diff options
Diffstat (limited to 'src')
26 files changed, 310 insertions, 149 deletions
diff --git a/src/etc/inc/config.console.inc b/src/etc/inc/config.console.inc index 3cf185d..90be4aa 100644 --- a/src/etc/inc/config.console.inc +++ b/src/etc/inc/config.console.inc @@ -454,7 +454,7 @@ function vlan_setup() { $vlan['if'] = chop(fgets($fp)); if ($vlan['if']) { - if (!array_key_exists($vlan['if'], $iflist) or + if (!array_key_exists($vlan['if'], $iflist) || !is_jumbo_capable($vlan['if'])) { printf(gettext("%sInvalid interface name '%s'%s"), "\n", $vlan['if'], "\n"); continue; @@ -506,8 +506,14 @@ function check_for_alternate_interfaces() { $default_device['lan'] = "re2"; break; case 'RCC-VE': - $default_device['wan'] = "igb0"; - $default_device['lan'] = "igb1"; + /* SG-4860 or SG-8860 */ + if (does_interface_exist('igb4')) { + $config['interfaces']['wan']['if'] = 'igb1'; + $config['interfaces']['lan']['if'] = 'igb0'; + } else { + $config['interfaces']['wan']['if'] = 'igb0'; + $config['interfaces']['lan']['if'] = 'igb1'; + } break; default: $default_device['wan'] = ""; diff --git a/src/etc/inc/dyndns.class b/src/etc/inc/dyndns.class index ece3236..2bd9925 100644 --- a/src/etc/inc/dyndns.class +++ b/src/etc/inc/dyndns.class @@ -169,9 +169,8 @@ $dnsZoneID ='', $dnsTTL='', $dnsResultMatch = '', $dnsRequestIf = '', $dnsID = '', $dnsVerboseLog = false, $curlIpresolveV4 = false, $curlSslVerifypeer = true) { - global $config, $g; - - if ($dnsService == "namecheap") { + global $config, $g, $dyndns_split_domain_types; + if (in_array($dnsService, $dyndns_split_domain_types)) { $this->_FQDN = $dnsHost . "." . $dnsDomain; } else { $this->_FQDN = $dnsHost; @@ -196,7 +195,15 @@ case 'freedns-v6': if (!$dnsHost) $this->_error(5); break; - case 'namecheap': + case "namecheap": + if (!$dnsPass) $this->_error(4); + if (!$dnsHost) $this->_error(5); + if (!$dnsDomain) $this->_error(5); + break; + case "cloudflare-v6": + case "cloudflare": + case "gratisdns": + if (!$dnsUser) $this->_error(3); if (!$dnsPass) $this->_error(4); if (!$dnsHost) $this->_error(5); if (!$dnsDomain) $this->_error(5); @@ -227,7 +234,7 @@ } $this->_dnsService = strtolower($dnsService); $this->_dnsUser = $dnsUser; - $this->_dnsPass = $dnsPass; + $this->_dnsPass = base64_decode($dnsPass); $this->_dnsHost = $dnsHost; $this->_dnsDomain = $dnsDomain; $this->_dnsServer = $dnsServer; @@ -703,8 +710,6 @@ $needsIP = TRUE; $dnsServer ='api.cloudflare.com'; $dnsHost = str_replace(' ', '', $this->_dnsHost); - $host_names = explode(".", $dnsHost); - $bottom_host_name = $host_names[count($host_names)-2] . "." . $host_names[count($host_names)-1]; curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array( @@ -714,12 +719,12 @@ )); // Get zone ID - $getZoneId = "https://{$dnsServer}/client/v4/zones/?name={$bottom_host_name}"; + $getZoneId = "https://{$dnsServer}/client/v4/zones/?name={$this->_dnsDomain}"; curl_setopt($ch, CURLOPT_URL, $getZoneId); $output = json_decode(curl_exec($ch)); $zone = $output->result[0]->id; if ($zone) { // If zone ID was found get host ID - $getHostId = "https://{$dnsServer}/client/v4/zones/{$zone}/dns_records?name={$this->_dnsHost}&type={$recordType}"; + $getHostId = "https://{$dnsServer}/client/v4/zones/{$zone}/dns_records?name={$this->_FQDN}&type={$recordType}"; curl_setopt($ch, CURLOPT_URL, $getHostId); $output = json_decode(curl_exec($ch)); $host = $output->result[0]->id; @@ -750,15 +755,7 @@ case 'gratisdns': $needsIP = TRUE; $server = "https://ssl.gratisdns.dk/ddns.phtml"; - $host = trim($this->_dnsHost); - $hostnames = explode(".", $host); - $hostnames_count = count($hostnames); - if ($hostnames_count > 2) { - $domain = $hostnames[$hostnames_count-2] . "." . $hostnames[$hostnames_count-1]; - } else { - $domain = $host; - } - curl_setopt($ch, CURLOPT_URL, $server . '?u=' . $this->_dnsUser . '&p=' . $this->_dnsPass . '&h=' . $host . '&d=' . $domain . '&i=' . $this->_dnsIP); + curl_setopt($ch, CURLOPT_URL, $server . '?u=' . $this->_dnsUser . '&p=' . $this->_dnsPass . '&h=' . $this->_dnsHost . '&d=' . $this->_dnsDomain . '&i=' . $this->_dnsIP); break; case 'ovh-dynhost': $needsIP = FALSE; diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc index 96607af..141c9b5 100644 --- a/src/etc/inc/filter.inc +++ b/src/etc/inc/filter.inc @@ -3108,6 +3108,11 @@ block out {$log['block']} inet all tracker {$increment_tracker($tracker)} label block in {$log['block']} inet6 all tracker {$increment_tracker($tracker)} label "Default deny rule IPv6" block out {$log['block']} inet6 all tracker {$increment_tracker($tracker)} label "Default deny rule IPv6" +EOD; + + if (isset($config['system']['ipv6allow'])) { + $ipfrules .