From 9db6993f9ad8de7add4d8b042583c56014cef853 Mon Sep 17 00:00:00 2001 From: jim-p Date: Tue, 18 May 2010 11:06:23 -0400 Subject: Fix deletion of authentication servers. Fixes #600. --- usr/local/www/system_authservers.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index 984f0ab..698a6be 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -65,11 +65,19 @@ if ($act == "del") { exit; } + /* Remove server from main list. */ $serverdeleted = $a_server[$_GET['id']]['name']; + foreach ($config['system']['authserver'] as $k => $as) { + if ($config['system']['authserver'][$k]['name'] == $serverdeleted) + unset($config['system']['authserver'][$k]); + } + + /* Remove server from temp list used later on this page. */ unset($a_server[$_GET['id']]); - write_config(); + $savemsg = gettext("Authentication Server")." {$serverdeleted} ". - gettext("successfully deleted")."
"; + gettext("deleted")."
"; + write_config($savemsg); } if ($act == "edit") { -- cgit v1.1 From c1191d5bd854ae9334e5373ca5d0d193067c3b7d Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 May 2010 16:51:10 +0000 Subject: Add myself to copyright for gwlb file. --- etc/inc/gwlb.inc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 0dbf329..aa8397d 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -1,13 +1,13 @@ Date: Tue, 18 May 2010 12:53:28 -0400 Subject: Unbreak automatic updates. --- usr/local/www/system_firmware_auto.php | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php index 57e1bf6..d5b7cd5 100755 --- a/usr/local/www/system_firmware_auto.php +++ b/usr/local/www/system_firmware_auto.php @@ -43,6 +43,7 @@ ##|-PRIV require("guiconfig.inc"); +require_once("pfsense-utils.inc"); $curcfg = $config['system']['firmware']; @@ -130,17 +131,16 @@ if(!$latest_version) { require("fend.inc"); exit; } else { - $current_installed_pfsense_version = str_replace("\n", "", @file_get_contents("/etc/version.buildtime")); - $current_installed_pfsense = strtotime($current_installed_pfsense_version); - $latest_version = str_replace("\n", "", @file_get_contents("/tmp/{$g['product_name']}_version")); + $current_installed_buildtime = trim(file_get_contents("/etc/version.buildtime")); + $current_installed_version = trim(file_get_contents("/etc/version")); + $latest_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version")); $latest_version_pfsense = strtotime($latest_version); if(!$latest_version) { update_output_window(gettext("Unable to check for updates.")); require("fend.inc"); exit; } else { - $needs_system_upgrade = false; - if($current_installed_pfsense_version < $latest_version_pfsense) { + if (pfs_version_compare($current_installed_buildtime, $current_installed_version, $latest_version) == -1) { update_status(gettext("Downloading updates") . "..."); conf_mount_rw(); $status = download_file_with_progress_bar("{$updater_url}/latest.tgz", "{$g['upload_path']}/latest.tgz", "read_body_firmware"); @@ -163,8 +163,7 @@ if($g['platform'] == "nanobsd") else $external_upgrade_helper_text .= "pfSenseupgrade "; -if($needs_system_upgrade == true) - $external_upgrade_helper_text .= "{$g['upload_path']}/latest.tgz"; +$external_upgrade_helper_text .= "{$g['upload_path']}/latest.tgz"; $downloaded_latest_tgz_sha256 = str_replace("\n", "", `/sbin/sha256 -q {$g['upload_path']}/latest.tgz`); $upgrade_latest_tgz_sha256 = str_replace("\n", "", `/bin/cat {$g['upload_path']}/latest.tgz.sha256 | awk '{ print $4 }'`); @@ -221,7 +220,7 @@ if($downloaded_latest_tgz_sha256 <> $upgrade_latest_tgz_sha256) { */ function read_body_firmware($ch, $string) { - global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_pfsense_version; + global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_version; $length = strlen($string); $downloaded += intval($length); $downloadProgress = round(100 * (1 - $downloaded / $file_size), 0); @@ -231,7 +230,7 @@ function read_body_firmware($ch, $string) { $c = $downloadProgress; $text = " " . gettext("Auto Update Download Status") . "\\n"; $text .= "----------------------------------------------------\\n"; - $text .= " " . gettext("Current Version") . " : {$current_installed_pfsense_version}\\n"; + $text .= " " . gettext("Current Version") . " : {$current_installed_version}\\n"; $text .= " " . gettext("Latest Version") . " : {$latest_version}\\n"; $text .= " " . gettext("File size") . " : {$a}\\n"; $text .= " " . gettext("Downloaded") . " : {$b}\\n"; -- cgit v1.1 From d9dda2a5718709341852fed8b3328cfa2fd48198 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 May 2010 17:10:50 +0000 Subject: Fixes #536. Actually add all available gateways to the gateway_groups array so all up members will be present for balancing. --- etc/inc/gwlb.inc | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index aa8397d..a02f77f 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -249,7 +249,7 @@ function return_gateways_status() { $gateways_arr = return_gateways_array(); $apingerstatus = array(); - if(is_readable("{$g['tmp_path']}/apinger.status")) { + if (file_exists("{$g['tmp_path']}/apinger.status")) { $apingerstatus = file("{$g['tmp_path']}/apinger.status"); } @@ -383,7 +383,7 @@ function return_gateway_groups_array() { $gwname = $itemsplit[0]; /* check if the gateway is available before adding it to the array */ foreach($gateways_status as $status) { - if(($status['name'] != $gwname)) { + if ($status['name'] != $gwname) { continue; } if (stristr($status['status'], "down")) { @@ -446,9 +446,11 @@ function return_gateway_groups_array() { $gatewayip = get_interface_gateway($gateway['friendlyiface']); } if (($int <> "") && is_ipaddr($gatewayip)) { - $gateway_groups_array[$group['name']][$tiernr]['int'] = "$int"; - $gateway_groups_array[$group['name']][$tiernr]['gwip'] = "$gatewayip"; - $gateway_groups_array[$group['name']][$tiernr]['weight'] = isset($gateway['weight']) ? $gateway['weight'] : 1; + $groupmember = array(); + $groupmember['int'] = "$int"; + $groupmember['gwip'] = "$gatewayip"; + $groupmember['weight'] = isset($gateway['weight']) ? $gateway['weight'] : 1; + $gateway_groups_array[$group['name']][] = $group; } } /* we should have the 1st available tier now, exit stage left */ -- cgit v1.1 From fe22a89b4e8014b1160edb3c9d176312ea3df6b2 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 May 2010 17:28:45 +0000 Subject: Fixes #536. More fixes and optimizations on the various functions used for gateways [groups]. --- etc/inc/gwlb.inc | 68 ++++++++++++++++++++++++++------------------------------ 1 file changed, 31 insertions(+), 37 deletions(-) diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index a02f77f..9d40e1b 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -432,9 +432,9 @@ function return_gateway_groups_array() { /* sort the tiers array by the tier key */ ksort($tiers); /* we do not really foreach the tiers as we stop after the first tier */ - foreach($tiers as $tiernr => $tier) { + foreach($tiers as $tier) { /* process all gateways in this tier */ - foreach($tier as $tiernr => $member) { + foreach($tier as $member) { /* determine interface gateway */ if (isset($gateways_arr[$member])) { $gateway = $gateways_arr[$member]; @@ -450,7 +450,7 @@ function return_gateway_groups_array() { $groupmember['int'] = "$int"; $groupmember['gwip'] = "$gatewayip"; $groupmember['weight'] = isset($gateway['weight']) ? $gateway['weight'] : 1; - $gateway_groups_array[$group['name']][] = $group; + $gateway_groups_array[$group['name']][] = $groupmember; } } /* we should have the 1st available tier now, exit stage left */ @@ -458,7 +458,7 @@ function return_gateway_groups_array() { } } } - return($gateway_groups_array); + return ($gateway_groups_array); } /* Update DHCP WAN Interface ip address in gateway group item */ @@ -479,52 +479,46 @@ function dhclient_update_gateway_groups_defaultroute($interface = "wan") { function lookup_gateway_ip_by_name($name) { global $config; - if(is_array($config['gateways']['gateway_item'])) { - foreach($config['gateways']['gateway_item'] as $gateway) { - if($gateway['name'] == $name) { - $gatewayip = $gateway['gateway']; - //$interfacegw = $gateway['interface']; - return($gatewayip); - } - } - } else { - return(false); - } + + $gateways_arr = return_gateways_array(); + if (!empty($gateways_arr[$name])) { + $gatewayip = $gateway['gateway']; + //$interfacegw = $gateway['interface']; + return ($gatewayip); + } else + return (false); } function lookup_gateway_monitor_ip_by_name($name) { global $config; + $gateways_arr = return_gateways_array(); + if (!empty($gateways_arr[$name])) { + $gateway = $gateways_arr[$name]; + if ($gateway['gateway'] == "dynamic") + $gateway['monitor'] = "127.0.0.2"; - $i = 2; - foreach($gateways_arr as $gateway) { - if($gateway['gateway'] == "dynamic") { - $gateway['monitor'] = "127.0.0.