summaryrefslogtreecommitdiffstats
path: root/usr/local
diff options
context:
space:
mode:
Diffstat (limited to 'usr/local')
-rwxr-xr-xusr/local/www/crash_reporter.php2
-rw-r--r--usr/local/www/diag_ipsec.php260
-rwxr-xr-xusr/local/www/firewall_rules_edit.php6
-rwxr-xr-xusr/local/www/pkg_mgr_installed.php2
-rwxr-xr-xusr/local/www/services_dhcp.php17
-rw-r--r--usr/local/www/system_groupmanager.php4
6 files changed, 173 insertions, 118 deletions
diff --git a/usr/local/www/crash_reporter.php b/usr/local/www/crash_reporter.php
index 075bab5..92ca317 100755
--- a/usr/local/www/crash_reporter.php
+++ b/usr/local/www/crash_reporter.php
@@ -124,7 +124,7 @@ exec("/usr/bin/grep -vi warning /tmp/PHP_errors.log", $php_errors);
echo "Could not find any crash files.";
}
} else if(gettext($_POST['Submit']) == "No") {
- array_map('unlink', glob("rm /var/crash/*"));
+ array_map('unlink', glob("/var/crash/*"));
// Erase the contents of the PHP error log
fclose(fopen("/tmp/PHP_errors.log", 'w'));
Header("Location: /");
diff --git a/usr/local/www/diag_ipsec.php b/usr/local/www/diag_ipsec.php
index f780587..ca0eba5 100644
--- a/usr/local/www/diag_ipsec.php
+++ b/usr/local/www/diag_ipsec.php
@@ -96,125 +96,159 @@ $status = ipsec_smp_dump_status();
</tr>
<tr>
<td>
- <div id="mainarea">
- <table width="100%" border="0" cellpadding="6" cellspacing="0" class="tabcont sortable">
- <thead>
+ <div id="mainarea">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0" class="tabcont sortable">
+ <thead>
+ <tr>
+ <th nowrap class="listhdrr"><?php echo gettext("Description");?></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Local ID");?></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Local IP");?></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Remote ID");?></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Remote IP");?></a></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Role");?></a></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Status");?></a></th>
+ </tr>
+ </thead>
+ <tbody>
+<?php
+ if (is_array($status['query']) && is_array($status['query']['ikesalist']) && is_array($status['query']['ikesalist']['ikesa'])) {
+ foreach ($status['query']['ikesalist']['ikesa'] as $ikeid => $ikesa) {
+?>
+ <tr>
+ <td class="listlr">
+ <?php echo htmlspecialchars($ikesa['peerconfig']);?>
+ </td>
+ <td class="listr">
+ <?php if (!is_array($ikesa['local']))
+ echo "Unknown";
+ else {
+ if (!empty($ikesa['local']['identification']))
+ echo htmlspecialchars($ikesa['local']['identification']) . '<br/>' . htmlspecialchars($ikesa['local']['spi']);
+ else
+ echo 'Unknown';
+ }
+ ?>
+ </td>
+ <td class="listr">
+ <?php if (!is_array($ikesa['local']))
+ echo "Unknown";
+ else {
+ if (!empty($ikesa['local']['address']))
+ echo htmlspecialchars($ikesa['local']['address']) . ':' . htmlspecialchars($ikesa['local']['port']);
+ else
+ echo 'Unknown';
+ if ($ikesa['local']['nat'])
+ echo " NAT-T";
+ }
+ ?>
+ </td>
+ <td class="listr">
+ <?php if (!is_array($ikesa['remote']))
+ echo "Unknown";
+ else {
+ if (!empty($ikesa['remote']['identification']))
+ echo htmlspecialchars($ikesa['remote']['identification']) . '<br/>' . htmlspecialchars($ikesa['remote']['spi']);
+ else
+ echo 'Unknown';
+ }
+ ?>
+ </td>
+ <td class="listr">
+ <?php if (!is_array($ikesa['remote']))
+ echo "Unknown";
+ else {
+ if (!empty($ikesa['remote']['address']))
+ echo htmlspecialchars($ikesa['remote']['address']) . ':' . htmlspecialchars($ikesa['remote']['port']);
+ else
+ echo 'Unknown';
+ if ($ikesa['remote']['nat'])
+ echo " NAT-T";
+ }
+ ?>
+ </td>
+ <td class="listr">
+ <?php echo htmlspecialchars($ikesa['role']);?>
+ </td>
+ <td class="listr">
+ <?php echo htmlspecialchars($ikesa['status']);?>
+ </td>
+ <td class="listbg">
+ <?php ?> &nbsp;
+ </td>
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ </table>
+ </td>
+ </tr>
