($_POST['subnet'])) { - $parent_ip = get_interface_ipv6($_POST['interface']); - $parent_sn = get_interface_subnetv6($_POST['interface']); - $subnet = gen_subnetv6($parent_ip, $parent_sn); - } - - if (isset($parent_ip) && !ip_in_subnet($_POST['subnet'], "{$subnet}/{$parent_sn}") && - !ip_in_interface_alias_subnet(link_carp_interface_to_parent($_POST['interface']), $_POST['subnet'])) { - $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; - $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."), $cannot_find); - } - - unset($parent_ip, $parent_sn, $subnet); - } - + /* ipalias works fine with localhost and CARP. */ break; default: if ($_POST['interface'] == 'lo0') { $input_errors[] = gettext("For this type of vip localhost is not allowed."); - } else if (strpos($_POST['interface'], '_vip')) { + } else if (strstr($_POST['interface'], '_vip')) { $input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs."); } @@ -283,6 +259,10 @@ if ($_POST) { } } + /* IPalias specific fields */ + if ($_POST['mode'] === "ipalias") + $vipent['uniqid'] = $_POST['uniqid']; + /* Common fields */ $vipent['descr'] = $_POST['descr']; if (isset($_POST['type'])) { @@ -343,10 +323,20 @@ function build_if_list() { $list = array(); $interfaces = get_configured_interface_with_descr(false, true); - $carplist = get_configured_carp_interface_list(); - - foreach ($carplist as $cif => $carpip) { - $interfaces[$cif] = $carpip . ' (' . get_vip_descr($carpip) . ')'; + $carplist = get_configured_vip_list(); + + foreach ($carplist as $vipname => $address) { + $vip = get_configured_vip($vipname); + if ($vip['mode'] != 'carp') + continue; + + $interfaces[$vipname] = $address; + $interfaces[$vipname] .= " ("; + if (get_vip_descr($address)) + $interfaces[$vipname] .= get_vip_descr($address); + else + $interfaces[$vipname] .= "vhid: {$vip['vhid']}"; + $interfaces[$vipname] .= ")"; } $interfaces['lo0'] = 'Localhost'; diff --git a/src/usr/local/www/interfaces_gre.php b/src/usr/local/www/interfaces_gre.php index 76da5dc..0acbf1e 100644 --- a/src/usr/local/www/interfaces_gre.php +++ b/src/usr/local/www/interfaces_gre.php @@ -135,10 +135,15 @@ display_top_tabs($tab_array); </tr> </thead> <tbody> -<?php foreach ($a_gres as $i => $gre): ?> +<?php foreach ($a_gres as $i => $gre): + if (substr($gre['if'], 0, 4) == "_vip") + $if = convert_real_interface_to_friendly_descr(get_real_interface($gre['if'])); + else + $if = $gre['if']; +?> <tr> <td> - <?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($gre['if']))?> + <?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($if))?> </td> <td> <?=htmlspecialchars($gre['remote-addr'])?> diff --git a/src/usr/local/www/services_ntpd.php b/src/usr/local/www/services_ntpd.php index 7892456..e91545b 100644 --- a/src/usr/local/www/services_ntpd.php +++ b/src/usr/local/www/services_ntpd.php @@ -229,22 +229,9 @@ function build_interface_list() { $iflist = array('options' => array(), 'selected' => array()); $interfaces = get_configured_interface_with_descr(); - $carplist = get_configured_carp_interface_list(); - - foreach ($carplist as $cif => $carpip) { - $interfaces[$cif] = $carpip . " (" . get_vip_descr($carpip) .")"; - } - - $aliaslist = get_configured_ip_aliases_list(); - - foreach ($aliaslist as $aliasip => $aliasif) { - $interfaces[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; - } - - $size = (count($interfaces) < 10) ? count($interfaces) : 10; - foreach ($interfaces as $iface => $ifacename) { - if (!is_ipaddr(get_interface_ip($iface)) && !is_ipaddr($iface)) { + if (!is_ipaddr(get_interface_ip($iface)) && + !is_ipaddrv6(get_interface_ipv6($iface))) { continue; } diff --git a/src/usr/local/www/services_router_advertisements.php b/src/usr/local/www/services_router_advertisements.php index dd13ed1..c7a221b 100644 --- a/src/usr/local/www/services_router_advertisements.php +++ b/src/usr/local/www/services_router_advertisements.php @@ -122,7 +122,6 @@ if (is_array($config['dhcpdv6'][$if])) { $pconfig['ravalidlifetime'] = $config['dhcpdv6'][$if]['ravalidlifetime']; $pconfig['rapreferredlifetime'] = $config['dhcpdv6'][$if]['rapreferredlifetime']; - $pconfig['rainterface'] = $config['dhcpdv6'][$if]['rainterface']; $pconfig['radomainsearchlist'] = $config['dhcpdv6'][$if]['radomainsearchlist']; list($pconfig['radns1'], $pconfig['radns2'], $pconfig['radns3']) = $config['dhcpdv6'][$if]['radnsserver']; $pconfig['rasamednsasdhcp6'] = isset($config['dhcpdv6'][$if]['rasamednsasdhcp6']); @@ -144,7 +143,6 @@ $priority_modes = array( "low" => gettext("Low"), "medium" => gettext("Normal"), "high" => gettext("High")); -$carplist = get_configured_carp_interface_list(); $subnets_help = '<span class="help-block">' . gettext("Subnets are specified in CIDR format. " . @@ -206,7 +204,6 @@ if ($_POST) { $config['dhcpdv6'][$if]['ramode'] = $_POST['ramode']; $config['dhcpdv6'][$if]['rapriority'] = $_POST['rapriority']; - $config['dhcpdv6'][$if]['rainterface'] = $_POST['rainterface']; $config['dhcpdv6'][$if]['ravalidlifetime'] = $_POST['ravalidlifetime']; $config['dhcpdv6'][$if]['rapreferredlifetime'] = $_POST['rapreferredlifetime']; @@ -325,37 +322,11 @@ $section->addInput(new Form_Input( ))->setHelp('Seconds. The length of time in seconds (relative to the time the packet is sent) that addresses generated from the prefix via stateless address autoconfiguration remain preferred.' . ' <br />' . 'The default is 14400 seconds.'); -$carplistif = array(); -if (count($carplist) > 0) { - foreach ($carplist as $ifname => $vip) { - if ((preg_match("/^{$if}_/", $ifname)) && (is_ipaddrv6($vip))) { - $carplistif[$ifname] = $vip; - } - } -} - -if (count($carplistif) > 0) { - $list = array(); - - foreach ($carplistif as $ifname => $vip) { - $list['interface'] = strtoupper($if); - $list[$ifname] = $ifname . ' - ' . $vip; - } - - $section->addInput(new Form_Select( - 'rainterface', - 'RA Interface', - $pconfig['rainterface'], - $list - ))->setHelp('Select the Interface for the Router Advertisement (RA) Daemon.'); -} - $section->addInput(new Form_StaticText( 'RA Subnets', $subnets_help )); - if (empty($pconfig['subnets'])) { $pconfig['subnets'] = array('0' => '/128'); } diff --git a/src/usr/local/www/status_carp.php b/src/usr/local/www/status_carp.php index 39d2a64..748c36b 100644 --- a/src/usr/local/www/status_carp.php +++ b/src/usr/local/www/status_carp.php @@ -64,11 +64,25 @@ require_once("guiconfig.inc"); require_once("globals.inc"); unset($interface_arr_cache); -unset($carp_interface_count_cache); unset($interface_ip_arr_cache); + +function find_ipalias($carpif) { + global $config; + + $ips = array(); + foreach ($config['virtualip']['vip'] as $vip) { + if ($vip['mode'] != "ipalias") + continue; + if ($vip['interface'] != $carpif) + continue; + $ips[] = "{$vip['subnet']}/{$vip['subnet_bits']}"; + } + + return ($ips); +} + $status = get_carp_status(); -$status = intval($status); if ($_POST['carp_maintenancemode'] != "") { interfaces_carp_set_maintenancemode(!isset($config["virtualip_carp_maintenancemode"])); @@ -80,28 +94,27 @@ if ($_POST['disablecarp'] != "") { if (is_array($config['virtualip']['vip'])) { $viparr = &$config['virtualip']['vip']; foreach ($viparr as $vip) { - switch ($vip['mode']) { - case "carp": - interface_vip_bring_down($vip); - - /* - * Reconfigure radvd when necessary - * XXX: Is it the best way to do it? - */ - if (isset($config['dhcpdv6']) && is_array($config['dhcpdv6'])) { - foreach ($config['dhcpdv6'] as $dhcpv6if => $dhcpv6ifconf) { - if ($dhcpv6if !== $vip['interface'] || - $dhcpv6ifconf['ramode'] === "disabled") { - continue; - } - - services_radvd_configure(); - break; - } + if ($vip['mode'] != "carp" && $vip['mode'] != "ipalias") + continue; + if ($vip['mode'] == "ipalias" && substr($vip['interface'], 0, 4) != "_vip") + continue; + + interface_vip_bring_down($vip); + + /* + * Reconfigure radvd when necessary + * XXX: Is it the best way to do it? + */ + if (isset($config['dhcpdv6']) && is_array($config['dhcpdv6'])) { + foreach ($config['dhcpdv6'] as $dhcpv6if => $dhcpv6ifconf) { + if ($dhcpv6if !== $vip['interface'] || + $dhcpv6ifconf['ramode'] === "disabled") { + continue; } - sleep(1); + services_radvd_configure(); break; + } } } } @@ -115,12 +128,10 @@ if ($_POST['disablecarp'] != "") { switch ($vip['mode']) { case "carp": interface_carp_configure($vip); - sleep(1); break; case 'ipalias': - if (strpos($vip['interface'], '_vip')) { + if (substr($vip['interface'], 0, 4) == "_vip") interface_ipalias_configure($vip); - } break; } } @@ -219,9 +230,9 @@ if ($carpcount == 0) { continue; } - $ipaddress = $carp['subnet']; $vhid = $carp['vhid']; $status = get_carp_interface_status("_vip{$carp['uniqid']}"); + $aliases = find_ipalias("_vip{$carp['uniqid']}"); if ($carp_enabled == false) { $icon = 'times-circle'; @@ -238,7 +249,13 @@ if ($carpcount == 0) { ?> <tr> <td><?=convert_friendly_interface_to_friendly_descr($carp['interface'])?>@<?=$vhid?></td> - <td><?=$ipaddress?></td> + <td> +<?php + printf("{$carp['subnet']}/{$carp['subnet_bits']}"); + for ($i = 0; $i < count($aliases); $i++) + printf("<br>{$aliases[$i]}"); +?> + </td> <td><i class="fa fa-<?=$icon?>"></i> <?=$status?></td> </tr> <?php }?> @@ -253,8 +270,14 @@ if ($carpcount == 0) { <div class="panel-body"> <ul> <?php - foreach (explode("\n", exec_command("/sbin/pfctl -vvss | /usr/bin/grep creator | /usr/bin/cut -d\" \" -f7 | /usr/bin/sort -u")) as $node) { - echo '<li>'. $node .'</li>'; + + $nodes = array(); + $states = pfSense_get_pf_states(); + for ($i = 0; $states != NULL && $i < count($states); $i++) { + $nodes[$states[$i]['creatorid']] = 1; + } + foreach ($nodes as $node => $nenabled) { + echo "<li>$node</li>"; } ?