{$i}"; - $i++; - } - if($gateway['name'] == "$name") { - $monitorip = $gateway['monitor']; - if($monitorip == "") - $monitorip = $gateway['gateway']; + $monitorip = $gateway['monitor']; + if($monitorip == "") + $monitorip = $gateway['gateway']; - return($monitorip); - } + return ($monitorip); } - return(false); + + return (false); } function lookup_gateway_interface_by_name($name) { global $config; - $gateways_arr = return_gateways_array(); - foreach($gateways_arr as $gateway) { - if($gateway['name'] == "$name") { - $gatewayip = $gateway['gateway']; - $interfacegw = $gateway['interface']; - return($interfacegw); - } + $gateways_arr = return_gateways_array(); + if (!empty($gateways_arr[$name])) { + //$gatewayip = $gateway['gateway']; + $interfacegw = $gateway['interface']; + return ($interfacegw); } - return(false); + + return (false); } function get_interface_gateway($interface, &$dynamic = false) { @@ -549,7 +543,7 @@ function get_interface_gateway($interface, &$dynamic = false) { } /* return gateway */ - return $gw; + return ($gw); } ?> -- cgit v1.1 From 01207fd8487803b40559c62cac65ffbebf5bfcab Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 May 2010 17:33:57 +0000 Subject: Fixes #536. More fixes and optimizations on the various functions and status pages used for gateways [groups]. --- etc/inc/gwlb.inc | 7 +++---- usr/local/www/widgets/widgets/gateways.widget.php | 16 ++++++++-------- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 9d40e1b..b850a00 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -151,15 +151,14 @@ EOD; if((is_numeric($gateway['attribute'])) && is_ipaddr($gwref['monitor'])) { $gateway['monitor'] = $gwref['monitor']; } else { - if(($gateway['gateway'] == "dynamic") && ($gateway['monitor'])) { + if ($gateway['gateway'] == "dynamic") { $gateway['monitor'] = "127.0.0.{$i}"; $i++; } - if(!is_ipaddr($gateway['monitor'])) { + if (!is_ipaddr($gateway['monitor'])) $gateway['monitor'] = $gateway['gateway']; - } } - + $apingercfg .= "target \"{$gateway['monitor']}\" {\n"; $apingercfg .= " description \"{$gateway['name']}\"\n"; $alarms = ""; diff --git a/usr/local/www/widgets/widgets/gateways.widget.php b/usr/local/www/widgets/widgets/gateways.widget.php index 51118d5..7d67570 100644 --- a/usr/local/www/widgets/widgets/gateways.widget.php +++ b/usr/local/www/widgets/widgets/gateways.widget.php @@ -74,9 +74,9 @@ $counter = 1; "; - $counter++; + default: + $online = "Gathering data"; + } + echo ""; + $counter++; ?>
$online
$online
-- cgit v1.1 From 7382c59deb0e04ce625c7e2820ee9bde3a3ae7c2 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 May 2010 18:04:04 +0000 Subject: Do not duplicate gateway entries when status file is not present. Mostly an innocuos programmer error. --- etc/inc/gwlb.inc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index b850a00..2411892 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -420,12 +420,10 @@ function return_gateway_groups_array() { log_error($msg); notify_via_growl($msg); foreach($group['item'] as $item) { - foreach($group['item'] as $item) { - $itemsplit = explode("|", $item); - $tier = $itemsplit[1]; - $gwname = $itemsplit[0]; - $tiers[$tier][] = $gwname; - } + $itemsplit = explode("|", $item); + $tier = $itemsplit[1]; + $gwname = $itemsplit[0]; + $tiers[$tier][] = $gwname; } } /* sort the tiers array by the tier key */ -- cgit v1.1 From 873b2f0c810b15dc649c2ce71a08a56f01e649a4 Mon Sep 17 00:00:00 2001 From: jim-p Date: Tue, 18 May 2010 15:21:34 -0400 Subject: Fix NanoBSD update detection for console update by URL --- etc/rc.initial.firmware_update | 26 ++++++++++---------------- 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/etc/rc.initial.firmware_update b/etc/rc.initial.firmware_update index f510760..70e1dbc 100755 --- a/etc/rc.initial.firmware_update +++ b/etc/rc.initial.firmware_update @@ -37,7 +37,7 @@ switch ($command) { die; break; case "1": - echo "\nEnter the URL to the .tgz update file:\n> "; + echo "\nEnter the URL to the .tgz or .img.gz update file:\n> "; $url = chop(fgets($fp)); if(!$url) { fclose($fp); @@ -91,23 +91,17 @@ switch ($command) { if(strstr($url,"bdiff")) { echo "Binary DIFF upgrade file detected...\n"; $type = "bdiff"; - } - if(strstr($url,"nanobsd")) { - echo "NanoBSD upgrade file detected...\n"; - $type = "nanobsd"; - } - if(file_exists("/root/firmware.tgz")) { - $type = "normal"; - do_upgrade("/root/firmware.tgz", $type); - exit; + } elseif(strstr($url,"nanobsd")) { + echo "NanoBSD upgrade file detected...\n"; + $type = "nanobsd"; } else { - echo "\nCould not download update.\n\n"; - fclose($fp); - die -1; + $type = "normal"; } + do_upgrade("/root/firmware.tgz", $type); + exit; } case "2": - echo "\nEnter the complete path to the .tgz update file: "; + echo "\nEnter the complete path to the .tgz or .img.gz update file: "; $path = chop(fgets($fp)); if(!$path) { fclose($fp); @@ -192,9 +186,9 @@ function do_upgrade($path, $type) { mark_subsystem_dirty('firmwarelock'); check_for_kernel_file(); echo "\nOne moment please...\nInvoking firmware upgrade..."; - if($type == "bdiff") + if($type == "bdiff") mwexec_bg("/etc/rc.firmware delta_update $path"); - elseif($type == "nanobsd") + elseif($type == "nanobsd") mwexec_bg("/etc/rc.firmware pfSenseNanoBSDupgrade $path"); else mwexec_bg("/etc/rc.firmware pfSenseupgrade $path"); -- cgit v1.1 From e490f9950c965a878481dc830e99330fdb82837b Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 May 2010 19:27:57 +0000 Subject: Do not bail out when we write a new config. Seems that we can write some special characters but might not be able to read them back but we still should be able to recover from this. Include globals.inc before calling any config.lib.inc functions. --- etc/inc/config.inc | 4 ++-- etc/inc/config.lib.inc | 19 ++++++++++--------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/etc/inc/config.inc b/etc/inc/config.inc index 1dd0d9a..5ec98be 100644 --- a/etc/inc/config.inc +++ b/etc/inc/config.inc @@ -54,10 +54,10 @@ if($g['booting']) echo "."; ini_set("memory_limit","128M"); /* include globals from notices.inc /utility/XML parser files */ -require_once('config.lib.inc'); -if($g['booting']) echo "."; require_once("notices.inc"); if($g['booting']) echo "."; +require_once('config.lib.inc'); +if($g['booting']) echo "."; require_once("util.inc"); if($g['booting']) echo "."; if(file_exists("/cf/conf/use_xmlreader")) diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index 0fa2315..d4f4c88 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -191,8 +191,8 @@ function restore_backup($file) { if (file_exists($file)) { conf_mount_rw(); - copy("$file","/cf/conf/config.xml"); unlink_if_exists("{$g['tmp_path']}/config.cache"); + copy("$file","/cf/conf/config.xml"); log_error("{$g['product_name']} is restoring