diff options
Diffstat (limited to 'usr')
43 files changed, 838 insertions, 525 deletions
diff --git a/usr/local/pkg/openntpd.inc b/usr/local/pkg/openntpd.inc index c4914b8..dcbb50a 100644 --- a/usr/local/pkg/openntpd.inc +++ b/usr/local/pkg/openntpd.inc @@ -21,7 +21,7 @@ EOD; function openntpd_get_iface_ip($iface) { $iface = convert_friendly_interface_to_real_interface_name($iface); - $line = trim(shell_exec("ifconfig $iface | grep inet | grep -v inet6")); + $line = trim(shell_exec("ifconfig " . escapeshellarg($iface) . " | grep inet | grep -v inet6")); list($dummy, $ip, $dummy2, $dummy3) = explode(' ', $line); return $ip; diff --git a/usr/local/share/pbi-keys/pfSense-BETA.ssl b/usr/local/share/pbi-keys/pfSense-BETA.ssl new file mode 100644 index 0000000..69ced3a --- /dev/null +++ b/usr/local/share/pbi-keys/pfSense-BETA.ssl @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvl/Zi/Lj5p4cofA9pCIg +ylSFUNZAIrJHhWE4x1jHr43Ez24RbbNQu2BfsaOGaCOnxBDk6xRNHkxWjUdFQIkc +0R5lTLDiOnuJLB4nbA1FjVdygIeiikYHPnTQO2zaBAHX0O2k/ywNds+4HeKpf29S +7NtqIeePMt8MlSqXJdyopZynAa+EF53q/0ude9fzvpITOtSogaJ78jlr3mLQmLeF ++flXBfV6sTe7bvVseFng+SuY8iAIsQqq58QrSlPcA7O2qNBlscqfJNFrZ2OCU4nZ +7sXKqPWtIyZqCgH8XKv0ALwaDUt/F+XoAfod8kADXqhkIafx5dnbJ1ro0hffxi8Z +SLia6heHvxLb2Ia9S7tteC3yaSa/Assq7anKefRpEDpSJFWTI+imdjHjteNpKrYz +8WDPl5Rn3cOYgU1n73w+O9Km2VtO7Szhi6gh+EJ6+NXOmoUA4LHhVZYtfR3wFQtu +jWazGigk3g0kXRh/wA7YLiLHbsgNT6zAnIk34UVx9agugYEUUjpsCAKUOxUSZNx7 +H0ow1zRNaE3cyMQAuxXy4opTnls9hiS5TpN1dstxviPgNj8/udykzJyeGFRVo5Tu +iCcmBGizyK8n+9M1O5SAPpInukK5uR2sYYJhO8B8SOQTkbsBO55nip6wDQQx2ewE +Rsvesuw3X/Mq/5hJ2DT8StkCAwEAAQ== +-----END PUBLIC KEY----- diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php index 8655bba..192875e 100644 --- a/usr/local/www/carp_status.php +++ b/usr/local/www/carp_status.php @@ -34,7 +34,6 @@ ##|-PRIV /* - pfSense_BUILDER_BINARIES: /sbin/sysctl pfSense_MODULE: carp */ @@ -56,34 +55,34 @@ if($_POST['carp_maintenancemode'] <> "") { } if($_POST['disablecarp'] <> "") { if($status == true) { - mwexec("/sbin/sysctl net.inet.carp.allow=0"); + set_single_sysctl('net.inet.carp.allow', '0'); if(is_array($config['virtualip']['vip'])) { $viparr = &$config['virtualip']['vip']; - foreach ($viparr as $vip) { - switch ($vip['mode']) { - case "carp": - interface_vip_bring_down($vip); - sleep(1); - break; - } - } - } + foreach ($viparr as $vip) { + switch ($vip['mode']) { + case "carp": + interface_vip_bring_down($vip); + sleep(1); + break; + } + } + } $savemsg = sprintf(gettext("%s IPs have been disabled. Please note that disabling does not survive a reboot."), $carp_counter); } else { $savemsg = gettext("CARP has been enabled."); if(is_array($config['virtualip']['vip'])) { - $viparr = &$config['virtualip']['vip']; - foreach ($viparr as $vip) { + $viparr = &$config['virtualip']['vip']; + foreach ($viparr as $vip) { switch ($vip['mode']) { - case "carp": - interface_carp_configure($vip); - sleep(1); + case "carp": + interface_carp_configure($vip); + sleep(1); break; - } - } - } + } + } + } interfaces_carp_setup(); - mwexec("/sbin/sysctl net.inet.carp.allow=1"); + set_single_sysctl('net.inet.carp.allow', '1'); } } diff --git a/usr/local/www/diag_dns.php b/usr/local/www/diag_dns.php index fcdd330..c217d7f 100644 --- a/usr/local/www/diag_dns.php +++ b/usr/local/www/diag_dns.php @@ -38,16 +38,17 @@ require("guiconfig.inc"); if ($_GET['host']) $_POST = $_GET; -if($_GET['createalias'] == "true") { - $host = trim($_POST['host']); +$host = trim($_POST['host'], " \t\n\r\0\x0B[];\"'"); +$host_esc = escapeshellarg($host); + +if($_GET['createalias'] == "true" && (is_hostname($host) || is_ipaddr($host))) { if($_GET['override']) $override = true; $a_aliases = &$config['aliases']['alias']; $type = "hostname"; $resolved = gethostbyname($host); if($resolved) { - $host = trim($_POST['host']); - $drill=`/usr/bin/drill "$host" A | grep "$host" | grep -v ";" | awk '{ print $5 }'`; + $drill=`/usr/bin/drill "{$host_esc}" A | grep "{$host_esc}" | grep -v ";" | awk '{ print $5 }'`; $resolved = explode("\n", $drill); $isfirst = true; foreach($resolved as $re) { @@ -93,8 +94,6 @@ if ($_POST) { $reqdfieldsn = explode(",", "Host"); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - $host = trim($_POST['host'], " \t\n\r\0\x0B[]"); - $host_esc = escapeshellarg($host); if (!is_hostname($host) && !is_ipaddr($host)) { $input_errors[] = gettext("Host must be a valid hostname or IP address."); @@ -130,7 +129,7 @@ if ($_POST) { $type = "hostname"; $resolved = gethostbyname($host); if($resolved) { - $drill=`/usr/bin/drill $host_esc A | grep $host_esc | grep -v ";" | awk '{ print $5 }'`; + $drill=`/usr/bin/drill {$host_esc} A | grep {$host_esc} | grep -v ";" | awk '{ print $5 }'`; $resolved = explode("\n", $drill); } $hostname = $host; @@ -188,8 +187,8 @@ include("head.inc"); ?> <tr><td valign="top"> <input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>" /> = </td> - <td> <?php if ($resolved && $type) { ?> + <td valign="top"> = </td><td> <font size="+1"> <?php $found = 0; diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 13d72bd..d12ad43 100644 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -87,14 +87,14 @@ if ($filtersubmit) { $filterlogentries_submit = getGETPOSTsettingvalue('filterlogentries_submit', null); if ($filterlogentries_submit) { - $filterfieldsarray = array("act", "time", "interface", "srcip", "srcport", "dstip", "dstport", "proto", "tcpflags"); + $filterfieldsarray = array(); $actpass = getGETPOSTsettingvalue('actpass', null); $actblock = getGETPOSTsettingvalue('actblock', null); $actreject = getGETPOSTsettingvalue('actreject', null); - $filterfieldsarray['act'] = trim($actpass . " " . $actblock . " " . $actreject); - $filterfieldsarray['act'] = $filterfieldsarray['act'] ? $filterfieldsarray['act'] : 'All'; + $filterfieldsarray['act'] = str_replace(" ", " ", trim($actpass . " " . $actblock . " " . $actreject)); + $filterfieldsarray['act'] = $filterfieldsarray['act'] != "" ? $filterfieldsarray['act'] : 'All'; $filterfieldsarray['time'] = getGETPOSTsettingvalue('filterlogentries_time', null); $filterfieldsarray['interface'] = getGETPOSTsettingvalue('filterlogentries_interfaces', null); $filterfieldsarray['srcip'] = getGETPOSTsettingvalue('filterlogentries_sourceipaddress', null); diff --git a/usr/local/www/diag_logs_filter_summary.php b/usr/local/www/diag_logs_filter_summary.php index 349555c..e4c11e2 100644 --- a/usr/local/www/diag_logs_filter_summary.php +++ b/usr/local/www/diag_logs_filter_summary.php @@ -66,7 +66,7 @@ function cmp($a, $b) { } function stat_block($summary, $stat, $num) { - global $gotlines, $fields; + global $g, $gotlines, $fields; uasort($summary[$stat] , 'cmp'); print "<table width=\"200\" cellpadding=\"3\" cellspacing=\"0\" border=\"1\" summary=\"source destination ip\">"; print "<tr><th colspan=\"2\">{$fields[$stat]} ".gettext("data")."</th></tr>"; diff --git a/usr/local/www/diag_nanobsd.php b/usr/local/www/diag_nanobsd.php index 139d764..2d5998a 100644 --- a/usr/local/www/diag_nanobsd.php +++ b/usr/local/www/diag_nanobsd.php @@ -28,7 +28,7 @@ /* pfSense_BUILDER_BINARIES: /sbin/mount /sbin/glabel /usr/bin/grep /usr/bin/cut /usr/bin/head /bin/cp - pfSense_BUILDER_BINARIES: /usr/sbin/boot0cfg /bin/mkdir /sbin/fsck_ufs /sbin/mount /sbin/sysctl /bin/dd /sbin/tunefs + pfSense_BUILDER_BINARIES: /usr/sbin/boot0cfg /bin/mkdir /sbin/fsck_ufs /sbin/mount /bin/dd /sbin/tunefs pfSense_MODULE: nanobsd */ diff --git a/usr/local/www/diag_pkglogs.php b/usr/local/www/diag_pkglogs.php index 17459c4..b1d65cb 100755 --- a/usr/local/www/diag_pkglogs.php +++ b/usr/local/www/diag_pkglogs.php @@ -73,9 +73,11 @@ if(!$apkg) { // If we aren't looking for a specific package, locate the first pa } } } elseif($apkg) { - $pkgwithlogging = true; $apkgid = get_pkg_id($apkg); - $i = $apkgid; + if ($apkgid != -1) { + $pkgwithlogging = true; + $i = $apkgid; + } } $pgtitle = array(gettext("Status"),gettext("Package logs")); diff --git a/usr/local/www/diag_smart.php b/usr/local/www/diag_smart.php index f024589..2cbc60b 100644 --- a/usr/local/www/diag_smart.php +++ b/usr/local/www/diag_smart.php @@ -85,7 +85,7 @@ function update_email($email) if(!empty($email)) { // Put it in the smartd.conf file - shell_exec("/usr/bin/sed -i old 's/^DEVICESCAN.*/DEVICESCAN -H -m " . $email . "/' /usr/local/etc/smartd.conf"); + shell_exec("/usr/bin/sed -i old 's/^DEVICESCAN.*/DEVICESCAN -H -m " . escapeshellarg($email) . "/' /usr/local/etc/smartd.conf"); } // Nope else diff --git a/usr/local/www/exec.php b/usr/local/www/exec.php index c1eb4bb..1963508 100644 --- a/usr/local/www/exec.php +++ b/usr/local/www/exec.php @@ -103,13 +103,14 @@ include("head.inc"); <?php if (isBlank( $_POST['txtRecallBuffer'] )) { - puts( " var arrRecallBuffer = new Array;" ); + puts( " var arrRecallBuffer = new Array;" ); } else { - puts( " var arrRecallBuffer = new Array(" ); - $arrBuffer = explode( "&", $_POST['txtRecallBuffer'] ); - for ($i=0; $i < (count( $arrBuffer ) - 1); $i++) puts( " '" . htmlspecialchars($arrBuffer[$i]) . "'," ); - puts( " '" . htmlspecialchars($arrBuffer[count( $arrBuffer ) - 1]) . "'" ); - puts( " );" ); + puts( " var arrRecallBuffer = new Array(" ); + $arrBuffer = explode( "&", $_POST['txtRecallBuffer'] ); + for ($i=0; $i < (count( $arrBuffer ) - 1); $i++) + puts( " '" . htmlspecialchars($arrBuffer[$i], ENT_QUOTES | ENT_HTML401) . "'," ); + puts( " '" . htmlspecialchars($arrBuffer[count( $arrBuffer ) - 1], ENT_QUOTES | ENT_HTML401) . "'" ); + puts( " );" ); } ?> diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index 680955e..55d8182 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -154,7 +154,7 @@ if(count($config['interfaces']) > 1) { /* no use for UPnP in single-interface deployments remove to reduce user confusion */ - $services_menu[] = array(gettext("UPnP & NAT-PMP"), "/pkg_edit.php?xml=miniupnpd.xml&id=0"); + $services_menu[] = array(gettext("UPnP & NAT-PMP"), "/pkg_edit.php?xml=miniupnpd.xml"); } $services_menu[] = array(gettext("Wake on LAN"), "/services_wol.php"); $services_menu = msort(array_merge($services_menu, return_ext_menu("Services")),0); diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index 94ba206..3503350 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -746,7 +746,7 @@ if (empty($tab)) { <td width="22%" valign="top"> </td> <td width="78%"> <input id="submit" name="submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> - <a href="firewall_aliases.php?tab=<?=$tab;?>"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" /></a> + <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()" /> </td> </tr> </table> diff --git a/usr/local/www/firewall_aliases_import.php b/usr/local/www/firewall_aliases_import.php index 276dfb5..4151521 100755 --- a/usr/local/www/firewall_aliases_import.php +++ b/usr/local/www/firewall_aliases_import.php @@ -105,7 +105,7 @@ if($_POST['aliasimport'] <> "") { $imported_ips = array_merge($imported_ips, $rangesubnets); $rangedescs = array_fill(0, count($rangesubnets), $impdesc); $imported_descs = array_merge($imported_descs, $rangedescs); - } else if (!is_ipaddr($impip) && !is_subnet($impip) && !empty($impip)) { + } else if (!is_ipaddr($impip) && !is_subnet($impip) && !is_hostname($impip) && !empty($impip)) { $input_errors[] = sprintf(gettext("%s is not an IP address. Please correct the error to continue"), $impip); } elseif (!empty($impip)) { $imported_ips[] = $impip; diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index e5c94ad..7cac88d 100644 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -533,7 +533,7 @@ include("fbegin.inc"); ?> <td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol"); ?></td> <td width="78%" class="vtable"> <select name="proto" class="formselect" onchange="proto_change(); check_for_aliases();"> - <?php $protocols = explode(" ", "TCP UDP TCP/UDP GRE ESP ICMP"); foreach ($protocols as $proto): ?> + <?php $protocols = explode(" ", "TCP UDP TCP/UDP ICMP ESP AH GRE IPV6 IGMP PIM OSPF"); foreach ($protocols as $proto): ?> <option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['proto']) echo "selected=\"selected\""; ?>><?=htmlspecialchars($proto);?></option> <?php endforeach; ?> </select> <br /> <span class="vexpl"><?=gettext("Choose which IP protocol " . diff --git a/usr/local/www/firewall_schedule_edit.php b/usr/local/www/firewall_schedule_edit.php index 4b361b1..e1901e3 100644 --- a/usr/local/www/firewall_schedule_edit.php +++ b/usr/local/www/firewall_schedule_edit.php @@ -116,6 +116,14 @@ if ($_POST) { $timerangeFound = false; for ($x=0; $x<99; $x++){ if($_POST['schedule' . $x]) { + if (!preg_match('/^[0-9]+:[0-9]+$/', $_POST['starttime' . $x])) { + $input_errors[] = sprintf(gettext("Invalid start time - '%s'"), $_POST['starttime' . $x]); + continue; + } + if (!preg_match('/^[0-9]+:[0-9]+$/', $_POST['stoptime' . $x])) { + $input_errors[] = sprintf(gettext("Invalid start time - '%s'"), $_POST['stoptime' . $x]); + continue; + } $timerangeFound = true; $timeparts = array(); $firstprint = false; diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 67db313..bbef947 100644 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -129,9 +129,9 @@ $firewall_rules_dscp_types = array("af11", "cs5", "cs6", "cs7", - "0x01 (reliability, ToS 0x04)", - "0x02 (throughput, ToS 0x08)", - "0x04 (lowdelay, ToS 0x10)"); + "0x01", + "0x02", + "0x04"); $auth_server_types = array( 'ldap' => "LDAP", @@ -612,7 +612,9 @@ function dump_clog($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert $grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor)); if(is_array($grepinvert)) $grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert)); - if(file_exists($logfile) && filesize($logfile) == 0) { + if (is_dir($logfile)) { + $logarr = array("File $logfile is a directory."); + } elseif (file_exists($logfile) && filesize($logfile) == 0) { $logarr = array("Log file started."); } else { if($config['system']['disablesyslogclog']) { diff --git a/usr/local/www/includes/functions.inc.php b/usr/local/www/includes/functions.inc.php index 78043e8..48bc408 100644 --- a/usr/local/www/includes/functions.inc.php +++ b/usr/local/www/includes/functions.inc.php @@ -114,9 +114,9 @@ function get_uptime() { function cpu_usage() { $duration = 1; $diff = array('user', 'nice', 'sys', 'intr', 'idle'); - $cpuTicks = array_combine($diff, explode(" ", `/sbin/sysctl -n kern.cp_time`)); + $cpuTicks = array_combine($diff, explode(" ", get_single_sysctl('kern.cp_time'))); sleep($duration); - $cpuTicks2 = array_combine($diff, explode(" ", `/sbin/sysctl -n kern.cp_time`)); + $cpuTicks2 = array_combine($diff, explode(" ", get_single_sysctl('kern.cp_time'))); $totalStart = array_sum($cpuTicks); $totalEnd = array_sum($cpuTicks2); @@ -180,15 +180,12 @@ function get_mbuf($percent=false) { } function get_temp() { - $temp_out = ""; - exec("/sbin/sysctl dev.cpu.0.temperature | /usr/bin/awk '{ print $2 }' | /usr/bin/cut -d 'C' -f 1", $dfout); - $temp_out = trim($dfout[0]); - if ($temp_out == "") { - exec("/sbin/sysctl hw.acpi.thermal.tz0.temperature | /usr/bin/awk '{ print $2 }' | /usr/bin/cut -d 'C' -f 1", $dfout); - $temp_out = trim($dfout[0]); - } + $temp_out = get_single_sysctl("dev.cpu.0.temperature"); + if ($temp_out == "") + $temp_out = get_single_sysctl("hw.acpi.thermal.tz0.temperature"); - return $temp_out; + // Remove 'C' from the end + return rtrim($temp_out, 'C'); } /* Get mounted filesystems and usage. Do not display entries for virtual filesystems (e.g. devfs, nullfs, unionfs) */ @@ -232,16 +229,14 @@ function swap_usage() { } function mem_usage() { - $memory = ""; - exec("/sbin/sysctl -n vm.stats.vm.v_page_count vm.stats.vm.v_inactive_count " . - "vm.stats.vm.v_cache_count vm.stats.vm.v_free_count", $memory); - - $totalMem = $memory[0]; - $availMem = $memory[1] + $memory[2] + $memory[3]; - $usedMem = $totalMem - $availMem; - if ($totalMem > 0) + $totalMem = get_single_sysctl("vm.stats.vm.v_page_count"); + if ($totalMem > 0) { + $inactiveMem = get_single_sysctl("vm.stats.vm.v_inactive_count"); + $cachedMem = get_single_sysctl("vm.stats.vm.v_cache_count"); + $freeMem = get_single_sysctl("vm.stats.vm.v_free_count"); + $usedMem = $totalMem - ($inactiveMem + $cachedMem + $freeMem); $memUsage = round(($usedMem * 100) / $totalMem, 0); - else + } else $memUsage = "NA"; return $memUsage; @@ -255,22 +250,18 @@ function update_date_time() { function get_cpufreq() { $cpufreqs = ""; $out = ""; - exec("/sbin/sysctl -n dev.cpu.0.freq_levels", $cpufreqs); - $cpufreqs = explode(" ", trim($cpufreqs[0])); + $cpufreqs = explode(" ", get_single_sysctl('dev.cpu.0.freq_levels')); $maxfreq = explode("/", $cpufreqs[0]); $maxfreq = $maxfreq[0]; $curfreq = ""; - exec("/sbin/sysctl -n dev.cpu.0.freq", $curfreq); - $curfreq = trim($curfreq[0]); + $curfreq = get_single_sysctl('dev.cpu.0.freq'); if (($curfreq > 0) && ($curfreq != $maxfreq)) $out = "Current: {$curfreq} MHz, Max: {$maxfreq} MHz"; return $out; } function get_cpu_count($show_detail = false) { - $cpucount = ""; - exec("/sbin/sysctl -n kern.smp.cpus", $cpucount); - $cpucount = $cpucount[0]; + $cpucount = get_single_sysctl('kern.smp.cpus'); if ($show_detail) { $cpudetail = ""; diff --git a/usr/local/www/index.php b/usr/local/www/index.php index 6e9e178..4fdcca6 100644 --- a/usr/local/www/index.php +++ b/usr/local/www/index.php @@ -53,6 +53,7 @@ ob_start(null, "1000"); require_once('functions.inc'); require_once('guiconfig.inc'); require_once('notices.inc'); +require_once("pkg-utils.inc"); if(isset($_REQUEST['closenotice'])){ close_notice($_REQUEST['closenotice']); @@ -481,6 +482,10 @@ echo $jscriptstr; if(!file_exists("/usr/local/www/themes/{$g['theme']}/no_big_logo")) echo "<center><img src=\"./themes/".$g['theme']."/images/logobig.jpg\" alt=\"big logo\" /></center><br />"; +/* Print package server mismatch warning. See https://redmine.pfsense.org/issues/484 */ +if (!verify_all_package_servers()) + print_info_box(package_server_mismatch_message()); + if ($savemsg) print_info_box($savemsg); diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 792ac43..816114d 100644 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -65,11 +65,14 @@ function domTT_title($title_msg){ $xml = htmlspecialchars($_GET['xml']); if($_POST['xml']) $xml = htmlspecialchars($_POST['xml']); -if($xml == "") { - print_info_box_np(gettext("ERROR: No package defined.")); +$xml_fullpath = realpath('/usr/local/pkg/' . $xml); + +if ($xml == "" || $xml_fullpath === false || + substr($xml_fullpath, 0, strlen('/usr/local/pkg/')) != '/usr/local/pkg/') { + print_info_box_np(gettext("ERROR: No valid package defined.")); die; } else { - $pkg = parse_xml_config_pkg("/usr/local/pkg/" . $xml, "packagegui"); + $pkg = parse_xml_config_pkg($xml_fullpath, "packagegui"); } if($pkg['include_file'] <> "") { diff --git a/usr/local/www/pkg_mgr.php b/usr/local/www/pkg_mgr.php index 4afb295..63e2c75 100644 --- a/usr/local/www/pkg_mgr.php +++ b/usr/local/www/pkg_mgr.php @@ -74,6 +74,7 @@ function domTT_title($title_msg) { //get_pkg_info only if cache file has more then $g[min_pkg_cache_file_time] seconds $pkg_cache_file_time=($g['min_pkg_cache_file_time'] ? $g['min_pkg_cache_file_time'] : 120); +$xmlrpc_base_url = get_active_xml_rpc_base_url(); if (!file_exists("{$g['tmp_path']}/pkg_info.cache") || (time() - filemtime("{$g['tmp_path']}/pkg_info.cache")) > $pkg_cache_file_time) { $pkg_info = get_pkg_info('all', array("noembedded", "name", "category", "website", "version", "status", "descr", "maintainer", "required_version", "maximum_version", "pkginfolink", "config_file")); //create cache file after get_pkg_info @@ -84,7 +85,6 @@ if (!file_exists("{$g['tmp_path']}/pkg_info.cache") || (time() - filemtime("{$g[ //$pkg_sizes = get_pkg_sizes(); } else { $using_cache = true; - $xmlrpc_base_url = isset($config['system']['altpkgrepo']['enable']) ? $config['system']['altpkgrepo']['xmlrpcbaseurl'] : $g['xmlrpcbaseurl']; if(file_exists("{$g['tmp_path']}/pkg_info.cache")) { $savemsg = sprintf(gettext("Unable to retrieve package info from %s. Cached data will be used."), $xmlrpc_base_url); $pkg_info = unserialize(@file_get_contents("{$g['tmp_path']}/pkg_info.cache")); @@ -115,6 +115,15 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); + + /* Print package server mismatch warning. See https://redmine.pfsense.org/issues/484 */ + if (!verify_all_package_servers()) + print_info_box(package_server_mismatch_message()); + + /* Print package server SSL warning. See https://redmine.pfsense.org/issues/484 */ + if (check_package_server_ssl() === false) + print_info_box(package_server_ssl_failure_message()); + if ($savemsg) print_info_box($savemsg); ?> diff --git a/usr/local/www/pkg_mgr_install.php b/usr/local/www/pkg_mgr_install.php index a157734..2f5d04c 100644 --- a/usr/local/www/pkg_mgr_install.php +++ b/usr/local/www/pkg_mgr_install.php @@ -105,11 +105,11 @@ if ($_POST) { </tr> <?php if ((empty($_GET['mode']) && $_GET['id']) || (!empty($_GET['mode']) && (!empty($_GET['pkg']) || $_GET['mode'] == 'reinstallall') && ($_GET['mode'] != 'installedinfo' && $_GET['mode'] != 'showlog'))): if (empty($_GET['mode']) && $_GET['id']) { - $pkgname = str_replace(array("<", ">", ";", "&", "'", '"'), "", htmlspecialchars_decode($_GET['id'], ENT_QUOTES | ENT_HTML401)); + $pkgname = str_replace(array("<", ">", ";", "&", "'", '"', '.', '/'), "", htmlspecialchars_decode($_GET['id'], ENT_QUOTES | ENT_HTML401)); $pkgmode = 'installed'; } else if (!empty($_GET['mode']) && !empty($_GET['pkg'])) { - $pkgname = str_replace(array("<", ">", ";", "&", "'", '"'), "", htmlspecialchars_decode($_GET['pkg'], ENT_QUOTES | ENT_HTML401)); - $pkgmode = str_replace(array("<", ">", ";", "&", "'", '"'), "", htmlspecialchars_decode($_GET['mode'], ENT_QUOTES | ENT_HTML401)); + $pkgname = str_replace(array("<", ">", ";", "&", "'", '"', '.', '/'), "", htmlspecialchars_decode($_GET['pkg'], ENT_QUOTES | ENT_HTML401)); + $pkgmode = str_replace(array("<", ">", ";", "&", "'", '"', '.', '/'), "", htmlspecialchars_decode($_GET['mode'], ENT_QUOTES | ENT_HTML401)); } else if ($_GET['mode'] == 'reinstallall') { $pkgmode = 'reinstallall'; } @@ -188,7 +188,7 @@ Rounded("div#mainareapkg","bl br","#FFF","#eeeeee","smooth"); ob_flush(); if ($_GET) { - $pkgname = str_replace(array("<", ">", ";", "&", "'", '"'), "", htmlspecialchars_decode($_GET['pkg'], ENT_QUOTES | ENT_HTML401)); + $pkgname = str_replace(array("<", ">", ";", "&", "'", '"', '.', '/'), "", htmlspecialchars_decode($_GET['pkg'], ENT_QUOTES | ENT_HTML401)); switch($_GET['mode']) { case 'showlog': if (strpos($pkgname, ".")) { @@ -210,7 +210,7 @@ if ($_GET) { break; } } else if ($_POST) { - $pkgid = str_replace(array("<", ">", ";", "&", "'", '"'), "", htmlspecialchars_decode($_POST['id'], ENT_QUOTES | ENT_HTML401)); + $pkgid = str_replace(array("<", ">", ";", "&", "'", '"', '.', '/'), "", htmlspecialchars_decode($_POST['id'], ENT_QUOTES | ENT_HTML401)); /* All other cases make changes, so mount rw fs */ conf_mount_rw(); diff --git a/usr/local/www/pkg_mgr_installed.php b/usr/local/www/pkg_mgr_installed.php index 01f3089..f819fb7 100644 --- a/usr/local/www/pkg_mgr_installed.php +++ b/usr/local/www/pkg_mgr_installed.php @@ -89,7 +89,16 @@ include("head.inc"); </head> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> - <?php include("fbegin.inc"); ?> + <?php include("fbegin.inc"); + + /* Print package server mismatch warning. See https://redmine.pfsense.org/issues/484 */ + if (!verify_all_package_servers()) + print_info_box(package_server_mismatch_message()); + + /* Print package server SSL warning. See https://redmine.pfsense.org/issues/484 */ + if (check_package_server_ssl() === false) + print_info_box(package_server_ssl_failure_message()); ?> + <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="packages installed"> <tr> <td> diff --git a/usr/local/www/pkg_mgr_settings.php b/usr/local/www/pkg_mgr_settings.php index ef655b5..d483984 100644 --- a/usr/local/www/pkg_mgr_settings.php +++ b/usr/local/www/pkg_mgr_settings.php @@ -77,7 +77,16 @@ function enable_altpkgrepourl(enable_over) { </script> </head> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc");?> +<?php include("fbegin.inc"); + + /* Print package server mismatch warning. See https://redmine.pfsense.org/issues/484 */ + if (!verify_all_package_servers()) + print_info_box(package_server_mismatch_message()); + + /* Print package server SSL warning. See https://redmine.pfsense.org/issues/484 */ + if (check_package_server_ssl() === false) + print_info_box(package_server_ssl_failure_message()); ?> + <?php if ($input_errors) print_input_errors($input_errors); ?> <form action="pkg_mgr_settings.php" method="post" name="iform" id="iform"> @@ -98,6 +107,16 @@ function enable_altpkgrepourl(enable_over) { <tr><td><div id="mainarea"> <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area"> <tr> + <td colspan="2" valign="top" class="vncell"> + <?PHP echo gettext("This page allows an alternate package repository to be configured, primarily for temporary use as a testing mechanism."); ?> + <?PHP echo gettext("The contents of unofficial packages servers cannot be verified and may contain malicious files."); ?> + <?PHP echo gettext("The package server settings should remain at their default values to ensure that verifiable and trusted packages are recevied."); ?> + <br/><br/> + <?PHP echo gettext("A warning is printed on the Dashboard and in the package manager when an unofficial package server is in use."); ?> + <br/><br/> + </td> + </tr> + <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Package Repository URL");?></td> </tr> <tr> diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index efc8f20..441467b 100644 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -968,7 +968,7 @@ function enable_change(enable_change) { foreach($a_cert as $cert): $selected = ""; if ($pconfig['certref'] == $cert['refid']) - $selected = "selected=\"selected\""; + $selected = " selected=\"selected\""; ?> <option value="<?=$cert['refid'];?>"<?=$selected;?>><?=$cert['descr'];?></option> <?php endforeach; ?> @@ -981,8 +981,8 @@ function enable_change(enable_change) { <tr> <td valign="top" class="vncell"><?=gettext("Disable HTTPS forwards"); ?></td> <td class="vtable"> - <input name="nohttpsforwards" type="checkbox" class="formfld" id="nohttpsforwards" value="yes" <?php if ($pconfig['nohttpsforwards']) echo "checked"; ?>> - <strong><?=gettext("Disable HTTPS forwards"); ?></strong><br> + <input name="nohttpsforwards" type="checkbox" class="formfld" id="nohttpsforwards" value="yes" <?php if ($pconfig['nohttpsforwards']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Disable HTTPS forwards"); ?></strong><br/> <?=gettext("If this option is set, attempts to connect to SSL/HTTPS (Port 443) sites will not be forwarded to the captive portal. This prevents certificate errors from being presented to the user even if HTTPS logins are enabled. Users must attempt a connecton to an HTTP (Port 80) site to get forwarded to the captive portal. If HTTPS logins are enabled, the user will be redirected to the HTTPS login page."); ?></td> </tr> <tr> diff --git a/usr/local/www/services_captiveportal_hostname.php b/usr/local/www/services_captiveportal_hostname.php index 960cb43..b9662f9 100644 --- a/usr/local/www/services_captiveportal_hostname.php +++ b/usr/local/www/services_captiveportal_hostname.php @@ -137,11 +137,11 @@ include("head.inc"); echo "any <img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"in\" /> "; } if($ip['dir'] == "both") { - echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_pass.gif\" width=\"11\" height=\"11\" align=\"absmiddle\" alt=\"pass\" /> "; + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_pass.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"pass\" /> "; } echo strtolower($ip['hostname']); if($ip['dir'] == "from") { - echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\" alt=\"in\" /> any"; + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"in\" /> any"; } ?> diff --git a/usr/local/www/services_captiveportal_vouchers.php b/usr/local/www/services_captiveportal_vouchers.php index 28dcfcf..0e1a3a5 100644 --- a/usr/local/www/services_captiveportal_vouchers.php +++ b/usr/local/www/services_captiveportal_vouchers.php @@ -513,8 +513,9 @@ function enable_change(enable_change) { "time, the voucher can be re-used from the same or a different computer. If the voucher " . "is used again from another computer, the previous session is stopped."); ?> <?php else: ?> - <?=gettext("Enable Voucher support first using the checkbox above and hit Save at the bottom."); ?></td> + <?=gettext("Enable Voucher support first using the checkbox above and hit Save at the bottom."); ?> <?php endif;?