= <<<EOD + # IPv6 ICMP is not auxilary, it is required for operation # See man icmp6(4) # 1 unreach Destination unreachable @@ -3127,12 +3132,23 @@ pass in {$log['pass']} quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 i pass in {$log['pass']} quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type {128,133,134,135,136} tracker {$increment_tracker($tracker)} keep state pass in {$log['pass']} quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type {128,133,134,135,136} tracker {$increment_tracker($tracker)} keep state +EOD; + } + $ipfrules .= <<<EOD # We use the mighty pf, we cannot be fooled. block {$log['block']} quick inet proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0" block {$log['block']} quick inet proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0" + +EOD; + if (isset($config['system']['ipv6allow'])) { + $ipfrules .= <<<EOD block {$log['block']} quick inet6 proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0" block {$log['block']} quick inet6 proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0" +EOD; + } + $ipfrules .= <<<EOD + # Snort package block {$log['block']} quick from <snort2c> to any tracker {$increment_tracker($tracker)} label "Block snort2c hosts" block {$log['block']} quick from any to <snort2c> tracker {$increment_tracker($tracker)} label "Block snort2c hosts" @@ -3472,13 +3488,27 @@ EOD; # loopback pass in {$log['pass']} on \$loopback inet all tracker {$increment_tracker($tracker)} label "pass IPv4 loopback" pass out {$log['pass']} on \$loopback inet all tracker {$increment_tracker($tracker)} label "pass IPv4 loopback" + +EOD; + if (isset($config['system']['ipv6allow'])) { + $ipfrules .= <<<EOD pass in {$log['pass']} on \$loopback inet6 all tracker {$increment_tracker($tracker)} label "pass IPv6 loopback" pass out {$log['pass']} on \$loopback inet6 all tracker {$increment_tracker($tracker)} label "pass IPv6 loopback" + +EOD; + } + $ipfrules .= <<<EOD # let out anything from the firewall host itself and decrypted IPsec traffic pass out {$log['pass']} inet all keep state allow-opts tracker {$increment_tracker($tracker)} label "let out anything IPv4 from firewall host itself" + +EOD; + if (isset($config['system']['ipv6allow'])) { + $ipfrules .= <<<EOD pass out {$log['pass']} inet6 all keep state allow-opts tracker {$increment_tracker($tracker)} label "let out anything IPv6 from firewall host itself" EOD; + } + $ipfrules .= "\n"; $saved_tracker += 100; $tracker = $saved_tracker; diff --git a/src/etc/inc/globals.inc b/src/etc/inc/globals.inc index 0c19aa6..ae7c860 100644 --- a/src/etc/inc/globals.inc +++ b/src/etc/inc/globals.inc @@ -65,7 +65,7 @@ $g = array( "disablecrashreporter" => false, "crashreporterurl" => "https://crashreporter.pfsense.org/crash_reporter.php", "debug" => false, - "latest_config" => "15.6", + "latest_config" => "15.8", "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", "wan_interface_name" => "wan", @@ -195,4 +195,5 @@ $factory_default_checkipservice = array( "descr" => 'Default Check IP Service' ); +$dyndns_split_domain_types = array("namecheap", "cloudflare", "cloudflare-v6", "gratisdns"); ?> diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc index 1e0be5d..e08f518 100644 --- a/src/etc/inc/interfaces.inc +++ b/src/etc/inc/interfaces.inc @@ -5639,7 +5639,7 @@ function is_altq_capable($int) { * 20150328 - removed wireless drivers - ath, awi, bwn, iwi, ipw, ral, rum, run, wi - for now. redmine #4406 */ $capable = array("ae", "age", "alc", "ale", "an", "aue", "axe", "bce", - "bfe", "bge", "bridge", "cas", "dc", "de", "ed", "em", "ep", "epair", "et", "fxp", "gem", + "bfe", "bge", "bridge", "cas", "cxl", "dc", "de", "ed", "em", "ep", "epair", "et", "fxp", "gem", "hme", "hn", "igb", "ix", "jme", "le", "lem", "msk", "mxge", "my", "nfe", "nge", "npe", "nve", "re", "rl", "sf", "sge", "sis", "sk", "ste", "stge", "ti", "txp", "udav", "ural", "vge", "vmx", "vr", "vte", "xl", diff --git a/src/etc/inc/pfsense-utils.inc b/src/etc/inc/pfsense-utils.inc index 1c2a472..0a3bee1 100644 --- a/src/etc/inc/pfsense-utils.inc +++ b/src/etc/inc/pfsense-utils.inc @@ -380,6 +380,12 @@ function hardware_offloading_applyflags($iface) { if (isset($options['encaps']['rxcsum'])) { $flags_off |= IFCAP_RXCSUM; } + if (isset($options['encaps']['txcsum6'])) { + $flags_off |= IFCAP_TXCSUM_IPV6; + } + if (isset($options['encaps']['rxcsum6'])) { + $flags_off |= IFCAP_RXCSUM_IPV6; + } } else { if (isset($options['caps']['txcsum'])) { $flags_on |= IFCAP_TXCSUM; @@ -387,6 +393,12 @@ function hardware_offloading_applyflags($iface) { if (isset($options['caps']['rxcsum'])) { $flags_on |= IFCAP_RXCSUM; } + if (isset($options['caps']['txcsum6'])) { + $flags_on |= IFCAP_TXCSUM_IPV6; + } + if (isset($options['caps']['rxcsum6'])) { + $flags_on |= IFCAP_RXCSUM_IPV6; + } } if (isset($config['system']['disablesegmentationoffloading'])) { @@ -629,8 +641,11 @@ function get_carp_interface_status($carpid) { $interface = get_real_interface($carpiface); if ($interface == NULL) return ""; + $vip = get_configured_vip($carpid); + if ($vip == NULL || !isset($vip['vhid'])) + return ""; - $vhid = $carp['vhid']; + $vhid = $vip['vhid']; $carp_query = ''; $_gb = exec("/sbin/ifconfig $interface | /usr/bin/grep carp: | /usr/bin/grep \"vhid $vhid\"", $carp_query); foreach ($carp_query as $int) { diff --git a/src/etc/inc/shaper.inc b/src/etc/inc/shaper.inc index 5bdafdc..317ed95 100644 --- a/src/etc/inc/shaper.inc +++ b/src/etc/inc/shaper.inc @@ -1455,28 +1455,28 @@ class priq_queue { null, null, !empty($this->GetRed()) - ))->setHelp('<a target="_new" href="http://www.openbsd.org/faq/pf/queueing.html#red">' . gettext('Random Early Detection') . '</a>'); + ))->setHelp('<a target="_new" href="https://web.archive.org/web/20160404153707/http://www.openbsd.org/faq/pf/queueing.html#red">' . gettext('Random Early Detection') . '</a>'); $group->add(new Form_Checkbox( 'rio', null, null, !empty($this->GetRio()) - ))->setHelp('<a target="_new" href="http://www.openbsd.org/faq/pf/queueing.html#rio">' . gettext('Random Early Detection In and Out') . '</a>'); + ))->setHelp('<a target="_new" href="https://web.archive.org/web/20160404153707/http://www.openbsd.org/faq/pf/queueing.html#rio">' . gettext('Random Early Detection In and Out') . '</a>'); $group->add(new Form_Checkbox( 'ecn', null, null, !empty($this->GetEcn()) - ))->setHelp('<a target="_new" href="http://www.openbsd.org/faq/pf/queueing.html#ecn">' . gettext('Explicit Congestion Notification') . '</a>'); + ))->setHelp('<a target="_new" href="https://web.archive.org/web/20160404153707/http://www.openbsd.org/faq/pf/queueing.html#ecn">' . gettext('Explicit Congestion Notification') . '</a>'); $group->add(new Form_Checkbox( 'codel', null, null, !empty($this->GetCodel()) - ))->setHelp('<a target="_new" href="http://www.openbsd.org/faq/pf/queueing.html#ecn">' . gettext('Codel Active Queue') . '</a>'); + ))->setHelp('<a target="_new" href="https://web.archive.org/web/20160404153707/http://www.openbsd.org/faq/pf/queueing.html#ecn">' . gettext('Codel Active Queue') . '</a>'); $group->setHelp('Select options for this queue'); @@ -2267,7 +2267,8 @@ EOJS; 'bandwidth', null, 'number', - $this->GetBandwidth() + $this->GetBandwidth(), + ['step' => 'any', 'min' => '0.000'] )); $group->add(new Form_Select( diff --git a/src/etc/inc/upgrade_config.inc b/src/etc/inc/upgrade_config.inc index 0fd7a79..842ec0e 100644 --- a/src/etc/inc/upgrade_config.inc +++ b/src/etc/inc/upgrade_config.inc @@ -4977,4 +4977,55 @@ function upgrade_155_to_156() { unset($config['system']['crypto_hardware']); } } + +function upgrade_156_to_157() { + global $config; + /* Convert Cloudflare and GratisDNS type DynDNS entries to the new split hostname and domain format */ + + if (!is_array($config['dyndnses'])) { + $config['dyndnses'] = array(); + } + if (!is_array($config['dyndnses']['dyndns'])) { + $config['dyndnses']['dyndns'] = array(); + } + $a_dyndns = &$config['dyndnses']['dyndns']; + + foreach ($a_dyndns as &$dyndns) { + if (($dyndns['type'] == "cloudflare") || ($dyndns['type'] == "cloudflare-v6") || ($dyndns['type'] == "gratisdns")) { + /* Use the old style logic to split the host and domain one last time. */ + $dparts = explode(".", trim($dyndns['host'])); + $domain_part_count = ($dparts[count($dparts)-1] == "uk") ? 