the configuration $file"); file_notice("config.xml", "{$g['product_name']} is restoring the configuration $file", "pfSenseConfigurator", ""); conf_mount_ro(); @@ -496,13 +496,14 @@ function write_config($desc="Unknown", $backup = true) { /* re-read configuration */ /* NOTE: We assume that the file can be parsed since we wrote it. */ $config = parse_xml_config("{$g['conf_path']}/config.xml", $g['xml_rootobj']); - - /* write config cache */ - $fd = @fopen("{$g['tmp_path']}/config.cache", "wb"); - if ($fd) { - fwrite($fd, serialize($config)); - fclose($fd); - } + if ($config == -1) { + $last_backup = discover_last_backup(); + if ($last_backup) + restore_backup("/cf/conf/backup/{$last_backup}"); + else + log_error(gettext("Could not restore config.xml.")); + } else + generate_config_cache($config); unlock($lockkey); @@ -571,8 +572,8 @@ function config_restore($conffile) { $lockkey = lock('config', LOCK_EX); - copy($conffile, "{$g['cf_conf_path']}/config.xml"); unlink_if_exists("{$g['tmp_path']}/config.cache"); + copy($conffile, "{$g['cf_conf_path']}/config.xml"); unlock($lockkey); -- cgit v1.1 From 2e6a43a13c449ae0c486989cb60fd47e9fe541f1 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 May 2010 20:03:25 +0000 Subject: Encode/decode special characters with htmlentities/html_entity_decode combo to make the parser not bail on special characters. --- etc/inc/xmlparse.inc | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/etc/inc/xmlparse.inc b/etc/inc/xmlparse.inc index 22cb5d6..89c3a95 100644 --- a/etc/inc/xmlparse.inc +++ b/etc/inc/xmlparse.inc @@ -144,10 +144,10 @@ function cData($parser, $data) { } if (is_string($ptr)) { - $ptr .= $data; + $ptr .= html_entity_decode($data); } else { if (trim($data, " ") != "") { - $ptr = $data; + $ptr = html_entity_decode($data); $havedata++; } } @@ -256,8 +256,10 @@ function dump_xml_config_sub($arr, $indent) { if($cval === false) continue; if(($cval === true) || ($cval === "")) { $xmlconfig .= "<$ent/>\n"; + } else if (substr($ent, 0, 5) == "descr") { + $xmlconfig .= "<$ent>\n"; } else { - $xmlconfig .= "<$ent>" . htmlspecialchars($cval) . "\n"; + $xmlconfig .= "<$ent>" . htmlentities($cval) . "\n"; } } } @@ -279,7 +281,10 @@ function dump_xml_config_sub($arr, $indent) { $xmlconfig .= "<$ent/>\n"; } else if (!is_bool($val)) { $xmlconfig .= str_repeat("\t", $indent); - $xmlconfig .= "<$ent>" . htmlspecialchars($val) . "\n"; + if (substr($ent, 0, 5) == "descr") + $xmlconfig .= "<$ent>\n"; + else + $xmlconfig .= "<$ent>" . htmlentities($val) . "\n"; } } } -- cgit v1.1 From 15f1488904c0bd3a1b8d843f90b22587b5700936 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 18 May 2010 17:27:15 -0400 Subject: Add reset button support to alix/wrap. Obtained-from: m0n0wall --- etc/inc/system.inc | 32 +++++++++++++++++++++++++++++++- etc/rc.bootup | 5 ++++- 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/etc/inc/system.inc b/etc/inc/system.inc index c3502c8..6ea3b9b 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1339,4 +1339,34 @@ function enable_watchdog() { exec("/usr/sbin/watchdogd"); } } -?> + +function system_check_reset_button() { + $specplatform = system_identify_specific_platform(); + + if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix") + return 0; + + $retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn"); + + if ($retval == 99) { + /* user has pressed reset button for 2 seconds - + reset to factory defaults */ + echo << \ No newline at end of file diff --git a/etc/rc.bootup b/etc/rc.bootup index 8decbcd..91a51bd 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -365,6 +365,9 @@ upnp_start(); /* If powerd is enabled, lets launch it */ activate_powerd(); +/* check whether config reset is desired (via hardware button on WRAP/ALIX) */ +system_check_reset_button(); + /* done */ unset($g['booting']); @@ -372,4 +375,4 @@ led_normalize(); conf_mount_ro(); -?> +?> \ No newline at end of file -- cgit v1.1 From 2c7d67ff55d4713b174d18c4e30368a908204824 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 18 May 2010 17:31:47 -0400 Subject: Add system_identify_specific_platform() --- etc/inc/system.inc | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 6ea3b9b..2123053 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1369,4 +1369,43 @@ EOD; return 0; } +/* attempt to identify the specific platform (for embedded systems) + Returns an array with two elements: + name => platform string (e.g. 'wrap', 'alix' etc.) + descr => human-readable description (e.g. "PC Engines WRAP") +*/ +function system_identify_specific_platform() { + global $g; + + if ($g['platform'] == 'generic-pc') + return array('name' => 'generic-pc', 'descr' => "Generic PC"); + + if ($g['platform'] == 'generic-pc-cdrom') + return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)"); + + /* the rest of the code only deals with 'embedded' platforms */ + if ($g['platform'] != 'embedded') + return array('name' => $g['platform'], 'descr' => $g['platform']); + + $dmesg = system_get_dmesg_boot(); + + if (strpos($dmesg, "PC Engines WRAP") !== false) + return array('name' => 'wrap', 'descr' => 'PC Engines WRAP'); + + if (strpos($dmesg, "PC Engines ALIX") !== false) + return array('name' => 'alix', 'descr' => 'PC Engines ALIX'); + + if (preg_match("/Soekris net45../", $dmesg, $matches)) + return array('name' => 'net45xx', 'descr' => $matches[0]); + + if (preg_match("/Soekris net48../", $dmesg, $matches)) + return array('name' => 'net48xx', 'descr' => $matches[0]); + + if (preg_match("/Soekris net55../", $dmesg, $matches)) + return array('name' => 'net55xx', 'descr' => $matches[0]); + + /* unknown embedded platform */ + return array('name' => 'embedded', 'descr' => 'embedded (unknown)'); +} + ?> \ No newline at end of file -- cgit v1.1 From 7188fc6db5548d66b24859e7252a1a17e2dac7d4 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 18 May 2010 17:58:18 -0400 Subject: Add missing functions and move check earlier since this only checks on bootup --- etc/inc/system.inc | 39 +++++++++++++++++++++++++++++++++++++++ etc/rc.bootup | 6 +++--- 2 files changed, 42 insertions(+), 3 deletions(-) diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 2123053..7756113 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1408,4 +1408,43 @@ function system_identify_specific_platform() { return array('name' => 'embedded', 'descr' => 'embedded (unknown)'); } +function system_get_dmesg_boot() { + global $g; + + if (!file_exists("{$g['varlog_path']}/dmesg.boot")) + system_dmesg_save(); + + return file_get_contents("{$g['varlog_path']}/dmesg.boot"); +} + +function system_dmesg_save() { + global $g; + + if (file_exists("{$g['varlog_path']}/dmesg.boot")) + return 0; /* nothing to do */ + + exec("/sbin/dmesg", $dmesg); + + /* find last copyright line (output from previous boots may be present) */ + $lastcpline = 0; + + for ($i = 0; $i < count($dmesg); $i++) { + if (strstr($dmesg[$i], "Copyright (c) 1992-")) + $lastcpline = $i; + } + + $fd = fopen("{$g['varlog_path']}/dmesg.boot", "w"); + if (!$fd) { + printf("Error: cannot open dmesg.boot in system_dmesg_save().\n"); + return 1; + } + + for ($i = $lastcpline; $i < count($dmesg); $i++) + fwrite($fd, $dmesg[$i] . "\n"); + + fclose($fd); + + return 0; +} + ?> \ No newline at end of file diff --git a/etc/rc.bootup b/etc/rc.bootup index 91a51bd..d12ef26 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -126,6 +126,9 @@ echo " done.