> + </td> </tr> <tr> <td valign="top" class="vncellreq"> diff --git a/usr/local/www/services_unbound.php b/usr/local/www/services_unbound.php index 7a3f62a..88634ef 100644 --- a/usr/local/www/services_unbound.php +++ b/usr/local/www/services_unbound.php @@ -9,23 +9,23 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ /* pfSense_MODULE: dnsresolver @@ -41,22 +41,6 @@ require_once("guiconfig.inc"); require_once("unbound.inc"); -$pconfig['enable'] = isset($config['unbound']['enable']); -$pconfig['port'] = $config['unbound']['port']; -if (empty($config['unbound']['active_interface'])) - $pconfig['active_interface'] = array(); -else - $pconfig['active_interface'] = explode(",", $config['unbound']['active_interface']); -if (empty($config['unbound']['outgoing_interface'])) - $pconfig['outgoing_interface'] = array(); -else - $pconfig['outgoing_interface'] = explode(",", $config['unbound']['outgoing_interface']); -$pconfig['dnssec'] = isset($config['unbound']['dnssec']); -$pconfig['forwarding'] = isset($config['unbound']['forwarding']); -$pconfig['regdhcp'] = isset($config['unbound']['regdhcp']); -$pconfig['regdhcpstatic'] = isset($config['unbound']['regdhcpstatic']); -$pconfig['txtsupport'] = isset($config['unbound']['txtsupport']); - if (!is_array($config['unbound'])) $config['unbound'] = array(); $a_unboundcfg =& $config['unbound']; @@ -69,70 +53,117 @@ if (!is_array($config['unbound']['domainoverrides'])) $config['unbound']['domainoverrides'] = array(); $a_domainOverrides = &$config['unbound']['domainoverrides']; -if ($_POST) { +if (isset($config['unbound']['enable'])) + $pconfig['enable'] = true; +if (isset($config['unbound']['dnssec'])) + $pconfig['dnssec'] = true; +if (isset($config['unbound']['forwarding'])) + $pconfig['forwarding'] = true; +if (isset($config['unbound']['regdhcp'])) + $pconfig['regdhcp'] = true; +if (isset($config['unbound']['regdhcpstatic'])) + $pconfig['regdhcpstatic'] = true; +if (isset($config['unbound']['txtsupport'])) + $pconfig['txtsupport'] = true; + +$pconfig['port'] = $config['unbound']['port']; +$pconfig['custom_options'] = $config['unbound']['custom_options']; +if (empty($config['unbound']['active_interface'])) + $pconfig['active_interface'] = array(); +else + $pconfig['active_interface'] = explode(",", $config['unbound']['active_interface']); +if (empty($config['unbound']['outgoing_interface'])) + $pconfig['outgoing_interface'] = array(); +else + $pconfig['outgoing_interface'] = explode(",", $config['unbound']['outgoing_interface']); + +if ($_POST) { $pconfig = $_POST; unset($input_errors); - if ($_POST['enable'] == "yes" && isset($config['dnsmasq']['enable'])) - $input_errors[] = "The system dns-forwarder is still active. Disable it before enabling the DNS Resolver."; + if ($_POST['apply']) { + $retval = services_unbound_configure(); + $savemsg = get_std_save_message($retval); + if ($retval == 0) + clear_subsystem_dirty('unbound'); + /* Update resolv.conf in case the interface bindings exclude localhost. */ + system_resolvconf_generate(); + } else { + if (isset($_POST['enable']) && isset($config['dnsmasq']['enable'])) + $input_errors[] = "The system dns-forwarder is still active. Disable it before enabling the DNS Resolver."; + + if (empty($_POST['active_interface'])) + $input_errors[] = "A single network interface needs to be selected for the DNS Resolver to bind to."; - if (empty($_POST['active_interface'])) - $input_errors[] = "A single network interface needs to be selected for the DNS Resolver to bind to."; + if (empty($_POST['outgoing_interface'])) + $input_errors[] = "A single outgoing network interface needs to be selected for the DNS Resolver to use for outgoing DNS requests."; - if (empty($_POST['outgoing_interface'])) - $input_errors[] = "A single outgoing network interface needs to be selected for the DNS Resolver to use for outgoing DNS requests."; + if ($_POST['port']) + if (is_port($_POST['port'])) + $a_unboundcfg['port'] = $_POST['port']; + else + $input_errors[] = gettext("You must specify a valid port number."); + else if (isset($config['unbound']['port'])) + unset($config['unbound']['port']); - if ($_POST['port']) - if (is_port($_POST['port'])) - $a_unboundcfg['port'] = $_POST['port']; + if (isset($_POST['enable'])) + $a_unboundcfg['enable'] = true; + else + unset($a_unboundcfg['enable']); + if (isset($_POST['dnssec'])) + $a_unboundcfg['dnssec'] = true; else - $input_errors[] = gettext("You must specify a valid port number."); - else if (isset($config['unbound']['port'])) - unset($config['unbound']['port']); + unset($a_unboundcfg['dnssec']); + if (isset($_POST['forwarding'])) + $a_unboundcfg['forwarding'] = true; + else + unset($a_unboundcfg['forwarding']); + if (isset($_POST['regdhcp'])) + $a_unboundcfg['regdhcp'] = true; + else + unset($a_unboundcfg['regdhcp']); + if (isset($_POST['regdhcpstatic'])) + $a_unboundcfg['regdhcpstatic'] = true; + else + unset($a_unboundcfg['regdhcpstatic']); + if (isset($_POST['txtsupport'])) + $a_unboundcfg['txtsupport'] = true; + else + unset($a_unboundcfg['txtsupport']); + if (is_array($_POST['active_interface']) && !empty($_POST['active_interface'])) + $a_unboundcfg['active_interface'] = implode(",", $_POST['active_interface']); - $a_unboundcfg['enable'] = ($_POST['enable']) ? true : false; - $a_unboundcfg['dnssec'] = ($_POST['dnssec']) ? true : false; - $a_unboundcfg['forwarding'] = ($_POST['forwarding']) ? true : false; - $a_unboundcfg['regdhcp'] = ($_POST['regdhcp']) ? true : false; - $a_unboundcfg['regdhcpstatic'] = ($_POST['regdhcpstatic']) ? true : false; - $a_unboundcfg['txtsupport'] = ($_POST['txtsupport']) ? true : false; - if (is_array($_POST['active_interface']) && !empty($_POST['active_interface'])) - $a_unboundcfg['active_interface'] = implode(",", $_POST['active_interface']); + if (is_array($_POST['outgoing_interface']) && !empty($_POST['outgoing_interface'])) + $a_unboundcfg['outgoing_interface'] = implode(",", $_POST['outgoing_interface']); - if (is_array($_POST['outgoing_interface']) && !empty($_POST['outgoing_interface'])) - $a_unboundcfg['outgoing_interface'] = implode(",", $_POST['outgoing_interface']); + $a_unboundcfg['custom_options'] = str_replace("\r\n", "\n", $_POST['custom_options']); - if (!$input_errors) { - write_config("DNS Resolver configured."); - $retval = 0; - $retval = services_unbound_configure(); - $savemsg = get_std_save_message($retval); - if ($retval == 0) - clear_subsystem_dirty('unbound'); - /* Update resolv.conf in case the interface bindings exclude localhost. */ - system_resolvconf_generate(); + if (!$input_errors) { + write_config("DNS Resolver configured."); + mark_subsystem_dirty('unbound'); + } } } if ($_GET['act'] == "del") { - if ($_GET['type'] == 'host') { - if ($a_hosts[$_GET['id']]) { - unset($a_hosts[$_GET['id']]); - write_config(); - mark_subsystem_dirty('unbound'); - header("Location: services_unbound.php"); - exit; - } - } elseif ($_GET['type'] == 'doverride') { - if ($a_domainOverrides[$_GET['id']]) { - unset($a_domainOverrides[$_GET['id']]); - write_config(); - mark_subsystem_dirty('unbound'); - header("Location: services_unbound.php"); - exit; - } - } + if ($_GET['type'] == 'host') { + if ($a_hosts[$_GET['id']]) { + unset($a_hosts[$_GET['id']]); + write_config(); + mark_subsystem_dirty('unbound'); + header("Location: services_unbound.php"); + exit; + } + } elseif ($_GET['type'] == 'doverride') { + if ($a_domainOverrides[$_GET['id']]) { + unset($a_domainOverrides[$_GET['id']]); + write_config(); + mark_subsystem_dirty('unbound'); + header("Location: services_unbound.php"); + exit; + } + } } $closehead = false; @@ -146,7 +177,7 @@ include_once("head.inc"); function enable_change(enable_over) { var endis; endis = !(jQuery('#enable').is(":checked") || enable_over); - jQuery("#active_interface,#outgoing_interface,#dnssec,#forwarding,#regdhcp,#regdhcpstatic,#dhcpfirst,#port").prop('disabled', endis); + jQuery("#active_interface,#outgoing_interface,#dnssec,#forwarding,#regdhcp,#regdhcpstatic,#dhcpfirst,#port,#txtsupport,#custom_options").prop('disabled', endis); } function show_advanced_dns() { jQuery("#showadv").show(); @@ -155,7 +186,7 @@ function show_advanced_dns() { //]]> </script> </head> - + <body> <?php include("fbegin.inc"); ?> <form action="services_unbound.php" method="post" name="iform" id="iform"> @@ -188,7 +219,7 @@ function show_advanced_dns() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Enable");?></td> <td width="78%" class="vtable"><p> - <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable'] == "yes") echo "checked=\"checked\"";?> onclick="enable_change(false)" /> + <input name="enable" type="checkbox" id="enable" value="yes" <?php if (isset($pconfig['enable'])) echo "checked=\"checked\"";?> onclick="enable_change(false)" /> <strong><?=gettext("Enable DNS Resolver");?><br /> </strong></p> </td> @@ -271,7 +302,7 @@ function show_advanced_dns() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("DHCP Registration");?></td> <td width="78%" class="vtable"><p> - <input name="regdhcp" type="checkbox" id="regdhcp" value="yes" <?php if ($pconfig['regdhcp'] === true) echo "checked=\"checked\"";?> /> + <input name="regdhcp" type="checkbox" id="regdhcp" value="yes" <?php if (isset($pconfig['regdhcp'])) echo "checked=\"checked\"";?> /> <strong><?=gettext("Register DHCP leases in the DNS Resolver");?><br /> </strong><?php printf(gettext("If this option is set, then machines that specify". " their hostname when requesting a DHCP lease will be registered". @@ -283,7 +314,7 @@ function show_advanced_dns() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Static DHCP");?></td> <td width="78%" class="vtable"><p> - <input name="regdhcpstatic" type="checkbox" id="regdhcpstatic" value="yes" <?php if ($pconfig['regdhcpstatic'] === true) echo "checked=\"checked\"";?> /> + <input name="regdhcpstatic" type="checkbox" id="regdhcpstatic" value="yes" <?php if (isset($pconfig['regdhcpstatic'])) echo "checked=\"checked\"";?> /> <strong><?=gettext("Register DHCP static mappings in the DNS Resolver");?><br /> </strong><?php printf(gettext("If this option is set, then DHCP static mappings will ". "be registered in the DNS Resolver, so that their name can be ". @@ -355,8 +386,8 @@ function show_advanced_dns() { <td width="20%" class="listhdrr"><?=gettext("Host");?></td> <td width="25%" class="listhdrr"><?=gettext("Domain");?></td> <td width="20%" class="listhdrr"><?=gettext("IP");?></td> - <td width="25%" class="listhdr"><?=gettext("Description");?></td> - <td width="10%" class="list"> + <td width="30%" class="listhdr"><?=gettext("Description");?></td> + <td width="5%" class="list"> <table border="0" cellspacing="0" cellpadding="1" summary="add"> <tr> <td width="17"></td> @@ -421,8 +452,8 @@ function show_advanced_dns() { <tr> <td width="35%" class="listhdrr"><?=gettext("Domain");?></td> <td width="20%" class="listhdrr"><?=gettext("IP");?></td> - <td width="35%" class="listhdr"><?=gettext("Description");?></td> - <td width="10%" class="list"> + <td width="40%" class="listhdr"><?=gettext("Description");?></td> + <td width="5%" class="list"> <table border="0" cellspacing="0" cellpadding="1" summary="add"> <tr> <td width="17" height="17"></td> @@ -457,8 +488,18 @@ function show_advanced_dns() { <td class="listbg"> <?=htmlspecialchars($doment['descr']);?> </td> - <td valign="middle" class="list nowrap"> <a href="services_unbound_domainoverride_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" alt="edit" /></a> - <a href="services_unbound.php?act=del&type=doverride&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this domain override?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" /></a></td> + <td valign="middle" class="list nowrap"> + <table border="0" cellspacing="0" cellpadding="1" summary="icons"> + <tr> + <td valign="middle"><a href="services_unbound_domainoverride_edit.php?id=<?=$i;?>"> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" alt="edit" /> + </a></td> + <td valign="middle"><a href="services_unbound.php?act=del&type=doverride&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this domain override?");?>')"> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" /> + </a></td> + </tr> + </table> + </td> </tr> <?php $i++; endforeach; ?> <tr style="display:none"><td></td></tr> diff --git a/usr/local/www/services_unbound_acls.php b/usr/local/www/services_unbound_acls.php index 275c91d..98130dd 100644 --- a/usr/local/www/services_unbound_acls.php +++ b/usr/local/www/services_unbound_acls.php @@ -53,8 +53,7 @@ if ($act == "del") { unset($a_acls[$id]); write_config(); - services_unbound_configure(); - $savemsg = gettext("Access List successfully deleted")."<br />"; + mark_subsystem_dirty('unbound'); } if ($act == "new") { @@ -69,63 +68,65 @@ if ($act == "edit") { } if ($_POST) { - unset($input_errors); $pconfig = $_POST; - // input validation - only allow 50 entries in a single ACL - for($x=0; $x<50; $x++) { - if (isset($pconfig["acl_network{$x}"])) { - $networkacl[$x] = array(); - $networkacl[$x]['acl_network'] = $pconfig["acl_network{$x}"]; - $networkacl[$x]['mask'] = $pconfig["mask{$x}"]; - $networkacl[$x]['description'] = $pconfig["description{$x}"]; - if (!is_ipaddr($networkacl[$x]['acl_network'])) - $input_errors[] = gettext("You must enter a valid network IP address for {$networkacl[$x]['acl_network']}."); - - if (is_ipaddr($networkacl[$x]['acl_network'])) { - if (!is_subnet($networkacl[$x]['acl_network']."/".$networkacl[$x]['mask'])) - $input_errors[] = gettext("You must enter a valid IPv4 netmask for {$networkacl[$x]['acl_network']}/{$networkacl[$x]['mask']}."); - } else if (function_exists("is_ipaddrv6")) { - if (!is_ipaddrv6($networkacl[$x]['acl_network'])) - $input_errors[] = gettext("You must enter a valid IPv6 address for {$networkacl[$x]['acl_network']}."); - else if (!is_subnetv6($networkacl[$x]['acl_network']."/".$networkacl[$x]['mask'])) - $input_errors[] = gettext("You must enter a valid IPv6 netmask for {$networkacl[$x]['acl_network']}/{$networkacl[$x]['mask']}."); - } else - $input_errors[] = gettext("You must enter a valid IPv4 address for {$networkacl[$x]['acl_network']}."); - } - } - - if (!