From 1af5edbf04e0e3bbbc55981f6fc404b60ff33f2b Mon Sep 17 00:00:00 2001 From: Stephen Beaver Date: Fri, 11 Dec 2015 16:44:11 -0500 Subject: Rename of files to better match their position in the memory structure --- src/usr/local/www/carp_status.php | 275 --------- src/usr/local/www/diag_backup.php | 2 +- src/usr/local/www/diag_halt.php | 123 ++++ src/usr/local/www/diag_ipsec.php | 525 ---------------- src/usr/local/www/diag_ipsec_leases.php | 163 ----- src/usr/local/www/diag_ipsec_sad.php | 159 ----- src/usr/local/www/diag_ipsec_spd.php | 143 ----- src/usr/local/www/diag_logs.php | 671 --------------------- src/usr/local/www/diag_logs_filter.php | 634 ------------------- src/usr/local/www/diag_logs_filter_dynamic.php | 441 -------------- src/usr/local/www/diag_logs_filter_summary.php | 327 ---------- src/usr/local/www/diag_logs_settings.php | 525 ---------------- src/usr/local/www/diag_logs_vpn.php | 234 ------- src/usr/local/www/diag_pftop.php | 217 +++++++ src/usr/local/www/diag_pkglogs.php | 145 ----- src/usr/local/www/diag_reboot.php | 154 +++++ src/usr/local/www/diag_system_pftop.php | 217 ------- src/usr/local/www/easyrule.php | 2 +- src/usr/local/www/firewall_virtual_ip.php | 2 +- src/usr/local/www/halt.php | 123 ---- src/usr/local/www/head.inc | 16 +- src/usr/local/www/help.php | 34 +- src/usr/local/www/reboot.php | 154 ----- src/usr/local/www/services_pppoe.php | 180 ++++++ src/usr/local/www/services_pppoe_edit.php | 632 +++++++++++++++++++ src/usr/local/www/services_wol.php | 4 +- src/usr/local/www/shortcuts.inc | 42 +- src/usr/local/www/status_carp.php | 275 +++++++++ src/usr/local/www/status_ipsec.php | 525 ++++++++++++++++ src/usr/local/www/status_ipsec_leases.php | 163 +++++ src/usr/local/www/status_ipsec_sad.php | 159 +++++ src/usr/local/www/status_ipsec_spd.php | 143 +++++ src/usr/local/www/status_logs.php | 671 +++++++++++++++++++++ src/usr/local/www/status_logs_filter.php | 634 +++++++++++++++++++ src/usr/local/www/status_logs_filter_dynamic.php | 441 ++++++++++++++ src/usr/local/www/status_logs_filter_summary.php | 327 ++++++++++ src/usr/local/www/status_logs_settings.php | 525 ++++++++++++++++ src/usr/local/www/status_logs_vpn.php | 234 +++++++ src/usr/local/www/status_pkglogs.php | 145 +++++ src/usr/local/www/vpn_ipsec.php | 2 +- src/usr/local/www/vpn_pppoe.php | 180 ------ src/usr/local/www/vpn_pppoe_edit.php | 632 ------------------- src/usr/local/www/widgets/include/carp_status.inc | 2 +- src/usr/local/www/widgets/include/ipsec.inc | 2 +- src/usr/local/www/widgets/include/log.inc | 2 +- .../www/widgets/widgets/carp_status.widget.php | 2 +- src/usr/local/www/widgets/widgets/log.widget.php | 2 +- 47 files changed, 5605 insertions(+), 5605 deletions(-) delete mode 100644 src/usr/local/www/carp_status.php create mode 100755 src/usr/local/www/diag_halt.php delete mode 100644 src/usr/local/www/diag_ipsec.php delete mode 100644 src/usr/local/www/diag_ipsec_leases.php delete mode 100644 src/usr/local/www/diag_ipsec_sad.php delete mode 100644 src/usr/local/www/diag_ipsec_spd.php delete mode 100755 src/usr/local/www/diag_logs.php delete mode 100644 src/usr/local/www/diag_logs_filter.php delete mode 100755 src/usr/local/www/diag_logs_filter_dynamic.php delete mode 100644 src/usr/local/www/diag_logs_filter_summary.php delete mode 100644 src/usr/local/www/diag_logs_settings.php delete mode 100755 src/usr/local/www/diag_logs_vpn.php create mode 100644 src/usr/local/www/diag_pftop.php delete mode 100755 src/usr/local/www/diag_pkglogs.php create mode 100755 src/usr/local/www/diag_reboot.php delete mode 100644 src/usr/local/www/diag_system_pftop.php delete mode 100755 src/usr/local/www/halt.php delete mode 100755 src/usr/local/www/reboot.php create mode 100644 src/usr/local/www/services_pppoe.php create