\n"; conf_mount_rw(); +/* check whether config reset is desired (via hardware button on WRAP/ALIX) */ +system_check_reset_button(); + /* remove previous firmware upgrade if present */ if (file_exists("/root/firmware.tgz")) unlink("/root/firmware.tgz"); @@ -365,9 +368,6 @@ upnp_start(); /* If powerd is enabled, lets launch it */ activate_powerd(); -/* check whether config reset is desired (via hardware button on WRAP/ALIX) */ -system_check_reset_button(); - /* done */ unset($g['booting']); -- cgit v1.1 From fa83737d06c403f3d49c405052a1ec97fbf8146a Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 18 May 2010 17:59:41 -0400 Subject: Only check g['platform'] for nanobsd --- etc/inc/system.inc | 82 ++---------------------------------------------------- 1 file changed, 3 insertions(+), 79 deletions(-) diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 7756113..da34e66 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1341,7 +1341,9 @@ function enable_watchdog() { } function system_check_reset_button() { - $specplatform = system_identify_specific_platform(); + global $g; + if(!$g['platform'] == "nanobsd") + return 0; if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix") return 0; @@ -1369,82 +1371,4 @@ EOD; return 0; } -/* attempt to identify the specific platform (for embedded systems) - Returns an array with two elements: - name => platform string (e.g. 'wrap', 'alix' etc.) - descr => human-readable description (e.g. "PC Engines WRAP") -*/ -function system_identify_specific_platform() { - global $g; - - if ($g['platform'] == 'generic-pc') - return array('name' => 'generic-pc', 'descr' => "Generic PC"); - - if ($g['platform'] == 'generic-pc-cdrom') - return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)"); - - /* the rest of the code only deals with 'embedded' platforms */ - if ($g['platform'] != 'embedded') - return array('name' => $g['platform'], 'descr' => $g['platform']); - - $dmesg = system_get_dmesg_boot(); - - if (strpos($dmesg, "PC Engines WRAP") !== false) - return array('name' => 'wrap', 'descr' => 'PC Engines WRAP'); - - if (strpos($dmesg, "PC Engines ALIX") !== false) - return array('name' => 'alix', 'descr' => 'PC Engines ALIX'); - - if (preg_match("/Soekris net45../", $dmesg, $matches)) - return array('name' => 'net45xx', 'descr' => $matches[0]); - - if (preg_match("/Soekris net48../", $dmesg, $matches)) - return array('name' => 'net48xx', 'descr' => $matches[0]); - - if (preg_match("/Soekris net55../", $dmesg, $matches)) - return array('name' => 'net55xx', 'descr' => $matches[0]); - - /* unknown embedded platform */ - return array('name' => 'embedded', 'descr' => 'embedded (unknown)'); -} - -function system_get_dmesg_boot() { - global $g; - - if (!file_exists("{$g['varlog_path']}/dmesg.boot")) - system_dmesg_save(); - - return file_get_contents("{$g['varlog_path']}/dmesg.boot"); -} - -function system_dmesg_save() { - global $g; - - if (file_exists("{$g['varlog_path']}/dmesg.boot")) - return 0; /* nothing to do */ - - exec("/sbin/dmesg", $dmesg); - - /* find last copyright line (output from previous boots may be present) */ - $lastcpline = 0; - - for ($i = 0; $i < count($dmesg); $i++) { - if (strstr($dmesg[$i], "Copyright (c) 1992-")) - $lastcpline = $i; - } - - $fd = fopen("{$g['varlog_path']}/dmesg.boot", "w"); - if (!$fd) { - printf("Error: cannot open dmesg.boot in system_dmesg_save().\n"); - return 1; - } - - for ($i = $lastcpline; $i < count($dmesg); $i++) - fwrite($fd, $dmesg[$i] . "\n"); - - fclose($fd); - - return 0; -} - ?> \ No newline at end of file -- cgit v1.1 From 31c9379c46455d7cf1bb9977ab30f7196cba2d10 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 18 May 2010 18:03:02 -0400 Subject: Add back needed functions --- etc/inc/system.inc | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/etc/inc/system.inc b/etc/inc/system.inc index da34e66..c8d200f 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1345,6 +1345,8 @@ function system_check_reset_button() { if(!$g['platform'] == "nanobsd") return 0; + $specplatform = system_identify_specific_platform(); + if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix") return 0; @@ -1371,4 +1373,82 @@ EOD; return 0; } +/* attempt to identify the specific platform (for embedded systems) + Returns an array with two elements: + name => platform string (e.g. 'wrap', 'alix' etc.) + descr => human-readable description (e.g. "PC Engines WRAP") +*/ +function system_identify_specific_platform() { + global $g; + + if ($g['platform'] == 'generic-pc') + return array('name' => 'generic-pc', 'descr' => "Generic PC"); + + if ($g['platform'] == 'generic-pc-cdrom') + return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)"); + + /* the rest of the code only deals with 'embedded' platforms */ + if ($g['platform'] != 'embedded') + return array('name' => $g['platform'], 'descr' => $g['platform']); + + $dmesg = system_get_dmesg_boot(); + + if (strpos($dmesg, "PC Engines WRAP") !== false) + return array('name' => 'wrap', 'descr' => 'PC Engines WRAP'); + + if (strpos($dmesg, "PC Engines ALIX") !== false) + return array('name' => 'alix', 'descr' => 'PC Engines ALIX'); + + if (preg_match("/Soekris net45../", $dmesg, $matches)) + return array('name' => 'net45xx', 'descr' => $matches[0]); + + if (preg_match("/Soekris net48../", $dmesg, $matches)) + return array('name' => 'net48xx', 'descr' => $matches[0]); + + if (preg_match("/Soekris net55../", $dmesg, $matches)) + return array('name' => 'net55xx', 'descr' => $matches[0]); + + /* unknown embedded platform */ + return array('name' => 'embedded', 'descr' => 'embedded (unknown)'); +} + +function system_get_dmesg_boot() { + global $g; + + if (!file_exists("{$g['varlog_path']}/dmesg.boot")) + system_dmesg_save(); + + return file_get_contents("{$g['varlog_path']}/dmesg.boot"); +} + +function system_dmesg_save() { + global $g; + + if (file_exists("{$g['varlog_path']}/dmesg.boot")) + return 0; /* nothing to do */ + + exec("/sbin/dmesg", $dmesg); + + /* find last copyright line (output from previous boots may be present) */ + $lastcpline = 0; + + for ($i = 0; $i < count($dmesg); $i++) { + if (strstr($dmesg[$i], "Copyright (c) 1992-")) + $lastcpline = $i; + } + + $fd = fopen("{$g['varlog_path']}/dmesg.boot", "w"); + if (!$fd) { + printf("Error: cannot open dmesg.boot in system_dmesg_save().\n"); + return 1; + } + + for ($i = $lastcpline; $i < count($dmesg); $i++) + fwrite($fd, $dmesg[$i] . "\n"); + + fclose($fd); + + return 0; +} + ?> \ No newline at end of file -- cgit v1.1 From d16af75d98e56a53f7b42ba10fabae1267878841 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 18 May 2010 18:08:09 -0400 Subject: Nuke nonsense --- etc/inc/system.inc | 35 +---------------------------------- 1 file changed, 1 insertion(+), 34 deletions(-) diff --git a/etc/inc/system.inc b/etc/inc/system.inc index c8d200f..0cf1b84 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1414,41 +1414,8 @@ function system_identify_specific_platform() { function system_get_dmesg_boot() { global $g; - - if (!file_exists("{$g['varlog_path']}/dmesg.boot")) - system_dmesg_save(); - + return file_get_contents("{$g['varlog_path']}/dmesg.boot"); } -function system_dmesg_save() { - global $g; - - if (file_exists("{$g['varlog_path']}/dmesg.boot")) - return 0; /* nothing to do */ - - exec("/sbin/dmesg", $dmesg); - - /* find last copyright line (output from previous boots may be present) */ - $lastcpline = 0; - - for ($i = 0; $i < count($dmesg); $i++) { - if (strstr($dmesg[$i], "Copyright (c) 1992-")) - $lastcpline = $i; - } - - $fd = fopen("{$g['varlog_path']}/dmesg.boot", "w"); - if (!$fd) { - printf("Error: cannot open dmesg.boot in system_dmesg_save().\n"); - return 1; - } - - for ($i = $lastcpline; $i < count($dmesg); $i++) - fwrite($fd, $dmesg[$i] . "\n"); - - fclose($fd); - - return 0; -} - ?> \ No newline at end of file -- cgit v1.1 From 223ef06a4172e9aecfd41f857ae778187e27b1e0 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 18 May 2010 21:06:30 -0400 Subject: Use != --- etc/inc/system.