$input_errors) { - if ($pconfig['Submit'] == gettext("Save")) { - $acl_entry = array(); - $acl_entry['aclid'] = $pconfig['aclid']; - $acl_entry['aclname'] = $pconfig['aclname']; - $acl_entry['aclaction'] = $pconfig['aclaction']; - $acl_entry['description'] = $pconfig['description']; - $acl_entry['aclid'] = $pconfig['aclid']; - $acl_entry['row'] = array(); - foreach ($networkacl as $acl) - $acl_entry['row'][] = $acl; - - if (isset($id) && $a_acls[$id]) - $a_acls[$id] = $acl_entry; - else - $a_acls[] = $acl_entry; - - - mark_subsystem_dirty("unbound"); - write_config(); - - pfSenseHeader("/services_unbound_acls.php"); - exit; + if ($_POST['apply']) { + $retval = services_unbound_configure(); + $savemsg = get_std_save_message($retval); + if ($retval == 0) + clear_subsystem_dirty('unbound'); + } else { + + // input validation - only allow 50 entries in a single ACL + for($x=0; $x<50; $x++) { + if (isset($pconfig["acl_network{$x}"])) { + $networkacl[$x] = array(); + $networkacl[$x]['acl_network'] = $pconfig["acl_network{$x}"]; + $networkacl[$x]['mask'] = $pconfig["mask{$x}"]; + $networkacl[$x]['description'] = $pconfig["description{$x}"]; + if (!is_ipaddr($networkacl[$x]['acl_network'])) + $input_errors[] = gettext("You must enter a valid network IP address for {$networkacl[$x]['acl_network']}."); + + if (is_ipaddr($networkacl[$x]['acl_network'])) { + if (!is_subnet($networkacl[$x]['acl_network']."/".$networkacl[$x]['mask'])) + $input_errors[] = gettext("You must enter a valid IPv4 netmask for {$networkacl[$x]['acl_network']}/{$networkacl[$x]['mask']}."); + } else if (function_exists("is_ipaddrv6")) { + if (!is_ipaddrv6($networkacl[$x]['acl_network'])) + $input_errors[] = gettext("You must enter a valid IPv6 address for {$networkacl[$x]['acl_network']}."); + else if (!is_subnetv6($networkacl[$x]['acl_network']."/".$networkacl[$x]['mask'])) + $input_errors[] = gettext("You must enter a valid IPv6 netmask for {$networkacl[$x]['acl_network']}/{$networkacl[$x]['mask']}."); + } else + $input_errors[] = gettext("You must enter a valid IPv4 address for {$networkacl[$x]['acl_network']}."); + } else if (isset($networkacl[$x])) + unset($networkacl[$x]); } - if ($pconfig['apply']) { - clear_subsystem_dirty("unbound"); - $retval = 0; - $retval = services_unbound_configure(); - $savemsg = get_std_save_message($retval); + if (!$input_errors) { + if ($pconfig['Submit'] == gettext("Save")) { + $acl_entry = array(); + $acl_entry['aclid'] = $pconfig['aclid']; + $acl_entry['aclname'] = $pconfig['aclname']; + $acl_entry['aclaction'] = $pconfig['aclaction']; + $acl_entry['description'] = $pconfig['description']; + $acl_entry['aclid'] = $pconfig['aclid']; + $acl_entry['row'] = array(); + foreach ($networkacl as $acl) + $acl_entry['row'][] = $acl; + + if (isset($id) && $a_acls[$id]) + $a_acls[$id] = $acl_entry; + else + $a_acls[] = $acl_entry; + + + mark_subsystem_dirty("unbound"); + write_config(); + + pfSenseHeader("/services_unbound_acls.php"); + exit; + } + } } } @@ -136,26 +137,21 @@ include("head.inc"); ?> -<script type="text/javascript" src="/javascript/row_helper.js"> -</script> +<script type="text/javascript" src="/javascript/jquery.ipv4v6ify.js"></script> +<script type="text/javascript" src="/javascript/row_helper.js"></script> <script type="text/javascript"> //<![CDATA[ - function mask_field(fieldname, fieldsize, n) { - return '<select name="' + fieldname + n + '" class="formselect" id="' + fieldname + n + '"><?php - for ($i = 128; $i >= 0; $i--) { - echo "<option value=\"$i\">$i<\/option>"; - } - ?><\/select>'; - } - - rowtype[0] = "textbox"; rowname[0] = "acl_network"; + rowtype[0] = "textbox,ipv4v6"; rowsize[0] = "30"; + rowname[1] = "mask"; - rowtype[1] = mask_field; - rowtype[2] = "textbox"; + rowtype[1] = "select,ipv4v6"; + rowsize[1] = "1"; + rowname[2] = "description"; + rowtype[2] = "textbox"; rowsize[2] = "40"; //]]> </script> @@ -252,10 +248,10 @@ if (is_subsystem_dirty("unbound")) ?> <tr> <td> - <input autocomplete="off" name="acl_network<?=$counter;?>" type="text" class="formfld unknown" id="acl_network<?=$counter;?>" size="40" value="<?=htmlspecialchars($network);?>" /> + <input name="acl_network<?=$counter;?>" type="text" class="formfld unknown ipv4v6" id="acl_network<?=$counter;?>" size="30" value="<?=htmlspecialchars($network);?>" /> </td> <td> - <select name="mask<?=$counter;?>" class="formselect" id="mask<?=$counter;?>"> + <select name="mask<?=$counter;?>" class="formselect ipv4v6" id="mask<?=$counter;?>"> <?php for ($i = 128; $i > 0; $i--) { echo "<option value=\"$i\" "; @@ -266,7 +262,7 @@ if (is_subsystem_dirty("unbound")) </select> </td> <td> - <input autocomplete="off" name="description<?=$counter;?>" type="text" class="listbg" id="description<?=$counter;?>" size="40" value="<?=htmlspecialchars($description);?>" /> + <input name="description<?=$counter;?>" type="text" class="formfld unknown" id="description<?=$counter;?>" size="40" value="<?=htmlspecialchars($description);?>" /> </td> <td> <a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" alt="delete" /></a> @@ -318,17 +314,22 @@ if (is_subsystem_dirty("unbound")) <tr> <td width="25%" class="listhdrr"><?=gettext("Access List Name"); ?></td> <td width="25%" class="listhdrr"><?=gettext("Action"); ?></td> - <td width="40%" class="listhdrr"><?=gettext("Description"); ?></td> - <td width="10%" class="list"></td> + <td width="45%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="5%" class="list"> </td> </tr> </thead> <tfoot> <tr> - <td class="list" colspan="4"></td> + <td class="list" colspan="3"> </td> <td class="list"> - <a href="services_unbound_acls.php?act=new"> - <img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("Add new Access List"); ?>" border="0" alt="add" /> - </a> + <table border="0" cellspacing="0" cellpadding="1" summary="icons"> + <tr> + <td width="17"> </td> + <td valign="middle"><a href="services_unbound_acls.php?act=new"> + <img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("Add new Access List"); ?>" border="0" alt="add" /> + </a></td> + </tr> + </table> </td> </tr> <tr> @@ -346,7 +347,7 @@ if (is_subsystem_dirty("unbound")) ?> <tr ondblclick="document.location='services_unbound_acls.php?act=edit&id=<?=$i;?>'"> <td class="listlr"> - <?=$acl['aclname'];?> + <?=htmlspecialchars($acl['aclname']);?> </td> <td class="listr"> <?=htmlspecialchars($acl['aclaction']);?> @@ -355,13 +356,16 @@ if (is_subsystem_dirty("unbound")) <?=htmlspecialchars($acl['description']);?> </td> <td valign="middle" class="list nowrap"> - <a href="services_unbound_acls.php?act=edit&id=<?=$i;?>"> - <img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit access list"); ?>" width="17" height="17" border="0" alt="edit" /> - </a> - - <a href="services_unbound_acls.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this access list?"); ?>')"> - <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete access list"); ?>" width="17" height="17" border="0" alt="delete" /> - </a> + <table border="0" cellspacing="0" cellpadding="1" summary="icons"> + <tr> + <td valign="middle"><a href="services_unbound_acls.php?act=edit&id=<?=$i;?>"> + <img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit access list"); ?>" width="17" height="17" border="0" alt="edit" /> + </a></td> + <td valign="middle"><a href="services_unbound_acls.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this access list?"); ?>')"> + <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete access list"); ?>" width="17" height="17" border="0" alt="delete" /> + </a></td> + </tr> + </table> </td> </tr> <?php diff --git a/usr/local/www/services_unbound_advanced.php b/usr/local/www/services_unbound_advanced.php index 9fd8a89..b0b77a7 100644 --- a/usr/local/www/services_unbound_advanced.php +++ b/usr/local/www/services_unbound_advanced.php @@ -43,22 +43,19 @@ require_once("unbound.inc"); if(!is_array($config['unbound'])) $config['unbound'] = array(); -$a_unboundcfg =& $config['unbound']; -$pconfig['enable'] = isset($config['unbound']['enable']); -$pconfig['active_interface'] = $config['unbound']['active_interface']; -$pconfig['outgoing_interface'] = $config['unbound']['outgoing_interface']; -$pconfig['dnssec'] = isset($config['unbound']['dnssec']); -$pconfig['forwarding'] = isset($config['unbound']['forwarding']); -$pconfig['regdhcp'] = isset($config['unbound']['regdhcp']); -$pconfig['regdhcpstatic'] = isset($config['unbound']['regdhcpstatic']); -$pconfig['dhcpfirst'] = isset($config['unbound']['dhcpfirst']); -$pconfig['hideidentity'] = isset($config['unbound']['hideidentity']); -$pconfig['hideversion'] = isset($config['unbound']['hideversion']); -$pconfig['prefetch'] = isset($config['unbound']['prefetch']); -$pconfig['prefetchkey'] = isset($config['unbound']['prefetchkey']); -$pconfig['hardenglue'] = isset($config['unbound']['hardenglue']); -$pconfig['dnssecstripped'] = isset($config['unbound']['dnssecstripped']); +if (isset($config['unbound']['hideidentity'])) + $pconfig['hideidentity'] = true; +if (isset($config['unbound']['hideversion'])) + $pconfig['hideversion'] = true; +if (isset($config['unbound']['prefetch'])) + $pconfig['prefetch'] = true; +if (isset($config['unbound']['prefetchkey'])) + $pconfig['prefetchkey'] = true; +if (isset($config['unbound']['hardenglue'])) + $pconfig['hardenglue'] = true; +if (isset($config['unbound']['dnssecstripped'])) + $pconfig['dnssecstripped'] = true; $pconfig['msgcachesize'] = $config['unbound']['msgcachesize']; $pconfig['outgoing_num_tcp'] = $config['unbound']['outgoing_num_tcp']; $pconfig['incoming_num_tcp'] = $config['unbound']['incoming_num_tcp']; @@ -74,24 +71,54 @@ $pconfig['unwanted_reply_threshold'] = $config['unbound']['unwanted_reply_thresh $pconfig['log_verbosity'] = isset($config['unbound']['log_verbosity']) ? $config['unbound']['log_verbosity'] : "1"; if ($_POST) { + $pconfig = $_POST; - unset($input_errors); - - if (!$input_errors) { - $a_unboundcfg['hideidentity'] = ($_POST['hideidentity']) ? true : false; - $a_unboundcfg['hideversion'] = ($_POST['hideversion']) ? true : false; - $a_unboundcfg['prefetch'] = ($_POST['prefetch']) ? true : false; - $a_unboundcfg['prefetchkey'] = ($_POST['prefetchkey']) ? true : false; - $a_unboundcfg['hardenglue'] = ($_POST['hardenglue']) ? true : false; - $a_unboundcfg['dnssecstripped'] = ($_POST['dnssecstripped']) ? true : false; - $a_unboundcfg['custom_options'] = str_replace("\r\n", "\n", $_POST['custom_options']); - write_config("DNS Resolver configured."); - - $retval = 0; + if ($_POST['apply']) { $retval = services_unbound_configure(); $savemsg = get_std_save_message($retval); if ($retval == 0) clear_subsystem_dirty('unbound'); + } else { + if (isset($_POST['hideidentity'])) + $config['unbound']['hideidentity'] = true; + else + unset($config['unbound']['hideidentity']); + if (isset($_POST['hideversion'])) + $config['unbound']['hideversion'] = true; + else + unset($config['unbound']['hideversion']); + if (isset($_POST['prefetch'])) + $config['unbound']['prefetch'] = true; + else + unset($config['unbound']['prefetch']); + if (isset($_POST['prefetchkey'])) + $config['unbound']['prefetchkey'] = true; + else + unset($config['unbound']['prefetchkey']); + if (isset($_POST['hardenglue'])) + $config['unbound']['hardenglue'] = true; + else + unset($config['unbound']['hardenglue']); + if (isset($_POST['dnssecstripped'])) + $config['unbound']['dnssecstripped'] = true; + else + unset($config['unbound']['dnssecstripped']); + $config['unbound']['msgcachesize'] = $_POST['msgcachesize']; + $config['unbound']['outgoing_num_tcp'] = $_POST['outgoing_num_tcp']; + $config['unbound']['incoming_num_tcp'] = $_POST['incoming_num_tcp']; + $config['unbound']['edns_buffer_size'] = $_POST['edns_buffer_size']; + $config['unbound']['num_queries_per_thread'] = $_POST['num_queries_per_thread']; + $config['unbound']['jostle_timeout'] = $_POST['jostle_timeout']; + $config['unbound']['cache_max_ttl'] = $_POST['cache_max_ttl']; + $config['unbound']['cache_min_ttl'] = $_POST['cache_min_ttl']; + $config['unbound']['infra_host_ttl'] = $_POST['infra_host_ttl']; + $config['unbound']['infra_lame_ttl'] = $_POST['infra_lame_ttl']; + $config['unbound']['infra_cache_numhosts'] = $_POST['infra_cache_numhosts']; + $config['unbound']['unwanted_reply_threshold'] = $_POST['unwanted_reply_threshold']; + $config['unbound']['log_verbosity'] = $_POST['log_verbosity']; + write_config("DNS Resolver configured."); + + mark_subsystem_dirty('unbound'); } } @@ -101,15 +128,6 @@ include_once("head.inc"); ?> -<script type="text/javascript"> -//<![CDATA[ -function enable_change(enable_over) { - var endis; - endis = !(jQuery('#enable').is(":checked") || enable_over); - jQuery("#active_interface,#outgoing_interface,#dnssec,#forwarding,#regdhcp,#regdhcpstatic,#dhcpfirst,#port").prop('disabled', endis); -} -//]]> -</script> </head> <body> @@ -122,7 +140,7 @@ function enable_change(enable_over) { <?php endif; ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="services unbound advanced"> <tbody> - <tr> + <tr> <td class="tabnavtbl"> <?php $tab_array = array(); @@ -144,42 +162,42 @@ function enable_change(enable_over) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Hide Identity");?></td> <td width="78%" class="vtable"> - <p><input name="hideidentity" type="checkbox" id="hideidentity" value="yes" <?php if ($pconfig['hideidentity'] === true) echo "checked=\"checked\"";?> onclick="enable_change(false)" /><br /> + <p><input name="hideidentity" type="checkbox" id="hideidentity" value="yes" <?php if (isset($pconfig['hideidentity'])) echo "checked=\"checked\"";?> /><br /> <?=gettext("If enabled, id.server and hostname.bind queries are refused.");?></p> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Hide Version");?></td> <td width="78%" class="vtable"> - <p><input name="enable" type="checkbox" id="hideversion" value="yes" <?php if ($pconfig['hideversion'] == "yes") echo "checked=\"checked\"";?> onclick="enable_change(false)" /><br /> + <p><input name="hideversion" type="checkbox" id="hideversion" value="yes" <?php if (isset($pconfig['hideversion'])) echo "checked=\"checked\"";?> /><br /> <?=gettext("If enabled, version.server and version.bind queries are refused.");?></p> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Prefetch Support");?></td> <td width="78%" class="vtable"> - <p><input name="enable" type="checkbox" id="prefetch" value="yes" <?php if ($pconfig['prefetch'] == "yes") echo "checked=\"checked\"";?> onclick="enable_change(false)" /><br /> + <p><input name="prefetch" type="checkbox" id="prefetch" value="yes" <?php if (isset($pconfig['prefetch'])) echo "checked=\"checked\"";?> /><br /> <?=gettext("Message cache elements are prefetched before they expire to help keep the cache up to date. When enabled, this option can cause an increase of around 10% more DNS traffic and load on the server, but frequently requested items will not expire from the cache.");?