diff options
Diffstat (limited to 'src')
52 files changed, 868 insertions, 477 deletions
diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index 563987b..59114d6 100644 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -1583,6 +1583,7 @@ function get_user_settings($username) { $settings['webgui']['dashboardavailablewidgetspanel'] = isset($config['system']['webgui']['dashboardavailablewidgetspanel']); $settings['webgui']['webguifixedmenu'] = isset($config['system']['webgui']['webguifixedmenu']); $settings['webgui']['webguileftcolumnhyper'] = isset($config['system']['webgui']['webguileftcolumnhyper']); + $settings['webgui']['disablealiaspopupdetail'] = isset($config['system']['webgui']['disablealiaspopupdetail']); $settings['webgui']['systemlogsfilterpanel'] = isset($config['system']['webgui']['systemlogsfilterpanel']); $settings['webgui']['systemlogsmanagelogpanel'] = isset($config['system']['webgui']['systemlogsmanagelogpanel']); $settings['webgui']['statusmonitoringsettingspanel'] = isset($config['system']['webgui']['statusmonitoringsettingspanel']); @@ -1606,6 +1607,7 @@ function get_user_settings($username) { $settings['webgui']['dashboardavailablewidgetspanel'] = isset($user['dashboardavailablewidgetspanel']); $settings['webgui']['webguifixedmenu'] = isset($user['webguifixedmenu']); $settings['webgui']['webguileftcolumnhyper'] = isset($user['webguileftcolumnhyper']); + $settings['webgui']['disablealiaspopupdetail'] = isset($user['disablealiaspopupdetail']); $settings['webgui']['systemlogsfilterpanel'] = isset($user['systemlogsfilterpanel']); $settings['webgui']['systemlogsmanagelogpanel'] = isset($user['systemlogsmanagelogpanel']); $settings['webgui']['statusmonitoringsettingspanel'] = isset($user['statusmonitoringsettingspanel']); diff --git a/src/etc/inc/globals.inc b/src/etc/inc/globals.inc index 3a55902..b49b424 100644 --- a/src/etc/inc/globals.inc +++ b/src/etc/inc/globals.inc @@ -37,6 +37,7 @@ define('DMYPWD', "********"); global $g; $g = array( + "base_packages" => "siproxd", "event_address" => "unix:///var/run/check_reload_status", "factory_shipped_username" => "admin", "factory_shipped_password" => "pfsense", @@ -70,7 +71,7 @@ $g = array( "disablecrashreporter" => false, "crashreporterurl" => "https://crashreporter.pfsense.org/crash_reporter.php", "debug" => false, - "latest_config" => "16.2", + "latest_config" => "16.3", "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", "wan_interface_name" => "wan", diff --git a/src/etc/inc/gwlb.inc b/src/etc/inc/gwlb.inc index f3e7904..d7cecc0 100644 --- a/src/etc/inc/gwlb.inc +++ b/src/etc/inc/gwlb.inc @@ -630,6 +630,9 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive } } unset($gateway); + + //Sort the array by GW name before moving on. + ksort($gateways_arr, SORT_STRING | SORT_FLAG_CASE); /* Loop through all interfaces with a gateway and add it to a array */ if ($disabled == false) { diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc index 155da45..40e5c27 100644 --- a/src/etc/inc/interfaces.inc +++ b/src/etc/inc/interfaces.inc @@ -1300,7 +1300,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = switch ($ifcfg['ipaddrv6']) { case "slaac": case "dhcp6": - kill_dhcp6client_process($realif, isset($ifcfg['dhcp6norelease'])); + kill_dhcp6client_process($realif, $destroy, false); unlink_if_exists("{$g['varetc_path']}/dhcp6c_{$interface}.conf"); unlink_if_exists("{$g['varetc_path']}/dhcp6c_{$interface}_script.sh"); unlink_if_exists("{$g['varetc_path']}/rtsold_{$realifv6}_script.sh"); @@ -3039,36 +3039,72 @@ function find_dhcp6c_process($interface) { return intval($pid); } -function kill_dhcp6client_process($interface, $norelease) { +function kill_dhcp6client_process($interface, $force, $release = false) { global $g; + $i = 0; + + /* + Beware of the following: Reason, the interface may be down, but + dhcp6c may still be running, it just complains it cannot send + and carries on. Commented out as will stop the call to kill. + if (empty($interface) || !does_interface_exist($interface)) { return; } + */ - if (($pid = find_dhcp6c_process($interface)) != 0) { - /* - * Kill -9 caused the pid to get left behind, also if we need a - * relase sent then it needs to be -15, this then allows dhcp6c - * to send the release, it will also clean up after itself - */ - $sig = (isset($norelease) ? SIGKILL : SIGTERM); - posix_kill($pid, $sig); - if(!isset($norelease)) { - /* - * Allow dhcp6c to send release and exit gracefully if - * needed. - */ - sleep(2); - } + /*********** Notes on signals for dhcp6c and this function ************* + + If we have Taken the WAN interface down, then dhcp6c sits there sending + a release and waiting for the response that never comes. + So we need to tell it that the interface is down and to just die quickly + otherwise a new client may launch and we have duplicate proceses. + In this case use SIGUSR1. + + If we want to exit normally obeying the no release flag then use SIGTERM. + If we want to exit with a release overiding the no release flag then + use SIGUSR2. + + If $Force is true it will use SIGUSR1, thus forcing dhcp6c to + exit quickly without sending release signals. + + If $Force is set to false and $release is also set to false dhcp6c will + follow the no-release flag. + + If $Force is set to false and $release is true then dhcp6c will send a + release regardless of the no-release flag. + ***********************************************************************/ + + if ($force == true) { + $psig=SIGUSR1; + } else if ($release == false) { + $psig=SIGTERM; + } else { + $psig=SIGUSR2; } - /* Clear the RTSOLD script created lock & tidy up */ + + while ((($pid = find_dhcp6c_process($interface)) != 0) && ($i < 3)) { + /* 3rd time make it die for sure */ + $sig = ($i == 2 ? SIGKILL : $psig); + posix_kill($pid, $sig); + sleep(1); + $i++; + } + /* Clear the RTSOLD script created lock & tidy up */ unlink_if_exists("/tmp/dhcp6c_{$interface}_lock"); - /* just in case! */ - unlink_if_exists("{$g['varrun_path']}/dhcp6c_{$interface}.pid"); + unlink_if_exists("{$g['varrun_path']}/dhcp6c_{$interface}.pid"); // just in case! +} +function reset_dhcp6client_process($interface) { + + $pid = find_dhcp6c_process($interface); + + if($pid != 0) { + posix_kill($pid, SIGHUP); + } } -function run_dhcp6client_process($interface, $wancfg) { +function run_dhcp6client_process($interface, $interface_name, $wancfg) { global $g; $debugOption = isset($wancfg['dhcp6debug']) ? "-D" : "-d"; @@ -3082,20 +3118,19 @@ function run_dhcp6client_process($interface, $wancfg) { * It should not happen as the process should have been killed and the * lock deleted. */ + if (!file_exists("/tmp/dhcp6c_{$interface}_lock")) { - kill_dhcp6client_process($interface, - isset($wancfg['dhcp6norelease'])); - + kill_dhcp6client_process($interface, true); /* Lock it to avoid multiple runs */ touch("/tmp/dhcp6c_{$interface}_lock"); mwexec("/usr/local/sbin/dhcp6c {$debugOption} " . "{$noreleaseOption} " . - "-c {$g['varetc_path']}/dhcp6c_wan.conf " . + "-c {$g['varetc_path']}/dhcp6c_{$interface_name}.conf " . "-p {$g['varrun_path']}/dhcp6c_{$interface}.pid " . $interface); log_error(sprintf(gettext( "Starting dhcp6 client for interface wan %s in DHCP6 without RA mode"), - $wanif)); + $interface)); } } @@ -3265,8 +3300,10 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven if ($g['debug']) { log_error(sprintf(gettext("Deny router advertisements for interface %s"), $interface)); } - mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " inet6 -accept_rtadv", true); - + if (isset($wancfg['dhcp6usev4iface']) || $wancfg['ipaddr']==='ppp') + { + mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " inet6 -accept_rtadv", true); + } /* wireless configuration? */ if (is_array($wancfg['wireless'])) { interface_wireless_configure($realif, $wancfg, $wancfg['wireless']); @@ -3945,6 +3982,13 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { log_error(gettext("Failed to write user DUID file!")); } } + + /* accept router advertisements for this interface */ + /* Moved to early in the function as sometimes interface not ready */ + /* RTSOLD fails as interface does not accept ..... */ + + log_error("Accept router advertisements on interface {$wanif} "); + mwexec("/sbin/ifconfig {$wanif} inet6 accept_rtadv"); if ($wancfg['adv_dhcp6_config_file_override']) { // DHCP6 Config File Override @@ -4022,6 +4066,9 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { } } + $debugOption = isset($wancfg['dhcp6debug']) ? "-D" : "-d"; + $noreleaseOption = isset($wancfg['dhcp6norelease']) ? "-n" : ""; + /* wide-dhcp6c works for now. */ if (!@file_put_contents("{$g['varetc_path']}/dhcp6c_{$interface}.conf", $dhcp6cconf)) { printf("Error: cannot open dhcp6c_{$interface}.conf in interface_dhcpv6_configure() for writing.\n"); @@ -4030,20 +4077,55 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { } unset($dhcp6cconf); - /* - * Script create for dhcp6withoutRA mode. - * dhcp6c will launch rtsold. rtsold will then run the wan ipv6 - * configure - */ - $dhcp6cscriptwithoutra = "#!/bin/sh\n"; + /*************** Script Debug Logging *************************** + Both dhcp6 scripts now have a logging message built in. + These logging messages ONLY appear if dhcp6c debug logging is set. + The logging messages appear in the dhcp section of the logs, + not in system. + + These scripts now also take advantage of the REASON= env vars + supplied by dhcp6c. + ****************************************************************/ + + /* Script create for dhcp6withoutRA mode */ + /* dhcp6c will launch rtsold. rtsold will then run the wan ipv6 configure */ + $dhcp6cscriptwithoutra = "#!/bin/sh\n"; $dhcp6cscriptwithoutra .= "# This shell script launches rtsold.\n"; $dhcp6cscriptwithoutra .= "dmips=\${new_domain_name_servers}\n"; $dhcp6cscriptwithoutra .= "dmnames=\${new_domain_name}\n"; + $dhcp6cscriptwithoutra .= "dreason=\${REASON}\n"; // Need to pass params to the final script $dhcp6cscriptwithoutra .= "echo \$dmips > /tmp/{$wanif}_domain_name_servers\n"; $dhcp6cscriptwithoutra .= "echo \$dmnames > /tmp/{$wanif}_new_domain_name\n"; + $dhcp6cscriptwithoutra .= "echo \$dreason > /tmp/{$wanif}_reason\n"; + $dhcp6cscriptwithoutra .= "case \$REASON in\n"; + $dhcp6cscriptwithoutra .= "REQUEST)\n"; + $dhcp6cscriptwithoutra .= "/bin/sleep 2\n"; $dhcp6cscriptwithoutra .= "/usr/sbin/rtsold -1 -p {$g['varrun_path']}/rtsold_{$wanif}.pid -O {$g['varetc_path']}/rtsold_{$wanif}_script.sh {$wanif}\n"; - + if ($debugOption == '-D') { + $dhcp6cscriptwithoutra .= "/usr/bin/logger -t dhcp6c \"dhcp6c REQUEST on {$wanif} - running rc.newwanipv6\"\n"; + } + $dhcp6cscriptwithoutra .= ";;\n"; + $dhcp6cscriptwithoutra .= "REBIND)\n"; + if ($debugOption == '-D') { + $dhcp6cscriptwithoutra .= "/usr/bin/logger -t dhcp6c \"dhcp6c rebind on {$wanif}\"\n"; + } + $dhcp6cscriptwithoutra .= ";;\n"; + if (isset($wancfg['dhcp6norelease'])) { + $dhcp6cscriptwithoutra .= "EXIT)\n"; + } else { + $dhcp6cscriptwithoutra .= "RELEASE)\n"; + } + if ($debugOption == '-D') { + $dhcp6cscriptwithoutra .= "/usr/bin/logger -t dhcp6c \"dhcp6c EXIT or RELEASE on {$wanif} running rc.newwanipv6\"\n"; + } + $dhcp6cscriptwithoutra .= "/usr/local/sbin/fcgicli -f /etc/rc.newwanipv6 -d \"interface={$wanif}&dmnames=\${dmnames}&dmips=\${dmips}\"\n"; + $dhcp6cscriptwithoutra .= ";;\n"; + $dhcp6cscriptwithoutra .= "RENEW|INFO)\n"; + if ($debugOption == '-D') { + $dhcp6cscriptwithoutra .= "/usr/bin/logger -t dhcp6c \"dhcp6c renew, no change - bypassing update on {$wanif}\"\n"; + } + $dhcp6cscriptwithoutra .= "esac\n"; if (!@file_put_contents( "{$g['varetc_path']}/dhcp6c_{$interface}_dhcp6withoutra_script.sh", $dhcp6cscriptwithoutra)) { @@ -4053,6 +4135,7 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { unset($dhcp6cscriptwithoutra); return 1; } + unset($dhcp6cscriptwithoutra); @chmod( "{$g['varetc_path']}/dhcp6c_{$interface}_dhcp6withoutra_script.sh", @@ -4067,12 +4150,41 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { if (!isset($wancfg['dhcp6withoutra'])) { $dhcp6cscript .= "dmips=\${new_domain_name_servers}\n"; $dhcp6cscript .