3 : 2; + $domain_offset = count($dparts) - $domain_part_count; + $dyndns['host'] = implode(".", array_slice($dparts, 0, $domain_offset)); + $dyndns['domainname'] = implode(".", array_slice($dparts, $domain_offset)); + } + } + + /* unset old pppoerestart cron job if it exists. redmine 1905 */ + if (is_array($config['cron']['item'])) { + foreach ($config['cron']['item'] as $idx => $cronitem) { + if ($cronitem['command'] == "/etc/pppoerestart") { + unset($config['cron']['item'][$idx]); + } + } + } +} + +function upgrade_157_to_158() { + global $config; + /* Convert Dynamic DNS passwords to base64 encoding. Redmine #6688 */ + + if (!is_array($config['dyndnses'])) { + $config['dyndnses'] = array(); + } + if (!is_array($config['dyndnses']['dyndns'])) { + $config['dyndnses']['dyndns'] = array(); + } + $a_dyndns = &$config['dyndnses']['dyndns']; + + foreach ($a_dyndns as &$dyndns) { + $dyndns['password'] = base64_encode($dyndns['password']); + } +} + ?> diff --git a/src/etc/inc/xmlparse.inc b/src/etc/inc/xmlparse.inc index 4be087a..5632e98 100644 --- a/src/etc/inc/xmlparse.inc +++ b/src/etc/inc/xmlparse.inc @@ -226,7 +226,7 @@ function dump_xml_config_sub($arr, $indent) { if (is_array($cval)) { if (empty($cval)) { $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "<$ent/>\n"; + $xmlconfig .= "<$ent></$ent>\n"; } else { $xmlconfig .= str_repeat("\t", $indent); $xmlconfig .= "<$ent>\n"; @@ -240,7 +240,7 @@ function dump_xml_config_sub($arr, $indent) { } $xmlconfig .= str_repeat("\t", $indent); if ((is_bool($cval) && $cval == true) || ($cval === "")) { - $xmlconfig .= "<$ent/>\n"; + $xmlconfig .= "<$ent></$ent>\n"; } else if ((substr($ent, 0, 5) == "descr") || (substr($ent, 0, 6) == "detail") || (substr($ent, 0, 12) == "login_banner") || @@ -257,7 +257,7 @@ function dump_xml_config_sub($arr, $indent) { } } else if (empty($val)) { $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "<$ent/>\n"; + $xmlconfig .= "<$ent></$ent>\n"; } else { /* it's an array */ $xmlconfig .= str_repeat("\t", $indent); @@ -269,7 +269,7 @@ function dump_xml_config_sub($arr, $indent) { } else { if ((is_bool($val) && ($val == true)) || ($val === "")) { $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "<$ent/>\n"; + $xmlconfig .= "<$ent></$ent>\n"; } else if (!is_bool($val)) { $xmlconfig .= str_repeat("\t", $indent); if ((substr($ent, 0, 5) == "descr") || diff --git a/src/etc/inc/xmlreader.inc b/src/etc/inc/xmlreader.inc index f904e97..ee41796 100644 --- a/src/etc/inc/xmlreader.inc +++ b/src/etc/inc/xmlreader.inc @@ -187,7 +187,8 @@ function dump_xml_config_sub(& $writer, $arr) { foreach ($val as $cval) { if (is_array($cval)) { if (empty($cval)) { - $writer->writeElement($ent); + $writer->startElement($ent); + $writer->endElement(); } else { $writer->startElement($ent); dump_xml_config_sub($writer, $cval); @@ -198,14 +199,16 @@ function dump_xml_config_sub(& $writer, $arr) { continue; } if ((is_bool($val) && ($val == true)) || ($val === "")) { - $writer->writeElement($ent); + $writer->startElement($ent); + $writer->endElement(); } else if (!is_bool($val)) { $writer->writeElement($ent, $cval); } } } } else if (empty($val)) { - $writer->writeElement($ent); + $writer->startElement($ent); + $writer->endElement(); } else { /* it's an array */ $writer->startElement($ent); @@ -214,7 +217,8 @@ function dump_xml_config_sub(& $writer, $arr) { } } else { if ((is_bool($val) && ($val == true)) || ($val === "")) { - $writer->writeElement($ent); + $writer->startElement($ent); + $writer->endElement(); } else if (!is_bool($val)) { $writer->writeElement($ent, $val); } @@ -231,6 +235,8 @@ function dump_xml_config($arr, $rootobj) { $listtags[$tag] = $tag; } } + + return dump_xml_config_raw($arr, $rootobj); } diff --git a/src/etc/version b/src/etc/version index f011c81..f8fd14e 100644 --- a/src/etc/version +++ b/src/etc/version @@ -1 +1 @@ -2.4.0-DEVELOPMENT +2.4.0-BETA diff --git a/src/usr/local/www/classes/Form/IpAddress.class.php b/src/usr/local/www/classes/Form/IpAddress.class.php index 036828f..812a2f7 100644 --- a/src/usr/local/www/classes/Form/IpAddress.class.php +++ b/src/usr/local/www/classes/Form/IpAddress.class.php @@ -31,14 +31,19 @@ class Form_IpAddress extends Form_Input switch ($type) { case "BOTH": $this->_attributes['pattern'] = '[a-f0-9:.]*'; + $this->_attributes['title'] = 'An IPv4 address like 1.2.3.4 or an IPv6 address like 1:2a:3b:ffff::1'; + $this->_attributes['onChange'] = 'javascript:this.value=this.value.toLowerCase();'; break; case "V4": $this->_attributes['pattern'] = '[0-9.]