></p> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Prefetch DNS Key Support");?></td> <td width="78%" class="vtable"> - <p><input name="enable" type="checkbox" id="prefetchkey" value="yes" <?php if ($pconfig['prefetchkey'] == "yes") echo "checked=\"checked\"";?> onclick="enable_change(false)" /><br /> + <p><input name="prefetchkey" type="checkbox" id="prefetchkey" value="yes" <?php if (isset($pconfig['prefetchkey'])) echo "checked=\"checked\"";?> /><br /> <?=sprintf(gettext("DNSKEY's are fetched earlier in the validation process when a %sDelegation signer%s is encountered. This helps lower the latency of requests but does utilize a little more CPU."), "<a href='http://en.wikipedia.org/wiki/List_of_DNS_record_types'>", "</a>");?></p> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Harden Glue");?></td> <td width="78%" class="vtable"> - <p><input name="enable" type="checkbox" id="hardenglue" value="yes" <?php if ($pconfig['hardenglue'] == "yes") echo "checked=\"checked\"";?> onclick="enable_change(false)" /><br /> + <p><input name="hardenglue" type="checkbox" id="hardenglue" value="yes" <?php if (isset($pconfig['hardenglue'])) echo "checked=\"checked\"";?> /><br /> <?=gettext("Only trust glue if it is within the servers authority.");?></p> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Harden DNSSEC data");?></td> <td width="78%" class="vtable"> - <p><input name="enable" type="checkbox" id="dnssecstripped" value="yes" <?php if ($pconfig['dnssecstripped'] == "yes") echo "checked=\"checked\"";?> onclick="enable_change(false)" /><br /> + <p><input name="dnssecstripped" type="checkbox" id="dnssecstripped" value="yes" <?php if (isset($pconfig['dnssecstripped'])) echo "checked=\"checked\"";?> /><br /> <?=gettext("DNSSEC data is required for trust-anchored zones. If such data is absent, the zone becomes bogus. If this is disabled and no DNSSEC data is received, then the zone is made insecure.");?></p> </td> </tr> @@ -188,13 +206,15 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="msgcachesize" name="msgcachesize"> - <option value="4">4MB</option> - <option value="10">10MB</option> - <option value="20">20MB</option> - <option value="50">50MB</option> - <option value="100">100MB</option> - <option value="250">250MB</option> - <option value="512">512MB</option> +<?php + foreach (array("4", "10", "20", "50", "100", "250", "512") as $size) : +?> + <option value="<?php echo $size; ?>" <?php if ($pconfig['msgcachesize'] == "{$size}") echo "selected=\"selected\""; ?>> + <?php echo $size; ?>MB + </option> +<?php + endforeach; +?> </select><br /> <?=gettext("Size of the message cache. The message cache stores DNS rcodes and validation statuses. The RRSet cache will automatically be set to twice this amount. The RRSet cache contains the actual RR data. The default is 4 megabytes.");?> </p> @@ -205,12 +225,15 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="outgoing_num_tcp" name="outgoing_num_tcp"> - <option value="0">0</option> - <option value="10">10</option> - <option value="20">20</option> - <option value="30">30</option> - <option value="40">40</option> - <option value="50">50</option> +<?php + for ($num_tcp = 0; $num_tcp <= 50; $num_tcp += 10): +?> + <option value="<?php echo $num_tcp; ?>" <?php if ($pconfig['outgoing_num_tcp'] == "{$num_tcp}") echo "selected=\"selected\""; ?>> + <?php echo $num_tcp; ?> + </option> +<?php + endfor; +?> </select><br /> <?=gettext("The number of outgoing TCP buffers to allocate per thread. The default value is 10. If 0 is selected then no TCP queries, to authoritative servers, are done.");?> </p> @@ -221,12 +244,15 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="incoming_num_tcp" name="incoming_num_tcp"> - <option value="0">0</option> - <option value="10">10</option> - <option value="20">20</option> - <option value="30">30</option> - <option value="40">40</option> - <option value="50">50</option> +<?php + for ($num_tcp = 0; $num_tcp <= 50; $num_tcp += 10): +?> + <option value="<?php echo $num_tcp; ?>" <?php if ($pconfig['incoming_num_tcp'] == "{$num_tcp}") echo "selected=\"selected\""; ?>> + <?php echo $num_tcp; ?> + </option> +<?php + endfor; +?> </select><br /> <?=gettext("The number of incoming TCP buffers to allocate per thread. The default value is 10. If 0 is selected then no TCP queries, from clients, are accepted.");?> </p> @@ -237,9 +263,15 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="edns_buffer_size" name="edns_buffer_size"> - <option value="512">512</option> - <option value="1480">1480</option> - <option value="4096">4096</option> +<?php + foreach (array("512", "1480", "4096") as $size) : +?> + <option value="<?php echo $size; ?>" <?php if ($pconfig['edns_buffer_size'] == "{$size}") echo "selected=\"selected\""; ?>> + <?php echo $size; ?> + </option> +<?php + endforeach; +?> </select><br /> <?=gettext("Number of bytes size to advertise as the EDNS reassembly buffer size. This is the value that is used in UDP datagrams sent to peers. RFC recommendation is 4096 (which is the default). If you have fragmentation reassemble problems, usually seen as timeouts, then a value of 1480 should help. The 512 value bypasses most MTU path problems, but it can generate an excessive amount of TCP fallback.");?> </p> @@ -250,9 +282,15 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="num_queries_per_thread" name="num_queries_per_thread"> - <option value="512">512</option> - <option value="1024">1024</option> - <option value="2048">2048</option> +<?php + foreach (array("512", "1024", "2048") as $queries) : +?> + <option value="<?php echo $queries; ?>" <?php if ($pconfig['num_queries_per_thread'] == "{$queries}") echo "selected=\"selected\""; ?>> + <?php echo $queries; ?> + </option> +<?php + endforeach; +?> </select><br /> <?=gettext("The number of queries that every thread will service simultaneously. If more queries arrive that need to be serviced, and no queries can be jostled, then these queries are dropped.");?> </p> @@ -263,10 +301,15 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="jostle_timeout" name="jostle_timeout"> - <option value="100">100</option> - <option value="200">200</option> - <option value="500">500</option> - <option value="1000">1000</option> +<?php + foreach (array("100", "200", "500", "1000") as $timeout) : +?> + <option value="<?php echo $timeout; ?>" <?php if ($pconfig['jostle_timeout'] == "{$timeout}") echo "selected=\"selected\""; ?>> + <?php echo $timeout; ?> + </option> +<?php + endforeach; +?> </select><br /> <?=gettext("This timeout is used for when the server is very busy. This protects against denial of service by slow queries or high query rates. The default value is 200 milliseconds.");?> </p> @@ -276,7 +319,7 @@ function enable_change(enable_over) { <td width="22%" valign="top" class="vncell"><?=gettext("Maximum TTL for RRsets and messages");?></td> <td width="78%" class="vtable"> <p> - <input type="text" id="cache_max_ttl" name="cache_max_ttl" size="5" /><br /> + <input type="text" id="cache_max_ttl" name="cache_max_ttl" size="5" value="<?php if(isset($pconfig['cache_max_ttl'])) echo $pconfig['cache_max_ttl']; ?>" /><br /> <?=gettext("Configure a maximum Time to live for RRsets and messages in the cache. The default is 86400 seconds (1 day). When the internal TTL expires the cache item is expired. This can be configured to force the resolver to query for data more often and not trust (very large) TTL values.");?> </p> </td> @@ -285,7 +328,7 @@ function enable_change(enable_over) { <td width="22%" valign="top" class="vncell"><?=gettext("Minimum TTL for RRsets and messages");?></td> <td width="78%" class="vtable"> <p> - <input type="text" id="cache_min_ttl" name="cache_min_ttl" size="5" /><br /> + <input type="text" id="cache_min_ttl" name="cache_min_ttl" size="5" value="<?php if(isset($pconfig['cache_min_ttl'])) echo $pconfig['cache_min_ttl']; ?>" /><br /> <?=gettext("Configure a minimum Time to live for RRsets and messages in the cache. The default is 0 seconds. If the minimum value kicks in, the data is cached for longer than the domain owner intended, and thus less queries are made to look up the data. The 0 value ensures the data in the cache is as the domain owner intended. High values can lead to trouble as the data in the cache might not match up with the actual data anymore.");?> </p> </td> @@ -295,11 +338,11 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="infra_host_ttl" name="infra_host_ttl"> - <option value="60">1 minute</option> - <option value="120">2 minutes</option> - <option value="300">5 minutes</option> - <option value="600">10 minutes</option> - <option value="900">15 minutes</option> + <option value="60" <?php if ($pconfig['infra_host_ttl'] == "60") echo "selected=\"selected\""; ?>>1 minute</option> + <option value="120" <?php if ($pconfig['infra_host_ttl'] == "120") echo "selected=\"selected\""; ?>>2 minutes</option> + <option value="300" <?php if ($pconfig['infra_host_ttl'] == "300") echo "selected=\"selected\""; ?>>5 minutes</option> + <option value="600" <?php if ($pconfig['infra_host_ttl'] == "600") echo "selected=\"selected\""; ?>>10 minutes</option> + <option value="900" <?php if ($pconfig['infra_host_ttl'] == "900") echo "selected=\"selected\""; ?>>15 minutes</option> </select><br /> <?=gettext("Time to live for entries in the host cache. The host cache contains roundtrip timing and EDNS support information. The default is 15 minutes.");?> </p> @@ -310,11 +353,11 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="infra_lame_ttl" name="infra_lame_ttl"> - <option value="60">1 minute</option> - <option value="120">2 minutes</option> - <option value="300">5 minutes</option> - <option value="600">10 minutes</option> - <option value="900">15 minutes</option> + <option value="60" <?php if ($pconfig['infra_lame_ttl'] == "60") echo "selected=\"selected\""; ?>>1 minute</option> + <option value="120" <?php if ($pconfig['infra_lame_ttl'] == "120") echo "selected=\"selected\""; ?>>2 minutes</option> + <option value="300" <?php if ($pconfig['infra_lame_ttl'] == "300") echo "selected=\"selected\""; ?>>5 minutes</option> + <option value="600" <?php if ($pconfig['infra_lame_ttl'] == "600") echo "selected=\"selected\""; ?>>10 minutes</option> + <option value="900" <?php if ($pconfig['infra_lame_ttl'] == "900") echo "selected=\"selected\""; ?>>15 minutes</option> </select><br /> <?=gettext("Time to live for when a delegation is considered to be lame. The default is 15 minutes.");?> </p> @@ -325,11 +368,11 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="infra_cache_numhosts" name="infra_cache_numhosts"> - <option value="1000">1000</option> - <option value="5000">5000</option> - <option value="10000">10 000</option> - <option value="20000">20 000</option> - <option value="50000">50 000</option> + <option value="1000" <?php if ($pconfig['infra_cache_numhosts'] == "1000") echo "selected=\"selected\""; ?>>1000</option> + <option value="5000" <?php if ($pconfig['infra_cache_numhosts'] == "5000") echo "selected=\"selected\""; ?>>5000</option> + <option value="10000" <?php if ($pconfig['infra_cache_numhosts'] == "10000") echo "selected=\"selected\""; ?>>10 000</option> + <option value="20000" <?php if ($pconfig['infra_cache_numhosts'] == "20000") echo "selected=\"selected\""; ?>>20 000</option> + <option value="50000" <?php if ($pconfig['infra_cache_numhosts'] == "50000") echo "selected=\"selected\""; ?>>50 000</option> </select><br /> <?=gettext("Number of hosts for which information is cached. The default is 10,000.");?> </p> @@ -340,12 +383,12 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="unwanted_reply_threshold" name="unwanted_reply_threshold"> - <option value="disabled">disabled</option> - <option value="5000000">5 million</option> - <option value="10000000">10 million</option> - <option value="20000000">20 million</option> - <option value="40000000">40 million</option> - <option value="50000000">50 million</option> + <option value="disabled" <?php if ($pconfig['unwanted_reply_threshold'] == "disabled") echo "selected=\"selected\""; ?>>disabled</option> + <option value="5000000" <?php if ($pconfig['unwanted_reply_threshold'] == "5000000") echo "selected=\"selected\""; ?>>5 million</option> + <option value="10000000" <?php if ($pconfig['unwanted_reply_threshold'] == "10000000") echo "selected=\"selected\""; ?>>10 million</option> + <option value="20000000" <?php if ($pconfig['unwanted_reply_threshold'] == "20000000") echo "selected=\"selected\""; ?>>20 million</option> + <option value="40000000" <?php if ($pconfig['unwanted_reply_threshold'] == "40000000") echo "selected=\"selected\""; ?>>40 million</option> + <option value="50000000" <?php if ($pconfig['unwanted_reply_threshold'] == "50000000") echo "selected=\"selected\""; ?>>50 million</option> </select><br /> <?=gettext("If enabled, a total number of unwanted replies is kept track of in every thread. When it reaches the threshold, a defensive action is taken and a warning is printed to the log file. This defensive action is to clear the RRSet and message caches, hopefully flushing away any poison. The default is disabled, but if enabled a value of 10 million is suggested.");?> </p> @@ -356,12 +399,15 @@ function enable_change(enable_over) { <td width="78%" class="vtable"> <p> <select id="log_verbosity" name="log_verbosity"> - <option value="0">Level 0</option> - <option value="1">Level 1</option> - <option value="2">Level 2</option> - <option value="3">Level 3</option> - <option value="4">Level 4</option> - <option value="5">Level 5</option> +<?php + for ($level = 0; $level <= 5; $level++): +?> + <option value="<?php echo $level; ?>" <?php if ($pconfig['log_verbosity'] == "{$level}") echo "selected=\"selected\""; ?>> + Level <?php echo $level; ?> + </option> +<?php + endfor; +?> </select><br /> <?=gettext("Select the log verbosity.");?> </p> diff --git a/usr/local/www/shortcuts/pkg_upnp.inc b/usr/local/www/shortcuts/pkg_upnp.inc index 05402a2..2b068a7 100644 --- a/usr/local/www/shortcuts/pkg_upnp.inc +++ b/usr/local/www/shortcuts/pkg_upnp.inc @@ -3,9 +3,9 @@ global $shortcuts; $shortcuts['upnp'] = array(); -$shortcuts['upnp']['main'] = "pkg_edit.php?xml=miniupnpd.xml&id=0"; +$shortcuts['upnp']['main'] = "pkg_edit.php?xml=miniupnpd.xml"; $shortcuts['upnp']['log'] = "diag_logs_routing.php"; $shortcuts['upnp']['status'] = "status_upnp.php"; $shortcuts['upnp']['service'] = "miniupnpd"; -?>