= "dmnames=\${new_domain_name}\n"; + $dhcp6cscript .= "case \$REASON in\n"; + $dhcp6cscript .= "REQUEST)\n"; + $dhcp6cscript .= "/usr/local/sbin/fcgicli -f /etc/rc.newwanipv6 -d \"interface={$wanif}&dmnames=\${dmnames}&dmips=\${dmips}\"\n"; + if ($debugOption == '-D') { + $dhcp6cscript .= "/usr/bin/logger -t dhcp6c \"dhcp6c REQUEST on {$wanif} - running rc.newwanipv6\"\n"; + } + $dhcp6cscript .= ";;\n"; + $dhcp6cscript .= "REBIND)\n"; + if ($debugOption == '-D') { + $dhcp6cscript .= "/usr/bin/logger -t dhcp6c \"dhcp6c rebind on {$wanif}\"\n"; + } + $dhcp6cscript .= ";;\n"; + if (isset($wancfg['dhcp6norelease'])) { + $dhcp6cscript .= "EXIT)\n"; + } else { + $dhcp6cscript .= "RELEASE)\n"; + } + if ($debugOption == '-D') { + $dhcp6cscript .= "/usr/bin/logger -t dhcp6c \"dhcp6c EXIT or RELEASE on {$wanif} running rc.newwanipv6\"\n"; + } + $dhcp6cscript .= "/usr/local/sbin/fcgicli -f /etc/rc.newwanipv6 -d \"interface={$wanif}&dmnames=\${dmnames}&dmips=\${dmips}\"\n"; + $dhcp6cscript .= ";;\n"; + $dhcp6cscript .= "RENEW|INFO)\n"; + if ($debugOption == '-D') { + $dhcp6cscript .= "/usr/bin/logger -t dhcp6c \"dhcp6c renew, no change - bypassing update on {$wanif}\"\n"; + } + $dhcp6cscript .= "esac\n"; } else { // Need to get the paramaters from the dhcp6cwithoutRA run $dhcp6cscript .= "dmips=\$(cat \"/tmp/{$wanif}_domain_name_servers\")\n"; $dhcp6cscript .= "dmnames=\$(cat \"/tmp/{$wanif}_new_domain_name\")\n"; + $dhcp6cscript .= "/bin/sleep 1\n"; + $dhcp6cscript .= "/usr/local/sbin/fcgicli -f /etc/rc.newwanipv6 -d \"interface={$wanif}&dmnames=\${dmnames}&dmips=\${dmips}\"\n"; } - $dhcp6cscript .= "/usr/local/sbin/fcgicli -f /etc/rc.newwanipv6 -d \"interface={$wanif}&dmnames=\${dmnames}&dmips=\${dmips}\"\n"; + /* Add wide-dhcp6c shell script here. Because we can not pass a argument to it. */ if (!@file_put_contents("{$g['varetc_path']}/dhcp6c_{$interface}_script.sh", $dhcp6cscript)) { printf("Error: cannot open dhcp6c_{$interface}_script.sh in interface_dhcpv6_configure() for writing.\n"); @@ -4082,9 +4194,6 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { unset($dhcp6cscript); @chmod("{$g['varetc_path']}/dhcp6c_{$interface}_script.sh", 0755); - $debugOption = isset($wancfg['dhcp6debug']) ? "-D" : "-d"; - $noreleaseOption = isset($wancfg['dhcp6norelease']) ? "-n" : ""; - $rtsoldscript = "#!/bin/sh\n"; $rtsoldscript .= "# This shell script launches dhcp6c and configured gateways for this interface.\n"; $rtsoldscript .= "echo $2 > {$g['tmp_path']}/{$wanif}_routerv6\n"; @@ -4102,22 +4211,24 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { * of dhcp6c being launched */ $rtsoldscript .= "if [ ! -f /tmp/dhcp6c_{$wanif}_lock ]; then\n"; - $rtsoldscript .= "\tif [ -f {$g['varrun_path']}/dhcp6c_{$wanif}.pid ]; then\n"; - $rtsoldscript .= "\t\t/bin/pkill -F {$g['varrun_path']}/dhcp6c_{$wanif}.pid\n"; - $rtsoldscript .= "\t\t/bin/rm -f {$g['varrun_path']}/dhcp6c_{$wanif}.pid\n"; - $rtsoldscript .= "\t\t/bin/sleep 1\n"; - $rtsoldscript .= "\tfi\n"; /* * Create the lock file, trying to prevent multiple instances * of dhcp6c being launched */ $rtsoldscript .= "\t/usr/bin/touch /tmp/dhcp6c_{$wanif}_lock\n"; + $rtsoldscript .= "\tif [ -f {$g['varrun_path']}/dhcp6c_{$wanif}.pid ]; then\n"; + $rtsoldscript .= "\t\t/bin/pkill -F {$g['varrun_path']}/dhcp6c_{$wanif}.pid\n"; + $rtsoldscript .= "\t\t/bin/rm -f {$g['varrun_path']}/dhcp6c_{$wanif}.pid\n"; + $rtsoldscript .= "\t\t/bin/sleep 1\n"; + $rtsoldscript .= "\tfi\n"; $rtsoldscript .= "\t/usr/local/sbin/dhcp6c {$debugOption} " . "{$noreleaseOption} -c {$g['varetc_path']}/dhcp6c_{$interface}.conf " . "-p {$g['varrun_path']}/dhcp6c_{$wanif}.pid {$wanif}\n"; $rtsoldscript .= "\t/usr/bin/logger -t rtsold \"Starting dhcp6 client for interface {$interface}({$wanif})\"\n"; $rtsoldscript .= "else\n"; - $rtsoldscript .= "\t/usr/bin/logger -t rtsold \"RTSOLD Lock in place\"\n"; + $rtsoldscript .= "\t/usr/bin/logger -t rtsold \"RTSOLD Lock in place - sending SIGHUP to dhcp6c\"\n"; + $rtsoldscript .= "\tdhcp6c_pid=\$(cat \"{$g['varrun_path']}/dhcp6c_{$wanif}.pid\")\n"; + $rtsoldscript .= "\t/bin/kill -1 \${dhcp6c_pid}\n"; $rtsoldscript .= "fi\n"; } else { /* @@ -4137,12 +4248,9 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { unset($rtsoldscript); @chmod("{$g['varetc_path']}/rtsold_{$wanif}_script.sh", 0755); - /* accept router advertisements for this interface */ - log_error("Accept router advertisements on interface {$wanif} "); - mwexec("/sbin/ifconfig {$wanif} inet6 accept_rtadv"); - if (isvalidpid("{$g['varrun_path']}/rtsold_{$wanif}.pid")) { killbypid("{$g['varrun_path']}/rtsold_{$wanif}.pid"); + log_error("Killing running rtsold process"); sleep(2); } @@ -4167,7 +4275,7 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { * Otherwise it is not ready to accept and will fail. */ sleep(3); - run_dhcp6client_process($wanif,$wancfg); + run_dhcp6client_process($wanif,$interface,$wancfg); } } else { /* @@ -4175,6 +4283,8 @@ function interface_dhcpv6_configure($interface = "wan", $wancfg) { * ( it does not background, it exits! ) It will launch dhcp6c * if dhcpwihtoutra is not set */ + log_error("Starting rtsold process"); + sleep(2); mwexec("/usr/sbin/rtsold -1 " . "-p {$g['varrun_path']}/rtsold_{$wanif}.pid " . "-O {$g['varetc_path']}/rtsold_{$wanif}_script.sh " . @@ -5850,12 +5960,13 @@ function is_altq_capable($int) { * 20150328 - removed wireless drivers - ath, awi, bwn, iwi, ipw, ral, rum, run, wi - for now. redmine #4406 */ $capable = array("ae", "age", "alc", "ale", "an", "aue", "axe", "bce", - "bfe", "bge", "bridge", "cas", "cpsw", "cxl", "dc", "de", "ed", "em", "ep", "epair", "et", "fxp", "gem", - "hme", "hn", "igb", "ix", "jme", "le", "lem", "msk", "mxge", "my", "nfe", - "nge", "npe", "nve", "re", "rl", "sf", "sge", "sis", "sk", - "ste", "stge", "ti", "txp", "udav", "ural", "vge", "vmx", "vr", "vte", "xl", - "ndis", "tun", "ovpns", "ovpnc", "vlan", "pppoe", "pptp", "ng", - "l2tp", "ppp", "vtnet"); + "bfe", "bge", "bridge", "cas", "cpsw", "cxl", "dc", "de", + "ed", "em", "ep", "epair", "et", "fxp", "gem", "hme", "hn", + "igb", "ix", "jme", "l2tp", "le", "lem", "msk", "mxge", "my", + "ndis", "nfe", "ng", "nge", "npe", "nve", "ovpnc", "ovpns", + "ppp", "pppoe", "pptp", "re", "rl", "sf", "sge", "sis", "sk", + "ste", "stge", "ti", "tun", "txp", "udav", "ural", "vge", + "vlan", "vmx", "vr", "vte", "vtnet", "xl"); $int_family = remove_ifindex($int); diff --git a/src/etc/inc/pfsense-utils.inc b/src/etc/inc/pfsense-utils.inc index 60507e8..7aa5297 100644 --- a/src/etc/inc/pfsense-utils.inc +++ b/src/etc/inc/pfsense-utils.inc @@ -320,6 +320,25 @@ function gen_webguileftcolumnhyper_field(&$section, $value) { ))->setHelp('If selected, clicking a label in the left column will select/toggle the first item of the group.'); } +/****f* pfsense-utils/gen_disablealiaspopupdetail_field + * NAME + * gen_disablealiaspopupdetail_field + * INPUTS + * Pointer to section object + * Initial value for the field + * RESULT + * no return value, section object is updated + ******/ +function gen_disablealiaspopupdetail_field(&$section, $value) { + + $section->addInput(new Form_Checkbox( + 'disablealiaspopupdetail', + 'Alias Popups', + 'Disable details in alias popups', + $value + ))->setHelp('If selected, the details in alias popups will not be shown, just the alias description (e.g. in Firewall Rules).'); +} + /****f* pfsense-utils/gen_pagenamefirst_field * NAME * gen_pagenamefirst_field @@ -363,6 +382,7 @@ function gen_user_settings_fields(&$section, $pconfig) { $pconfig['systemlogsmanagelogpanel'], $pconfig['statusmonitoringsettingspanel']); gen_webguileftcolumnhyper_field($section, $pconfig['webguileftcolumnhyper']); + gen_disablealiaspopupdetail_field($section, $pconfig['disablealiaspopupdetail']); gen_pagenamefirst_field($section, $pconfig['pagenamefirst']); } diff --git a/src/etc/inc/pkg-utils.inc b/src/etc/inc/pkg-utils.inc index 199021a..09547b0 100644 --- a/src/etc/inc/pkg-utils.inc +++ b/src/etc/inc/pkg-utils.inc @@ -938,7 +938,7 @@ function delete_package_xml($package_name, $when = "post-deinstall") { } } /* deinstall commands */ - if ($when == "post-deinstall" && $pkg_config['custom_php_deinstall_command'] <> "") { + if ($when == "deinstall" && $pkg_config['custom_php_deinstall_command'] <> "") { update_status(gettext("Deinstall commands... ")); if ($missing_include == false) { eval_once($pkg_config['custom_php_deinstall_command']); diff --git a/src/etc/inc/service-utils.inc b/src/etc/inc/service-utils.inc index a4d2559..677036c 100644 --- a/src/etc/inc/service-utils.inc +++ b/src/etc/inc/service-utils.inc @@ -618,6 +618,7 @@ function service_control_start($name, $extras) { break; case 'relayd': relayd_configure(); + filter_configure(); break; default: start_service($name); @@ -757,6 +758,7 @@ function service_control_restart($name, $extras) { break; case 'relayd': relayd_configure(true); + filter_configure(); break; default: restart_service($name); diff --git a/src/etc/inc/upgrade_config.inc b/src/etc/inc/upgrade_config.inc index b350497..951ff85 100644 --- a/src/etc/inc/upgrade_config.inc +++ b/src/etc/inc/upgrade_config.inc @@ -5157,4 +5157,39 @@ function upgrade_161_to_162() { $config['system']['crypto_hardware'] = "cryptodev"; } } + +/* Traffic graphs widget settings are now stored in a layout similar + * to other widgets. Migrate any old settings. + */ +function upgrade_162_to_163() { + require_once("ipsec.inc"); + global $config; + + foreach (array('refreshinterval', 'invert', 'size', 'backgroundupdate') as $setting) { + if (isset($config['widgets']['trafficgraphs'][$setting])) { + $config['widgets']['traffic_graphs'][$setting] = $config['widgets']['trafficgraphs'][$setting]; + unset($config['widgets']['trafficgraphs'][$setting]); + } + } + + if (isset($config['widgets']['trafficgraphs']['shown'])) { + if (is_array($config['widgets']['trafficgraphs']['shown']['item'])) { + $ifdescrs = get_configured_interface_with_descr(); + + if (ipsec_enabled()) { + $ifdescrs['enc0'] = "IPsec"; + } + + $validNames = array(); + + foreach ($ifdescrs as $ifdescr => $ifname) { + array_push($validNames, $ifdescr); + } + + $config['widgets']['traffic_graphs']['filter'] = implode(',', array_diff($validNames, $config['widgets']['trafficgraphs']['shown']['item'])); + } + + unset($config['widgets']['trafficgraphs']['shown']); + } +} ?> diff --git a/src/etc/inc/util.inc b/src/etc/inc/util.inc index cdf67b9..4440bdc 100644 --- a/src/etc/inc/util.inc +++ b/src/etc/inc/util.inc @@ -1420,7 +1420,8 @@ function get_configured_interface_with_descr($only_opt = false, $withdisabled = } } } - + + asort($iflist); return $iflist; } diff --git a/src/etc/inc/vslb.inc b/src/etc/inc/vslb.inc index 7d59cb1..7c759de 100644 --- a/src/etc/inc/vslb.inc +++ b/src/etc/inc/vslb.inc @@ -485,6 +485,10 @@ function get_lb_anchors() { function cleanup_lb_anchor($anchorname = "*") { $lbanchors = get_lb_anchors(); foreach ($lbanchors as $lba) { + /* Skip empty/blank results */ + if (empty($lba)) { + continue; + } if (($anchorname == "*") || ($lba == "relayd/{$anchorname}")) { /* Flush both the NAT and the Table for the anchor, so it will be completely removed by pf. */ mwexec("/sbin/pfctl -a " . escapeshellarg($lba) . " -F nat"); diff --git a/src/etc/phpshellsessions/gitsync b/src/etc/phpshellsessions/gitsync index 26874c7..0ac9479 100644 --- a/src/etc/phpshellsessions/gitsync +++ b/src/etc/phpshellsessions/gitsync @@ -512,8 +512,8 @@ if (!$upgrading) { echo "===> Checkout complete.\n"; echo "\n"; if (!$upgrading) { - echo "Your system is now sync'd and PHP and nginx will be restarted in 5 seconds.\n\n"; + echo "The system is now sync'd and PHP and nginx will be restarted in 5 seconds.\n\n"; } else { - echo "Your system is now sync'd.\n\n"; + echo "The system is now sync'd.