*'; + $this->_attributes['title'] = 'An IPv4 address like 1.2.3.4'; break; case "V6": $this->_attributes['pattern'] = '[a-f0-9:]*'; + $this->_attributes['title'] = 'An IPv6 address like 1:2a:3b:ffff::1'; + $this->_attributes['onChange'] = 'javascript:this.value=this.value.toLowerCase();'; break; } } diff --git a/src/usr/local/www/css/pfSense.css b/src/usr/local/www/css/pfSense.css index a2cb099..4e28d80 100644 --- a/src/usr/local/www/css/pfSense.css +++ b/src/usr/local/www/css/pfSense.css @@ -94,6 +94,7 @@ tr.disabled th { .table-responsive { clear: both; margin-bottom: 0px; + overflow-x: visible; /** Required to allow dragging to automatically scroll the page */ } /* navigation */ diff --git a/src/usr/local/www/firewall_aliases_edit.php b/src/usr/local/www/firewall_aliases_edit.php index 56b13f0..44f6550 100644 --- a/src/usr/local/www/firewall_aliases_edit.php +++ b/src/usr/local/www/firewall_aliases_edit.php @@ -132,6 +132,7 @@ if (isset($id) && $a_aliases[$id]) { } if ($_POST) { + unset($input_errors); $vertical_bar_err_text = gettext("Vertical bars (|) at start or end, or double in the middle of descriptions not allowed. Descriptions have been cleaned. Check and save again."); diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php index 28a7ab6..ab17061 100644 --- a/src/usr/local/www/firewall_rules.php +++ b/src/usr/local/www/firewall_rules.php @@ -946,6 +946,9 @@ events.push(function() { $('table tbody.user-entries').sortable({ cursor: 'grabbing', + scroll: true, + overflow: 'scroll', + scrollSensitivity: 100, update: function(event, ui) { $('#order-store').removeAttr('disabled'); reindex_rules(ui.item.parent('tbody')); diff --git a/src/usr/local/www/head.inc b/src/usr/local/www/head.inc index 9a3df33..6a7b0a0 100644 --- a/src/usr/local/www/head.inc +++ b/src/usr/local/www/head.inc @@ -239,7 +239,10 @@ foreach ($opts as $oif => $odescr) { $interfaces_menu[] = array(htmlspecialchars($odescr), "/interfaces.php?if={$oif}"); } } -$interfaces_menu = msort(array_merge($interfaces_menu, return_ext_menu("Interfaces")), 0); + +// Interface list no longer sorted per Redmine #6753 +// $interfaces_menu = msort(array_merge($interfaces_menu, return_ext_menu("Interfaces")), 0); +$interfaces_menu = array_merge($interfaces_menu, return_ext_menu("Interfaces")); // Firewall $firewall_menu = array(); diff --git a/src/usr/local/www/pkg_edit.php b/src/usr/local/www/pkg_edit.php index 7a98908..445bf61 100644 --- a/src/usr/local/www/pkg_edit.php +++ b/src/usr/local/www/pkg_edit.php @@ -171,8 +171,8 @@ if ($_POST) { switch ($fields['type']) { case "rowhelper": // save rowhelper items. - #$rowhelpername=($fields['fieldname'] ? $fields['fieldname'] : "row"); - $rowhelpername="row"; + $rowhelpername=($fields['fieldname'] ? $fields['fieldname'] : "row"); + // $rowhelpername="row"; foreach ($fields['rowhelper']['rowhelperfield'] as $rowhelperfield) { foreach ($_POST as $key => $value) { $matches = array(); @@ -1364,8 +1364,8 @@ foreach ($pkg['fields']['field'] as $pkga) { case "rowhelper": - $rowhelpername="row"; - + // $rowhelpername="row"; + $rowhelpername=($pkga['fieldname'] ? $pkga['fieldname'] : "row"); $rowcounter = 0; $trc = 0; diff --git a/src/usr/local/www/services_dyndns.php b/src/usr/local/www/services_dyndns.php index eb4c16b..a8f17f2 100644 --- a/src/usr/local/www/services_dyndns.php +++ b/src/usr/local/www/services_dyndns.php @@ -33,10 +33,11 @@ if (!is_array($config['dyndnses']['dyndns'])) { } $a_dyndns = &$config['dyndnses']['dyndns']; +global $dyndns_split_domain_types; if ($_GET['act'] == "del") { $conf = $a_dyndns[$_GET['id']]; - if ($conf['type'] == "namecheap") { + if (in_array($conf['type'], $dyndns_split_domain_types)) { $hostname = $conf['host'] . "." . $conf['domainname']; } else { $hostname = $conf['host']; @@ -96,7 +97,7 @@ display_top_tabs($tab_array); <?php $i = 0; foreach ($a_dyndns as $dyndns): - if ($dyndns['type'] == "namecheap") { + if (in_array($dyndns['type'], $dyndns_split_domain_types)) { $hostname = $dyndns['host'] . "." . $dyndns['domainname']; } else { $hostname = $dyndns['host']; diff --git a/src/usr/local/www/services_dyndns_edit.php b/src/usr/local/www/services_dyndns_edit.php index 0e7fb71..55860f0 100644 --- a/src/usr/local/www/services_dyndns_edit.php +++ b/src/usr/local/www/services_dyndns_edit.php @@ -76,6 +76,7 @@ if (isset($id) && isset($a_dyndns[$id])) { } if ($_POST) { + global $dyndns_split_domain_types; unset($input_errors); $pconfig = $_POST; @@ -96,7 +97,7 @@ if ($_POST) { $reqdfieldsn[] = gettext("Password"); $reqdfields[] = "username"; $reqdfieldsn[] = gettext("Username"); - if ($pconfig['type'] == "namecheap") { + if (in_array($pconfig['type'], $dyndns_split_domain_types)) { $reqdfields[] = "domainname"; $reqdfieldsn[] = gettext("Domain name"); } @@ -149,7 +150,7 @@ if ($_POST) { $dyndns['type'] = $_POST['type']; $dyndns['username'] = $_POST['username']; if ($_POST['passwordfld'] != DMYPWD) { - $dyndns['password'] = $_POST['passwordfld']; + $dyndns['password'] = base64_encode($_POST['passwordfld']); } else { $dyndns['password'] = $a_dyndns[$id]['password'];; } @@ -302,7 +303,7 @@ $group->setHelp('Enter the complete fully qualified domain name. Example: myhost 'he.net tunnelbroker: Enter the tunnel ID.' . '<br />' . 