mode 100644 src/usr/local/www/services_pppoe_edit.php create mode 100644 src/usr/local/www/status_carp.php create mode 100644 src/usr/local/www/status_ipsec.php create mode 100644 src/usr/local/www/status_ipsec_leases.php create mode 100644 src/usr/local/www/status_ipsec_sad.php create mode 100644 src/usr/local/www/status_ipsec_spd.php create mode 100755 src/usr/local/www/status_logs.php create mode 100644 src/usr/local/www/status_logs_filter.php create mode 100755 src/usr/local/www/status_logs_filter_dynamic.php create mode 100644 src/usr/local/www/status_logs_filter_summary.php create mode 100644 src/usr/local/www/status_logs_settings.php create mode 100644 src/usr/local/www/status_logs_vpn.php create mode 100755 src/usr/local/www/status_pkglogs.php delete mode 100644 src/usr/local/www/vpn_pppoe.php delete mode 100644 src/usr/local/www/vpn_pppoe_edit.php (limited to 'src/usr/local/www') diff --git a/src/usr/local/www/carp_status.php b/src/usr/local/www/carp_status.php deleted file mode 100644 index 5d9fdbf..0000000 --- a/src/usr/local/www/carp_status.php +++ /dev/null @@ -1,275 +0,0 @@ - 0) { - set_single_sysctl('net.inet.carp.allow', '0'); - if (is_array($config['virtualip']['vip'])) { - $viparr = &$config['virtualip']['vip']; - foreach ($viparr as $vip) { - switch ($vip['mode']) { - case "carp": - interface_vip_bring_down($vip); - - /* - * Reconfigure radvd when necessary - * XXX: Is it the best way to do it? - */ - if (isset($config['dhcpdv6']) && is_array($config['dhcpdv6'])) { - foreach ($config['dhcpdv6'] as $dhcpv6if => $dhcpv6ifconf) { - if ($dhcpv6if !== $vip['interface'] || - $dhcpv6ifconf['ramode'] === "disabled") { - continue; - } - - services_radvd_configure(); - break; - } - } - - sleep(1); - break; - } - } - } - $savemsg = sprintf(gettext("%s IPs have been disabled. Please note that disabling does not survive a reboot and some configuration changes will re-enable."), $carp_counter); - $status = 0; - } else { - $savemsg = gettext("CARP has been enabled."); - if (is_array($config['virtualip']['vip'])) { - $viparr = &$config['virtualip']['vip']; - foreach ($viparr as $vip) { - switch ($vip['mode']) { - case "carp": - interface_carp_configure($vip); - sleep(1); - break; - case 'ipalias': - if (strpos($vip['interface'], '_vip')) { - interface_ipalias_configure($vip); - } - break; - } - } - } - interfaces_sync_setup(); - set_single_sysctl('net.inet.carp.allow', '1'); - $status = 1; - } -} - -$carp_detected_problems = get_single_sysctl("net.inet.carp.demotion"); - -if (!empty($_POST['resetdemotion'])) { - set_single_sysctl("net.inet.carp.demotion", "-{$carp_detected_problems}"); - sleep(1); - $carp_detected_problems = get_single_sysctl("net.inet.carp.demotion"); -} - -$pgtitle = array(gettext("Status"), gettext("CARP")); -$shortcut_section = "carp"; - -include("head.inc"); -if ($savemsg) - print_info_box($savemsg, 'success'); - -$carpcount = 0; -if (is_array($config['virtualip']['vip'])) { - foreach ($config['virtualip']['vip'] as $carp) { - if ($carp['mode'] == "carp") { - $carpcount++; - break; - } - } -} - - -// If $carpcount > 0 display buttons then display table -// otherwise display error box and quit - -?> - -' . - '' . - gettext("You can configure high availability sync settings here") . - ''); -} else -{ -?> -
- 0) - $carp_enabled = true; - else - $carp_enabled = false; - - // Sadly this needs to be here so that it is inside the form - if ($carp_detected_problems > 0) { - print_info_box( - gettext("CARP has detected a problem and this unit has been demoted to BACKUP status.") . "
" . - gettext("Check the link status on all interfaces with configured CARP VIPs.") . "
" . - gettext("Search the") . - " " . - gettext("system log") . - " " . - gettext("for CARP demotion-related events.") . "