\ No newline at end of file +?> diff --git a/usr/local/www/status_captiveportal.php b/usr/local/www/status_captiveportal.php index 68e0d13..c9aab18 100644 --- a/usr/local/www/status_captiveportal.php +++ b/usr/local/www/status_captiveportal.php @@ -62,6 +62,9 @@ if (!is_array($config['captiveportal'])) $config['captiveportal'] = array(); $a_cp =& $config['captiveportal']; +if (count($a_cp) == 1) + $cpzone = current(array_keys($a_cp)); + include("head.inc"); ?> @@ -122,7 +125,8 @@ $mac_man = load_mac_manufacturer_table(); <td width="20%" class="vncell" valign="top"> <br /><?=gettext("Captive Portal Zone"); ?><br/><br /> </td> - <td class="vncell" width="30%" align="center"> + <td class="vncell" width="30%" align="center"> + <?php if (count($a_cp) > 1) { ?> <form action="status_captiveportal.php" method="post" enctype="multipart/form-data" name="form1" id="form1"> <select name="zone" class="formselect" onchange="document.form1.submit()"> <option value="">none</option> @@ -136,6 +140,7 @@ $mac_man = load_mac_manufacturer_table(); </select> <br /> </form> + <?php } else echo $a_cp[$cpzone]['zone']; ?> </td> <td colspan="3" width="50%"></td> </tr> diff --git a/usr/local/www/status_openvpn.php b/usr/local/www/status_openvpn.php index bcc4b9f..726f5d7 100644 --- a/usr/local/www/status_openvpn.php +++ b/usr/local/www/status_openvpn.php @@ -177,10 +177,10 @@ include("head.inc"); ?> <?=$conn['connect_time'];?> </td> <td class="listr"> - <?=$conn['bytes_sent'];?> + <?=format_bytes($conn['bytes_sent']);?> </td> <td class="listr"> - <?=$conn['bytes_recv'];?> + <?=format_bytes($conn['bytes_recv']);?> </td> <td class="list"> <img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" height="17" width="17" border="0" @@ -301,10 +301,10 @@ include("head.inc"); ?> <?=$sk_server['remote_host'];?> </td> <td class="listr"> - <?=$sk_server['bytes_sent'];?> + <?=format_bytes($sk_server['bytes_sent']);?> </td> <td class="listr"> - <?=$sk_server['bytes_recv'];?> + <?=format_bytes($sk_server['bytes_recv']);?> </td> <td class="listr"> <table> @@ -364,10 +364,10 @@ include("head.inc"); ?> <?=$client['remote_host'];?> </td> <td class="listr"> - <?=$client['bytes_sent'];?> + <?=format_bytes($client['bytes_sent']);?> </td> <td class="listr"> - <?=$client['bytes_recv'];?> + <?=format_bytes($client['bytes_recv']);?> </td> <td class="listr" height="12"> <table> diff --git a/usr/local/www/status_rrd_graph_img.php b/usr/local/www/status_rrd_graph_img.php index ef0f9ee..868e3a1 100644 --- a/usr/local/www/status_rrd_graph_img.php +++ b/usr/local/www/status_rrd_graph_img.php @@ -44,6 +44,7 @@ $pgtitle = array(gettext("System"),gettext("RRD Graphs"),gettext("Image viewer") if ($_GET['database']) { $curdatabase = basename($_GET['database']); + $curdatabase = str_replace(array("<", ">", ";", "&", "'", '"'), "", htmlspecialchars_decode($curdatabase, ENT_QUOTES | ENT_HTML401)); } else { $curdatabase = "wan-traffic.rrd"; } @@ -56,7 +57,7 @@ if ($_GET['style']) { /* this is used for temp name */ if ($_GET['graph']) { - $curgraph = $_GET['graph']; + $curgraph = str_replace(array("<", ">", ";", "&", "'", '"', '.', '/'), "", htmlspecialchars_decode($_GET['graph'], ENT_QUOTES | ENT_HTML401)); } else { $curgraph = "custom"; } @@ -64,9 +65,6 @@ if ($_GET['graph']) { $now = time(); if (is_numeric($_GET['start'])) { - if($start < ($now - (3600 * 24 * 365 * 5))) { - $start = $now - (8 * 3600); - } $start = $_GET['start']; } else { $start = $now - (8 * 3600); @@ -332,7 +330,7 @@ if((strstr($curdatabase, "-traffic.rrd")) && (file_exists("$rrddbpath$curdatabas $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png "; $graphcmd .= "--start $start --end $end --step $step --vertical-label \"bits/sec\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:$curif-in_bytes_pass=$rrddbpath$curdatabase:inpass:AVERAGE:step=$step "; $graphcmd .= "DEF:$curif-out_bytes_pass=$rrddbpath$curdatabase:outpass:AVERAGE:step=$step "; @@ -477,7 +475,7 @@ if((strstr($curdatabase, "-traffic.rrd")) && (file_exists("$rrddbpath$curdatabas $graphcmd .= "GPRINT:\"$curif-out6_bits_block:LAST:%7.2lf %Sb/s\" "; $graphcmd .= "GPRINT:\"$curif-bytes_out6_t_block:AVERAGE:%7.2lf %sB o\" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif(strstr($curdatabase, "-throughput.rrd")) { /* define graphcmd for throughput stats */ @@ -486,7 +484,7 @@ elseif(strstr($curdatabase, "-throughput.rrd")) { $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"bits/sec\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $iflist = get_configured_interface_list(); @@ -605,7 +603,7 @@ elseif(strstr($curdatabase, "-throughput.rrd")) { $graphcmd .= "GPRINT:\"tput-out_bits_block:LAST:%7.2lf %Sb/s\" "; $graphcmd .= "GPRINT:\"tput-bytes_out_t_block:AVERAGE:%7.2lf %sB o\" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-packets.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for packets stats */ @@ -613,7 +611,7 @@ elseif((strstr($curdatabase, "-packets.rrd")) && (file_exists("$rrddbpath$curdat $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"packets/sec\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"$curif-in_pps_pass=$rrddbpath$curdatabase:inpass:AVERAGE:step=$step\" "; $graphcmd .= "DEF:\"$curif-out_pps_pass=$rrddbpath$curdatabase:outpass:AVERAGE:step=$step\" "; @@ -731,7 +729,7 @@ elseif((strstr($curdatabase, "-packets.rrd")) && (file_exists("$rrddbpath$curdat $graphcmd .= "GPRINT:\"$curif-out6_pps_block:LAST:%7.2lf %S pps\" "; $graphcmd .= "GPRINT:\"$curif-pps_out6_t_block:AVERAGE:%7.2lf %s pkts\" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-wireless.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for packets stats */ @@ -739,7 +737,7 @@ elseif((strstr($curdatabase, "-wireless.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"snr/channel/rate\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"$curif-snr=$rrddbpath$curdatabase:snr:AVERAGE:step=$step\" "; $graphcmd .= "DEF:\"$curif-rate=$rrddbpath$curdatabase:rate:AVERAGE:step=$step\" "; @@ -764,7 +762,7 @@ elseif((strstr($curdatabase, "-wireless.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "GPRINT:\"$curif-channel:AVERAGE:%7.2lf \" "; $graphcmd .= "GPRINT:\"$curif-channel:LAST:%7.2lf\" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-vpnusers.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for vpn users stats */ @@ -772,7 +770,7 @@ elseif((strstr($curdatabase, "-vpnusers.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"users\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"$curif-users=$rrddbpath$curdatabase:users:AVERAGE:step=$step\" "; $graphcmd .= "LINE2:\"$curif-users#{$colorvpnusers[0]}:$curif-users\" "; @@ -783,7 +781,7 @@ elseif((strstr($curdatabase, "-vpnusers.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "GPRINT:\"$curif-users:AVERAGE:%7.2lf \" "; $graphcmd .= "GPRINT:\"$curif-users:LAST:%7.2lf \" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-states.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for states stats */ @@ -791,7 +789,7 @@ elseif((strstr($curdatabase, "-states.rrd")) && (file_exists("$rrddbpath$curdata $graphcmd .= "--start -$seconds -e -$average --step $step "; $graphcmd .= "--vertical-label \"states, ip\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"$curif-pfrate=$rrddbpath$curdatabase:pfrate:AVERAGE:step=$step\" "; $graphcmd .= "DEF:\"$curif-pfstates=$rrddbpath$curdatabase:pfstates:AVERAGE:step=$step\" "; @@ -837,7 +835,7 @@ elseif((strstr($curdatabase, "-states.rrd")) && (file_exists("$rrddbpath$curdata $graphcmd .= "GPRINT:\"$curif-dstip:MAX:%7.2lf %s \" "; $graphcmd .= "GPRINT:\"$curif-dstip:LAST:%7.2lf %s \" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-processor.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for processor stats */ @@ -845,7 +843,7 @@ elseif((strstr($curdatabase, "-processor.rrd")) && (file_exists("$rrddbpath$curd $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"utilization, number\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"user=$rrddbpath$curdatabase:user:AVERAGE:step=$step\" "; $graphcmd .= "DEF:\"nice=$rrddbpath$curdatabase:nice:AVERAGE:step=$step\" "; @@ -889,7 +887,7 @@ elseif((strstr($curdatabase, "-processor.rrd")) && (file_exists("$rrddbpath$curd $graphcmd .= "GPRINT:\"processes:MAX:%7.2lf %s \" "; $graphcmd .= "GPRINT:\"processes:LAST:%7.2lf %s \" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-memory.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for memory usage stats */ @@ -897,7 +895,7 @@ elseif((strstr($curdatabase, "-memory.rrd")) && (file_exists("$rrddbpath$curdata $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"utilization, percent\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"active=$rrddbpath$curdatabase:active:AVERAGE:step=$step\" "; $graphcmd .= "DEF:\"inactive=$rrddbpath$curdatabase:inactive:AVERAGE:step=$step\" "; @@ -941,7 +939,7 @@ elseif((strstr($curdatabase, "-memory.rrd")) && (file_exists("$rrddbpath$curdata $graphcmd .= "GPRINT:\"wire:MAX:%7.2lf %s \" "; $graphcmd .= "GPRINT:\"wire:LAST:%7.2lf %S \" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-mbuf.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for mbuf usage stats */ @@ -949,7 +947,7 @@ elseif((strstr($curdatabase, "-mbuf.rrd")) && (file_exists("$rrddbpath$curdataba $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"utilization, percent\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} clusters - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} clusters - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"current=$rrddbpath$curdatabase:current:AVERAGE:step=$step\" "; $graphcmd .= "DEF:\"cache=$rrddbpath$curdatabase:cache:AVERAGE:step=$step\" "; @@ -985,7 +983,7 @@ elseif((strstr($curdatabase, "-mbuf.rrd")) && (file_exists("$rrddbpath$curdataba $graphcmd .= "GPRINT:\"max:MAX:%7.2lf %s \" "; $graphcmd .= "GPRINT:\"max:LAST:%7.2lf %S \" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-queues.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for queue stats */ @@ -993,7 +991,7 @@ elseif((strstr($curdatabase, "-queues.rrd")) && (file_exists("$rrddbpath$curdata $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"bits/sec\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; if ($altq) { $a_queues =& $altq->get_queue_list(); @@ -1014,7 +1012,7 @@ elseif((strstr($curdatabase, "-queues.rrd")) && (file_exists("$rrddbpath$curdata if($t > 7) { $t = 0; } } $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-queuedrops.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for queuedrop stats */ @@ -1022,7 +1020,7 @@ elseif((strstr($curdatabase, "-queuedrops.rrd")) && (file_exists("$rrddbpath$cur $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"drops / sec\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; if ($altq) { $a_queues =& $altq->get_queue_list(); @@ -1044,13 +1042,13 @@ elseif((strstr($curdatabase, "-queuedrops.rrd")) && (file_exists("$rrddbpath$cur if($t > 7) { $t = 0; } } $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-quality.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* make a link quality graphcmd, we only have WAN for now, others too follow */ $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png \\ --start $start --end $end --step $step \\ - --title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" \\ + --title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" \\ --color SHADEA#eeeeee --color SHADEB#eeeeee \\ --vertical-label \"ms / %\" \\ --height 200 --width 620 \\ @@ -1080,13 +1078,13 @@ elseif((strstr($curdatabase, "-quality.rrd")) && (file_exists("$rrddbpath$curdat GPRINT:loss:LAST:\"\tLast\: %3.1lf %%\\n\" \\ AREA:loss10#$colorqualityloss:\"Packet loss\\n\" \\ LINE1:delay#$colorqualityrtt[5]:\"Delay average\\n\" \\ - COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\""; + COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\""; } elseif((strstr($curdatabase, "spamd.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* graph a spamd statistics graph */ $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png \\ --start $start --end $end --step $step \\ - --title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" \\ + --title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" \\ --color SHADEA#eeeeee --color SHADEB#eeeeee \\ --vertical-label=\"Conn / Time, sec.\" \\ --height 200 --width 620 --no-gridfit \\ @@ -1119,14 +1117,14 @@ elseif((strstr($curdatabase, "spamd.rrd")) && (file_exists("$rrddbpath$curdataba GPRINT:consmin:MIN:\"Min\\:%6.2lf\\t\" \\ GPRINT:consavg:AVERAGE:\"Avg\\:%6.2lf\\t\" \\ GPRINT:consmax:MAX:\"Max\\:%6.2lf\\n\" \\ - COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-cellular.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png "; $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"signal\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"$curif-rssi=$rrddbpath$curdatabase:rssi:AVERAGE:step=$step\" "; $graphcmd .= "LINE2:\"$curif-rssi#{$colorwireless[0]}:$curif-rssi\" "; @@ -1137,7 +1135,7 @@ elseif((strstr($curdatabase, "-cellular.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "GPRINT:\"$curif-rssi:AVERAGE:%7.2lf \" "; $graphcmd .= "GPRINT:\"$curif-rssi:LAST:%7.2lf \" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-loggedin.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for online Captive Portal users stats */ @@ -1148,7 +1146,7 @@ elseif((strstr($curdatabase, "-loggedin.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "--base=1000 "; $graphcmd .= "--lower-limit=0 "; $graphcmd .= "--slope-mode "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"$curif-loggedinusers=$rrddbpath$curdatabase:loggedinusers:AVERAGE:step=$step\" "; $graphcmd .= "CDEF:\"$curif-totalusers_t=PREV,UN,0,PREV,IF,$curif-loggedinusers,+\" "; @@ -1156,7 +1154,7 @@ elseif((strstr($curdatabase, "-loggedin.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "AREA:\"$curif-totalusers_d#{$colorcaptiveportalusers[0]}:Total logged in users\" "; $graphcmd .= "GPRINT:\"$curif-totalusers_d:MAX:%8.0lf \\n\" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "-concurrent.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for online Captive Portal users stats */ @@ -1164,7 +1162,7 @@ elseif((strstr($curdatabase, "-concurrent.rrd")) && (file_exists("$rrddbpath$cur $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"Captive Portal Users\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--base=1000 "; $graphcmd .