diff options
Diffstat (limited to 'usr')
-rw-r--r-- | usr/local/pkg/miniupnpd.inc | 168 | ||||
-rw-r--r-- | usr/local/pkg/miniupnpd.xml | 96 | ||||
-rw-r--r-- | usr/local/www/status_upnp.php | 119 |
3 files changed, 383 insertions, 0 deletions
diff --git a/usr/local/pkg/miniupnpd.inc b/usr/local/pkg/miniupnpd.inc new file mode 100644 index 0000000..fa5160c --- /dev/null +++ b/usr/local/pkg/miniupnpd.inc @@ -0,0 +1,168 @@ +<?php + require_once("config.inc"); + require_once("functions.inc"); + + /* Miniupnp */ + + function upnp_notice ($msg) { syslog(LOG_NOTICE, "miniupnpd: $msg"); return; } + function upnp_warn ($msg) { syslog(LOG_WARNING, "miniupnpd: $msg"); return; } + + function upnp_config ($name) { + global $config; + if($config['installedpackages']['miniupnpd']['config'][0]["{$name}"]) + return $config['installedpackages']['miniupnpd']['config'][0]["{$name}"]; + else + return NULL; + } + + function upnp_validate_ip($ip) { + if(!eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $ip)) + return FALSE; + foreach(explode(".", $ip) as $sub) + if($sub<0 || $sub>256) + return FALSE; + return TRUE; + } + + function before_form_miniupnpd($pkg) { + global $config; + + /* if shaper connection speed defined hide fields */ + if($config['ezshaper']['step2']['download'] && $config['ezshaper']['step2']['upload']) { + $i=0; + foreach ($pkg['fields']['field'] as $field) { + if ($field['fieldname'] == 'download' || $field['fieldname'] == 'upload') + unset($pkg['fields']['field'][$i]); + $i++; + } + } + } + + function validate_form_miniupnpd($post, $input_errors) { + if($post['iface_array']) + foreach($post['iface_array'] as $iface) + if($iface == "wan") + $input_errors[] = 'It is a security risk to specify WAN in the \'Interface\' field'; + if($post['overridewanip'] && !upnp_validate_ip($post['overridewanip'])) + $input_errors[] = 'You must specify a valid ip address in the \'Override WAN address\' field'; + if(($post['download'] && !$post['upload']) || ($post['upload'] && !$post['download'])) + $input_errors[] = 'You must fill in both \'Maximum Download Speed\' and \'Maximum Upload Speed\' fields'; + if($post['download'] && $post['download']<=0) + $input_errors[] = 'You must specify a value greater than 0 in the \'Maximum Download Speed\' field'; + if($post['upload'] && $post['upload']<=0) + $input_errors[] = 'You must specify a value greater than 0 in the \'Maximum Upload Speed\' field'; + } + + function sync_package_miniupnpd() { + global $config; + global $input_errors; + $ifaces_final = ""; + $wanif = get_real_wan_interface(); + + upnp_notice("Syncing package"); + + conf_mount_rw(); + config_lock(); + + /* since config is written before this file invoked we don't need to read post data */ + if(upnp_config("iface_array")) + $iface_array = explode(",",upnp_config("iface_array")); + + if($iface_array) { + foreach($iface_array as $iface) { + $if = convert_friendly_interface_to_real_interface_name($iface); + /* above function returns iface if fail */ + if($if!=$iface) { + $addr = find_interface_ip($if); + /* non enabled interfaces are displayed in list on miniupnpd settings page */ + /* check that the interface has an ip address before adding parameters */ + if($addr) { + upnp_notice("Active on {$iface} interface"); + $ifaces_final .