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 0cf1b84..7d051a9 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1342,7 +1342,7 @@ function enable_watchdog() { function system_check_reset_button() { global $g; - if(!$g['platform'] == "nanobsd") + if($g['platform'] != "nanobsd") return 0; $specplatform = system_identify_specific_platform(); -- cgit v1.1 From 1a2911a7aa12c367d5f3671d87636f46b285a062 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 18 May 2010 21:16:46 -0400 Subject: Use nanobsd --- etc/inc/system.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 7d051a9..6281a14 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1388,7 +1388,7 @@ function system_identify_specific_platform() { return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)"); /* the rest of the code only deals with 'embedded' platforms */ - if ($g['platform'] != 'embedded') + if ($g['platform'] != 'nanobsd') return array('name' => $g['platform'], 'descr' => $g['platform']); $dmesg = system_get_dmesg_boot(); -- cgit v1.1 From 7f039071e560313476fcbbc0d23e00032c6820ac Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 19 May 2010 00:52:05 -0400 Subject: Move this up in the boot sequence, the reset button check relies on its existence. --- etc/rc.bootup | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/etc/rc.bootup b/etc/rc.bootup index d12ef26..1c08edc 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -126,6 +126,9 @@ echo " done.\n"; conf_mount_rw(); +/* save dmesg output to file */ +system_dmesg_save(); + /* check whether config reset is desired (via hardware button on WRAP/ALIX) */ system_check_reset_button(); @@ -183,9 +186,6 @@ load_glxsb(); /* run any early shell commands specified in config.xml */ system_do_shell_commands(1); -/* save dmesg output to file */ -system_dmesg_save(); - /* set up our timezone */ system_timezone_configure(); -- cgit v1.1 From 4994b350e830cf77a5e8adc7c11ebdf697bae12b Mon Sep 17 00:00:00 2001 From: smos Date: Wed, 19 May 2010 11:51:49 +0200 Subject: Re-create the hosts file on bootup after configuring all the interfaces. Ticket #567 --- etc/rc.bootup | 3 +++ 1 file changed, 3 insertions(+) diff --git a/etc/rc.bootup b/etc/rc.bootup index 1c08edc..95bdbc9 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -205,6 +205,9 @@ interfaces_configure(); if(!$debugging) unmute_kernel_msgs(); +/* re-make hosts file after configuring interfaces */ +system_hosts_generate(); + /* generate resolv.conf */ system_resolvconf_generate(); -- cgit v1.1 From 71fdaecd034cbd56275f69ef0e5c45a1ec22ad84 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 19 May 2010 13:44:11 +0000 Subject: Include filter.inc for the ipfw load function. --- etc/inc/captiveportal.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 31cc680..28dab57 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -43,6 +43,7 @@ /* include all configuration functions */ require_once("config.inc"); require_once("functions.inc"); +require_once("filter.inc"); require_once("radius.inc"); require_once("voucher.inc"); -- cgit v1.1 From cf9a4467e5c0a421aeed171b1b134a20ce2004a5 Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 19 May 2010 15:10:54 -0400 Subject: Fix post-restore reboot on NanoBSD. Fixes #602 --- usr/local/www/diag_backup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index ffac280..fc66900 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -670,6 +670,6 @@ decrypt_change(); -- cgit v1.1 From eef522258914a223c6490fe9e3aba62566637a9e Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 19 May 2010 15:19:31 -0400 Subject: Use the PHP call here instead of a shell exec. --- usr/local/www/interfaces_assign.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index ecd47ad..407755f 100755 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -137,7 +137,7 @@ if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { if ($_POST['apply']) { if (file_exists("/var/run/interface_mismatch_reboot_needed")) - exec("/etc/rc.reboot"); + system_reboot(); else { write_config(); -- cgit v1.1 From cd25a2b2eee21ded884a184f8b4f8f0ffeaafefe Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 19 May 2010 16:16:31 -0400 Subject: Refactor this function a little so it will also rebuild the cache if it does not already exist. Fixes missing config history after reboot on NanoBSD. --- etc/inc/config.lib.inc | 104 ++++++++++++++++++++++++++----------------------- 1 file changed, 55 insertions(+), 49 deletions(-) diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index d4f4c88..435949f 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -1137,63 +1137,69 @@ function cleanup_backupcache($revisions = 30, $lock = false) { if (!$lock) $lockkey = lock('config'); - if(file_exists($g['cf_conf_path'] . '/backup/backup.cache')) { - conf_mount_rw(); - $backups = get_backups(); - $newbaks = array(); - $bakfiles = glob($g['cf_conf_path'] . "/backup/config-*"); + + conf_mount_rw(); + + $backups = get_backups(); + if ($backups) { $baktimes = $backups['versions']; - $tocache = array(); unset($backups['versions']); - foreach($bakfiles as $backup) { // Check for backups in the directory not represented in the cache. - if(filesize($backup) == 0) { - unlink($backup); - continue; - } - $tocheck = array_shift(explode('.', array_pop(explode('-', $backup)))); - if(!in_array($tocheck, $baktimes)) { - $i = true; - if($g['booting']) - echo "."; - $newxml = parse_xml_config($backup, $g['xml_rootobj']); - if($newxml == "-1") { - log_error("The backup cache file $backup is corrupted. Unlinking."); - unlink($backup); - log_error("The backup cache file $backup is corrupted. Unlinking."); - continue; - } - if($newxml['revision']['description'] == "") - $newxml['revision']['description'] = "Unknown"; - $tocache[$tocheck] = array('description' => $newxml['revision']['description']); - } - } - foreach($backups as $checkbak) { + } else { + $backups = array(); + $baktimes = array(); + } + $newbaks = array(); + $bakfiles = glob($g['cf_conf_path'] . "/backup/config-*"); + $tocache = array(); - if(count(preg_grep('/' . $checkbak['time'] . '/i', $bakfiles)) != 0) { - $newbaks[] = $checkbak; - } else { - $i = true; - if($g['booting']) print " " . $tocheck . "r"; + foreach($bakfiles as $backup) { // Check for backups in the directory not represented in the cache. + if(filesize($backup) == 0) { + unlink($backup); + continue; + } + $tocheck = array_shift(explode('.', array_pop(explode('-', $backup)))); + if(!in_array($tocheck, $baktimes)) { + $i = true; + if($g['booting']) + echo "."; + $newxml = parse_xml_config($backup, $g['xml_rootobj']); + if($newxml == "-1") { + log_error("The backup cache file $backup is corrupted. Unlinking."); + unlink($backup); + log_error("The backup cache file $backup is corrupted. Unlinking."); + continue; } + if($newxml['revision']['description'] == "") + $newxml['revision']['description'] = "Unknown"; + $tocache[$tocheck] = array('description' => $newxml['revision']['description']); } - foreach($newbaks as $todo) $tocache[$todo['time']] = array('description' => $todo['description']); - if(is_int($revisions) and (count($tocache) > $revisions)) { - $toslice = array_slice(array_keys($tocache), 0, $revisions); - foreach($toslice as $sliced) - $newcache[$sliced] = $tocache[$sliced]; - foreach($tocache as $version => $versioninfo) { - if(!in_array($version, array_keys($newcache))) { - unlink_if_exists($g['conf_path'] . '/backup/config-' . $version . '.xml'); - if($g['booting']) print " " . $tocheck . "d"; - } + } + foreach($backups as $checkbak) { + if(count(preg_grep('/' . $checkbak['time'] . '/i', $bakfiles)) != 0) { + $newbaks[] = $checkbak; + } else { + $i = true; + if($g['booting']) print " " . $tocheck . "r"; + } + } + foreach($newbaks as $todo) $tocache[$todo['time']] = array('description' => $todo['description']); + if(is_int($revisions) and (count($tocache) > $revisions)) { + $toslice = array_slice(array_keys($tocache), 0, $revisions); + foreach($toslice as $sliced) + $newcache[$sliced] = $tocache[$sliced]; + foreach($tocache as $version => $versioninfo) { + if(!in_array($version, array_keys($newcache))) { + unlink_if_exists($g['conf_path'] . '/backup/config-' . $version . '.xml'); + if($g['booting']) print " " . $tocheck . "d"; } - $tocache = $newcache; } - $bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w"); - fwrite($bakout, serialize($tocache)); - fclose($bakout); - conf_mount_ro(); + $tocache = $newcache; } + $bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w"); + fwrite($bakout, serialize($tocache)); + fclose($bakout); + conf_mount_ro(); + if($g['booting'] && $i) print "done.