+ <?php if (is_array($ikesa['childsalist'])): ?>
+ <tr>
+ <td class="listrborder" colspan="7">
+ <div id="btnchildsa-<?=$ikeid;?>">
+ <input type="button" onClick="show_childsa('childsa-<?=$ikeid;?>','btnchildsa-<?=$ikeid;?>');" value="+"></input> - Show child SA entries</a>
+ </div>
+ <table class="tabcont" width="100%" height="100%" border="0" cellspacing="0" cellpadding="0" id="childsa-<?=$ikeid;?>" style="display:none">
+ <thead>
<tr>
- <th nowrap class="listhdrr"><?php echo gettext("Local IP");?></th>
- <th nowrap class="listhdrr"><?php echo gettext("Remote IP");?></a></th>
- <th nowrap class="listhdrr"><?php echo gettext("Local Network");?></th>
- <th nowrap class="listhdrr"><?php echo gettext("Remote Network");?></a></th>
- <th nowrap class="listhdrr"><?php echo gettext("Description");?></a></th>
- <th nowrap class="listhdrr"><?php echo gettext("Status");?></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Local subnets");?></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Local SPI");?></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Remote SPI");?></th>
+ <th nowrap class="listhdrr"><?php echo gettext("Remote subnets");?></th>
</tr>
- </thead>
- <tbody>
- <?php
- foreach ($a_phase2 as $ph2ent) {
- if ($ph2ent['remoteid']['type'] == "mobile")
- continue;
- ipsec_lookup_phase1($ph2ent,$ph1ent);
- if (!isset($ph2ent['disabled']) && !isset($ph1ent['disabled'])) {
- if(ipsec_phase2_status($spd,$sad,$ph1ent,$ph2ent)) {
- $icon = "pass";
- $status = "Active";
- } elseif(!isset($config['ipsec']['enable'])) {
- $icon = "block";
- $status = "Disabled";
- } else {
- $icon = "reject";
- $status = "Error";
- }
- ?>
- <tr>
- <td class="listlr">
- <?php echo htmlspecialchars(ipsec_get_phase1_src($ph1ent));?>
- </td>
- <td class="listr">
- <?php echo htmlspecialchars($ph1ent['remote-gateway']);?>
+ </thead>
+ <tbody>
+ <?php
+ if (is_array($ikesa['childsalist']['childsa'])) {
+ foreach ($ikesa['childsalist']['childsa'] as $childsa) {
+ ?>
+ <tr valign="top">
+ <td nowrap class="listlr">
+ <?php if (is_array($childsa['local']) && is_array($childsa['local']['networks']) && is_array($childsa['local']['networks']['network'])) {
+ foreach ($childsa['local']['networks']['network'] as $lnets) {
+ echo htmlspecialchars($lnets) . "<br/>";
+ }
+ } else
+ echo "Unknown";
+ ?>
</td>
- <td class="listr">
- <?php echo ipsec_idinfo_to_text($ph2ent['localid']); ?>
+ <td nowrap class="listr">
+ <?php if (is_array($childsa['local']))
+ echo htmlspecialchars($childsa['local']['spi']);
+ ?>
</td>
- <td class="listr">
- <?php echo ipsec_idinfo_to_text($ph2ent['remoteid']); ?>
+ <td nowrap class="listr">
+ <?php if (is_array($childsa['remote']))
+ echo htmlspecialchars($childsa['remote']['spi']);
+ ?>
</td>
- <td class="listr"><?php echo htmlspecialchars($ph2ent['descr']);?></td>
- <td class="listr">
- <center>
- <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_<?php echo $icon; ?>.gif" title="<?php echo $status; ?>">
- </center>
+ <td nowrap class="listlr">
+ <?php if (is_array($childsa['remote']) && is_array($childsa['remote']['networks']) && is_array($childsa['remote']['networks']['network'])) {
+ foreach ($childsa['remote']['networks']['network'] as $rnets) {
+ echo htmlspecialchars($rnets) . "<br/>";
+ }
+ } else
+ echo "Unknown";
+ ?>
</td>
- <td class="list">
- <?php
- $source = "";
- $ip_interface = null;
- $ip_alias = null;
- $localinfo = ipsec_idinfo_to_cidr($ph2ent['localid'], false, $ph2ent['mode']);
- list($localip, $localsub) = explode("/", $localinfo);
- $ip_interface = find_ip_interface($localip, $localsub);
- if (!$ip_interface)
- $ip_alias = find_virtual_ip_alias($localip, $localsub);
- if ($ip_interface) {
- if (is_ipaddrv6($localip))
- $source = get_interface_ipv6($ip_interface);
- else
- $source = get_interface_ip($ip_interface);
- } else if ($ip_alias) {
- $source = $ip_alias['subnet'];