'GleSYS: Enter the record ID.' . '<br />' . 'DNSimple: Enter only the domain name.' . '<br />' . - 'Namecheap: Enter the hostname and the domain separately, with the domain being the domain or subdomain zone being handled by Namecheap.'); + 'Namecheap, Cloudflare, GratisDNS: Enter the hostname and the domain separately, with the domain being the domain or subdomain zone being handled by the provider.'); $section->add($group); @@ -459,6 +460,9 @@ events.push(function() { hideInput('ttl', false); break; case "namecheap": + case "cloudflare-v6": + case "cloudflare": + case "gratisdns": hideGroupInput('domainname', false); hideInput('resultmatch', true); hideInput('updateurl', true); diff --git a/src/usr/local/www/services_unbound_host_edit.php b/src/usr/local/www/services_unbound_host_edit.php index 93e01fe..f9bd615 100644 --- a/src/usr/local/www/services_unbound_host_edit.php +++ b/src/usr/local/www/services_unbound_host_edit.php @@ -308,3 +308,12 @@ $form->add($section); print($form); include("foot.inc"); +?> +<script type="text/javascript"> +//<![CDATA[ + events.push(function() { + // Suppress "Delete row" button if there are fewer than two rows + checkLastRow(); +}); +//]]> +</script>
\ No newline at end of file diff --git a/src/usr/local/www/system_gateways.php b/src/usr/local/www/system_gateways.php index 1da123d..9eb95de 100644 --- a/src/usr/local/www/system_gateways.php +++ b/src/usr/local/www/system_gateways.php @@ -119,6 +119,14 @@ function delete_gateway_item($id) { return; } + /* If the removed gateway was the default route, remove the default route */ + if (!empty($a_gateways[$id]) && is_ipaddr($a_gateways[$id]['gateway']) && + !isset($a_gateways[$id]['disabled']) && + isset($a_gateways[$id]['defaultgw'])) { + $inet = (!is_ipaddrv4($a_gateways[$id]['gateway']) ? '-inet6' : '-inet'); + mwexec("/sbin/route delete {$inet} default"); + } + /* NOTE: Cleanup static routes for the interface route if any */ if (!empty($a_gateways[$id]) && is_ipaddr($a_gateways[$id]['gateway']) && $gateway['gateway'] != $a_gateways[$id]['gateway'] && @@ -195,6 +203,12 @@ if (isset($_POST['del_x'])) { if ($ok_to_toggle) { if ($disable_gw) { $a_gateway_item[$realid]['disabled'] = true; + /* If the disabled gateway was the default route, remove the default route */ + if (!empty($a_gateway_item[$realid]) && is_ipaddr($a_gateway_item[$realid]['gateway']) && + isset($a_gateway_item[$realid]['defaultgw'])) { + $inet = (!is_ipaddrv4($a_gateway_item[$realid]['gateway']) ? '-inet6' : '-inet'); + mwexec("/sbin/route delete {$inet} default"); + } } else { unset($a_gateway_item[$realid]['disabled']); } diff --git a/src/usr/local/www/system_gateways_edit.php b/src/usr/local/www/system_gateways_edit.php index bf5211b..0903aea 100644 --- a/src/usr/local/www/system_gateways_edit.php +++ b/src/usr/local/www/system_gateways_edit.php @@ -494,6 +494,15 @@ if ($_POST) { if (isset($_POST['disabled'])) { $gateway['disabled'] = true; + /* Check if the gateway was enabled but changed to disabled. */ + if ((isset($realid) && $a_gateway_item[$realid]) && ($pconfig['disabled'] == false)) { + /* If the disabled gateway was the default route, remove the default route */ + if (is_ipaddr($gateway['gateway']) && + isset($gateway['defaultgw'])) { + $inet = (!is_ipaddrv4($gateway['gateway']) ? '-inet6' : '-inet'); + mwexec("/sbin/route delete {$inet} default"); + } + } } else { unset($gateway['disabled']); } diff --git a/src/usr/local/www/vpn_ipsec_phase1.php b/src/usr/local/www/vpn_ipsec_phase1.php index b34d15b..64de38f 100644 --- a/src/usr/local/www/vpn_ipsec_phase1.php +++ b/src/usr/local/www/vpn_ipsec_phase1.php @@ -659,7 +659,7 @@ $section->addInput(new Form_Select( 'iketype', 'Key Exchange version', $pconfig['iketype'], - array("ikev1" => "V1", "ikev2" => "V2", "auto" => gettext("Auto")) + array("ikev1" => "IKEv1", "ikev2" => "IKEv2", "auto" => gettext("Auto")) ))->setHelp('Select the Internet Key Exchange protocol version to be used. Auto uses IKEv2 when initiator, and accepts either IKEv1 or IKEv2 as