= "--lower-limit=0 "; $graphcmd .= "--slope-mode "; @@ -1178,7 +1176,7 @@ elseif((strstr($curdatabase, "-concurrent.rrd")) && (file_exists("$rrddbpath$cur $graphcmd .= "GPRINT:\"$curif-concurrentusers:AVERAGE:%8.0lf \" "; $graphcmd .= "GPRINT:\"$curif-concurrentusers:MAX:%8.0lf \" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } elseif((strstr($curdatabase, "ntpd.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { /* define graphcmd for ntpd (was: mbuf) usage stats */ @@ -1186,7 +1184,7 @@ elseif((strstr($curdatabase, "ntpd.rrd")) && (file_exists("$rrddbpath$curdatabas $graphcmd .= "--start $start --end $end --step $step "; $graphcmd .= "--vertical-label \"time\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--title \"" . php_uname('n') . " - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"offset=$rrddbpath$curdatabase:offset:AVERAGE:step=$step\" "; $graphcmd .= "DEF:\"sjit=$rrddbpath$curdatabase:sjit:AVERAGE:step=$step\" "; @@ -1222,7 +1220,7 @@ elseif((strstr($curdatabase, "ntpd.rrd")) && (file_exists("$rrddbpath$curdatabas $graphcmd .= "GPRINT:\"wander:MAX:%7.2lf %s \" "; $graphcmd .= "GPRINT:\"wander:LAST:%7.2lf %S \" "; $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t" . strftime('%b %d %H\:%M\:%S %Y') . "\" "; } else { $data = false; @@ -1233,14 +1231,14 @@ else { if (file_exists("$rrdtmppath$curdatabase-$curgraph.png")) { if((time() - filemtime("$rrdtmppath$curdatabase-$curgraph.png")) >= 15 ) { if($data) - exec("$graphcmd 2>&1", $graphcmdoutput, $graphcmdreturn); + $_gb = exec("$graphcmd 2>&1", $graphcmdoutput, $graphcmdreturn); $graphcmdoutput = implode(" ", $graphcmdoutput) . $graphcmd; flush(); usleep(500); } } else { if($data) - exec("$graphcmd 2>&1", $graphcmdoutput, $graphcmdreturn); + $_gb = exec("$graphcmd 2>&1", $graphcmdoutput, $graphcmdreturn); $graphcmdoutput = implode(" ", $graphcmdoutput) . $graphcmd; flush(); usleep(500); @@ -1249,14 +1247,14 @@ if(($graphcmdreturn <> 0) || (! $data)) { log_error(sprintf(gettext('Failed to create graph with error code %1$s, the error is: %2$s'),$graphcmdreturn,$graphcmdoutput)); if(strstr($curdatabase, "queues")) { log_error(sprintf(gettext("failed to create graph from %s%s, removing database"),$rrddbpath,$curdatabase)); - exec("/bin/rm -f $rrddbpath$curif$queues"); + unlink_if_exists($rrddbpath . $curif . $queues); flush(); usleep(500); enable_rrd_graphing(); } if(strstr($curdatabase, "queuesdrop")) { log_error(sprintf(gettext("failed to create graph from %s%s, removing database"),$rrddbpath,$curdatabase)); - exec("/bin/rm -f $rrddbpath$curdatabase"); + unlink_if_exists($rrddbpath . $curdatabase); flush(); usleep(500); enable_rrd_graphing(); diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index 89a815c..4982b66 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -59,7 +59,7 @@ $pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']); $pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']); $pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']); $pconfig['beast_protection'] = isset($config['system']['webgui']['beast_protection']); -$pconfig['noautocomplete'] = isset($config['system']['webgui']['noautocomplete']); +$pconfig['loginautocomplete'] = isset($config['system']['webgui']['loginautocomplete']); $pconfig['althostnames'] = $config['system']['webgui']['althostnames']; $pconfig['enableserial'] = $config['system']['enableserial']; $pconfig['serialspeed'] = $config['system']['serialspeed']; @@ -135,13 +135,10 @@ if ($_POST) { unset($config['system']['webgui']['quietlogin']); } - if($_POST['disableconsolemenu'] == "yes") { + if($_POST['disableconsolemenu'] == "yes") $config['system']['disableconsolemenu'] = true; - auto_login(); - } else { + else unset($config['system']['disableconsolemenu']); - auto_login(); - } if ($_POST['noantilockout'] == "yes") $config['system']['webgui']['noantilockout'] = true; @@ -178,10 +175,10 @@ if ($_POST) { else unset($config['system']['webgui']['beast_protection']); - if ($_POST['noautocomplete'] == "yes") - $config['system']['webgui']['noautocomplete'] = true; + if ($_POST['loginautocomplete'] == "yes") + $config['system']['webgui']['loginautocomplete'] = true; else - unset($config['system']['webgui']['noautocomplete']); + unset($config['system']['webgui']['loginautocomplete']); if ($_POST['althostnames']) $config['system']['webgui']['althostnames'] = $_POST['althostnames']; @@ -408,12 +405,12 @@ function prot_change() { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("WebGUI Login Autocomplete"); ?></td> <td width="78%" class="vtable"> - <input name="noautocomplete" type="checkbox" id="noautocomplete" value="yes" <?php if ($pconfig['noautocomplete']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Disable webConfigurator login autocomplete"); ?></strong> + <input name="loginautocomplete" type="checkbox" id="loginautocomplete" value="yes" <?php if ($pconfig['loginautocomplete']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Enable webConfigurator login autocomplete"); ?></strong> <br /> - <?php echo gettext("When this is unchecked, login credentials for the webConfigurator " . + <?php echo gettext("When this is checked, login credentials for the webConfigurator " . "may be saved by the browser. While convenient, some security standards require this to be disabled. " . - "Check this box to disable autocomplete on the login form so that browsers will not prompt to save credentials (NOTE: Some browsers do not respect this option). "); + "Check this box to enable autocomplete on the login form so that browsers will prompt to save credentials (NOTE: Some browsers do not respect this option). "); ?> </td> </tr> @@ -543,7 +540,7 @@ function prot_change() { <td width="22%" valign="top" class="vncell"><?=gettext("Serial Terminal"); ?></td> <td width="78%" class="vtable"> <input name="enableserial" type="checkbox" id="enableserial" value="yes" <?php if (isset($pconfig['enableserial'])) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Enables the first serial port with 9600/8/N/1 by default, or another speed selectable below."); ?></strong> + <strong><?=gettext("Enables the first serial port with 115200/8/N/1 by default, or another speed selectable below."); ?></strong> <span class="vexpl"><?=gettext("Note: This will redirect the console output and messages to the serial port. You can still access the console menu from the internal video card/keyboard. A <b>null modem</b> serial cable or adapter is required to use the serial console."); ?></span> </td> </tr> @@ -552,12 +549,12 @@ function prot_change() { <td width="22%" valign="top" class="vncell"><?=gettext("Serial Speed")?></td> <td width="78%" class="vtable"> <select name="serialspeed" id="serialspeed" class="formselect"> - <option value="9600" <?php if ($pconfig['serialspeed'] == "9600") echo "selected=\"selected\"";?>>9600</option> - <option value="14400" <?php if ($pconfig['serialspeed'] == "14400") echo "selected=\"selected\"";?>>14400</option> - <option value="19200" <?php if ($pconfig['serialspeed'] == "19200") echo "selected=\"selected\"";?>>19200</option> - <option value="38400" <?php if ($pconfig['serialspeed'] == "38400") echo "selected=\"selected\"";?>>38400</option> - <option value="57600" <?php if ($pconfig['serialspeed'] == "57600") echo "selected=\"selected\"";?>>57600</option> <option value="115200" <?php if ($pconfig['serialspeed'] == "115200") echo "selected=\"selected\"";?>>115200</option> + <option value="57600" <?php if ($pconfig['serialspeed'] == "57600") echo "selected=\"selected\"";?>>57600</option> + <option value="38400" <?php if ($pconfig['serialspeed'] == "38400") echo "selected=\"selected\"";?>>38400</option> + <option value="19200" <?php if ($pconfig['serialspeed'] == "19200") echo "selected=\"selected\"";?>>19200</option> + <option value="14400" <?php if ($pconfig['serialspeed'] == "14400") echo "selected=\"selected\"";?>>14400</option> + <option value="9600" <?php if ($pconfig['serialspeed'] == "9600") echo "selected=\"selected\"";?>>9600</option> </select> bps <br /><?=gettext("Allows selection of different speeds for the serial console port."); ?> </td> diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php index 08a9c31..35794f6 100644 --- a/usr/local/www/system_crlmanager.php +++ b/usr/local/www/system_crlmanager.php @@ -461,7 +461,7 @@ function method_change() { <?php echo gettext("No Certificates Found for this CRL."); ?> </td> <td class="list"> </td> - </td> + </tr> <?php else: foreach($crl['cert'] as $i => $cert): $name = htmlspecialchars($cert['descr']); @@ -498,7 +498,7 @@ function method_change() { <?php echo gettext("No Certificates Found for this CA."); ?> </td> <td class="list"> </td> - </td> + </tr> <?php else: ?> <tr> <td class="listlr" colspan="3" align="center"> diff --git a/usr/local/www/system_firmware_restorefullbackup.php b/usr/local/www/system_firmware_restorefullbackup.php index 2cc57a0..7d635bf 100644 --- a/usr/local/www/system_firmware_restorefullbackup.php +++ b/usr/local/www/system_firmware_restorefullbackup.php @@ -59,9 +59,9 @@ if($_GET['backupnow']) mwexec_bg("/etc/rc.create_full_backup"); if($_GET['downloadbackup']) { - $filename = $_GET['downloadbackup']; + $filename = basename($_GET['downloadbackup']); $path = "/root/{$filename}"; - if(file_exists("/root/{$filename}")) { + if(file_exists($path)) { session_write_close(); ob_end_clean(); session_cache_limiter('public'); diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index d5b479e..3be3a5e 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -93,6 +93,7 @@ if($_GET['act']=="new"){ $pconfig['autotls_enable'] = "yes"; $pconfig['interface'] = "wan"; $pconfig['server_port'] = 1194; + $pconfig['verbosity_level'] = 1; // Default verbosity is 1 // OpenVPN Defaults to SHA1 $pconfig['digest'] = "SHA1"; } @@ -152,6 +153,14 @@ if($_GET['act']=="edit"){ // just in case the modes switch $pconfig['autokey_enable'] = "yes"; $pconfig['autotls_enable'] = "yes"; + + $pconfig['no_tun_ipv6'] = $a_client[$id]['no_tun_ipv6']; + $pconfig['route_no_pull'] = $a_client[$id]['route_no_pull']; + $pconfig['route_no_exec'] = $a_client[$id]['route_no_exec']; + if (isset($a_client[$id]['verbosity_level'])) + $pconfig['verbosity_level'] = $a_client[$id]['verbosity_level']; + else + $pconfig['verbosity_level'] = 1; // Default verbosity is 1 } } @@ -311,6 +320,11 @@ if ($_POST) { $client['compression'] = $pconfig['compression']; $client['passtos'] = $pconfig['passtos']; + $client['no_tun_ipv6'] = $pconfig['no_tun_ipv6']; + $client['route_no_pull'] = $pconfig['route_no_pull']; + $client['route_no_exec'] = $pconfig['route_no_exec']; + $client['verbosity_level'] = $pconfig['verbosity_level']; + if (isset($id) && $a_client[$id]) $a_client[$id] = $client; else @@ -352,6 +366,19 @@ function mode_change() { } } +function dev_mode_change() { + index = document.iform.dev_mode.selectedIndex; + value = document.iform.dev_mode.options[index].value; + switch(value) { + case "tun": + document.getElementById("chkboxNoTunIPv6").style.display=""; + break; + case "tap": + document.getElementById("chkboxNoTunIPv6").style.display="none"; + break; + } +} + function autokey_change() { if (document.iform.autokey_enable.checked) document.getElementById("autokey_opts").style.display="none"; @@ -482,7 +509,7 @@ if ($savemsg) <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Device mode");?></td> <td width="78%" class="vtable"> - <select name='dev_mode' class="formselect"> + <select name='dev_mode' class="formselect" onchange="dev_mode_change()"> <?php foreach ($openvpn_dev_mode as $mode): $selected = ""; @@ -954,6 +981,63 @@ if ($savemsg) </table> </td> </tr> + + <tr id="chkboxNoTunIPv6"> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable IPv6"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="disable-ipv6"> + <tr> + <td> + <?php set_checked($pconfig['no_tun_ipv6'],$chk); ?> + <input name="no_tun_ipv6" type="checkbox" value="yes" <?=$chk;?> /> + </td> + <td> + <span class="vexpl"> + <?=gettext("Don't forward IPv6 traffic"); ?>. + </span> + </td> + </tr> + </table> + </td> + </tr> + + <tr id="chkboxRouteNoPull"> + <td width="22%" valign="top" class="vncell"><?=gettext("Don't pull routes"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="dont-pull-routes"> + <tr> + <td> + <?php set_checked($pconfig['route_no_pull'],$chk); ?> + <input name="route_no_pull" type="checkbox" value="yes" <?=$chk;?> /> + </td> + <td> + <span class="vexpl"> + <?=gettext("Don't add or remove routes automatically. Instead pass routes to "); ?> <strong>--route-up</strong> <?=gettext("script using environmental variables"); ?>. + </span> + </td> + </tr> + </table> + </td> + </tr> + + <tr id="chkboxRouteNoExec"> + <td width="22%" valign="top" class="vncell"><?=gettext("Don't add/remove routes"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="dont-exec-routes"> + <tr> + <td> + <?php set_checked($pconfig['route_no_exec'],$chk); ?> + <input name="route_no_exec" type="checkbox" value="yes" <?=$chk;?> /> + </td> + <td> + <span class="vexpl"> + <?=gettext("This option effectively bars the server from adding routes to the client's routing table, however note that this option still allows the server to set the TCP/IP properties of the client's TUN/TAP interface"); ?>. + </span> + </td> + </tr> + </table> + </td> + </tr> </table> <table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="advance configuration"> @@ -977,6 +1061,29 @@ if ($savemsg) </table> </td> </tr> + + <tr id="comboboxVerbosityLevel"> + <td width="22%" valign="top" class="vncell"><?=gettext("Verbosity level");?></td> + <td width="78%" class="vtable"> + <select name="verbosity_level" class="formselect"> + <?php + foreach ($openvpn_verbosity_level as $verb_value => $verb_desc): + $selected = ""; + if ($pconfig['verbosity_level'] == $verb_value) + $selected = "selected=\"selected\""; + ?> + <option value="<?=$verb_value;?>" <?=$selected;?>><?=$verb_desc;?></option> + <?php endforeach; ?> + </select> + <br /> + <?=gettext("Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what's happening without being swamped by output"); ?>.<br /> <br /> + <strong>none</strong> -- <?=gettext("No output except fatal errors"); ?>. <br /> + <strong>default</strong>-<strong>4</strong> -- <?=gettext("Normal usage range"); ?>. <br /> + <strong>5</strong> -- <?=gettext("Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets"); ?