\n"; if (!$lock) -- cgit v1.1 From 091cb5e9ee8ec06fce9fd787fa109fd24ed75b19 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 19 May 2010 22:02:30 +0000 Subject: Add a global declaration. --- usr/local/captiveportal/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index c100ecf..56cddc0 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -234,7 +234,7 @@ function portal_mac_radius($clientmac,$clientip) { function portal_allow($clientip,$clientmac,$username,$password = null, $attributes = null, $ruleno = null) { - global $redirurl, $g, $config, $url_redirection, $type; + global $redirurl, $g, $config, $url_redirection, $type, $passthrumac; /* See if a ruleno is passed, if not start locking the sessions because this means there isn't one atm */ $captiveshouldunlock = false; @@ -402,7 +402,7 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut else $my_redirurl = $redirurl; - if(isset($config['captiveportal']['logoutwin_enable']) && !isset($config['captiveportal']['passthrumacadd'])) { + if(isset($config['captiveportal']['logoutwin_enable']) && !$passthrumac) { if (isset($config['captiveportal']['httpslogin'])) $logouturl = "https://{$config['captiveportal']['httpsname']}:8001/"; -- cgit v1.1 From a23a6db321a96c896217009a1f59ac18d30ecceb Mon Sep 17 00:00:00 2001 From: Chris Buechler Date: Wed, 19 May 2010 20:27:51 -0400 Subject: get rid of flowtable --- etc/inc/filter.inc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 77a06d2..694d982 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -69,7 +69,8 @@ function flowtable_configure() { // nmbflows cpu count * ($maxstates * 2) $cpus = trim(`/sbin/sysctl kern.smp.cpus | /usr/bin/cut -d' ' -f2`); $nmbflows = ($cpus*($maxstates*2)); - // Is flowtable enabled? + // flowtable is not enabled + /* if($config['system']['flowtable']) $flowtable_enable = 1; else @@ -82,6 +83,7 @@ function flowtable_configure() { } mwexec("/sbin/sysctl net.inet.flowtable.enable={$flowtable_enable}"); } + */ } function filter_load_ipfw() { -- cgit v1.1 From c4995e627e26d2241b6dccc0e81137e5c5b37772 Mon Sep 17 00:00:00 2001 From: Chris Buechler Date: Wed, 19 May 2010 21:08:44 -0400 Subject: move mount up for cases where /usr and other partitions may be separate, and needed for other things to function --- etc/rc | 60 ++++++++++++++++++++++++++++++------------------------------ 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/etc/rc b/etc/rc index 6f6630c..a2629dd 100755 --- a/etc/rc +++ b/etc/rc @@ -22,6 +22,33 @@ export HOME PATH # Set our operating platform PLATFORM=`cat /etc/platform` +# Mount memory file system if it exists +echo -n "Mounting filesystems..." +/sbin/mount -a + +# Mount /. If it fails run a fsck. +if [ ! "$PLATFORM" = "cdrom" ] ; then + /sbin/mount -uw / || (/sbin/fsck -fy; /sbin/mount -uw /) + + # If /conf is a directory, convert it to a symlink + # to /cf/conf + if [ -d "/conf" ]; then + # If item is not a symlink then rm and recreate + CONFPOINTSTO=`readlink /conf` + if ! test "x$CONFPOINTSTO" = "x/cf/conf"; then + rm -rf /conf + ln -s /cf/conf /conf + fi + fi +fi + +# Check to see if a compact flash mountpoint exists +# If it fails to mount then run a fsck -fy +if grep -q cf /etc/fstab; then + /sbin/mount -uw /cf || \ + (/sbin/umount /cf; /sbin/fsck -fy /cf; /sbin/mount -w /cf) +fi + # Set our current version version=`cat /etc/version` @@ -41,9 +68,9 @@ if [ "$PLATFORM" = "pfSense" ]; then mdmfs -S -M -s 4m md /var/run fi -product=`cat /etc/inc/globals.inc | grep product_name | cut -d'"' -f4` -hideplatform=`cat /etc/inc/globals.inc | grep hideplatform | wc -l` -varrunpath=`cat /etc/inc/globals.inc | grep varrun_path | cut -d'"' -f4` +product=`grep product_name /etc/inc/globals.inc | cut -d'"' -f4` +hideplatform=`grep hideplatform /etc/inc/globals.inc | wc -l` +varrunpath=`grep varrun_path /etc/inc/globals.inc | cut -d'"' -f4` if [ "$hideplatform" -gt "0" ]; then platformbanner="" # hide the platform @@ -61,33 +88,6 @@ echo # Enable console output if its muted. /sbin/conscontrol mute off >/dev/null -# Mount memory file system if it exists -echo -n "Mounting filesystems..." -/sbin/mount -a - -# Mount /. If it fails run a fsck. -if [ ! "$PLATFORM" = "cdrom" ] ; then - /sbin/mount -uw / || (/sbin/fsck -fy; /sbin/mount -uw /) - - # If /conf is a directory, convert it to a symlink - # to /cf/conf - if [ -d "/conf" ]; then - # If item is not a symlink then rm and recreate - CONFPOINTSTO=`readlink /conf` - if ! test "x$CONFPOINTSTO" = "x/cf/conf"; then - rm -rf /conf - ln -s /cf/conf /conf - fi - fi -fi - -# Check to see if a compact flash mountpoint exists -# If it fails to mount then run a fsck -fy -if grep -q cf /etc/fstab; then - /sbin/mount -uw /cf || \ - (/sbin/umount /cf; /sbin/fsck -fy /cf; /sbin/mount -w /cf) -fi - if [ "$PLATFORM" = "cdrom" ] ; then # do nothing for cdrom platform elif [ "$PLATFORM" = "embedded" ] ; then -- cgit v1.1 From 69490b5525dd8a79f684b780f025cf3ea63964f0 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Wed, 19 May 2010 21:19:24 -0400 Subject: Handle mounting of extra filesystems correctly. Ticket #444 --- etc/rc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/rc b/etc/rc index a2629dd..5b3acd3 100755 --- a/etc/rc +++ b/etc/rc @@ -28,7 +28,7 @@ echo -n "Mounting filesystems..." # Mount /. If it fails run a fsck. if [ ! "$PLATFORM" = "cdrom" ] ; then - /sbin/mount -uw / || (/sbin/fsck -fy; /sbin/mount -uw /) + /sbin/mount -a || (/sbin/fsck -fy; /sbin/mount -a) # If /conf is a directory, convert it to a symlink # to /cf/conf -- cgit v1.1 From 986a3accd40a7d45c0a3d48d2b42d2c58a231d99 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Wed, 19 May 2010 21:32:11 -0400 Subject: block carp traffic to hosts self to avoid loops. fixes #598 --- etc/inc/filter.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 694d982..659fae1 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2500,6 +2500,7 @@ function filter_process_carp_rules() { if(isset($config['installedpackages']['carp']['config']) && $config['installedpackages']['carpsettings']['config'] <> "" or $config['virtualip']['vip'] <> "") { + $lines .= "block in log quick proto carp from (self) to any\n"; $lines .= "pass quick proto carp\n"; $lines .= "pass quick proto pfsync\n"; } -- cgit v1.1 From 9603306327f07205ac69ea99b8c0666ba9dc8a1d Mon Sep 17 00:00:00 2001 From: Erik Fonnesbeck Date: Thu, 20 May 2010 10:48:39 -0600 Subject: Various fixes to usage of ip2long, long2ip, and negated subnet masks, mostly affecting 64-bit. Ticket #459 --- etc/inc/openvpn.inc | 18 +++++++++--------- etc/inc/util.inc | 26 ++++++++++++++++++-------- etc/inc/vpn.inc | 10 +++++----- usr/local/www/diag_dhcp_leases.php | 4 ++-- usr/local/www/diag_states_summary.php | 2 +- usr/local/www/firewall_nat_edit.php | 4 ++-- usr/local/www/firewall_nat_out_edit.php | 6 +++--- usr/local/www/services_dhcp.php | 20 ++++++++++---------- usr/local/www/services_dhcp_edit.php | 12 ++++++------ usr/local/www/vpn_l2tp.php | 8 ++++---- usr/local/www/vpn_pppoe.php | 8 ++++---- usr/local/www/vpn_pptp.php | 8 ++++---- 12 files changed, 68 insertions(+), 58 deletions(-) diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 72630e7..3fe4574 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -363,9 +363,9 @@ function openvpn_reconfigure($mode,& $settings) { switch($settings['mode']) { case 'p2p_tls': case 'p2p_shared_key': - $baselong = ip2long($ip) & ip2long($mask); - $ip1 = long2ip($baselong + 1); - $ip2 = long2ip($baselong + 2); + $baselong = ip2long32($ip) & ip2long($mask); + $ip1 = long2ip32($baselong + 1); + $ip2 = long2ip32($baselong + 2); $conf .