responder.'); $section->addInput(new Form_Select( diff --git a/src/usr/local/www/widgets/widgets/dyn_dns_status.widget.php b/src/usr/local/www/widgets/widgets/dyn_dns_status.widget.php index 526fd0f..c622744 100644 --- a/src/usr/local/www/widgets/widgets/dyn_dns_status.widget.php +++ b/src/usr/local/www/widgets/widgets/dyn_dns_status.widget.php @@ -21,6 +21,7 @@ */ $nocsrf = true; +global $dyndns_split_domain_types; require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); @@ -51,7 +52,7 @@ if ($_REQUEST['getdyndnsstatus']) { echo "|"; } $cache_sep = ":"; - if ($dyndns['type'] == "namecheap") { + if (in_array($dyndns['type'], $dyndns_split_domain_types)) { $hostname = $dyndns['host'] . "." . $dyndns['domainname']; } elseif (empty($dyndns['type'])) { /* RFC2136, add some dummy values */ @@ -100,7 +101,7 @@ if ($_REQUEST['getdyndnsstatus']) { <tbody> <?php $dyndnsid = 0; foreach ($all_dyndns as $dyndns): - if ($dyndns['type'] == "namecheap") { + if (in_array($dyndns['type'], $dyndns_split_domain_types)) { $hostname = $dyndns['host'] . "." . $dyndns['domainname']; } elseif (empty($dyndns['type'])) { /* RFC2136, add some dummy values */ diff --git a/src/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc b/src/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc index 7ac38ec..1ebf6f0 100644 --- a/src/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc +++ b/src/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc @@ -696,71 +696,72 @@ function apply_all_chosen_items() { $upfactor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); $upbw = floatval($config['ezshaper']['step2']["conn{$i}upload"]) * $upfactor; - if ($config['ezshaper']['step3']['enable']) { - $voip = true; - $voipbw = $config['ezshaper']['step3']["conn{$i}upload"]; - $voipbwunit = $config['ezshaper']['step3']["conn{$i}uploadspeed"]; - if ($voipbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += $voipbw * $factor; - } - if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") + if ($sched != "PRIQ" && $config['ezshaper']['step3']['enable']) { + $voip = true; + $voipbw = $config['ezshaper']['step3']["conn{$i}upload"]; + $voipbwunit = $config['ezshaper']['step3']["conn{$i}uploadspeed"]; + if ($voipbwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($voipbwunit); + $remainbw += $voipbw * $factor; + } + if ($sched != "PRIQ" && $config['ezshaper']['step4']['enable']) { + $penalty = true; + $penaltybw = $config['ezshaper']['step4']['bandwidth']; + $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; + if ($penaltybwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($penaltybwunit); + $remainbw += $penaltybw * $factor; + } else { + $penalty = false; + $penaltybw = 0; + } + if ($sched != "PRIQ" && $config['ezshaper']['step5']['enable']) { + $p2p = true; + if ($config['ezshaper']['step5']['p2pcatchall']) { + $p2pcatchall = true; + $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; + $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; + if ($p2pcatchbwunit == "%") $factor = $upbw/100; else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += $penaltybw * $factor; - } else { - $penalty = false; - $penaltybw = 0; - } - if ($config['ezshaper']['step5']['enable']) { - $p2p = true; - if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += $p2pcatchbw * $factor; - } else { - $p2pcatchall = false; - $p2pcatchbw = 0; - } + $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); + $remainbw += $p2pcatchbw * $factor; } else { - $p2p = false; $p2pcatchall = false; $p2pcatchbw = 0; } - if ($config['ezshaper']['step6']['enable']) { - $games = true; - } else { - $games = false; - } - - if ($config['ezshaper']['step7']['enable']) { - $otherpriority = true; - } else { - $otherpriority = false; - } - $remainbw = round($remainbw / $upbw * 100, 2); + } else { + $p2p = false; + $p2pcatchall = false; + $p2pcatchbw = 0; + } + if ($config['ezshaper']['step6']['enable']) { + $games = true; + } else { + $games = false; + } - if (intval($remainbw) > 0 && intval($remainbw) > 30) { - $savemsg=gettext("Custom Bandwidths are greater than 30%. Please lower them for the wizard to continue."); - header("Location: wizard.php?xml=traffic_shaper_wizard_dedicated.xml&stepid=2&message={$savemsg}"); - exit; - } else { - $remainbw = 100 - $remainbw; - } + if ($config['ezshaper']['step7']['enable']) { + $otherpriority = true; + } else { + $otherpriority = false; + } if ($sched != "PRIQ") { + $remainbw = round($remainbw / $upbw * 