\n\n"; } diff --git a/src/usr/local/sbin/ppp-ipv6 b/src/usr/local/sbin/ppp-ipv6 index 53d9bcc..c98e1f1 100755 --- a/src/usr/local/sbin/ppp-ipv6 +++ b/src/usr/local/sbin/ppp-ipv6 @@ -41,11 +41,8 @@ function interface_ipv6_lower($interface_real) { break; } // bring down dhcp6c if it is running - $pidv6 = find_dhcp6c_process($interface_real); - if ($pidv6) { - posix_kill($pidv6, SIGTERM); - sleep(3); - } + kill_dhcp6client_process($interface_real,false); + unlink_if_exists("{$g['varetc_path']}/dhcp6c_{$interface}.conf"); // disable router advertisements (and therefore SLAAC) diff --git a/src/usr/local/www/diag_dns.php b/src/usr/local/www/diag_dns.php index de1b8bb..e66fe2f 100644 --- a/src/usr/local/www/diag_dns.php +++ b/src/usr/local/www/diag_dns.php @@ -117,6 +117,7 @@ if (isset($_POST['create_alias']) && (is_hostname($host) || is_ipaddr($host))) { } else { $a_aliases[] = $newalias; } + write_config(gettext("Created an alias from Diagnostics - DNS Lookup page.")); write_config(); $createdalias = true; } diff --git a/src/usr/local/www/firewall_aliases_edit.php b/src/usr/local/www/firewall_aliases_edit.php index fc4b8b0..4761d9f 100644 --- a/src/usr/local/www/firewall_aliases_edit.php +++ b/src/usr/local/www/firewall_aliases_edit.php @@ -611,6 +611,26 @@ $pattern_str = array( 'urltable_ports' => '.*' // Alias Name or URL ); +$title_str = array( + 'network' => 'An IPv4 network address like 1.2.3.0, an IPv6 network address like 1:2a:3b:ffff::0, IP address range, FQDN or an alias', + 'host' => 'An IPv4 address like 1.2.3.4, an IPv6 address like 1:2a:3b:ffff::1, IP address range, FQDN or an alias', + 'port' => 'A port number, port number range or an alias', + 'url' => 'URL', + 'url_ports' => 'URL', + 'urltable' => 'URL', + 'urltable_ports' => 'URL' +); + +$placeholder_str = array( + 'network' => 'Address', + 'host' => 'Address', + 'port' => 'Port', + 'url' => 'URL', + 'url_ports' => 'URL', + 'urltable' => 'URL', + 'urltable_ports' => 'URL' +); + $types = array( 'host' => gettext("Host(s)"), 'network' => gettext("Network(s)"), @@ -715,7 +735,7 @@ while ($counter < count($addresses)) { $group->add(new Form_IpAddress( 'address' . $counter, - $tab == 'port' ? 'Port':'Address', + 'Address', $address, 'ALIASV4V6' ))->addMask('address_subnet' . $counter, $address_subnet)->setWidth(4)->setPattern($pattern_str[$tab]); @@ -787,9 +807,15 @@ events.push(function() { // Set the input field pattern by tab type var patternstr = <?=json_encode($pattern_str);?>; - for (i = 0; i < <?=$counter;?>; i++) { - $('#address' + i).prop('pattern', patternstr[tab]); - } + var titlestr = <?=json_encode($title_str);?>; + var placeholderstr = <?=json_encode($placeholder_str);?>; + $("[id^='address']").each(function () { + if (/^address[0-9]+$/.test(this.id)) { + $('#' + this.id).prop('pattern', patternstr[tab]); + $('#' + this.id).prop('title', titlestr[tab]); + $('#' + this.id).prop('placeholder', placeholderstr[tab]); + } + }); // Hide and disable rows other than the first hideRowsAfter(1, (tab == 'urltable') || (tab == 'urltable_ports')); diff --git a/src/usr/local/www/firewall_nat_1to1_edit.php b/src/usr/local/www/firewall_nat_1to1_edit.php index e27d433..d16f4ce 100644 --- a/src/usr/local/www/firewall_nat_1to1_edit.php +++ b/src/usr/local/www/firewall_nat_1to1_edit.php @@ -104,6 +104,10 @@ if ($_POST['save']) { * cannot think he is slick and perform a XSS attack on the unwilling */ foreach ($_POST as $key => $value) { + if ($key == 'descr') { + continue; + } + $temp = str_replace(">", "", $value); $newpost = htmlentities($temp); diff --git a/src/usr/local/www/firewall_nat_edit.php b/src/usr/local/www/firewall_nat_edit.php index 96869b5..a77d6c1 100644 --- a/src/usr/local/www/firewall_nat_edit.php +++ b/src/usr/local/www/firewall_nat_edit.php @@ -114,6 +114,10 @@ if (isset($_REQUEST['dup']) && is_numericint($_REQUEST['dup'])) { unset($input_errors); foreach ($_REQUEST as $key => $value) { + if ($key == 'descr') { + continue; + } + $temp = $value; $newpost = htmlentities($temp); @@ -584,14 +588,16 @@ function build_dsttype_list() { $list[$ifent . 'ip'] = $ifdesc . ' address'; } } - + + //Temporary array so we can sort IPs + $templist = array(); if (is_array($config['virtualip']['vip'])) { foreach ($config['virtualip']['vip'] as $sn) { if (is_ipaddrv6($sn['subnet'])) { continue; } if (($sn['mode'] == "proxyarp" || $sn['mode'] == "other") && $sn['type'] == "network") { - $list[$sn['subnet'] . '/' . $sn['subnet_bits']] = 'Subnet: ' . $sn['subnet'] . '/' . $sn['subnet_bits'] . ' (' . $sn['descr'] . ')'; + $templist[$sn['subnet'] . '/' . $sn['subnet_bits']] = 'Subnet: ' . $sn['subnet'] . '/' . $sn['subnet_bits'] . ' (' . $sn['descr'] . ')'; if (isset($sn['noexpand'])) { continue; } @@ -602,13 +608,18 @@ function build_dsttype_list() { for ($i = 0; $i <= $len; $i++) { $snip = long2ip32($start+$i); - $list[$snip] = $snip . ' (' . $sn['descr'] . ')'; + $templist[$snip] = $snip . ' (' . $sn['descr'] . ')'; } } else { - $list[$sn['subnet']] = $sn['subnet'] . ' (' . $sn['descr'] . ')'; + $templist[$sn['subnet']] = $sn['subnet'] . ' (' . $sn['descr'] . ')'; } } } + + //Sort temp IP array and append onto main array + asort($templist); + $list = array_merge($list, $templist); + unset($templist); return($list); } diff --git a/src/usr/local/www/firewall_nat_out_edit.php b/src/usr/local/www/firewall_nat_out_edit.php index 92f9060..f9579d2 100644 --- a/src/usr/local/www/firewall_nat_out_edit.php +++ b/src/usr/local/www/firewall_nat_out_edit.php @@ -146,6 +146,10 @@ if ($_POST['save']) { * cannot think he is slick and perform a XSS attack on the unwilling */ foreach ($_POST as $key => $value) { + if ($key == 'descr') { + continue; + } + $temp = str_replace(">", "", $value); $newpost = htmlentities($temp); if ($newpost <> $temp) { @@ -406,10 +410,12 @@ function build_target_list() { $list[""] = gettext('Interface Address'); + //Temporary array so we can sort IPs + $templist = array(); if (is_array($config['virtualip']['vip'])) { foreach ($config['virtualip']['vip'] as $sn) { if (($sn['mode'] == "proxyarp" || $sn['mode'] == "other") && $sn['type'] == "network") { - $list['S' . $sn['subnet'] . '/' . $sn['subnet_bits']] = gettext('Subnet: ') . $sn['subnet'] . '/' . $sn['subnet_bits'] . ' (' . $sn['descr'] . ')'; + $templist['S' . $sn['subnet'] . '/' . $sn['subnet_bits']] = gettext('Subnet: ') . $sn['subnet'] . '/' . $sn['subnet_bits'] . ' (' . $sn['descr'] . ')'; if (isset($sn['noexpand'])) { continue; } @@ -419,13 +425,17 @@ function build_target_list() { for ($i = 0; $i <= $len; $i++) { $snip = long2ip32($start+$i); - $list['I' . $snip] = $snip . ' (' . $sn['descr'] . ')'; + $templist['I' . $snip] = $snip . ' (' . $sn['descr'] . ')'; } } else { - $list['I' . $sn['subnet']] = $sn['subnet'] . ' (' . $sn['descr'] . ')'; + $templist['I' . $sn['subnet']] = $sn['subnet'] . ' (' . $sn['descr'] . ')'; } } } + asort($templist); + //Append sorted IP array onto main array + $list = array_merge($list, $templist); + unset($templist); foreach ($a_aliases as $alias) { if ($alias['type'] != "host") { diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php index aff201a..b6087af 100644 --- a/src/usr/local/www/firewall_rules.php +++ b/src/usr/local/www/firewall_rules.php @@ -940,7 +940,7 @@ events.push(function() { } }); - // If so, change the icon to show the insetion point + // If so, change the icon to show the insertion point if (ruleselected) { if (e.shiftKey) { $(this).removeClass().addClass("fa fa-lg fa-arrow-down text-danger"); diff --git a/src/usr/local/www/firewall_rules_edit.php b/src/usr/local/www/firewall_rules_edit.php index 171cab6..1c11768 100644 --- a/src/usr/local/www/firewall_rules_edit.php +++ b/src/usr/local/www/firewall_rules_edit.php @@ -295,6 +295,7 @@ if (isset($id) && $a_filter[$id]) { if ($_REQUEST['if']) { $pconfig['interface'] = $_REQUEST['if']; } + $pconfig['ipprotocol'] = "inet"; // other things depend on this, set a sensible default $pconfig['type'] = "pass"; $pconfig['proto'] = "tcp"; // for new blank rules, default=tcp, also ensures ports fields are visible $pconfig['src'] = "any"; @@ -319,6 +320,19 @@ if ($_POST['save']) { if (!array_key_exists($_POST['ipprotocol'], $icmplookup)) { $input_errors[] = gettext("The IP protocol is not recognized."); + unset($_POST['ipprotocol']); + } + + // add validation + input error for $_POST['interface'] + + $valid = ($_POST['interface'] == "FloatingRules" || isset($_POST['floating'])) ? ['pass','block','reject', 'match'] : ['pass','block','reject']; + if (!(is_string($_POST['type']) && in_array($_POST['type'], $valid))) { + $input_errors[] = gettext("A valid rule type is not selected."); + unset($_POST['type']); + } + + if (isset($_POST['tracker']) && !is_numericint($_POST['tracker'])) { + unset($_POST['tracker']); // silently unset hidden input if invalid } if (isset($a_filter[$id]['associated-rule-id'])) { @@ -328,7 +342,7 @@ if ($_POST['save']) { } } - if (($_POST['ipprotocol'] <> "") && ($_POST['gateway'] <> "")) { + if (isset($_POST['ipprotocol']) && $_POST['gateway'] <> '') { if (is_array($config['gateways']['gateway_group'])) { foreach ($config['gateways']['gateway_group'] as $gw_group) { if ($gw_group['name'] == $_POST['gateway'] && $_POST['ipprotocol'] != $a_gatewaygroups[$_POST['gateway']]['ipprotocol']) { @@ -423,6 +437,11 @@ if ($_POST['save']) { $pconfig = $_POST; + if (!isset($pconfig['ipprotocol'])) { + // other things depend on this, so ensure a valid value if none provided + $pconfig['ipprotocol'] = "inet"; + } + if (($_POST['proto'] == "icmp") && count($_POST['icmptype'])) { $pconfig['icmptype'] = implode(',', $_POST['icmptype']); } else { @@ -554,14 +573,14 @@ if ($_POST['save']) { } } if ((is_ipaddrv6($_POST['src']) || is_ipaddrv6($_POST['dst'])) && ($_POST['ipprotocol'] == "inet")) { - $input_errors[] = gettext("IPv6 addresses cannot be used in IPv4 rules."); + $input_errors[] = gettext("IPv6 addresses cannot be used in IPv4 rules (except within an alias)."); } if ((is_ipaddrv4($_POST['src']) || is_ipaddrv4($_POST['dst'])) && ($_POST['ipprotocol'] == "inet6")) { - $input_errors[] = gettext("IPv4 addresses can not be used in IPv6 rules."); + $input_errors[] = gettext("IPv4 addresses can not be used in IPv6 rules (except within an alias)."); } if ((is_ipaddr($_POST['src']) || is_ipaddr($_POST['dst'])) && ($_POST['ipprotocol'] == "inet46")) { - $input_errors[] = gettext("IPv4 and IPv6 addresses can not be used in rules that apply to both IPv4 and IPv6."); + $input_errors[] = gettext("IPv4 and IPv6 addresses can not be used in rules that apply to both IPv4 and IPv6 (except within an alias)."); } if ($_POST['srcbeginport'] > $_POST['srcendport']) { @@ -593,8 +612,8 @@ if ($_POST['save']) { } elseif (!isset($t) || count($t) == 0) { // not specified or none selected unset($_POST['icmptype']); - } else { - // check data + } elseif (isset($_POST['ipprotocol'])) { + // check data; if ipprotocol invalid then safe to skip this (we can't determine valid icmptypes, but input error already raised for ipprotocol) $bad_types = array(); if ((count($t) == 1 && !isset($t['any'])) || count($t) > 1) { // Only need to check valid if just one selected != "any", or >1 selected @@ -642,7 +661,7 @@ if ($_POST['save']) { $input_errors[] = gettext("Please select a gateway, normally the interface selected gateway, so the limiters work correctly"); } } - if (!empty($_POST['ruleid']) && !ctype_digit($_POST['ruleid'])) { + if (!empty($_POST['ruleid']) && !is_numericint($_POST['ruleid'])) { $input_errors[] = gettext('ID must be an integer'); } @@ -755,13 +774,12 @@ if ($_POST['save']) { $filterent['tracker'] = empty($_POST['tracker']) ? (int)microtime(true) : $_POST['tracker']; $filterent['type'] = $_POST['type']; + if (isset($_POST['interface'])) { $filterent['interface'] = $_POST['interface']; - } + } // FIXME: can $_POST['interface'] be unset at this point, if so then what? - if (isset($_POST['ipprotocol'])) { - $filterent['ipprotocol'] = $_POST['ipprotocol']; - } + $filterent['ipprotocol'] = $_POST['ipprotocol']; if ($_POST['tcpflags_any']) { $filterent['tcpflags_any'] = true; diff --git a/src/usr/local/www/getserviceproviders.php b/src/usr/local/www/getserviceproviders.php index b9fd2b1..e4d9f91 100644 --- a/src/usr/local/www/getserviceproviders.php +++ b/src/usr/local/www/getserviceproviders.php @@ -42,6 +42,7 @@ function get_country_providers($country) { return is_array($sp['provider'][0]) ? $sp['provider'] : array($sp['provider']); } } + $provider_list = (is_array($provider_list)) ? $provider_list : array(); return $provider_list; } @@ -59,8 +60,12 @@ function country_list() { function providers_list($country) { $serviceproviders = get_country_providers($country); - foreach ($serviceproviders as $sp) { - echo $sp['name']['value'] . "\n"; + if (is_array($serviceproviders)) { + foreach ($serviceproviders as $sp) { + echo $sp['name']['value'] . "\n"; + } + } else { + $serviceproviders = array(); } } diff --git a/src/usr/local/www/guiconfig.inc b/src/usr/local/www/guiconfig.inc index 433b3b6..43321d9 100644 --- a/src/usr/local/www/guiconfig.inc +++ b/src/usr/local/www/guiconfig.inc @@ -1110,7 +1110,7 @@ function add_package_tabs($tabgroup, &$tab_array) { } function alias_info_popup($alias_id) { - global $config; + global $config, $user_settings; if (!is_array($config['aliases']['alias'][$alias_id])) { return; @@ -1120,7 +1120,13 @@ function alias_info_popup($alias_id) { $alias = $config['aliases']['alias'][$alias_id]; $content = ""; - if ($alias['url']) { + if ($user_settings['webgui']['disablealiaspopupdetail']) { + if (strlen($alias['descr']) >= $maxlength) { + $alias['descr'] = substr($alias['descr'], 0, $maxlength) . '…'; + } + + $content .