= "ifconfig $ip1 $ip2\n"; break; case 'server_tls': @@ -463,9 +463,9 @@ function openvpn_reconfigure($mode,& $settings) { if (!empty($settings['tunnel_network'])) { list($ip, $mask) = explode('/', $settings['tunnel_network']); $mask = gen_subnet_mask($mask); - $baselong = ip2long($ip) & ip2long($mask); - $ip1 = long2ip($baselong + 1); - $ip2 = long2ip($baselong + 2); + $baselong = ip2long32($ip) & ip2long($mask); + $ip1 = long2ip32($baselong + 1); + $ip2 = long2ip32($baselong + 2); $conf .= "ifconfig $ip2 $ip1\n"; } @@ -626,9 +626,9 @@ function openvpn_resync_csc(& $settings) { if (!empty($settings['tunnel_network'])) { list($ip, $mask) = explode('/', $settings['tunnel_network']); - $baselong = ip2long($ip) & gen_subnet_mask_long($mask); - $ip1 = long2ip($baselong + 1); - $ip2 = long2ip($baselong + 2); + $baselong = ip2long32($ip) & gen_subnet_mask_long($mask); + $ip1 = long2ip32($baselong + 1); + $ip2 = long2ip32($baselong + 2); $conf .= "ifconfig-push {$ip1} {$ip2}\n"; } diff --git a/etc/inc/util.inc b/etc/inc/util.inc index 930f9ac..0828bbf 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -198,7 +198,7 @@ function gen_subnet_max($ipaddr, $bits) { if (!is_ipaddr($ipaddr) || !is_numeric($bits)) return ""; - return long2ip(ip2long($ipaddr) | ~gen_subnet_mask_long($bits)); + return long2ip32(ip2long($ipaddr) | ~gen_subnet_mask_long($bits)); } /* returns a subnet mask (long given a bit count) */ @@ -216,9 +216,19 @@ function gen_subnet_mask($bits) { return long2ip(gen_subnet_mask_long($bits)); } +/* Convert long int to IP address, truncating to 32-bits. */ +function long2ip32($ip) { + return long2ip($ip & 0xFFFFFFFF); +} + +/* Convert IP address to long int, truncated to 32-bits to avoid sign extension on 64-bit platforms. */ +function ip2long32($ip) { + return ( ip2long($ip) & 0xFFFFFFFF ); +} + /* Convert IP address to unsigned long int. */ function ip2ulong($ip) { - return sprintf("%u", ip2long($ip)); + return sprintf("%u", ip2long32($ip)); } /* Find out how many IPs are contained within a given IP range @@ -246,12 +256,12 @@ function find_smallest_cidr($number) { /* Return the previous IP address before the given address */ function ip_before($ip) { - return long2ip(ip2long($ip)-1); + return long2ip32(ip2long($ip)-1); } /* Return the next IP address after the given address */ function ip_after($ip) { - return long2ip(ip2long($ip)+1); + return long2ip32(ip2long($ip)+1); } /* Return true if the first IP is 'before' the second */ @@ -347,7 +357,7 @@ function is_ipaddr($ipaddr) { return false; $ip_long = ip2long($ipaddr); - $ip_reverse = long2ip($ip_long); + $ip_reverse = long2ip32($ip_long); if ($ipaddr == $ip_reverse) return true; @@ -891,9 +901,9 @@ function check_subnets_overlap($subnet1, $bits1, $subnet2, $bits2) { /* compare two IP addresses */ function ipcmp($a, $b) { - if (ip2long($a) < ip2long($b)) + if (ip_less_than($a, $b)) return -1; - else if (ip2long($a) > ip2long($b)) + else if (ip_greater_than($a, $b)) return 1; else return 0; @@ -902,7 +912,7 @@ function ipcmp($a, $b) { /* return true if $addr is in $subnet, false if not */ function ip_in_subnet($addr,$subnet) { list($ip, $mask) = explode('/', $subnet); - $mask = 0xffffffff << (32 - $mask); + $mask = (0xffffffff << (32 - $mask)) & 0xffffffff; return ((ip2long($addr) & $mask) == (ip2long($ip) & $mask)); } diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index f2343e1..c874a83 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -343,8 +343,8 @@ function vpn_ipsec_configure($ipchg = false) $pool_address = $a_client['pool_address']; $pool_netmask = gen_subnet_mask($a_client['pool_netbits']); - $pool_address = long2ip(ip2long($pool_address)+1); - $pool_size = ~ip2long($pool_netmask) - 2; + $pool_address = long2ip32(ip2long($pool_address)+1); + $pool_size = (~ip2long($pool_netmask) & 0xFFFFFFFF) - 2; $racoonconf .= "\tpool_size {$pool_size};\n"; $racoonconf .= "\tnetwork4 {$pool_address};\n"; @@ -1012,7 +1012,7 @@ EOD; for ($i = 0; $i < $pptpdcfg['n_pptp_units']; $i++) { - $clientip = long2ip(ip2long($pptpdcfg['remoteip']) + $i); + $clientip = long2ip32(ip2long($pptpdcfg['remoteip']) + $i); $mpdconf .= << $dhcpifconf) { if(is_array($dhcpifconf['staticmap'])) { @@ -345,7 +345,7 @@ foreach ($leases as $data) { } } else { foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) { - if (($lip >= ip2long($dhcpifconf['range']['from'])) && ($lip <= ip2long($dhcpifconf['range']['to']))) { + if (($lip >= ip2ulong($dhcpifconf['range']['from'])) && ($lip <= ip2ulong($dhcpifconf['range']['to']))) { $data['if'] = $dhcpif; break; } diff --git a/usr/local/www/diag_states_summary.php b/usr/local/www/diag_states_summary.php index 45600a0..40d064f 100644 --- a/usr/local/www/diag_states_summary.php +++ b/usr/local/www/diag_states_summary.php @@ -99,7 +99,7 @@ if(count($states) > 0) { } function sort_by_ip($a, $b) { - return sprintf("%u", ip2long($a)) < sprintf("%u", ip2long($b)) ? -1 : 1; + return ip2ulong($a) < ip2ulong($b) ? -1 : 1; } function build_port_info($portarr, $proto) { diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index 11744ae..d7806b1 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -625,10 +625,10 @@ include("fbegin.inc"); ?> diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 483aec1..e5fb88a 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -421,14 +421,14 @@ any) diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php index cc3d1e4..b72258f 100755 --- a/usr/local/www/services_dhcp.php +++ b/usr/local/www/services_dhcp.php @@ -181,7 +181,7 @@ if(is_array($dhcrelaycfg)) { } function is_inrange($test, $start, $end) { - if ( (ip2long($test) < ip2long($end)) && (ip2long($test) > ip2long($start)) ) + if ( (ip2ulong($test) < ip2ulong($end)) && (ip2ulong($test) > ip2ulong($start)) ) return true; else return false; @@ -242,15 +242,15 @@ if ($_POST) { if (!$input_errors) { /* make sure the range lies within the current subnet */ - $subnet_start = (ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn)); - $subnet_end = (ip2long($ifcfgip) | (~gen_subnet_mask_long($ifcfgsn))); + $subnet_start = ip2ulong(long2ip32(ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn))); + $subnet_end = ip2ulong(long2ip32(ip2long($ifcfgip) | (~gen_subnet_mask_long($ifcfgsn)))); - if ((ip2long($_POST['range_from']) < $subnet_start) || (ip2long($_POST['range_from']) > $subnet_end) || - (ip2long($_POST['range_to']) < $subnet_start) || (ip2long($_POST['range_to']) > $subnet_end)) { + if ((ip2ulong($_POST['range_from']) < $subnet_start) || (ip2ulong($_POST['range_from']) > $subnet_end) || + (ip2ulong($_POST['range_to']) < $subnet_start) || (ip2ulong($_POST['range_to']) > $subnet_end)) { $input_errors[] = "The specified range lies outside of the current subnet."; } - if (ip2long($_POST['range_from']) > ip2long($_POST['range_to'])) + if (ip2ulong($_POST['range_from']) > ip2ulong($_POST['range_to'])) $input_errors[] = "The range is invalid (first element higher than second element)."; /* make sure that the DHCP Relay isn't enabled on this interface */ @@ -534,15 +534,15 @@ include("head.inc"); Available range - diff --git a/usr/local/www/services_dhcp_edit.php b/usr/local/www/services_dhcp_edit.php index