100, 2); + + if (intval($remainbw) > 0 && intval($remainbw) > 30) { + $savemsg=gettext("Custom Bandwidths are greater than 30%. Please lower them for the wizard to continue."); + header("Location: wizard.php?xml=traffic_shaper_wizard_dedicated.xml&stepid=2&message={$savemsg}"); + exit; + } else { + $remainbw = 100 - $remainbw; + } + if ($sched == "CBQ") $q =& new cbq_queue(); else if ($sched == "HFSC") @@ -1078,7 +1079,7 @@ function apply_all_chosen_items() { $otherpriority = false; $remainbw = 0; - if ($config['ezshaper']['step3']['enable']) { + if ($sched != "PRIQ" && $config['ezshaper']['step3']['enable']) { $voip = true; $voipbw = $config['ezshaper']['step3']["local{$i}download"]; $voipbwunit = $config['ezshaper']['step3']["local{$i}downloadspeed"]; @@ -1087,43 +1088,43 @@ function apply_all_chosen_items() { $factor = $downbw/100; else $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += floatval($voipbw) * $factor; - } else + $remainbw += floatval($voipbw) * $factor; + } else $remainbw += 32000; /* 32Kbit/s reserved for HFSC link sharing */ - } - if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") - $factor = $downbw/100; - else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += floatval($penaltybw) * $factor; - } else { - $penalty = false; - $penaltybw = 0; - } - if ($config['ezshaper']['step5']['enable']) { - $p2p = true; - if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") + } + if ($sched != "PRIQ" && $config['ezshaper']['step4']['enable']) { + $penalty = true; + $penaltybw = $config['ezshaper']['step4']['bandwidth']; + $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; + if ($penaltybwunit == "%") $factor = $downbw/100; else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += floatval($p2pcatchbw) * $factor; + $factor = wizard_get_bandwidthtype_scale($penaltybwunit); + $remainbw += floatval($penaltybw) * $factor; } else { + $penalty = false; + $penaltybw = 0; + } + if ($sched != "PRIQ" && $config['ezshaper']['step5']['enable']) { + $p2p = true; + if ($config['ezshaper']['step5']['p2pcatchall']) { + $p2pcatchall = true; + $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; + $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; + if ($p2pcatchbwunit == "%") + $factor = $downbw/100; + else + $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); + $remainbw += floatval($p2pcatchbw) * $factor; + } else { + $p2pcatchall = false; + $p2pcatchbw = 0; + } + } else { + $p2p = false; $p2pcatchall = false; $p2pcatchbw = 0; } - } else { - $p2p = false; - $p2pcatchall = false; - $p2pcatchbw = 0; - } if ($config['ezshaper']['step6']['enable']) { $games = true; } else { @@ -1135,16 +1136,18 @@ function apply_all_chosen_items() { } else { $otherpriority = false; } - $remainbw = round($remainbw / $downbw * 100, 2); - if (intval($remainbw) > 0 && intval($remainbw) > 40) { - $savemsg=gettext("Custom Bandwidths are greater than 40%. Please lower them for the wizard to continue."); - header("Location: wizard.php?xml=traffic_shaper_wizard_dedicated.xml&stepid=2&message={$savemsg}"); - exit; - } else { - $remainbw = 100 - $remainbw; + if ($sched != "PRIQ") { + $remainbw = round($remainbw / $downbw * 100, 2); + if (intval($remainbw) > 0 && intval($remainbw) > 40) { + $savemsg=gettext("Custom Bandwidths are greater than 40%. Please lower them for the wizard to continue."); + header("Location: wizard.php?xml=traffic_shaper_wizard_dedicated.xml&stepid=2&message={$savemsg}"); + exit; + } else { + $remainbw = 100 - $remainbw; + } + $downqbw = $downbw; } - $downqbw = $downbw; if (!$p2pcatchall) { if ($sched == "PRIQ") $q =& new priq_queue(); diff --git a/src/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc b/src/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc index 5cfba52..4a83c42 100644 --- a/src/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc +++ b/src/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc @@ -876,14 +876,14 @@ function apply_all_chosen_items() { $tmpcf['enabled'] = "on"; If ($sched == "CBQ") { $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.2; + $tmpcf['bandwidth'] = intval($remainbw * 0.2); $tmpcf['bandwidthtype'] = "%"; } else if ($sched == "HFSC") { $lkbw = 0.20 * $remainbw; - $tmpcf['linkshare3'] = "{$lkbw}%"; + $tmpcf['linkshare3'] = intval($lkbw) . "%"; $tmpcf['linkshare'] = "on"; - $tmpcf['bandwidth'] = $lkbw; + $tmpcf['bandwidth'] = intval($lkbw); $tmpcf['bandwidthtype'] = "%"; } array_push($tmppath, "qACK"); |