= $alias['descr']; + } else if ($alias['url']) { // TODO: Change it when pf supports tables with ports if ($alias['type'] == "urltable") { exec("/sbin/pfctl -t {$alias['name']} -T show | wc -l", $total_entries); @@ -1164,10 +1170,6 @@ function alias_info_popup($alias_id) { $content .= "<table>\n"; } - if (strlen($alias['descr']) >= $maxlength) { - $alias['descr'] = substr($alias['descr'], 0, $maxlength) . '…'; - } - return $content; } diff --git a/src/usr/local/www/interfaces.php b/src/usr/local/www/interfaces.php index e00856d..fd9965b 100755 --- a/src/usr/local/www/interfaces.php +++ b/src/usr/local/www/interfaces.php @@ -987,10 +987,7 @@ if ($_POST['apply']) { kill_dhclient_process($wancfg['if']); } if ($wancfg['ipaddrv6'] == "dhcp6") { - $pid = find_dhcp6c_process($wancfg['if']); - if ($pid) { - posix_kill($pid, SIGTERM); - } + kill_dhcp6client_process($wancfg['if'],true); } } $ppp = array(); diff --git a/src/usr/local/www/interfaces_ppps_edit.php b/src/usr/local/www/interfaces_ppps_edit.php index c772637..be1fa84 100644 --- a/src/usr/local/www/interfaces_ppps_edit.php +++ b/src/usr/local/www/interfaces_ppps_edit.php @@ -241,9 +241,6 @@ if ($_POST['save']) { if ($_POST['type'] == "ppp" && count($_POST['interfaces']) > 1) { $input_errors[] = gettext("Multilink connections (MLPPP) using the PPP link type is not currently supported. Please select only one Link Interface."); } - if ($_POST['provider'] && !is_domain($_POST['provider'])) { - $input_errors[] = gettext("The Service name contains invalid characters."); - } if ($_POST['provider'] && $_POST['null_service']) { $input_errors[] = gettext("Do not specify both a Service name and a NULL Service name."); } @@ -1235,4 +1232,3 @@ events.push(function() { <?php include("foot.inc"); - diff --git a/src/usr/local/www/pkg.php b/src/usr/local/www/pkg.php index 55f5559..305f28b 100644 --- a/src/usr/local/www/pkg.php +++ b/src/usr/local/www/pkg.php @@ -93,24 +93,24 @@ $evaledvar = $config['installedpackages'][xml_safe_fieldname($pkg['name'])]['con if ($_REQUEST['act'] == "update") { if (is_array($config['installedpackages'][$pkg['name']]) && $pkg['name'] != "" && $_REQUEST['ids'] !="") { - #get current values + // get current values $current_values=$config['installedpackages'][$pkg['name']]['config']; - #get updated ids + // get updated ids parse_str($_REQUEST['ids'], $update_list); - #sort ids to know what to change - #useful to do not lose data when using sorting and paging + // sort ids to know what to change + // useful to do not lose data when using sorting and paging $sort_list=$update_list['ids']; sort($sort_list); - #apply updates + // apply updates foreach ($update_list['ids'] as $key=> $value) { $config['installedpackages'][$pkg['name']]['config'][$sort_list[$key]]=$current_values[$update_list['ids'][$key]]; } - #save current config - write_config(); - #sync package + // save current config + write_config(gettext("Package configuration changes saved from package settings page.")); + // sync package eval ("{$pkg['custom_php_resync_config_command']}"); } - #function called via jquery, no need to continue after save changes. + // function called via jquery, no need to continue after save changes. exit; } if ($_REQUEST['act'] == "del") { @@ -129,7 +129,7 @@ if ($_REQUEST['act'] == "del") { if ($a_pkg[$_REQUEST['id']]) { unset($a_pkg[$_REQUEST['id']]); - write_config(); + write_config(gettext("Package configuration item deleted from package settings page.")); if ($pkg['custom_delete_php_command'] != "") { if ($pkg['custom_php_command_before_form'] != "") { eval($pkg['custom_php_command_before_form']); diff --git a/src/usr/local/www/pkg_edit.php b/src/usr/local/www/pkg_edit.php index 559645b..f2603e5 100644 --- a/src/usr/local/www/pkg_edit.php +++ b/src/usr/local/www/pkg_edit.php @@ -33,6 +33,7 @@ require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); require_once("pkg-utils.inc"); +require_once("util.inc"); /* dummy stubs needed by some code that was MFC'd */ function pfSenseHeader($location) { @@ -159,7 +160,6 @@ if ($_POST) { } } - // donotsave is enabled. lets simply exit. if (empty($pkg['donotsave'])) { // store values in xml configuration file. @@ -175,11 +175,24 @@ if ($_POST) { foreach ($_POST as $key => $value) { $matches = array(); if (preg_match("/^{$rowhelperfield['fieldname']}(\d+)$/", $key, $matches)) { - $pkgarr[$rowhelpername][$matches[1]][$rowhelperfield['fieldname']] = $value; + if ($rowhelperfield['type'] == "textarea") { + $pkgarr[$rowhelpername][$matches[1]][$rowhelperfield['fieldname']] = unixnewlines($value); + } else { + $pkgarr[$rowhelpername][$matches[1]][$rowhelperfield['fieldname']] = $value; + } } } } break; + case "textarea": + $fieldname = $fields['fieldname']; + $fieldvalue = unixnewlines(trim($_POST[$fieldname])); + if ($fields['encoding'] == 'base64') { + $fieldvalue = base64_encode($fieldvalue); + } + if ($fieldname) { + $pkgarr[$fieldname] = $fieldvalue; + } default: $fieldname = $fields['fieldname']; if ($fieldname == "interface_array") { @@ -243,6 +256,7 @@ if ($_POST) { $get_from_post = true; } } elseif (!$input_errors) { + // donotsave is enabled. lets simply exit. exit; } } diff --git a/src/usr/local/www/services_checkip.php b/src/usr/local/www/services_checkip.php index 2b5f778..55c9a06 100644 --- a/src/usr/local/www/services_checkip.php +++ b/src/usr/local/www/services_checkip.php @@ -37,26 +37,31 @@ $a_checkipservice = &$config['checkipservices']['checkipservice']; $dirty = false; if ($_POST['act'] == "del") { unset($a_checkipservice[$_POST['id']]); + $wc_msg = gettext('Deleted a check IP service.'); $dirty = true; } else if ($_POST['act'] == "toggle") { if ($a_checkipservice[$_POST['id']]) { if (isset($a_checkipservice[$_POST['id']]['enable'])) { unset($a_checkipservice[$_POST['id']]['enable']); + $wc_msg = gettext('Disabled a check IP service.'); } else { $a_checkipservice[$_POST['id']]['enable'] = true; + $wc_msg = gettext('Enabled a check IP service.'); } $dirty = true; } else if ($_POST['id'] == count($a_checkipservice)) { if (isset($config['checkipservices']['disable_factory_default'])) { unset($config['checkipservices']['disable_factory_default']); + $wc_msg = gettext('Enabled the default check IP service.'); } else { $config['checkipservices']['disable_factory_default'] = true; + $wc_msg = gettext('Disabled the default check IP service.'); } $dirty = true; } } if ($dirty) { - write_config(); + write_config($wc_msg); header("Location: services_checkip.php"); exit; diff --git a/src/usr/local/www/services_unbound.php b/src/usr/local/www/services_unbound.php index 3f767c9..74ef389 100644 --- a/src/usr/local/www/services_unbound.php +++ b/src/usr/local/www/services_unbound.php @@ -441,8 +441,8 @@ events.push(function() { <thead> <tr> <th><?=gettext("Host")?></th> - <th><?=gettext("Domain")?></th> - <th><?=gettext("IP")?></th> + <th><?=gettext("Parent domain of host")?></th> + <th><?=gettext("IP to return for host")?></th> <th><?=gettext("Description")?></th> <th><?=gettext("Actions")?></th> </tr> @@ -504,6 +504,14 @@ endforeach; </div> </div> +<span class="help-block"> + Enter any individual hosts for which the resolver's standard DNS lookup process should be overridden and a specific + IPv4 or IPv6 address should automatically be returned by the resolver. Standard and also non-standard names and parent domains + can be entered, such as 'test', 'mycompany.localdomain', '1.168.192.in-addr.arpa', or 'somesite.com'. Any lookup attempt for + the host will automatically return the given IP address, and the usual lookup server for the domain will not be queried for + the host's records. +</span> + <nav class="action-buttons"> <a href="services_unbound_host_edit.php" class="btn btn-sm btn-success"> <i class="fa fa-plus icon-embed-btn"></i> @@ -518,7 +526,7 @@ endforeach; <thead> <tr> <th><?=gettext("Domain")?></th> - <th><?=gettext("IP")?></th> + <th><?=gettext("Lookup Server IP Address")?></th> <th><?=gettext("Description")?></th> <th><?=gettext("Actions")?></th> </tr> @@ -553,6 +561,13 @@ endforeach; </div> </div> +<span class="help-block"> + Enter any domains for which the resolver's standard DNS lookup process should be overridden and a different (non-standard) + lookup server should be queried instead. Non-standard, 'invalid' and local domains, and subdomains, can also be entered, + such as 'test', 'mycompany.localdomain', '1.168.192.in-addr.arpa', or 'somesite.com'. The IP address is treated as the + authoritative lookup server for the domain (including all of its subdomains), and other lookup servers will not be queried. +</span> + <nav class="action-buttons"> <a href="services_unbound_domainoverride_edit.php" class="btn btn-sm btn-success"> <i class="fa fa-plus icon-embed-btn"></i> diff --git a/src/usr/local/www/services_unbound_domainoverride_edit.php b/src/usr/local/www/services_unbound_domainoverride_edit.php index 17f2fee..f37f366 100644 --- a/src/usr/local/www/services_unbound_domainoverride_edit.php +++ b/src/usr/local/www/services_unbound_domainoverride_edit.php @@ -114,20 +114,20 @@ if ($input_errors) { $form = new Form(); -$section = new Form_Section('Domain Override'); +$section = new Form_Section('Domains to Override with Custom Lookup Servers'); $section->addInput(new Form_Input( 'domain', '*Domain', 'text', $pconfig['domain'] -))->setHelp('Domain to override (NOTE: this does not have to be a valid TLD!) e.g.: test or mycompany.localdomain or 1.168.192.in-addr.arpa'); +))->setHelp('Domain whose lookups will be directed to a user-specified DNS lookup server.'); $section->addInput(new Form_IpAddress( 'ip', '*IP Address', $pconfig['ip'] -))->setHelp('IP address of the authoritative DNS server for this domain. e.g.: 192.168.100.100%1$s' . +))->setHelp('IPv4 or IPv6 address of the authoritative DNS server for this domain. e.g.: 192.168.100.100%1$s' . 