= " -a {$addr}"; + } else { + upnp_warn("Interface {$iface} has no ip address"); + } + } else { + upnp_warn("Could not resolve real interface {$iface}"); + } + } + + if($ifaces_final) { + $overridewanip = upnp_config("overridewanip"); + $logpackets = upnp_config("logpackets"); + $sysuptime = upnp_config("sysuptime"); + + /* if shaper connection speed defined use those values */ + if($config['ezshaper']['step2']['download'] && $config['ezshaper']['step2']['upload']) { + $download = $config['ezshaper']['step2']['download']*1000; + $upload = $config['ezshaper']['step2']['upload']*1000; + } else { + $download = upnp_config("download")*1000; + $upload = upnp_config("upload")*1000; + } + + /* valid paramters lets create rc file and start miniupnpd */ + + $stop = <<<EOD +if [ `pgrep miniupnpd | wc -l` != 0 ]; then + /usr/bin/killall miniupnpd + while [ `pgrep miniupnpd | wc -l` != 0 ]; do + sleep 1 + done + fi + # Clear existing rules and rdr entries + if [ `pfctl -aminiupnpd -sr | wc -l` != 0 ]; then + /sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null + fi + if [ `pfctl -aminiupnpd -sn | wc -l` != 0 ]; then + /sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null + fi +EOD; + + $start = $stop."\n\t/usr/local/sbin/miniupnpd -p 2869 -i {$wanif}{$ifaces_final}"; + + /* define maximum downstream and upstream bitrates */ + if($download && $upload) + $start .= " -B {$download} {$upload}"; + + /* override wan ip address, common for carp, etc */ + if($overridewanip) + $start .= " -o {$overridewanip}"; + + /* enable logging of packets handled by miniupnpd rules */ + if($logpackets) + $start .= " -L"; + + /* enable system uptime instead of miniupnpd uptime */ + if($sysuptime) + $start .= " -U"; + + write_rcfile(array( + "file" => "miniupnpd.sh", + "start" => $start, + "stop" => $stop + ) + ); + + /* if not ONE instance running lets start */ + /* or if $_POST data as user is changing settings */ + if((int)exec("pgrep miniupnpd | wc -l") != 1 || $_POST['iface_array']) { + upnp_notice("Starting service"); + start_service("miniupnpd"); + } + } + } + + if(!$iface_array || !$ifaces_final) { + /* no parameters user does not want miniupnpd running */ + /* lets stop the service and remove the rc file */ + + stop_service("miniupnpd"); + upnp_warn("No interfaces stopping service"); + exec("rm -f /usr/local/etc/rc.d/miniupnpd*"); + } + + config_unlock(); + conf_mount_ro(); + } +?> diff --git a/usr/local/pkg/miniupnpd.xml b/usr/local/pkg/miniupnpd.xml new file mode 100644 index 0000000..fbe61f6 --- /dev/null +++ b/usr/local/pkg/miniupnpd.xml @@ -0,0 +1,96 @@ +<?xml version="1.0" encoding="utf-8" ?> +<packagegui> + <title>Services: Miniupnpd</title> + <name>miniupnpd</name> + <version>20061129</version> + <savetext>Change</savetext> + <include_file>/usr/local/pkg/miniupnpd.inc</include_file> + <aftersaveredirect>status_upnp.php</aftersaveredirect> + <menu> + <name>Miniupnpd</name> + <tooltiptext>Set miniupnpd settings such as interfaces to listen on.</tooltiptext> + <section>Services</section> + <url>/status_upnp.php</url> + </menu> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/miniupnpd/miniupnpd.inc</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/miniupnpd/status_upnp.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/sbin/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/miniupnpd/sbin/miniupnpd</item> + </additional_files_needed> + <service> + <name>miniupnpd</name> + <rcfile>miniupnpd.sh</rcfile> + <executable>miniupnpd</executable> + </service> + <tabs> + <tab> + <text>UPNP Status</text> + <url>status_upnp.php</url> + </tab> + <tab> + <text>miniupnpd Settings</text> + <url>/pkg_edit.php?xml=miniupnpd.xml&id=0</url> + <active/> + </tab> + </tabs> + <fields> + <field> + <fielddescr>Interface (generally LAN)</fielddescr> + <fieldname>iface_array</fieldname> + <value>lan</value> + <multiple>true</multiple> + <size>3</size> + <type>interfaces_selection</type> + </field> + <field> + <fielddescr>Maximum Download Speed (Kbits/second)</fielddescr> + <fieldname>download</fieldname> + <type>input</type> + </field> + <field> + <fielddescr>Maximum Upload Speed (Kbits/second)</fielddescr> + <fieldname>upload</fieldname> + <type>input</type> + </field> + <field> + <fielddescr>Override WAN address</fielddescr> + <fieldname>overridewanip</fieldname> + <type>input</type> + </field> + <field> + <fielddescr>Log packets handled by miniupnpd rules?