>. <br /> + <strong>6</strong>-<strong>11</strong> -- <?=gettext("Debug info range"); ?>. + </td> + </tr> + </table> <br /> diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index e840911..9c74992 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -98,6 +98,7 @@ if($_GET['act']=="new"){ $pconfig['local_port'] = openvpn_port_next('UDP'); $pconfig['pool_enable'] = "yes"; $pconfig['cert_depth'] = 1; + $pconfig['verbosity_level'] = 1; // Default verbosity is 1 // OpenVPN Defaults to SHA1 $pconfig['digest'] = "SHA1"; } @@ -205,6 +206,12 @@ if($_GET['act']=="edit"){ $pconfig['autotls_enable'] = "yes"; $pconfig['duplicate_cn'] = isset($a_server[$id]['duplicate_cn']); + + $pconfig['no_tun_ipv6'] = $a_server[$id]['no_tun_ipv6']; + if (isset($a_server[$id]['verbosity_level'])) + $pconfig['verbosity_level'] = $a_server[$id]['verbosity_level']; + else + $pconfig['verbosity_level'] = 1; // Default verbosity is 1 } } if ($_POST) { @@ -428,6 +435,9 @@ if ($_POST) { $server['netbios_enable'] = $pconfig['netbios_enable']; $server['netbios_ntype'] = $pconfig['netbios_ntype']; $server['netbios_scope'] = $pconfig['netbios_scope']; + + $server['no_tun_ipv6'] = $pconfig['no_tun_ipv6']; + $server['verbosity_level'] = $pconfig['verbosity_level']; if ($pconfig['netbios_enable']) { @@ -671,6 +681,7 @@ function tuntap_change() { value = document.iform.dev_mode.options[index].value; switch(value) { case "tun": + document.getElementById("chkboxNoTunIPv6").style.display=""; document.getElementById("ipv4_tunnel_network").className="vncellreq"; document.getElementById("serverbridge_dhcp").style.display="none"; document.getElementById("serverbridge_interface").style.display="none"; @@ -679,6 +690,7 @@ function tuntap_change() { document.getElementById("topology_subnet_opt").style.display=""; break; case "tap": + document.getElementById("chkboxNoTunIPv6").style.display="none"; document.getElementById("ipv4_tunnel_network").className="vncell"; if (!p2p) { document.getElementById("serverbridge_dhcp").style.display=""; @@ -1340,7 +1352,7 @@ if ($savemsg) <?php endforeach; ?> </select> <br /> - <?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?> + <?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently"); ?>. </td> </tr> <tr> @@ -1397,6 +1409,26 @@ if ($savemsg) </table> </td> </tr> + + <tr id="chkboxNoTunIPv6"> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable IPv6"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="disable-ipv6-srv"> + <tr> + <td> + <?php set_checked($pconfig['no_tun_ipv6'],$chk); ?> + <input name="no_tun_ipv6" type="checkbox" value="yes" <?=$chk;?> /> + </td> + <td> + <span class="vexpl"> + <?=gettext("Don't forward IPv6 traffic"); ?>. + </span> + </td> + </tr> + </table> + </td> + </tr> + </table> <table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="client settings"> @@ -1724,6 +1756,29 @@ if ($savemsg) </table> </td> </tr> + + <tr id="comboboxVerbosityLevel"> + <td width="22%" valign="top" class="vncell"><?=gettext("Verbosity level");?></td> + <td width="78%" class="vtable"> + <select name="verbosity_level" class="formselect"> + <?php + foreach ($openvpn_verbosity_level as $verb_value => $verb_desc): + $selected = ""; + if ($pconfig['verbosity_level'] == $verb_value) + $selected = "selected=\"selected\""; + ?> + <option value="<?=$verb_value;?>" <?=$selected;?>><?=$verb_desc;?></option> + <?php endforeach; ?> + </select> + <br /> + <?=gettext("Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what's happening without being swamped by output"); ?>.<br /> <br /> + <strong>none</strong> -- <?=gettext("No output except fatal errors"); ?>. <br /> + <strong>default</strong>-<strong>4</strong> -- <?=gettext("Normal usage range"); ?>. <br /> + <strong>5</strong> -- <?=gettext("Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets"); ?>. <br /> + <strong>6</strong>-<strong>11</strong> -- <?=gettext("Debug info range"); ?>. + </td> + </tr> + </table> <br /> diff --git a/usr/local/www/widgets/include/thermal_sensors.inc b/usr/local/www/widgets/include/thermal_sensors.inc index 2ebc31d..e193b15 100644 --- a/usr/local/www/widgets/include/thermal_sensors.inc +++ b/usr/local/www/widgets/include/thermal_sensors.inc @@ -19,7 +19,7 @@ $thermal_sensors_widget_title = "Thermal Sensors"; //NOTE: depends on proper cofing in System >> Advanced >> Miscellaneous tab >> Thermal Sensors section. function getThermalSensorsData() { - exec("/sbin/sysctl -a | grep temperature", $dfout); + $_gb = exec("/sbin/sysctl -a | grep temperature", $dfout); $thermalSensorsData = join("|", $dfout); return $thermalSensorsData; diff --git a/usr/local/www/widgets/widgets/log.widget.php b/usr/local/www/widgets/widgets/log.widget.php index 18539b9..f3065a3 100644 --- a/usr/local/www/widgets/widgets/log.widget.php +++ b/usr/local/www/widgets/widgets/log.widget.php @@ -1,34 +1,34 @@ <?php /* - $Id$ - Copyright 2007 Scott Dale - Part of pfSense widgets (https://www.pfsense.org) - originally based on m0n0wall (http://m0n0.ch/wall) - - Copyright (C) 2004-2005 T. Lechat <dev@lechat.org>, Manuel Kasper <mk@neon1.net> - and Jonathan Watt <jwatt@jwatt.org>. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + $Id$ + Copyright 2007 Scott Dale + Part of pfSense widgets (https://www.pfsense.org) + originally based on m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2004-2005 T. Lechat <dev@lechat.org>, Manuel Kasper <mk@neon1.net> + and Jonathan Watt <jwatt@jwatt.org>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ $nocsrf = true; @@ -40,33 +40,28 @@ require_once("functions.inc"); /* In an effort to reduce duplicate code, many shared functions have been moved here. */ require_once("filter_log.inc"); -if($_POST['filterlogentries']) { - unset($config['widgets']['filterlogentries']); - if( ($_POST['filterlogentries']) and ($_POST['filterlogentries'] != ' ') ) $config['widgets']['filterlogentries'] = $_POST['filterlogentries']; +if(is_numeric($_POST['filterlogentries'])) { + $config['widgets']['filterlogentries'] = $_POST['filterlogentries']; - unset($config['widgets']['filterlogentriesacts']); - if($_POST['actpass']) $config['widgets']['filterlogentriesacts'] .= $_POST['actpass'] . " "; - if($_POST['actblock']) $config['widgets']['filterlogentriesacts'] .= $_POST['actblock'] . " "; - if($_POST['actreject']) $config['widgets']['filterlogentriesacts'] .= $_POST['actreject'] . " "; - if (isset($config['widgets']['filterlogentriesacts'])) $config['widgets']['filterlogentriesacts'] = trim($config['widgets']['filterlogentriesacts']); + $acts = array(); + if ($_POST['actpass']) $acts[] = "Pass"; + if ($_POST['actblock']) $acts[] = "Block"; + if ($_POST['actreject']) $acts[] = "Reject"; - unset($config['widgets']['filterlogentriesinterfaces']); - if( ($_POST['filterlogentriesinterfaces']) and ($_POST['filterlogentriesinterfaces'] != "All") ) $config['widgets']['filterlogentriesinterfaces'] = $_POST['filterlogentriesinterfaces']; - if (isset($config['widgets']['filterlogentriesinterfaces'])) $config['widgets']['filterlogentriesinterfaces'] = trim($config['widgets']['filterlogentriesinterfaces']); + if (!empty($acts)) + $config['widgets']['filterlogentriesacts'] = implode(" ", $acts); + else + unset($config['widgets']['filterlogentriesacts']); + unset($acts); + + if( ($_POST['filterlogentriesinterfaces']) and ($_POST['filterlogentriesinterfaces'] != "All") ) + $config['widgets']['filterlogentriesinterfaces'] = trim($_POST['filterlogentriesinterfaces']); + else + unset($config['widgets']['filterlogentriesinterfaces']); write_config("Saved Filter Log Entries via Dashboard"); - $filename = $_SERVER['HTTP_REFERER']; - if(headers_sent($file, $line)){ - echo "<script type=\"text/javascript\">\n"; - echo "//<![CDATA[\n"; - echo "window.location.href=\"" . $filename . "\";\n"; - echo "//]]>\n"; - echo "</script>\n"; - echo "<noscript>\n"; - echo "<meta http-equiv=\"refresh\" content=\"0;url=" . $filename . "\" />\n"; - echo "</noscript>\n"; - } - header("Location: /"); + Header("Location: /"); + exit(0); } $nentries = isset($config['widgets']['filterlogentries']) ? $config['widgets']['filterlogentries'] : 5; @@ -76,9 +71,10 @@ $nentries = isset($config['widgets']['filterlogentries']) ? $config['widgets'][' $nentriesacts = isset($config['widgets']['filterlogentriesacts']) ? $config['widgets']['filterlogentriesacts'] : 'All'; $nentriesinterfaces = isset($config['widgets']['filterlogentriesinterfaces']) ? $config['widgets']['filterlogentriesinterfaces'] : 'All'; -$filterfieldsarray = array("act", "interface"); -$filterfieldsarray['act'] = $nentriesacts; -$filterfieldsarray['interface'] = $nentriesinterfaces; +$filterfieldsarray = array( + "act" => $nentriesacts, + "interface" => $nentriesinterfaces +); $filter_logfile = "{$g['varlog_path']}/filter.log"; $filterlog = conv_log_filter($filter_logfile, $nentries, 50, $filterfieldsarray); //Get log entries @@ -111,7 +107,7 @@ function format_log_line(row) { '<td class="listMRr ellipsis" title="' + row[1] + '">' + row[1].slice(0,-3) + '<\/td>' + '<td class="listMRr ellipsis" title="' + row[2] + '">' + row[2] + '<\/td>' + '<td class="listMRr ellipsis" title="' + row[3] + '">' + row[3] + '<\/td>' + - '<td class="listMRr ellipsis" title="' + row[4] + '">' + row[4] + '<\/td>'; + '<td class="listMRr ellipsis" title="' + row[4] + '">' + row[4] + '<\/td>'; var nentriesacts = "<?php echo $nentriesacts; ?>"; var nentriesinterfaces = "<?php echo $nentriesinterfaces; ?>"; @@ -139,7 +135,7 @@ function format_log_line(row) { </select> <?php - $Include_Act = explode(",", str_replace(" ", ",", $nentriesacts)); + $Include_Act = explode(" ", $nentriesacts); if ($nentriesinterfaces == "All") $nentriesinterfaces = ""; ?> <input id="actpass" name="actpass" type="checkbox" value="Pass" <?php if (in_arrayi('Pass', $Include_Act)) echo "checked=\"checked\""; ?> /> Pass @@ -149,14 +145,19 @@ function format_log_line(row) { Interfaces: <select id="filterlogentriesinterfaces" name="filterlogentriesinterfaces" class="formselect"> <option value="All">ALL</option> - <?php - $interfaces = get_configured_interface_with_descr(); - foreach ($interfaces as $iface => $ifacename): ?> - <option value="<?=$iface;?>" <?php if ($nentriesinterfaces == $iface) echo "selected=\"selected\"";?>> - <?=htmlspecialchars($ifacename);?> - </option> - <?php endforeach; ?> - </select> +<?php + $interfaces = get_configured_interface_with_descr(); + foreach ($interfaces as $iface => $ifacename): +?> + <option value="<?=$iface;?>" <?php if ($nentriesinterfaces == $iface) echo "selected=\"selected\"";?>> + <?=htmlspecialchars($ifacename);?> + </option> +<?php + endforeach; + unset($interfaces); + unset($Include_Act); +?> + </select> <input id="submita" name="submita" type="submit" class="formbtn" value="Save" /> </form> diff --git a/usr/local/www/widgets/widgets/rss.widget.php b/usr/local/www/widgets/widgets/rss.widget.php index 03cb01e..eecda05 100644 --- a/usr/local/www/widgets/widgets/rss.widget.php +++ b/usr/local/www/widgets/widgets/rss.widget.php @@ -33,10 +33,10 @@ require_once("pfsense-utils.inc"); require_once("functions.inc"); if($_POST['rssfeed']) { - $config['widgets']['rssfeed'] = str_replace("\n", ",", $_POST['rssfeed']); - $config['widgets']['rssmaxitems'] = str_replace("\n", ",", $_POST['rssmaxitems']); - $config['widgets']['rsswidgetheight'] = $_POST['rsswidgetheight']; - $config['widgets']['rsswidgettextlength'] = $_POST['rsswidgettextlength']; + $config['widgets']['rssfeed'] = str_replace("\n", ",", htmlspecialchars($_POST['rssfeed'], ENT_QUOTES | ENT_HTML401)); + $config['widgets']['rssmaxitems'] = str_replace("\n", ",", htmlspecialchars($_POST['rssmaxitems'], ENT_QUOTES | ENT_HTML401)); + $config['widgets']['rsswidgetheight'] = htmlspecialchars($_POST['rsswidgetheight'], ENT_QUOTES | ENT_HTML401); + $config['widgets']['rsswidgettextlength'] = htmlspecialchars($_POST['rsswidgettextlength'], ENT_QUOTES | ENT_HTML401); write_config("Saved RSS Widget feed via Dashboard"); header("Location: /"); } @@ -48,10 +48,10 @@ if($config['widgets']['rssfeed']) if($config['widgets']['rssmaxitems']) $max_items = $config['widgets']['rssmaxitems']; -if($config['widgets']['rsswidgetheight']) +if(is_numeric($config['widgets']['rsswidgetheight'])) $rsswidgetheight = $config['widgets']['rsswidgetheight']; -if($config['widgets']['rsswidgettextlength']) +if(is_numeric($config['widgets']['rsswidgettextlength'])) $rsswidgettextlength = $config['widgets']['rsswidgettextlength']; // Set a default feed if none exists diff --git a/usr/local/www/widgets/widgets/services_status.widget.php b/usr/local/www/widgets/widgets/services_status.widget.php index dfe172b..ec68a65 100644 --- a/usr/local/www/widgets/widgets/services_status.widget.php +++ b/usr/local/www/widgets/widgets/services_status.widget.php @@ -41,7 +41,7 @@ require_once("/usr/local/www/widgets/include/services_status.inc"); $services = get_services(); if(isset($_POST['servicestatusfilter'])) { - $config['widgets']['servicestatusfilter'] = $_POST['servicestatusfilter']; + $config['widgets']['servicestatusfilter'] = htmlspecialchars($_POST['servicestatusfilter'], ENT_QUOTES | ENT_HTML401); write_config("Saved Service Status Filter via Dashboard"); header("Location: ../../index.php"); } diff --git a/usr/local/www/widgets/widgets/system_information.widget.php b/usr/local/www/widgets/widgets/system_information.widget.php index 3705937..694eefd 100644 --- a/usr/local/www/widgets/widgets/system_information.widget.php +++ b/usr/local/www/widgets/widgets/system_information.widget.php @@ -167,10 +167,7 @@ $filesystems = get_mounted_filesystems(); <td width="25%" class="vncellt"><?=gettext("CPU Type");?></td> <td width="75%" class="listr"> <?php - $cpumodel = ""; - exec("/sbin/sysctl -n hw.model", $cpumodel); - $cpumodel = implode(" ", $cpumodel); - echo (htmlspecialchars($cpumodel)); + echo (htmlspecialchars(get_single_sysctl("hw.model"))); ?> <div id="cpufreq"><?= get_cpufreq(); ?></div> <?php $cpucount = get_cpu_count(); @@ -264,7 +261,7 @@ $filesystems = get_mounted_filesystems(); <td width="75%" class="listr"> <?php $memUsage = mem_usage(); ?> <div id="memUsagePB"></div> - <span id="memusagemeter"><?= $memUsage.'%'; ?></span> of <?= sprintf("%.0f", `/sbin/sysctl -n hw.physmem` / (1024*1024)) ?> MB + <span id="memusagemeter"><?= $memUsage.'%'; ?></span> of <?= sprintf("%.0f", get_single_sysctl('hw.physmem') / (1024*1024)) ?> MB </td> </tr> <?php if($showswap == true): ?> |