'To use a non-default port for communication, append an \'@\' with the port number.', '<br />')->setPattern('[a-zA-Z0-9@.:]+'); $section->addInput(new Form_Input( @@ -146,6 +146,17 @@ if (isset($id) && $a_domainOverrides[$id]) { )); } +$section->addInput(new Form_StaticText( + '', + '<span class="help-block">' . + gettext("This page is used to specify domains for which the resolver's standard DNS lookup process will be overridden, " . + "and the resolver will query a different (non-standard) lookup server instead. It is possible to enter 'non-standard', 'invalid' " . + "and 'local' domains such as 'test', 'mycompany.localdomain', or '1.168.192.in-addr.arpa', as well as usual publicly resolvable " . + "domains such as 'org', 'info', or 'google.co.uk'. The IP address entered will be treated as the IP address of an authoritative " . + "lookup server for the domain (including all of its subdomains), and other lookup servers will not be queried.") . + '</span>' +)); + $form->add($section); print $form; diff --git a/src/usr/local/www/services_unbound_host_edit.php b/src/usr/local/www/services_unbound_host_edit.php index c374631..a5fcd3d 100644 --- a/src/usr/local/www/services_unbound_host_edit.php +++ b/src/usr/local/www/services_unbound_host_edit.php @@ -192,21 +192,21 @@ $section->addInput(new Form_Input( 'text', $pconfig['host'] ))->setHelp('Name of the host, without the domain part%1$s' . - 'e.g.: "myhost"', '<br />'); + 'e.g. enter "myhost" if the full domain name is "myhost.example.com"', '<br />'); $section->addInput(new Form_Input( 'domain', '*Domain', 'text', $pconfig['domain'] -))->setHelp('Domain of the host%1$s' . - 'e.g.: "example.com"', '<br />'); +))->setHelp('Parent domain of the host%1$s' . + 'e.g. enter "example.com" for "myhost.example.com"', '<br />'); $section->addInput(new Form_IpAddress( 'ip', '*IP Address', $pconfig['ip'] -))->setHelp('IP address of the host%1$s' . +))->setHelp('IPv4 or IPv6 address to be returned for the host%1$s' . 'e.g.: 192.168.100.100 or fd00:abcd::1', '<br />'); $section->addInput(new Form_Input( @@ -225,6 +225,18 @@ if (isset($id) && $a_hosts[$id]) { )); } +$section->addInput(new Form_StaticText( + '', + '<span class="help-block">' . + gettext("This page is used to override the usual lookup process for a specific host. A host is defined by its name " . + "and parent domain (e.g., 'somesite.google.com' is entered as host='somesite' and parent domain='google.com'). Any " . + "attempt to lookup that host will automatically return the given IP address, and any usual external lookup server for " . + "the domain will not be queried. Both the name and parent domain can contain 'non-standard', 'invalid' and 'local' " . + "domains such as 'test', 'mycompany.localdomain', or '1.168.192.in-addr.arpa', as well as usual publicly resolvable names ". + "such as 'www' or 'google.co.uk'.") . + '</span>' +)); + $form->add($section); $section = new Form_Section('Additional Names for this Host'); @@ -281,6 +293,13 @@ $form->addGlobal(new Form_Button( 'fa-plus' ))->removeClass('btn-primary')->addClass('btn-success addbtn'); +$section->addInput(new Form_StaticText( + '', + '<span class="help-block">'. + gettext("If the host can be accessed using multiple names, then enter any other names for the host which should also be overridden.") . + '</span>' +)); + $form->add($section); print($form); diff --git a/src/usr/local/www/status_logs_settings.php b/src/usr/local/www/status_logs_settings.php index d431353..2ad1c5b 100644 --- a/src/usr/local/www/status_logs_settings.php +++ b/src/usr/local/www/status_logs_settings.php @@ -160,7 +160,7 @@ if ($_POST['resetlogs'] == gettext("Reset Log Files")) { unset($config['syslog']['remoteserver3']); } - write_config(); + write_config(gettext("Changed system logging options.")); $changes_applied = true; $retval = 0; diff --git a/src/usr/local/www/system.php b/src/usr/local/www/system.php index d76a5de..5766499 100644 --- a/src/usr/local/www/system.php +++ b/src/usr/local/www/system.php @@ -63,6 +63,7 @@ $pconfig['webguicss'] = $config['system']['webgui']['webguicss']; $pconfig['webguifixedmenu'] = $config['system']['webgui']['webguifixedmenu']; $pconfig['dashboardcolumns'] = $config['system']['webgui']['dashboardcolumns']; $pconfig['webguileftcolumnhyper'] = isset($config['system']['webgui']['webguileftcolumnhyper']); +$pconfig['disablealiaspopupdetail'] = isset($config['system']['webgui']['disablealiaspopupdetail']); $pconfig['dashboardavailablewidgetspanel'] = isset($config['system']['webgui']['dashboardavailablewidgetspanel']); $pconfig['systemlogsfilterpanel'] = isset($config['system']['webgui']['systemlogsfilterpanel']); $pconfig['systemlogsmanagelogpanel'] = isset($config['system']['webgui']['systemlogsmanagelogpanel']); @@ -274,6 +275,9 @@ if ($_POST) { unset($config['system']['webgui']['webguileftcolumnhyper']); $config['system']['webgui']['webguileftcolumnhyper'] = $_POST['webguileftcolumnhyper'] ? true : false; + unset($config['system']['webgui']['disablealiaspopupdetail']); + $config['system']['webgui']['disablealiaspopupdetail'] = $_POST['disablealiaspopupdetail'] ? true : false; + unset($config['system']['webgui']['dashboardavailablewidgetspanel']); $config['system']['webgui']['dashboardavailablewidgetspanel'] = $_POST['dashboardavailablewidgetspanel'] ? true : false; @@ -580,6 +584,7 @@ gen_associatedpanels_fields( $pconfig['statusmonitoringsettingspanel']); gen_requirestatefilter_field($section, $pconfig['requirestatefilter']); gen_webguileftcolumnhyper_field($section, $pconfig['webguileftcolumnhyper']); +gen_disablealiaspopupdetail_field($section, $pconfig['disablealiaspopupdetail']); $section->addInput(new Form_Checkbox( 'loginshowhost', diff --git a/src/usr/local/www/system_advanced_firewall.php b/src/usr/local/www/system_advanced_firewall.php index 27a5e23..3f7742f 100644 --- a/src/usr/local/www/system_advanced_firewall.php +++ b/src/usr/local/www/system_advanced_firewall.php @@ -348,7 +348,7 @@ if ($_POST) { $config['system']['bogons']['interval'] = $_POST['bogonsinterval']; } - write_config(); + write_config(gettext("Changed Advanced Firewall/NAT settings.")); // Kill filterdns when value changes, filter_configure() will restart it if (($old_aliasesresolveinterval != $config['system']['aliasesresolveinterval']) && diff --git a/src/usr/local/www/system_certmanager.php b/src/usr/local/www/system_certmanager.php index 777d416..7b5ea66 100644 --- a/src/usr/local/www/system_certmanager.php +++ b/src/usr/local/www/system_certmanager.php @@ -34,6 +34,7 @@ $cert_methods = array( "import" => gettext("Import an existing Certificate"), "internal" => gettext("Create an internal Certificate"), "external" => gettext("Create a Certificate Signing Request"), + "sign" => gettext("Sign a Certificate Signing Request") ); $cert_keylens = array("512", "1024", "2048", "3072", "4096", "7680", "8192", "15360", "16384"); @@ -81,7 +82,6 @@ foreach ($a_ca as $ca) { $act = $_REQUEST['act']; - if ($_POST['act'] == "del") { if (!isset($a_cert[$id])) { @@ -96,7 +96,6 @@ if ($_POST['act'] == "del") { exit; } - if ($act == "new") { $pconfig['method'] = $_POST['method']; $pconfig['keylen'] = "2048"; @@ -172,6 +171,7 @@ if ($act == "p12") { $args['friendly_name'] = $a_cert[$id]['descr']; $ca = lookup_ca($a_cert[$id]['caref']); + if ($ca) { $args['extracerts'] = openssl_x509_read(base64_decode($ca['crt'])); } @@ -212,6 +212,24 @@ if ($_POST['save']) { $pconfig = $_POST; /* input validation */ + if ($pconfig['method'] == "sign") { + $reqdfields = explode(" ", + "descr catosignwith"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("CA to sign with")); + + if (($_POST['csrtosign'] === "new") && (!strstr($_POST['csrpaste'], "BEGIN CERTIFICATE REQUEST") || !strstr($_POST['csrpaste'], "END CERTIFICATE REQUEST"))) { + $input_errors[] = gettext("This signing request does not appear to be valid."); + } + + if ( (($_POST['csrtosign'] === "new") && (strlen($_POST['keypaste']) > 0)) && (!strstr($_POST['keypaste'], "BEGIN PRIVATE KEY") || !strstr($_POST['keypaste'], "END PRIVATE KEY"))) { + $input_errors[] = gettext("This private does not appear to be valid."); + $input_errors[] = gettext("Key data field should be blank, or a valid x509 private key"); + } + + } + if ($pconfig['method'] == "import") { $reqdfields = explode(" ", "descr cert key"); @@ -222,6 +240,7 @@ if ($_POST['save']) { if ($_POST['cert'] && (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))) { $input_errors[] = gettext("This certificate does not appear to be valid."); } + if (cert_get_modulus($_POST['cert'], false) != prv_get_modulus($_POST['key'], false)) { $input_errors[] = gettext("The submitted private key does not match the submitted certificate data."); } @@ -267,6 +286,7 @@ if ($_POST['save']) { $altnames = array(); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); + if ($pconfig['method'] != "import" && $pconfig['method'] != "existing") { /* subjectAltNames */ foreach ($_POST as $key => $value) { @@ -362,6 +382,48 @@ if ($_POST['save']) { if ($cert && $a_user) { $a_user[$userid]['cert'][] = $cert['refid']; } + } else if ($pconfig['method'] == "sign") { // Sign a CSR + $csrid = lookup_cert($pconfig['csrtosign']); + $caid = lookup_ca($pconfig['catosignwith']); + + // Read the CSR from $config, or if a new one, from the textarea + if ($pconfig['csrtosign'] === "new") { + $csr = $pconfig['csrpaste']; + } else { + $csr = base64_decode($csrid['csr']); + } + + $old_err_level = error_reporting(0); + + // Gather the information required for signed cert + $ca = base64_decode($caid['crt']); + $key = base64_decode($caid['prv']); + $duration = $pconfig['duration']; + $caref = $pconfig['catosignwith']; + $type = (cert_get_purpose($csrid)['server'] === "Yes") ? "server":"user"; + + // Sign the new cert and export it in x509 format + openssl_x509_export(openssl_csr_sign($csr, $ca, $key, $duration, ['x509_extensions' => 'v3_req']), $n509); + + // Gather the details required to save the new cert + $newcert = array(); + $newcert['refid'] = uniqid(); + $newcert['caref'] = $caref; + $newcert['descr'] = $pconfig['descr']; + $newcert['type'] = $type; + $newcert['crt'] = base64_encode($n509); + + if ($pconfig['csrtosign'] === "new") { + $newcert['prv'] = base64_encode($pconfig['keypaste']); + } else { + $newcert['prv'] = $csrid['prv']; + } + + // Add it to the config file + $config['cert'][] = $newcert; + + error_reporting($old_err_level); + } else { $cert = array(); $cert['refid'] = uniqid(); @@ -435,6 +497,7 @@ if ($_POST['save']) { } } } + error_reporting($old_err_level); if (isset($id) && $a_cert[$id]) { @@ -569,7 +632,7 @@ if ($act == "new" || (($_POST['save'] == gettext("Save")) && $input_errors)) { )); } - $section = new Form_Section('Add a New Certificate'); + $section = new Form_Section('Add/Sign a New Certificate'); if (!isset($id)) { $section->addInput(new Form_Select( @@ -588,6 +651,73 @@ if ($act == "new" || (($_POST['save'] == gettext("Save")) && $input_errors)) { ))->addClass('toggle-existing'); $form->add($section); + + // Return an array containing the IDs od all CAs + function list_cas() { + global $a_ca; + $allCas = array(); + + foreach ($a_ca as $ca) { + if ($ca['prv']) { + $allCas[$ca['refid']] = $ca['descr']; + } + } + + return $allCas; + } + + // Return an array containing the IDs od all CSRs + function list_csrs() { + global $config; + $allCsrs = array(); + + foreach ($config['cert'] as $cert) { + if ($cert['csr']) { + $allCsrs[$cert['refid']] = $cert['descr']; + } + } + + return ['new' => gettext('New CSR (Paste below)')] + $allCsrs; + } + + $section = new Form_Section('Sign CSR'); + $section->addClass('toggle-sign collapse'); + + $section->AddInput(new Form_Select( + 'catosignwith', + '*CA to sign with', + $pconfig['catosignwith'], + list_cas() + )); + + $section->AddInput(new Form_Select( + 'csrtosign', + '*CSR to sign', + isset($pconfig['csrtosign']) ? $pconfig['csrtosign'] : 'new', + list_csrs() + )); + + $section->addInput(new Form_Input( + 'duration', + '*Certificate duration (days)', + 'number', + $pconfig['duration'] ? $pconfig['duration']:'3650' + )); + + $section->addInput(new Form_Textarea( + 'csrpaste', + 'CSR data', + $pconfig['csrpaste'] + ))->setHelp('Paste a Certificate Signing Request in X.509 PEM format here.'); + + $section->addInput(new Form_Textarea( + 'keypaste', + 'Key data', + $pconfig['keypaste'] + ))->setHelp('Optionally paste a private key here. The key will be associated with the newly signed certificate in pfSense'); + + $form->add($section); + $section = new Form_Section('Import Certificate'); $section->addClass('toggle-import collapse'); @@ -1062,7 +1192,9 @@ foreach ($a_cert as $i => $cert): <td> <?php if (!$cert['csr']): ?> <a href="system_certmanager.php?act=exp&id=<?=$i?>" class="fa fa-certificate" title="<?=gettext("Export Certificate")?>"></a> - <a href="system_certmanager.php?act=key&id=<?=$i?>" class="fa fa-key" title="<?=gettext("Export Key")?>"></a> + <?php if ($cert['prv']): ?> + <a href="system_certmanager.php?act=key&id=<?