- }
- if (!empty($ph2ent['pinghost']))
- $remoteid = $ph2ent['pinghost'];
- else
- $remoteid = $ph2ent['remoteid']['address'];
- ?>
- <?php if (($ph2ent['remoteid']['type'] != "mobile") && ($icon != "pass") && ($source != "")): ?>
- <center>
- <a href="diag_ipsec.php?act=connect&amp;remoteid=<?php echo $remoteid; ?>&amp;source=<?php echo $source; ?>">
- <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_service_start.gif" alt="Connect VPN" title="Connect VPN" border="0">
- </a>
- </center>
- <?php else: ?>
- &nbsp;
- <?php endif; ?>
+ <td nowrap class="list">
+ &nbsp;
</td>
</tr>
- <?php
- }
- }
- ?>
- </tbody>
- </table>
- <?php if (isset($config['ipsec']['client']['enable'])): ?>
- <table width="100%" border="0" cellpadding="6" cellspacing="0" class="tabcont sortable">
- <thead>
- <tr>
- <th nowrap class="listhdrr"><?php echo gettext("Mobile User");?></th>
- <th nowrap class="listhdrr"><?php echo gettext("Login Time");?></a></th>
- <th nowrap class="listhdrr"><?php echo gettext("Local");?></th>
- <th nowrap class="listhdrr"><?php echo gettext("Remote");?></a></th>
- <th nowrap class="list">&nbsp;</th>
- </tr>
- </thead>
- <tbody>
- <?php foreach ($mobile as $muser): ?>
- <tr>
- <td class="listlr"><?php echo $muser['username']; ?></td>
- <td class="listr" align="center"><?php echo $muser['logintime']; ?></td>
- <td class="listr" align="center"><?php echo $muser['local']; ?></td>
- <td class="listr" align="center"><?php echo $muser['remote']; ?></td>
- <td class="list" align="center"><a href="diag_ipsec.php?act=disconnect&user=<?php echo $muser['username']; ?>"><img src='/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif' height='17' width='17' border='0'/></a></td>
- </tr>
- <?php endforeach; ?>
- </tbody>
+ <?php } } ?>
+ </tbody>
</table>
- <?php endif; ?>
- </div>
- </td>
+ </td>
+ </tr>
+ <?php endif;
+ }
+ }
+?>
+ </tbody>
+ </table>
+ </div>
+ </td>
</tr>
</table>
-
-<p/>
+</div>
<span class="vexpl">
<span class="red">
@@ -223,7 +257,13 @@ $status = ipsec_smp_dump_status();
<?php echo gettext("You can configure IPsec");?>
<a href="vpn_ipsec.php">here</a>.
</span>
-
-<?php include("fend.inc"); ?>
+<?php unset($status); include("fend.inc"); ?>
+<script type="text/javascript">
+function show_childsa(id, buttonid) {
+ document.getElementById(buttonid).innerHTML='';
+ aodiv = document.getElementById(id);
+ aodiv.style.display = "block";
+}
+</script>
</body>
</html>
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index 9020ac0..f2c3479 100755
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -423,11 +423,11 @@ if ($_POST) {
$input_errors[] = gettext("You can not use IPv6 addresses in IPv4 rules.");
if((is_ipaddrv4($_POST['src']) || is_ipaddrv4($_POST['dst'])) && ($_POST['ipprotocol'] == "inet6"))
$input_errors[] = gettext("You can not use IPv4 addresses in IPv6 rules.");
- if((is_ipaddr($_POST['src']) || is_ipaddr($_POST['dst'])) && ($_POST['ipprotocol'] == "inet46"))
- $input_errors[] = gettext("You can not use a IPv4 or IPv6 address in combined IPv4 + IPv6 rules.");
-
}
+ if((is_ipaddr($_POST['src']) || is_ipaddr($_POST['dst'])) && ($_POST['ipprotocol'] == "inet46"))
+ $input_errors[] = gettext("You can not use a IPv4 or IPv6 address in combined IPv4 + IPv6 rules.");
+
if ($_POST['srcbeginport'] > $_POST['srcendport']) {
/* swap */
$tmp = $_POST['srcendport'];
diff --git a/usr/local/www/pkg_mgr_installed.php b/usr/local/www/pkg_mgr_installed.php
index 03d5441..1308213 100755
--- a/usr/local/www/pkg_mgr_installed.php
+++ b/usr/local/www/pkg_mgr_installed.php
@@ -206,7 +206,7 @@ include("head.inc");
<?php endif; ?>
</td>
<td valign="middle" class="list nowrap">
- <a onclick="return confirm('<?=gettext("Do you really want to remove {$pkg['name']} package?"); ?>')" href="pkg_mgr_install.php?mode=delete&amp;pkg=<?= $pkg['name']; ?>">