> </ul> diff --git a/src/usr/local/www/system_gateway_groups_edit.php b/src/usr/local/www/system_gateway_groups_edit.php index e875ffa..c083794 100644 --- a/src/usr/local/www/system_gateway_groups_edit.php +++ b/src/usr/local/www/system_gateway_groups_edit.php @@ -189,21 +189,15 @@ function build_gateway_protocol_map (&$a_gateways) { return $result; } -function build_carp_list() { - global $carplist, $gateway; +function build_vip_list($family = 'all') { $list = array('address' => gettext('Interface Address')); - foreach ($carplist as $vip => $address) { - if (($gateway['ipprotocol'] == "inet") && (!is_ipaddrv4($address))) { - continue; - } - if (($gateway['ipprotocol'] == "inet6") && (!is_ipaddrv6($address))) { - continue; - } - if ($gateway['friendlyiface'] == link_carp_interface_to_parent($vip)) { - $list[$vip] = "$address"; - } + $viplist = get_configured_vip_list($family); + foreach ($viplist as $vip => $address) { + $list[$vip] = "$address"; + if (get_vip_descr($address)) + $list[$vip] .= " (". get_vip_descr($address) .")"; } return($list); @@ -231,11 +225,16 @@ $section->addInput(new Form_Input( $pconfig['name'] )); - -$carplist = get_configured_carp_interface_list(); $row = 0; $numrows = count($a_gateways) - 1; +$group = new Form_Group('Gateway Priority'); +$group->add(new Form_StaticText('', ''))->setReadonly(); +$group->add(new Form_StaticText('', ''))->setReadonly(); +$group->add(new Form_StaticText('', ''))->setReadonly(); +$group->add(new Form_StaticText('', ''))->setWidth(3)->setReadonly(); +$section->add($group); + foreach ($a_gateways as $gwname => $gateway) { if (!empty($pconfig['item'])) { $af = explode("|", $pconfig['item'][0]); @@ -246,17 +245,19 @@ foreach ($a_gateways as $gwname => $gateway) { } } + $selected = '0'; + $vaddress = ''; foreach ((array)$pconfig['item'] as $item) { $itemsplit = explode("|", $item); if ($itemsplit[0] == $gwname) { $selected = $itemsplit[1]; + if (count($itemsplit) >= 3) + $vaddress = $itemsplit[2]; break; - } else { - $selected = '0'; } } - $group = new Form_Group($row == 0 ? 'Gateway Priority':null); + $group = new Form_Group(null); $group->addClass($gateway['ipprotocol']); $group->add(new Form_Input( @@ -264,8 +265,7 @@ foreach ($a_gateways as $gwname => $gateway) { 'Group Name', 'text', $gateway['name'] - ))->setHelp($row == $numrows ? 'Gateway':null) - ->setReadonly(); + ))->setReadonly(); $tr = gettext("Tier"); $group->add(new Form_Select( @@ -280,38 +280,34 @@ foreach ($a_gateways as $gwname => $gateway) { '4' => $tr . ' 4', '5' => $tr . ' 5' ) - ))->setHelp($row == $numrows ? 'Tier':null)->addClass('row')->addClass($gateway['ipprotocol']); - - foreach ((array)$pconfig['item'] as $item) { - $itemsplit = explode("|", $item); - if ($itemsplit[0] == $gwname) { - $selected = $itemsplit[2]; - break; - } else { - $selected = "0"; - } - } + ))->addClass('row')->addClass($gateway['ipprotocol']); $group->add(new Form_Select( $gwname . '_vip', 'Virtual IP', - $selected, - build_carp_list() - ))->setHelp($row == $numrows ? 'Virtual IP':null); + $vaddress, + build_vip_list($gateway['ipprotocol']) + )); $group->add(new Form_Input( 'description', 'Group Name', 'text', $gateway['descr'] - ))->setWidth(3)->setHelp($row == $numrows ? 