=$i?>" class="fa fa-key" title="<?=gettext("Export Key")?>"></a> + <?php endif?> <a href="system_certmanager.php?act=p12&id=<?=$i?>" class="fa fa-archive" title="<?=gettext("Export P12")?>"></a> <?php else: ?> <a href="system_certmanager.php?act=csr&id=<?=$i?>" class="fa fa-pencil" title="<?=gettext("Update CSR")?>"></a> @@ -1086,7 +1218,7 @@ foreach ($a_cert as $i => $cert): <nav class="action-buttons"> <a href="?act=new" class="btn btn-success btn-sm"> <i class="fa fa-plus icon-embed-btn"></i> - <?=gettext("Add")?> + <?=gettext("Add/Sign")?> </a> </nav> <?php @@ -1113,7 +1245,6 @@ events.push(function() { } $subject = cert_get_subject_array($ca['crt']); - ?> case "<?=$ca['refid'];?>": $('#dn_country').val("<?=$subject[0]['v'];?>"); @@ -1129,15 +1260,28 @@ events.push(function() { } } + function set_csr_ro() { + var newcsr = ($('#csrtosign').val() == "new"); + + $('#csrpaste').attr('readonly', !newcsr); + $('#keypaste').attr('readonly', !newcsr); + setRequired('csrpaste', newcsr); + } + // ---------- Click checkbox handlers --------------------------------------------------------- $('#caref').on('change', function() { internalca_change(); }); + $('#csrtosign').change(function () { + set_csr_ro(); + }); + // ---------- On initial page load ------------------------------------------------------------ internalca_change(); + set_csr_ro(); // Suppress "Delete row" button if there are fewer than two rows checkLastRow(); diff --git a/src/usr/local/www/system_routes.php b/src/usr/local/www/system_routes.php index c04cca3..872d6a8 100644 --- a/src/usr/local/www/system_routes.php +++ b/src/usr/local/www/system_routes.php @@ -200,7 +200,7 @@ if($_POST['save']) { $a_routes = $a_routes_new; } - if (write_config()) { + if (write_config(gettext("Saved static routes configuration."))) { mark_subsystem_dirty('staticroutes'); } header("Location: system_routes.php"); diff --git a/src/usr/local/www/system_routes_edit.php b/src/usr/local/www/system_routes_edit.php index 45b26c1..b94523f 100644 --- a/src/usr/local/www/system_routes_edit.php +++ b/src/usr/local/www/system_routes_edit.php @@ -209,7 +209,7 @@ if ($_POST['save']) { mark_subsystem_dirty('staticroutes'); - write_config(); + write_config(gettext("Saved static route configuration.")); header("Location: system_routes.php"); exit; diff --git a/src/usr/local/www/system_update_settings.php b/src/usr/local/www/system_update_settings.php index 6984ca3..2d1549b 100644 --- a/src/usr/local/www/system_update_settings.php +++ b/src/usr/local/www/system_update_settings.php @@ -96,7 +96,7 @@ if ($_POST) { unset($config['system']['gitsync']['dryrun']); } - write_config(); + write_config(gettext("Saved system update settings.")); $savemsg = gettext("Changes have been saved successfully"); } diff --git a/src/usr/local/www/system_user_settings.php b/src/usr/local/www/system_user_settings.php index 7cf5c17..03d8355 100644 --- a/src/usr/local/www/system_user_settings.php +++ b/src/usr/local/www/system_user_settings.php @@ -47,6 +47,7 @@ if (isset($id) && $a_user[$id]) { $pconfig['systemlogsmanagelogpanel'] = isset($a_user[$id]['systemlogsmanagelogpanel']); $pconfig['statusmonitoringsettingspanel'] = isset($a_user[$id]['statusmonitoringsettingspanel']); $pconfig['webguileftcolumnhyper'] = isset($a_user[$id]['webguileftcolumnhyper']); + $pconfig['disablealiaspopupdetail'] = isset($a_user[$id]['disablealiaspopupdetail']); $pconfig['pagenamefirst'] = isset($a_user[$id]['pagenamefirst']); } else { echo gettext("The settings cannot be managed for a non-local user."); @@ -118,6 +119,13 @@ if (isset($_POST['save'])) { unset($userent['webguileftcolumnhyper']); } + if ($_POST['disablealiaspopupdetail']) { + $pconfig['disablealiaspopupdetail'] = $userent['disablealiaspopupdetail'] = true; + } else { + $pconfig['disablealiaspopupdetail'] = false; + unset($userent['disablealiaspopupdetail']); + } + if ($_POST['pagenamefirst']) { $pconfig['pagenamefirst'] = $userent['pagenamefirst'] = true; } else { diff --git a/src/usr/local/www/system_usermanager.php b/src/usr/local/www/system_usermanager.php index 305f2d3..abf9d82 100644 --- a/src/usr/local/www/system_usermanager.php +++ b/src/usr/local/www/system_usermanager.php @@ -68,6 +68,7 @@ if (isset($id) && $a_user[$id]) { $pconfig['systemlogsmanagelogpanel'] = isset($a_user[$id]['systemlogsmanagelogpanel']); $pconfig['statusmonitoringsettingspanel'] = isset($a_user[$id]['statusmonitoringsettingspanel']); $pconfig['webguileftcolumnhyper'] = isset($a_user[$id]['webguileftcolumnhyper']); + $pconfig['disablealiaspopupdetail'] = isset($a_user[$id]['disablealiaspopupdetail']); $pconfig['pagenamefirst'] = isset($a_user[$id]['pagenamefirst']); $pconfig['groups'] = local_user_get_groups($a_user[$id]); $pconfig['utype'] = $a_user[$id]['scope']; @@ -359,6 +360,12 @@ if ($_POST['save']) { unset($userent['webguileftcolumnhyper']); } + if ($_POST['disablealiaspopupdetail']) { + $userent['disablealiaspopupdetail'] = true; + } else { + unset($userent['disablealiaspopupdetail']); + } + if ($_POST['pagenamefirst']) { $userent['pagenamefirst'] = true; } else { @@ -974,6 +981,7 @@ events.push(function() { hideCheckbox('systemlogsmanagelogpanel', !adv); hideCheckbox('statusmonitoringsettingspanel', !adv); hideCheckbox('webguileftcolumnhyper', !adv); + hideCheckbox('disablealiaspopupdetail', !adv); hideCheckbox('pagenamefirst', !adv); } diff --git a/src/usr/local/www/vpn_ipsec.php b/src/usr/local/www/vpn_ipsec.php index 22ef39d..27ff7ce 100644 --- a/src/usr/local/www/vpn_ipsec.php +++ b/src/usr/local/www/vpn_ipsec.php @@ -65,7 +65,7 @@ if ($_POST['apply']) { foreach ($_POST['p1entry'] as $p1entrydel) { unset($a_phase1[$p1entrydel]); } - if (write_config()) { + if (write_config(gettext("Deleted selected IPsec Phase 1 entries."))) { mark_subsystem_dirty('ipsec'); } } @@ -75,7 +75,7 @@ if ($_POST['apply']) { foreach ($_POST['p2entry'] as $p2entrydel) { unset($a_phase2[$p2entrydel]); } - if (write_config()) { + if (write_config(gettext("Deleted selected IPsec Phase 2 entries."))) { mark_subsystem_dirty('ipsec'); } } @@ -209,7 +209,7 @@ if ($_POST['apply']) { } if ($save === 1) { - if (write_config()) { + if (write_config(gettext("Saved configuration changes for IPsec tunnels."))) { mark_subsystem_dirty('ipsec'); } } diff --git a/src/usr/local/www/vpn_ipsec_mobile.php b/src/usr/local/www/vpn_ipsec_mobile.php index 32f9de3..992ab68 100644 --- a/src/usr/local/www/vpn_ipsec_mobile.php +++ b/src/usr/local/www/vpn_ipsec_mobile.php @@ -294,7 +294,7 @@ if ($_POST['save']) { $a_client = $client; - write_config(); + write_config(gettext("Saved IPsec Mobile Clients configuration.")); mark_subsystem_dirty('ipsec'); header("Location: vpn_ipsec_mobile.php"); diff --git a/src/usr/local/www/vpn_ipsec_phase1.php b/src/usr/local/www/vpn_ipsec_phase1.php index 6988f73..44b6a30 100644 --- a/src/usr/local/www/vpn_ipsec_phase1.php +++ b/src/usr/local/www/vpn_ipsec_phase1.php @@ -508,7 +508,7 @@ if ($_POST['save']) { $a_phase1[] = $ph1ent; } - write_config(); + write_config(gettext("Saved IPsec tunnel Phase 1 configuration.")); mark_subsystem_dirty('ipsec'); header("Location: vpn_ipsec.php"); diff --git a/src/usr/local/www/vpn_ipsec_phase2.php b/src/usr/local/www/vpn_ipsec_phase2.php index dd62ede..061e178 100644 --- a/src/usr/local/www/vpn_ipsec_phase2.php +++ b/src/usr/local/www/vpn_ipsec_phase2.php @@ -392,7 +392,7 @@ if ($_POST['save']) { $a_phase2[] = $ph2ent; } - write_config(); + write_config(gettext("Saved IPsec tunnel Phase 2 configuration.")); mark_subsystem_dirty('ipsec'); header("Location: vpn_ipsec.php"); diff --git a/src/usr/local/www/vpn_ipsec_settings.php b/src/usr/local/www/vpn_ipsec_settings.php index 199fc6a..325936d 100644 --- a/src/usr/local/www/vpn_ipsec_settings.php +++ b/src/usr/local/www/vpn_ipsec_settings.php @@ -163,7 +163,7 @@ if ($_POST['save']) { } } - write_config(); + write_config(gettext("Saved IPsec advanced settings.")); $changes_applied = true; $retval = 0; diff --git a/src/usr/local/www/widgets/widgets/gateways.widget.php b/src/usr/local/www/widgets/widgets/gateways.widget.php index d414a5e..355dd4a 100644 --- a/src/usr/local/www/widgets/widgets/gateways.widget.php +++ b/src/usr/local/www/widgets/widgets/gateways.widget.php @@ -310,8 +310,8 @@ function compose_table_body_contents() { $bgcolor = "info"; // lightblue } - $rtnstr .= "<td>" . ($gateways_status[$gname] ? htmlspecialchars($gateways_status[$gname]['delay']) : gettext("Pending")) . "</td>\n"; - $rtnstr .= "<td>" . ($gateways_status[$gname] ? htmlspecialchars($gateways_status[$gname]['stddev']) : gettext("Pending")) . "</td>\n"; + $rtnstr .= "<td>" . ($gateways_status[$gname] ? ($gateways_status[$gname]['delay'] ? htmlspecialchars(number_format((float)rtrim($gateways_status[$gname]['delay'], "ms"), 1)) . "ms" : '') : gettext("Pending")) . "</td>\n"; + $rtnstr .= "<td>" . ($gateways_status[$gname] ? ($gateways_status[$gname]['stddev'] ? htmlspecialchars(number_format((float)rtrim($gateways_status[$gname]['stddev'], "ms"), 1)) . "ms" : '') : gettext("Pending")) . "</td>\n"; $rtnstr .= "<td>" . ($gateways_status[$gname] ? htmlspecialchars($gateways_status[$gname]['loss']) : gettext("Pending")) . "</td>\n"; $rtnstr .= '<td class="bg-' . $bgcolor . '">' . $online . "</td>\n"; $rtnstr .= "</tr>\n"; diff --git a/src/usr/local/www/widgets/widgets/gmirror_status.widget.php b/src/usr/local/www/widgets/widgets/gmirror_status.widget.php index 046e9f3..97ee92e 100644 --- a/src/usr/local/www/widgets/widgets/gmirror_status.widget.php +++ b/src/usr/local/www/widgets/widgets/gmirror_status.widget.php @@ -46,6 +46,9 @@ function gmirrorStatusUpdateFromServer() { }, success: function(data){ $('#gmirror_status').html(data); + }, + error: function(){ + $('#gmirror_status').html("<div class=\"alert alert-danger\"><?=gettext('Unable to retrieve status'); ?></div>"); } }); } diff --git a/src/usr/local/www/widgets/widgets/interfaces.widget.php b/src/usr/local/www/widgets/widgets/interfaces.widget.php index 69a2869..92a517a 100644 --- a/src/usr/local/www/widgets/widgets/interfaces.widget.php +++ b/src/usr/local/www/widgets/widgets/interfaces.widget.php @@ -28,6 +28,8 @@ require_once("functions.inc"); require_once("/usr/local/www/widgets/include/interfaces.inc"); $ifdescrs = get_configured_interface_with_descr(); +// Update once per minute by default, instead of every 10 seconds +$widgetperiod = isset($config['widgets']['period']) ? $config['widgets']['period'] * 1000 * 6 : 60000; if ($_POST) { @@ -49,9 +51,10 @@ if ($_POST) { ?> -<div class="table-responsive"> +<div class="table-responsive" id="ifaces_status"> <table class="table table-striped table-hover table-condensed"> <tbody> + <?php $skipinterfaces = explode(",", $user_settings['widgets']['interfaces']['iffilter']); @@ -104,7 +107,7 @@ foreach ($ifdescrs as $ifdescr => $ifname): <?php endif; ?> </td> <td> - <?php if ($ifinfo['pppoelink'] == "up" || $ifinfo['pptplink'] == "up" || $ifinfo['l2tplink'] == "up"):?> + <?php if ($ifinfo['pppoelink'] == "up" || $ifinfo['pptplink'] == "up" || $ifinfo['l2tplink'] == "up"):?> <?=sprintf(gettext("Uptime: %s"), htmlspecialchars($ifinfo['ppp_uptime']));?> <?php else: ?> <?=htmlspecialchars($ifinfo['media']);?> @@ -125,9 +128,8 @@ foreach ($ifdescrs as $ifdescr => $ifname): <?php endif; ?> </td> </tr> -<?php -endforeach; -?> +<?php endforeach; ?> + </tbody> </table> </div> @@ -135,7 +137,7 @@ endforeach; </div><div id="widget-<?=$widgetname?>_panel-footer" class="panel-footer collapse"> <form action="/widgets/widgets/interfaces.widget.php" method="post" class="form-horizontal"> - <div class="panel panel-default col-sm-10"> + <div class="panel panel-default col-sm-10"> <div class="panel-body"> <div class="table responsive"> <table class="table table-striped table-hover table-condensed"> @@ -185,3 +187,29 @@ endforeach; }); //]]> </script> + +<script type="text/javascript"> +//<![CDATA[ +function getstatus_ifaces() { + $.ajax({ + type: 'get', + url: '/widgets/widgets/interfaces.widget.php', + dataType: 'html', + dataFilter: function(raw){ + // We reload the entire widget, strip this block of javascript from it + return raw.replace(/<script>([\s\S]*)<\/script>/gi, ''); + }, + success: function(data){ + $('#ifaces_status').html(data); + }, + error: function(){ + $('#ifaces_status').html("<div class=\"alert alert-danger\"><?