+ <a href="pkg_mgr_install.php?mode=delete&amp;pkg=<?= $pkg['name']; ?>">
<img <?=domTT_title(gettext("Remove ".ucfirst($pkg['name'])." package."))?> src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" />
</a>
<br/>
diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php
index b364768..da5e849 100755
--- a/usr/local/www/services_dhcp.php
+++ b/usr/local/www/services_dhcp.php
@@ -196,6 +196,8 @@ if (is_array($dhcpdconf)) {
$pconfig['netboot'] = isset($dhcpdconf['netboot']);
$pconfig['nextserver'] = $dhcpdconf['nextserver'];
$pconfig['filename'] = $dhcpdconf['filename'];
+ $pconfig['filename32'] = $dhcpdconf['filename32'];
+ $pconfig['filename64'] = $dhcpdconf['filename64'];
$pconfig['rootpath'] = $dhcpdconf['rootpath'];
$pconfig['netmask'] = $dhcpdconf['netmask'];
$pconfig['numberoptions'] = $dhcpdconf['numberoptions'];
@@ -497,6 +499,8 @@ if ($_POST) {
$dhcpdconf['netboot'] = ($_POST['netboot']) ? true : false;
$dhcpdconf['nextserver'] = $_POST['nextserver'];
$dhcpdconf['filename'] = $_POST['filename'];
+ $dhcpdconf['filename32'] = $_POST['filename32'];
+ $dhcpdconf['filename64'] = $_POST['filename64'];
$dhcpdconf['rootpath'] = $_POST['rootpath'];
// Handle the custom options rowhelper
@@ -636,6 +640,8 @@ include("head.inc");
document.iform.netboot.disabled = endis;
document.iform.nextserver.disabled = endis;
document.iform.filename.disabled = endis;
+ document.iform.filename32.disabled = endis;
+ document.iform.filename64.disabled = endis;
document.iform.rootpath.disabled = endis;
document.iform.denyunknown.disabled = endis;
}
@@ -1080,10 +1086,15 @@ include("head.inc");
<b><?=gettext("Enables network booting.");?></b>
<p>
<?=gettext("Enter the IP of the"); ?> <b><?=gettext("next-server"); ?></b>
- <input name="nextserver" type="text" class="formfld unknown" id="nextserver" size="20" value="<?=htmlspecialchars($pconfig['nextserver']);?>">
- <?=gettext("and the filename");?>
- <input name="filename" type="text" class="formfld unknown" id="filename" size="20" value="<?=htmlspecialchars($pconfig['filename']);?>"><br>
+ <input name="nextserver" type="text" class="formfld unknown" id="nextserver" size="20" value="<?=htmlspecialchars($pconfig['nextserver']);?>"><br>
+ <?=gettext("and the default bios filename");?>
+ <input name="filename" type="text" class="formfld unknown" id="filename" size="20" value="<?=htmlspecialchars($pconfig['filename']);?>"><br>
+ <?=gettext("and the UEFI 32bit filename ");?>
+ <input name="filename32" type="text" class="formfld unknown" id="filename32" size="20" value="<?=htmlspecialchars($pconfig['filename32']);?>"><br>
+ <?=gettext("and the UEFI 64bit filename ");?>
+ <input name="filename64" type="text" class="formfld unknown" id="filename64" size="20" value="<?=htmlspecialchars($pconfig['filename64']);?>"><br>
<?=gettext("Note: You need both a filename and a boot server configured for this to work!");?>
+ <?=gettext("You will need all three filenames and a boot server configured for UEFI to work!");?>
<p>
<?=gettext("Enter the"); ?> <b><?=gettext("root-path"); ?></b>-<?=gettext("string");?>
<input name="rootpath" type="text" class="formfld unknown" id="rootpath" size="90" value="<?=htmlspecialchars($pconfig['rootpath']);?>"><br>
diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php
index a02e986..f7a9e61 100644
--- a/usr/local/www/system_groupmanager.php
+++ b/usr/local/www/system_groupmanager.php
@@ -64,7 +64,9 @@ if ($_GET['act'] == "delgroup") {
exit;
}
+ conf_mount_rw();
local_group_del($a_group[$_GET['id']]);
+ conf_mount_ro();
$groupdeleted = $a_group[$_GET['id']]['name'];
unset($a_group[$_GET['id']]);
write_config();
@@ -154,7 +156,9 @@ if ($_POST) {
$a_group[] = $group;
}
+ conf_mount_rw();
local_group_set($group);
+ conf_mount_ro();
/* Refresh users in this group since their privileges may have changed. */
if (is_array($group['member'])) {
OpenPOWER on IntegriCloud