d44fb9b..86fefe3 100755 --- a/usr/local/www/services_dhcp_edit.php +++ b/usr/local/www/services_dhcp_edit.php @@ -140,12 +140,12 @@ if ($_POST) { /* make sure it's not within the dynamic subnet */ if ($_POST['ipaddr']) { - $dynsubnet_start = ip2long($config['dhcpd'][$if]['range']['from']); - $dynsubnet_end = ip2long($config['dhcpd'][$if]['range']['to']); - $lansubnet_start = (ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn)); - $lansubnet_end = (ip2long($ifcfgip) | (~gen_subnet_mask_long($ifcfgsn))); - if ((ip2long($_POST['ipaddr']) < $lansubnet_start) || - (ip2long($_POST['ipaddr']) > $lansubnet_end)) { + $dynsubnet_start = ip2ulong($config['dhcpd'][$if]['range']['from']); + $dynsubnet_end = ip2ulong($config['dhcpd'][$if]['range']['to']); + $lansubnet_start = ip2ulong(long2ip32(ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn))); + $lansubnet_end = ip2ulong(long2ip32(ip2long($ifcfgip) | (~gen_subnet_mask_long($ifcfgsn)))); + if ((ip2ulong($_POST['ipaddr']) < $lansubnet_start) || + (ip2ulong($_POST['ipaddr']) > $lansubnet_end)) { $input_errors[] = "The IP address must lie in the {$ifcfgdescr} subnet."; } } diff --git a/usr/local/www/vpn_l2tp.php b/usr/local/www/vpn_l2tp.php index 025e30f..2b61209 100644 --- a/usr/local/www/vpn_l2tp.php +++ b/usr/local/www/vpn_l2tp.php @@ -95,11 +95,11 @@ if ($_POST) { if (!$input_errors) { $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['l2tp_subnet']); - $subnet_start = ip2long($_POST['remoteip']); - $subnet_end = ip2long($_POST['remoteip']) + $_POST['n_l2tp_units'] - 1; + $subnet_start = ip2ulong($_POST['remoteip']); + $subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_l2tp_units'] - 1; - if ((ip2long($_POST['localip']) >= $subnet_start) && - (ip2long($_POST['localip']) <= $subnet_end)) { + if ((ip2ulong($_POST['localip']) >= $subnet_start) && + (ip2ulong($_POST['localip']) <= $subnet_end)) { $input_errors[] = gettext("The specified server address lies in the remote subnet."); } if ($_POST['localip'] == get_interface_ip("lan")) { diff --git a/usr/local/www/vpn_pppoe.php b/usr/local/www/vpn_pppoe.php index 7b0cd41..d95302e 100755 --- a/usr/local/www/vpn_pppoe.php +++ b/usr/local/www/vpn_pppoe.php @@ -98,11 +98,11 @@ if ($_POST) { if (!$input_errors) { $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['pppoe_subnet']); - $subnet_start = ip2long($_POST['remoteip']); - $subnet_end = ip2long($_POST['remoteip']) + $_POST['pppoe_subnet'] - 1; + $subnet_start = ip2ulong($_POST['remoteip']); + $subnet_end = ip2ulong($_POST['remoteip']) + $_POST['pppoe_subnet'] - 1; - if ((ip2long($_POST['localip']) >= $subnet_start) && - (ip2long($_POST['localip']) <= $subnet_end)) { + if ((ip2ulong($_POST['localip']) >= $subnet_start) && + (ip2ulong($_POST['localip']) <= $subnet_end)) { $input_errors[] = "The specified server address lies in the remote subnet."; } if ($_POST['localip'] == get_interface_ip("lan")) { diff --git a/usr/local/www/vpn_pptp.php b/usr/local/www/vpn_pptp.php index 5aae209..1c88670 100755 --- a/usr/local/www/vpn_pptp.php +++ b/usr/local/www/vpn_pptp.php @@ -99,11 +99,11 @@ if ($_POST) { } if (!$input_errors) { - $subnet_start = ip2long($_POST['remoteip']); - $subnet_end = ip2long($_POST['remoteip']) + $_POST['n_pptp_units'] - 1; + $subnet_start = ip2ulong($_POST['remoteip']); + $subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_pptp_units'] - 1; - if ((ip2long($_POST['localip']) >= $subnet_start) && - (ip2long($_POST['localip']) <= $subnet_end)) { + if ((ip2ulong($_POST['localip']) >= $subnet_start) && + (ip2ulong($_POST['localip']) <= $subnet_end)) { $input_errors[] = "The specified server address lies in the remote subnet."; } // TODO: Should this check be for any local IP address? -- cgit v1.1 From fa90d7013750b822001bdfcce224cbaf33d95f27 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Thu, 20 May 2010 15:35:55 -0400 Subject: Add note about required enabled WPA option for 802.1x --- usr/local/www/interfaces.php | 1 + 1 file changed, 1 insertion(+) diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index b15af72..4667801 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -1623,6 +1623,7 @@ $types = array("none" => "None", "static" => "Static", "dhcp" => "DHCP", "pppoe" >
Setting this option will enable 802.1x authentication. +
NOTE: this option requires checking the "Enable WPA box". -- cgit v1.1 From 02611466ce837a8148b4b5b1746ff63dd1862755 Mon Sep 17 00:00:00 2001 From: Ermal Date: Thu, 20 May 2010 19:37:47 +0000 Subject: Do not aritificially add spaces around values on CDATA fields. Tested-by: Jim --- etc/inc/xmlparse.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/inc/xmlparse.inc b/etc/inc/xmlparse.inc index 89c3a95..c19a3ae 100644 --- a/etc/inc/xmlparse.inc +++ b/etc/inc/xmlparse.inc @@ -257,7 +257,7 @@ function dump_xml_config_sub($arr, $indent) { if(($cval === true) || ($cval === "")) { $xmlconfig .= "<$ent/>\n"; } else if (substr($ent, 0, 5) == "descr") { - $xmlconfig .= "<$ent>\n"; + $xmlconfig .= "<$ent>\n"; } else { $xmlconfig .= "<$ent>" . htmlentities($cval) . "\n"; } @@ -282,7 +282,7 @@ function dump_xml_config_sub($arr, $indent) { } else if (!is_bool($val)) { $xmlconfig .= str_repeat("\t", $indent); if (substr($ent, 0, 5) == "descr") - $xmlconfig .= "<$ent>\n"; + $xmlconfig .= "<$ent>\n"; else $xmlconfig .= "<$ent>" . htmlentities($val) . "\n"; } -- cgit v1.1 From fdb085fade815c447e2172a67ffb0164c17d795f Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Thu, 20 May 2010 17:23:57 -0400 Subject: Add captive portal voucher configuration backup area option Ticket #609 --- usr/local/www/diag_backup.php | 1 + 1 file changed, 1 insertion(+) diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index fc66900..243008d 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -101,6 +101,7 @@ function spit_out_select_items($area, $showall) { $areas = array("aliases" => "Aliases", "captiveportal" => "Captive Portal", + "voucher" => "Captive Portal Vouchers", "dnsmasq" => "DNS Forwarder", "dhcpd" => "DHCP Server", "filter" => "Firewall Rules", -- cgit v1.1 From 79f9b9bcdd6f684ff3fc629047609579ed0f1da4 Mon Sep 17 00:00:00 2001 From: Ermal Date: Thu, 20 May 2010 21:36:34 +0000 Subject: Fixes #610. Do not use the value of mtu blindly test it is set or use 1500 as default. --- etc/inc/filter.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 659fae1..f01faee 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -692,7 +692,7 @@ function filter_generate_optcfg_array() { if(!is_ipaddr($oc['ipaddr']) && !empty($oc['ipaddr'])) $oic['type'] = $oc['ipaddr']; $oic['sn'] = get_interface_subnet($if); - $oic['mtu'] = $oc['mtu']; + $oic['mtu'] = empty($oc['mtu']) ? 1500 : $oc['mtu']; $oic['descr'] = $ifdetail; $oic['sa'] = gen_subnet($oic['ip'], $oic['sn']); $oic['nonat'] = $oc['nonat']; -- cgit v1.1 From c0ed686f9441b7019722954020057b23fe2f6603 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Thu, 20 May 2010 18:16:38 -0400 Subject: Do not allow duplicate Roll #'s --- usr/local/www/services_captiveportal_vouchers_edit.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/usr/local/www/services_captiveportal_vouchers_edit.php b/usr/local/www/services_captiveportal_vouchers_edit.php index 69e485a..ee95927 100644 --- a/usr/local/www/services_captiveportal_vouchers_edit.php +++ b/usr/local/www/services_captiveportal_vouchers_edit.php @@ -77,6 +77,14 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + // Look for duplicate roll # + foreach($a_roll as $re) { + if($re['number'] == $_POST['number']) { + $input_errors[] = "Roll number {$_POST['number']} already exists."; + break; + } + } + if (!is_numeric($_POST['number']) || $_POST['number'] >= $maxnumber) $input_errors[] = "Roll number must be numeric and less than $maxnumber"; -- cgit v1.1