=gettext('Unable to retrieve status'); ?></div>"); + } + }); +} + + events.push(function(){ + setInterval('getstatus_ifaces()', "<?=$widgetperiod?>"); + }); +//]]> +</script> diff --git a/src/usr/local/www/widgets/widgets/traffic_graphs.widget.php b/src/usr/local/www/widgets/widgets/traffic_graphs.widget.php index ebe2180..579bc32 100644 --- a/src/usr/local/www/widgets/widgets/traffic_graphs.widget.php +++ b/src/usr/local/www/widgets/widgets/traffic_graphs.widget.php @@ -26,16 +26,6 @@ * limitations under the License. */ -/* TODOs */ -//re-use on Status > traffic graphs -//figure out why there is a missing datapoint at the start -//name things/variables better -//apply css change to Status > Monitoring -//show interface name and latest in/out in upper left -//add stacked overall graph? - //also show pie graph of lastest precentages of total? (split 50/50 on width) - //make this an option? - $nocsrf = true; require_once("guiconfig.inc"); @@ -49,98 +39,72 @@ if (ipsec_enabled()) { $ifdescrs['enc0'] = "IPsec"; } -//there are no traffic graph widget defaults in config yet. so set them, but don't write the config -if (!is_array($config["widgets"]["trafficgraphs"])) { - - $config["widgets"]["trafficgraphs"] = array(); - $config["widgets"]["trafficgraphs"]["refreshinterval"] = 1; - $config["widgets"]["trafficgraphs"]["invert"] = "true"; - $config["widgets"]["trafficgraphs"]["size"] = 1; - $config["widgets"]["trafficgraphs"]["backgroundupdate"] = "false"; - $config["widgets"]["trafficgraphs"]["shown"] = array(); - $config["widgets"]["trafficgraphs"]["shown"]["item"] = array(); - - foreach($ifdescrs as $ifname => $ifdescr) { - - $ifinfo = get_interface_info($ifname); - - if ($ifinfo['status'] != "down") { - $config["widgets"]["trafficgraphs"]["shown"]["item"][] = $ifname; - } +if ($_POST) { + if (!is_array($user_settings["widgets"]["traffic_graphs"])) { + $user_settings["widgets"]["traffic_graphs"] = array(); } - //TODO silently write to config? (use a config message about saving defaults) - -} - -if(!isset($config["widgets"]["trafficgraphs"]["size"])) { - $config["widgets"]["trafficgraphs"]["size"] = 1; -} - -if(!isset($config["widgets"]["trafficgraphs"]["invert"])) { - $config["widgets"]["trafficgraphs"]["invert"] = "true"; -} - -if(!isset($config["widgets"]["trafficgraphs"]["backgroundupdate"])) { - $config["widgets"]["trafficgraphs"]["backgroundupdate"] = "true"; -} -$a_config = &$config["widgets"]["trafficgraphs"]; - -// save new default config options that have been submitted -if ($_POST) { - - //TODO validate data and throw error - $a_config["shown"]["item"] = $_POST["traffic-graph-interfaces"]; + if (isset($_POST["refreshinterval"])) { + $user_settings["widgets"]["traffic_graphs"]["refreshinterval"] = $_POST["refreshinterval"]; + } - // TODO check if between 1 and 10 - if (isset($_POST["traffic-graph-interval"]) && is_numericint($_POST["traffic-graph-interval"])) { - $a_config["refreshinterval"] = $_POST["traffic-graph-interval"]; - } else { - die('{ "error" : "Refresh Interval is not a valid number between 1 and 10." }'); + if (isset($_POST["invert"])) { + $user_settings["widgets"]["traffic_graphs"]["invert"] = $_POST["invert"]; } - if($_POST["traffic-graph-invert"] === "true" || $_POST["traffic-graph-invert"] === "false") { - $a_config["invert"] = $_POST["traffic-graph-invert"]; - } else { - die('{ "error" : "Invert is not a boolean of true or false." }'); + if (isset($_POST["backgroundupdate"])) { + $user_settings["widgets"]["traffic_graphs"]["backgroundupdate"] = $_POST["backgroundupdate"]; } - if($_POST["traffic-graph-backgroundupdate"] === "true" || $_POST["traffic-graph-backgroundupdate"] === "false") { - $a_config["backgroundupdate"] = $_POST["traffic-graph-backgroundupdate"]; - } else { - die('{ "error" : "Backgroundupdate is not a boolean of true or false." }'); + if (isset($_POST["size"])) { + $user_settings["widgets"]["traffic_graphs"]["size"] = $_POST["size"]; } - - //TODO validate data and throw error - $a_config["size"] = $_POST["traffic-graph-size"]; - write_config(gettext("Updated traffic graph settings via dashboard.")); + $validNames = array(); - header('Content-Type: application/json'); + foreach ($ifdescrs as $ifdescr => $ifname) { + array_push($validNames, $ifdescr); + } - die('{ "success" : "The changes have been applied successfully." }'); + if (is_array($_POST['show'])) { + $user_settings["widgets"]["traffic_graphs"]["filter"] = implode(',', array_diff($validNames, $_POST['show'])); + } else { + $user_settings["widgets"]["traffic_graphs"]["filter"] = implode(',', $validNames); + } + save_widget_settings($_SESSION['Username'], $user_settings["widgets"], gettext("Updated traffic graphs widget settings via dashboard.")); + header("Location: /"); + exit(0); } -$refreshinterval = $a_config["refreshinterval"]; - -$ifsarray = []; - -foreach ($a_config["shown"]["item"] as $ifname) { - - $ifinfo = get_interface_info($ifname); +if (isset($user_settings['widgets']['traffic_graphs']['refreshinterval'])) { + $tg_refreshinterval = $user_settings['widgets']['traffic_graphs']['refreshinterval']; +} else { + $tg_refreshinterval = 1; +} - if ($ifinfo['status'] != "down") { - $ifsarray[] = $ifname; - } else { - //TODO throw error? - } +if (isset($user_settings['widgets']['traffic_graphs']['size'])) { + $tg_size = $user_settings['widgets']['traffic_graphs']['size']; +} else { + $tg_size = 1; +} +if (isset($user_settings['widgets']['traffic_graphs']['invert'])) { + $tg_invert = $user_settings['widgets']['traffic_graphs']['invert']; +} else { + $tg_invert = 'true'; } -$allifs = implode("|", $ifsarray); +if (isset($user_settings['widgets']['traffic_graphs']['backgroundupdate'])) { + $tg_backgroundupdate = $user_settings['widgets']['traffic_graphs']['backgroundupdate']; +} else { + $tg_backgroundupdate = 'true'; +} +$skip_tg_items = explode(",", $user_settings['widgets']['traffic_graphs']['filter']); +$tg_displayed = false; +$tg_displayed_ifs_array = []; ?> <script src="/vendor/d3/d3.min.js"></script> <script src="/vendor/nvd3/nv.d3.js"></script> @@ -149,17 +113,138 @@ $allifs = implode("|", $ifsarray); <link href="/vendor/nvd3/nv.d3.css" media="screen, projection" rel="stylesheet" type="text/css"> <div id="traffic-chart-error" class="alert alert-danger" style="display: none;"></div> +<?php + foreach ($ifdescrs as $ifdescr => $ifname) { + if (in_array($ifdescr, $skip_tg_items)) { + continue; + } - <?php - foreach($a_config["shown"]["item"] as $ifname) { - echo '<div id="traffic-chart-' . $ifname . '" class="d3-chart traffic-widget-chart">'; + $ifinfo = get_interface_info($ifdescr); + + if ($ifinfo['status'] == "down") { + // Do not try to display the traffic graph of a down interface, + // even though it is selected for display. + continue; + } + + $tg_displayed = true; + $tg_displayed_ifs_array[] = $ifdescr; + echo '<div id="traffic-chart-' . $ifdescr . '" class="d3-chart traffic-widget-chart">'; echo ' <svg></svg>'; echo '</div>'; } + + if (!$tg_displayed) { + echo '<div id="traffic-chartnone" class="d3-chart traffic-widget-chart">'; + echo gettext('All traffic graphs are hidden.'); + echo '</div>'; + } +?> + +<!-- close the body we're wrapped in and add a configuration-panel --> +</div> + +<div id="widget-<?=$widgetname?>_panel-footer" class="panel-footer collapse"> + + <form action="/widgets/widgets/traffic_graphs.widget.php" method="post" class="form-horizontal"> + <div class="form-group"> + <label for="traffic-graph-interval" class="col-sm-3 control-label"><?=gettext('Refresh Interval')?></label> + <div class="col-sm-9"> + <input type="number" id="refreshinterval" name="refreshinterval" value="<?=$tg_refreshinterval?>" min="1" max="10" class="form-control" /> + </div> + </div> + + <div class="form-group"> + <label for="invert" class="col-sm-3 control-label"><?=gettext('Inverse')?></label> + <div class="col-sm-9"> + <select class="form-control" id="invert" name="invert"> + <?php + if ($tg_invert === "true") { + echo '<option value="true" selected>On</option>'; + echo '<option value="false">Off</option>'; + } else { + echo '<option value="true">On</option>'; + echo '<option value="false" selected>Off</option>'; + } + ?> + </select> + </div> + </div> + + <div class="form-group"> + <label for="size" class="col-sm-3 control-label"><?=gettext('Unit Size')?></label> + <div class="col-sm-9"> + <select class="form-control" id="size" name="size"> + <?php + if ($tg_size === "8") { + echo '<option value="8" selected>Bits</option>'; + echo '<option value="1">Bytes</option>'; + } else { + echo '<option value="8">Bits</option>'; + echo '<option value="1" selected>Bytes</option>'; + } + ?> + </select> + </div> + </div> + + <div class="form-group"> + <label for="backgroundupdate" class="col-sm-3 control-label"><?=gettext('Background updates')?></label> + <div class="col-sm-9"> + <select class="form-control" id="backgroundupdate" name="backgroundupdate"> + <?php + if ($tg_backgroundupdate === "true") { + echo '<option value="true" selected>Keep graphs updated on inactive tab. (increases cpu usage)</option>'; + echo '<option value="false">Clear graphs when not visible.</option>'; + } else { + echo '<option value="true">Keep graphs updated on inactive tab. (increases cpu usage)</option>'; + echo '<option value="false" selected>Clear graphs when not visible.</option>'; + } + ?> + </select> + </div> + </div> + + <div class="panel panel-default col-sm-10"> + <div class="panel-body"> + <div class="table responsive"> + <table class="table table-striped table-hover table-condensed"> + <thead> + <tr> + <th><?=gettext("Interface")?></th> + <th><?=gettext("Show")?></th> + </tr> + </thead> + <tbody> + <?php + $idx = 0; + + foreach ($ifdescrs as $ifdescr => $ifname): + ?> + <tr> + <td><?=$ifname?></td> + <td class="col-sm-2"><input id="show[]" name ="show[]" value="<?=$ifdescr?>" type="checkbox" <?=(!in_array($ifdescr, $skip_tg_items) ? 'checked':'')?>></td> + </tr> + <?php + endforeach; ?> + </tbody> + </table> + </div> + </div> + </div> + + <div class="form-group"> + <div class="col-sm-offset-3 col-sm-6"> + <button type="submit" class="btn btn-primary"><i class="fa fa-save icon-embed-btn"></i><?=gettext('Save')?></button> + <button id="showalltgitems" type="button" class="btn btn-info"><i class="fa fa-undo icon-embed-btn"></i><?=gettext('All')?></button> + </div> + </div> + </form> - <script type="text/javascript"> +<script type="text/javascript"> //<![CDATA[ +// Used by /js/traffic-graphs.js to display description from name var graph_interfacenames = <?php foreach ($ifdescrs as $ifname => $ifdescr) { $iflist[$ifname] = $ifdescr; @@ -169,16 +254,16 @@ var graph_interfacenames = <?php events.push(function() { - var InterfaceString = "<?=$allifs?>"; + var InterfaceString = "<?=implode("|", $tg_displayed_ifs_array)?>"; //store saved settings in a fresh localstorage localStorage.clear(); - localStorage.setItem('interval', <?=$refreshinterval?>); - localStorage.setItem('invert', <?=$a_config["invert"]?>); - localStorage.setItem('size', <?=$a_config["size"]?>); - localStorage.setItem('backgroundupdate', <?=$a_config["backgroundupdate"]?>); + localStorage.setItem('interval', <?=$tg_refreshinterval?>); + localStorage.setItem('invert', <?=$tg_invert?>); + localStorage.setItem('size', <?=$tg_size?>); + localStorage.setItem('backgroundupdate', <?=$tg_backgroundupdate?