'Description':null) - ->setReadonly(); + ))->setWidth(3)->setReadonly(); $section->add($group); $row++; } // e-o-foreach +$group = new Form_Group(null); +$group->add(new Form_StaticText('', ''))->setHelp('Gateway')->setReadonly(); +$group->add(new Form_StaticText('', ''))->setHelp('Tier')->setReadonly(); +$group->add(new Form_StaticText('', ''))->setHelp('Virtual IP')->setReadonly(); +$group->add(new Form_StaticText('', ''))->setWidth(3)->setHelp('Description')->setReadonly(); +$section->add($group); + $section->addInput(new Form_StaticText( 'Link Priority', 'The priority selected here defines in what order failover and balancing of links will be done. ' . diff --git a/src/usr/local/www/vpn_ipsec.php b/src/usr/local/www/vpn_ipsec.php index c4345cb..81f1dfe 100644 --- a/src/usr/local/www/vpn_ipsec.php +++ b/src/usr/local/www/vpn_ipsec.php @@ -323,14 +323,11 @@ display_top_tabs($tab_array); if ($ph1ent['interface']) { $iflabels = get_configured_interface_with_descr(); - $carplist = get_configured_carp_interface_list(); - foreach ($carplist as $cif => $carpip) { - $iflabels[$cif] = $carpip." (".get_vip_descr($carpip).")"; - } - - $aliaslist = get_configured_ip_aliases_list(); - foreach ($aliaslist as $aliasip => $aliasif) { - $iflabels[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; + $viplist = get_configured_vip_list(); + foreach ($viplist as $vip => $address) { + $iflabels[$vip] = $address; + if (get_vip_descr($address)) + $iflabels[$vip] .= " (". get_vip_descr($address) .")"; } $grouplist = return_gateway_groups_array(); diff --git a/src/usr/local/www/vpn_ipsec_phase1.php b/src/usr/local/www/vpn_ipsec_phase1.php index 5cd751e..aba06f3 100644 --- a/src/usr/local/www/vpn_ipsec_phase1.php +++ b/src/usr/local/www/vpn_ipsec_phase1.php @@ -524,16 +524,11 @@ if ($_POST) { function build_interface_list() { $interfaces = get_configured_interface_with_descr(); - $carplist = get_configured_carp_interface_list(); - - foreach ($carplist as $cif => $carpip) { - $interfaces[$cif] = $carpip . " (" . get_vip_descr($carpip) . ")"; - } - - $aliaslist = get_configured_ip_aliases_list(); - - foreach ($aliaslist as $aliasip => $aliasif) { - $interfaces[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; + $viplist = get_configured_vip_list(); + foreach ($viplist as $vip => $address) { + $interfaces[$vip] = $address; + if (get_vip_descr($address)) + $interfaces[$vip] .= " (". get_vip_descr($address) .")"; } $grouplist = return_gateway_groups_array(); diff --git a/src/usr/local/www/xmlrpc.php b/src/usr/local/www/xmlrpc.php index 559a168..d2d8ded 100755 --- a/src/usr/local/www/xmlrpc.php +++ b/src/usr/local/www/xmlrpc.php @@ -244,11 +244,11 @@ function restore_config_section_xmlrpc($raw_params) { $oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['content'] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; $oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['interface'] = $vip['interface']; $oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['subnet'] = $vip['subnet']; - } else if ($vip['mode'] == "ipalias" && (substr($vip['interface'], 0, 4) == '_vip' || strpos($vip['interface'], "lo0"))) { + } else if ($vip['mode'] == "ipalias" && (substr($vip['interface'], 0, 4) == '_vip' || strstr($vip['interface'], "lo0"))) { $oldvips[$vip['subnet']]['content'] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}"; $oldvips[$vip['subnet']]['interface'] = $vip['interface']; $oldvips[$vip['subnet']]['subnet'] = $vip['subnet']; - } else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !(substr($vip['interface'], 0, 4) == '_vip') || strpos($vip['interface'], "lo0")) { + } else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !(substr($vip['interface'], 0, 4) == '_vip') || strstr($vip['interface'], "lo0")) { $vipbackup[] = $vip; } } |