</fielddescr> + <fieldname>logpackets</fieldname> + <type>checkbox</type> + </field> + <field> + <fielddescr>Use system uptime instead of miniupnpd uptime?</fielddescr> + <fieldname>sysuptime</fieldname> + <type>checkbox</type> + </field> + </fields> + <custom_php_command_before_form> + before_form_miniupnpd(&$pkg); + </custom_php_command_before_form> + <custom_php_validation_command> + validate_form_miniupnpd($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_miniupnpd(); + </custom_php_resync_config_command> + <custom_php_install_command> + sync_package_miniupnpd(); + </custom_php_install_command> + <custom_php_deinstall_command> + exec("rm -f /usr/local/etc/rc.d/miniupnpd*"); + </custom_php_deinstall_command> +</packagegui> diff --git a/usr/local/www/status_upnp.php b/usr/local/www/status_upnp.php new file mode 100644 index 0000000..d1928ee --- /dev/null +++ b/usr/local/www/status_upnp.php @@ -0,0 +1,119 @@ +<?php +/* $Id$ */ +/* + status_upnp.php + part of pfSense (http://www.pfsense.com/) + + Copyright (C) 2006 Seth Mos <seth.mos@xs4all.nl>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +/* Defaults to this page but if no settings are present, redirect to setup page */ +if(!$config['installedpackages']['miniupnpd']['config'][0]['iface_array']) + Header("Location: /pkg_edit.php?xml=miniupnpd.xml&id=0"); + +if ($_POST) { + if ($_POST['clear'] == "Clear") { + mwexec("/bin/sh /usr/local/etc/rc.d/miniupnpd.sh restart"); + $savemsg = "Rules have been cleared and the daemon restarted"; + } +} + +$rdr_entries = array(); +exec("/sbin/pfctl -aminiupnpd -sn", $rdr_entries, $pf_ret); + +$now = time(); +$year = date("Y"); + +$pgtitle = "Status: UPnP Status"; +include("head.inc"); +/* put your custom HTML head content here */ +/* using some of the $pfSenseHead function calls */ +//$pfSenseHead->addMeta("<meta http-equiv=\"refresh\" content=\"120;url={$_SERVER['SCRIPT_NAME']}\" />"); +//echo $pfSenseHead->getHTML(); + +?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<p class="pgtitle"><?=$pgtitle?></font></p> +<?php if ($savemsg) print_info_box($savemsg); ?> + +<div id="mainlevel"> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> +<?php + $tab_array = array(); + $tab_array[] = array(gettext("UPNP Status "), true, "/status_upnp.php"); + $tab_array[] = array(gettext("miniupnpd Settings "), false, "/pkg_edit.php?xml=miniupnpd.xml&id=0"); + display_top_tabs($tab_array); +?> +</table> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td class="tabcont" > + <form action="status_upnp.php" method="post"> + <b><input type="submit" name="clear" id="clear" value="Clear" /></b> + </form> + </td> + </tr> + <tr> + <td class="tabcont" > + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="10%" class="listhdrr"><?=gettext("Port")?></td> + <td width="10%" class="listhdrr"><?=gettext("Protocol")?></td> + <td width="20%" class="listhdrr"><?=gettext("Internal IP")?></td> + <td width="60%" class="listhdr"><?=gettext("Description")?></td> + </tr> + <?php $i = 0; foreach ($rdr_entries as $rdr_entry) { + if (preg_match("/rdr on (.*) inet proto (.*) from any to any port = (.*) label \"(.*)\" -> (.*) port (.*)/", $rdr_entry, $matches)) + $rdr_proto = $matches[2]; + $rdr_port = $matches[3]; + $rdr_ip = $matches[5]; + $rdr_label =$matches[4]; + ?> + <tr> + <td class="listlr"> + <?php print $rdr_port;?> + </td> + <td class="listlr"> + <?php print $rdr_proto;?> + </td> + <td class="listlr"> + <?php print $rdr_ip;?> + </td> + <td class="listlr"> + <?php print $rdr_label;?> + </td> + </tr> + <?php $i++; }?> + </table> + </td> + </tr> +</table> +</div> +<?php include("fend.inc"); ?> +</body> +</html> |