>); - window.interfaces = InterfaceString.split("|"); + window.interfaces = InterfaceString.split("|").filter(function(entry) { return entry.trim() != ''; }); window.charts = {}; window.myData = {}; window.updateIds = 0; @@ -203,27 +288,29 @@ events.push(function() { var itemOut = new Object(); itemIn.key = value + " (in)"; - if(localStorage.getItem('invert') === "true") { itemIn.area = true; } + if (localStorage.getItem('invert') === "true") { itemIn.area = true; } itemIn.first = true; itemIn.values = [{x: nowTime, y: 0}]; myData[value].push(itemIn); itemOut.key = value + " (out)"; - if(localStorage.getItem('invert') === "true") { itemOut.area = true; } + if (localStorage.getItem('invert') === "true") { itemOut.area = true; } itemOut.first = true; itemOut.values = [{x: nowTime, y: 0}]; myData[value].push(itemOut); }); - draw_graph(refreshInterval, then, backgroundupdate); + if (window.interfaces.length > 0) { + draw_graph(refreshInterval, then, backgroundupdate); + } //re-draw graph when the page goes from inactive (in it's window) to active Visibility.change(function (e, state) { - if($('#traffic-graph-backgroundupdate').val() === "true"){ + if (backgroundupdate) { return; } - if(state === "visible") { + if (state === "visible") { now = then = new Date(Date.now()); @@ -240,242 +327,29 @@ events.push(function() { var itemOut = new Object(); itemIn.key = value + " (in)"; - if(localStorage.getItem('invert') === "true") { itemIn.area = true; } + if (localStorage.getItem('invert') === "true") { itemIn.area = true; } itemIn.first = true; itemIn.values = [{x: nowTime, y: 0}]; myData[value].push(itemIn); itemOut.key = value + " (out)"; - if(localStorage.getItem('invert') === "true") { itemOut.area = true; } + if (localStorage.getItem('invert') === "true") { itemOut.area = true; } itemOut.first = true; itemOut.values = [{x: nowTime, y: 0}]; myData[value].push(itemOut); }); - draw_graph(refreshInterval, then, backgroundupdate); + if (window.interfaces.length > 0) { + draw_graph(refreshInterval, then, backgroundupdate); + } } }); - // save new config defaults - $( '#traffic-graph-form' ).submit(function(event) { - - var error = false; - $("#traffic-chart-error").hide(); - - var interfaces = $( "#traffic-graph-interfaces" ).val(); - refreshInterval = parseInt($( "#traffic-graph-interval" ).val()); - var invert = $( "#traffic-graph-invert" ).val(); - var size = $( "#traffic-graph-size" ).val(); - var backgroundupdate = $( "#traffic-graph-backgroundupdate" ).val(); - - //TODO validate interfaces data and throw error - - if(!Number.isInteger(refreshInterval) || refreshInterval < 1 || refreshInterval > 10) { - error = 'Refresh Interval is not a valid number between 1 and 10.'; - } - - if(invert != "true" && invert != "false") { - - error = 'Invert is not a boolean of true or false.'; - - } - - if(!error) { - - var formData = { - 'traffic-graph-interfaces' : interfaces, - 'traffic-graph-interval' : refreshInterval, - 'traffic-graph-invert' : invert, - 'traffic-graph-size' : size, - 'traffic-graph-backgroundupdate' : backgroundupdate - }; - - $.ajax({ - type : 'POST', - url : '/widgets/widgets/traffic_graphs.widget.php', - data : formData, - dataType : 'json', - encode : true - }) - .done(function(message) { - - if(message.success) { - - Visibility.stop(updateIds); - clearInterval(updateTimerIds); - - //remove all old graphs (divs/svgs) - $( ".traffic-widget-chart" ).remove(); - - window.interfaces = interfaces; - localStorage.setItem('interval', refreshInterval); - localStorage.setItem('invert', invert); - localStorage.setItem('size', size); - localStorage.setItem('backgroundupdate', backgroundupdate); - - //redraw graph with new settings - now = then = new Date(Date.now()); - - var freshData = []; - - var nowTime = now.getTime(); - - $.each( interfaces, function( key, value ) { - - //create new graphs (divs/svgs) - $("#widget-traffic_graphs_panel-body").append('<div id="traffic-chart-' + value + '" class="d3-chart traffic-widget-chart"><svg></svg></div>'); - - myData[value] = []; - - var itemIn = new Object(); - var itemOut = new Object(); - - itemIn.key = value + " (in)"; - if(localStorage.getItem('invert') === "true") { itemIn.area = true; } - itemIn.first = true; - itemIn.values = [{x: nowTime, y: 0}]; - myData[value].push(itemIn); - - itemOut.key = value + " (out)"; - if(localStorage.getItem('invert') === "true") { itemOut.area = true; } - itemOut.first = true; - itemOut.values = [{x: nowTime, y: 0}]; - myData[value].push(itemOut); - - }); - - draw_graph(refreshInterval, then, backgroundupdate); - - $( "#traffic-graph-message" ).removeClass("text-danger").addClass("text-success"); - $( "#traffic-graph-message" ).text(message.success); - - setTimeout(function() { - $( "#traffic-graph-message" ).empty(); - $( "#traffic-graph-message" ).removeClass("text-success"); - }, 5000); - - } else { - - $( "#traffic-graph-message" ).addClass("text-danger"); - $( "#traffic-graph-message" ).text(message.error); - - console.warn(message.error); - - } - - }) - .fail(function() { - - console.warn( "The Traffic Graphs widget AJAX request failed." ); - - }); - - } else { - - $( "#traffic-graph-message" ).addClass("text-danger"); - $( "#traffic-graph-message" ).text(error); - - console.warn(error); - - } - - event.preventDefault(); - }); - + set_widget_checkbox_events("#widget-<?=$widgetname?>_panel-footer [id^=show]", "showalltgitems"); }); //]]> </script> <script src="/js/traffic-graphs.js"></script> - -<!-- close the body we're wrapped in and add a configuration-panel --> -</div> - -<div id="widget-<?=$widgetname?>_panel-footer" class="panel-footer collapse"> - - <form id="traffic-graph-form" action="/widgets/widgets/traffic_graphs.widget.php" method="post" class="form-horizontal"> - <div class="form-group"> - <label for="traffic-graph-interfaces" class="col-sm-3 control-label"><?=gettext('Show graphs')?></label> - <div class="col-sm-9"> - <select name="traffic-graph-interfaces[]" id="traffic-graph-interfaces" multiple> - <?php - foreach ($ifdescrs as $ifname => $ifdescr) { - - $if_shown = ""; - if (in_array($ifname, $a_config["shown"]["item"])) { $if_shown = " selected"; }; - echo '<option value="' . $ifname . '"' . $if_shown . '>' . $ifdescr . "</option>\n"; - - } - ?> - </select> - </div> - </div> - - <div class="form-group"> - <label for="traffic-graph-interval" class="col-sm-3 control-label"><?=gettext('Refresh Interval')?></label> - <div class="col-sm-9"> - <input type="number" id="traffic-graph-interval" name="traffic-graph-interval" value="<?=$refreshinterval?>" min="1" max="10" class="form-control" /> - </div> - </div> - - <div class="form-group"> - <label for="traffic-graph-invert" class="col-sm-3 control-label"><?=gettext('Inverse')?></label> - <div class="col-sm-9"> - <select class="form-control" id="traffic-graph-invert" name="traffic-graph-invert"> - <?php - if($a_config["invert"] === "true") { - echo '<option value="true" selected>On</option>'; - echo '<option value="false">Off</option>'; - } else { - echo '<option value="true">On</option>'; - echo '<option value="false" selected>Off</option>'; - } - ?> - </select> - </div> - </div> - - <div class="form-group"> - <label for="traffic-graph-size" class="col-sm-3 control-label"><?=gettext('Unit Size')?></label> - <div class="col-sm-9"> - <select class="form-control" id="traffic-graph-size" name="traffic-graph-size"> - <?php - if($a_config["size"] === "8") { - echo '<option value="8" selected>Bits</option>'; - echo '<option value="1">Bytes</option>'; - } else { - echo '<option value="8">Bits</option>'; - echo '<option value="1" selected>Bytes</option>'; - } - ?> - </select> - </div> - </div> - - <div class="form-group"> - <label for="traffic-graph-backgroundupdate" class="col-sm-3 control-label"><?=gettext('Background updates')?></label> - <div class="col-sm-9"> - <select class="form-control" id="traffic-graph-backgroundupdate" name="traffic-graph-backgroundupdate"> - <?php - if($a_config["backgroundupdate"] === "true") { - echo '<option value="true" selected>Keep graphs updated on inactive tab. (increases cpu usage)</option>'; - echo '<option value="false">Clear graphs when not visible.</option>'; - } else { - echo '<option value="true">Keep graphs updated on inactive tab. (increases cpu usage)</option>'; - echo '<option value="false" selected>Clear graphs when not visible.</option>'; - } - ?> - </select> - </div> - </div> - <div class="form-group"> - <div class="col-sm-3 text-right"> - <button type="submit" class="btn btn-primary"><i class="fa fa-save icon-embed-btn"></i><?=gettext('Save')?></button> - </div> - <div class="col-sm-9"> - <div id="traffic-graph-message"></div> - </div> - </div> - </form> diff --git a/src/usr/local/www/wizard.php b/src/usr/local/www/wizard.php index 3bc72da..2a6807b 100644 --- a/src/usr/local/www/wizard.php +++ b/src/usr/local/www/wizard.php @@ -116,7 +116,7 @@ if ($_POST && !$input_errors) { eval($pkg['step'][$stepid]['stepsubmitphpaction']); } if (!$input_errors) { - write_config(); + write_config(gettext("Configuration changed via the pfSense wizard subsystem.")); } $stepid++; diff --git a/src/usr/local/www/wizards/openvpn_wizard.inc b/src/usr/local/www/wizards/openvpn_wizard.inc index 259d279..a46f27d 100644 --- a/src/usr/local/www/wizards/openvpn_wizard.inc +++ b/src/usr/local/www/wizards/openvpn_wizard.inc @@ -19,7 +19,11 @@ * limitations under the License. */ +require_once("auth.inc"); +require_once("certs.inc"); +require_once("config.inc"); require_once("openvpn.inc"); +require_once("util.inc"); function has_special_chars($text) { return preg_match('/[^A-Za-z0-9 _-]/', $text); @@ -662,7 +666,7 @@ function step12_submitphpaction() { $config['openvpn']['openvpn-server'][] = $server; openvpn_resync('server', $server); - write_config(); + write_config(gettext("OpenVPN configuration saved via OpenVPN Remote Access Server setup wizard.")); header("Location: vpn_openvpn_server.php"); exit; } diff --git a/src/usr/local/www/wizards/setup_wizard.xml b/src/usr/local/www/wizards/setup_wizard.xml index ba6382a..ba9148c 100644 --- a/src/usr/local/www/wizards/setup_wizard.xml +++ b/src/usr/local/www/wizards/setup_wizard.xml @@ -556,7 +556,7 @@ } else { $_POST['ipaddress'] = $_POST['selectedtype']; $config['interfaces']['wan']['ipaddr'] = $_POST['selectedtype']; - write_config(); + write_config(gettext("WAN interface configuration saved via pfSense setup wizard.")); } if (!$config['interfaces']['lan']) { header("Location: /wizard.php?xml=setup_wizard.xml&stepid=6&next=Next"); @@ -684,7 +684,7 @@ $admin_user =& getUserEntryByUID(0); local_user_set_password($admin_user, $_POST['adminpassword']); local_user_set($admin_user); - write_config(); + write_config(gettext("Admin WebGUI password saved via pfSense setup wizard.")); } else { print_info_box("Passwords do not match! Please press back in the browser window and correct."); die; @@ -747,7 +747,7 @@ } } unset($config['wizardtemp']); - write_config(); + write_config(gettext("Configuration saved on completion of the pfSense setup wizard.")); reload_all(); mwexec_bg("/etc/rc.update_bogons.sh now"); ]]> diff --git a/src/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc b/src/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc index 6bd7a05..f1b4a1a 100644 --- a/src/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc +++ b/src/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc @@ -19,6 +19,10 @@ * limitations under the License. */ +require_once("config.inc"); +require_once("interfaces.inc"); +require_once("util.inc"); + function step1_stepbeforeformdisplay() { global $stepid, $savemsg, $pkg; @@ -1635,7 +1639,7 @@ function apply_all_chosen_items() { } } } - write_config(); + write_config(gettext("Shaper configuration saved via pfSense traffic shaper wizard.")); } function wizard_get_bandwidthtype_scale($type = "b") { diff --git a/src/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc b/src/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc index e14bc18..6c03ecd 100644 --- a/src/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc +++ b/src/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc @@ -19,6 +19,9 @@ * limitations under the License. */ +require_once("config.inc"); +require_once("interfaces.inc"); +require_once("util.inc"); function step1_stepbeforeformdisplay() { global $stepid, $savemsg, $pkg; @@ -1727,7 +1730,7 @@ function apply_all_chosen_items() { } } } - write_config(); + write_config(gettext("Shaper configuration saved via pfSense traffic shaper wizard.")); } function wizard_get_bandwidthtype_scale($type = "b") { |