" . - '', 'danger' - ); - } - -?> - " /> - " /> - -

- -
-

-
- - - - - - - - - - - - - - - - - -
@ 
-
-
-
- -
-

-
-
    -'. $node .''; - } -?> -
-
-
- -
-
+ " . gettext("The firewall is now rebooting."))?>
diff --git a/src/usr/local/www/diag_halt.php b/src/usr/local/www/diag_halt.php new file mode 100755 index 0000000..b2a0e21 --- /dev/null +++ b/src/usr/local/www/diag_halt.php @@ -0,0 +1,123 @@ + + + + +"); + } + else { + print('
');
+		system_halt();
+		print('
'); + } +} else { +?> + +
+
+

Are you sure you want to halt the system?

+
+
+
+

Click "Halt" to halt the system immediately, or "No" to go to the system dashboard. (There will be a brief delay before the dashboard appears.)

+ + + No + +
+
+
+ + + +. - * - * Parts of this code originally based on vpn_ipsec_sad.php from m0n0wall, - * Copyright (c) 2003-2004 Manuel Kasper (BSD 2 clause) - * - * Redistribution and use in source and binary forms, with or without modification, - * are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgment: - * "This product includes software developed by the pfSense Project - * for use in the pfSense software distribution. (http://www.pfsense.org/). - * - * 4. The names "pfSense" and "pfSense Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * coreteam@pfsense.org. - * - * 5. Products derived from this software may not be called "pfSense" - * nor may "pfSense" appear in their names without prior written - * permission of the Electric Sheep Fencing, LLC. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * - * "This product includes software developed by the pfSense Project - * for use in the pfSense software distribution (http://www.pfsense.org/). - * - * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - * ==================================================================== - * - */ - -/* - pfSense_MODULE: ipsec -*/ - -##|+PRIV -##|*IDENT=page-status-ipsec -##|*NAME=Status: IPsec -##|*DESCR=Allow access to the 'Status: IPsec' page. -##|*MATCH=diag_ipsec.php* -##|-PRIV - - -global $g; - -$pgtitle = array(gettext("Status"), gettext("IPsec"), gettext("Overview")); -$shortcut_section = "ipsec"; - -require("guiconfig.inc"); -include("head.inc"); -require_once("ipsec.inc"); - -if ($_GET['act'] == 'connect') { - if (ctype_digit($_GET['ikeid'])) { - $ph1ent = ipsec_get_phase1($_GET['ikeid']); - if (!empty($ph1ent)) { - if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == 'ikev1') { - $ph2entries = ipsec_get_number_of_phase2($_GET['ikeid']); - for ($i = 0; $i < $ph2entries; $i++) { - $connid = escapeshellarg("con{$_GET['ikeid']}00{$i}"); - mwexec("/usr/local/sbin/ipsec down {$connid}"); - mwexec("/usr/local/sbin/ipsec up {$connid}"); - } - } else { - mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid'])); - mwexec("/usr/local/sbin/ipsec up con" . escapeshellarg($_GET['ikeid'])); - } - } - } -} else if ($_GET['act'] == 'ikedisconnect') { - if (ctype_digit($_GET['ikeid'])) { - if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid'])) { - mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "[" . escapeshellarg($_GET['ikesaid']) . "]"); - } else { - mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid'])); - } - } -} else if ($_GET['act'] == 'childdisconnect') { - if (ctype_digit($_GET['ikeid'])) { - if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid'])) { - mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "{" . escapeshellarg($_GET['ikesaid']) . "}"); - } - } -} - -if (!is_array($config['ipsec']['phase1'])) { - $config['ipsec']['phase1'] = array(); -} - -$a_phase1 = &$config['ipsec']['phase1']; - -$status = ipsec_list_sa(); - -$tab_array = array(); -$tab_array[] = array(gettext("Overview"), true, "diag_ipsec.php"); -$tab_array[] = array(gettext("Leases"), false, "diag_ipsec_leases.php"); -$tab_array[] = array(gettext("SAD"), false, "diag_ipsec_sad.php"); -$tab_array[] = array(gettext("SPD"), false, "diag_ipsec_spd.php"); -display_top_tabs($tab_array); -?> - -
-
IPsec status
-
- - - - - - - - - - - - - - - - - $ikesa) { - $con_id = substr($ikeid, 3); - - if ($ikesa['version'] == 1) { - $ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00')); - $ipsecconnected[$ph1idx] = $ph1idx; - } else { - $ipsecconnected[$con_id] = $ph1idx = $con_id; - } -?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - -{$identity}"; - } elseif (!empty($ikesa['remote-eap-id'])) { - echo htmlspecialchars($ikesa['remote-eap-id']); - echo "
{$identity}"; - } else { - if (empty($identity)) { - print(gettext("Unknown")); - } else { - print($identity); - } - } -?> - 		- - - IKEv -
- - 		- - - -
- -
- -
- - 		-'); - } else { - print(''); - } -?> - -
- - 		- - - - - - - -
- -
- 0)) { -?> -
- - - -
- - - - - - - - - - - - - - - $childsa) { -?> - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - -Here'); -include("foot.inc"); ?> diff --git a/src/usr/local/www/diag_ipsec_leases.php b/src/usr/local/www/diag_ipsec_leases.php deleted file mode 100644 index 51fcab2..0000000 --- a/src/usr/local/www/diag_ipsec_leases.php +++ /dev/null @@ -1,163 +0,0 @@ - -
- - - - - - - - - - - - - - - - - - - 0) { - foreach ($pool['lease'] as $lease) { - if (!$leaserow) { - // On subsequent rows the first three columns are blank -?> - - - - - - - - - - - - - - -
- - - - - -
- - - - - -
-
-' . gettext("here.") . ''); - -include("foot.inc"); diff --git a/src/usr/local/www/diag_ipsec_sad.php b/src/usr/local/www/diag_ipsec_sad.php deleted file mode 100644 index 2e785a2..0000000 --- a/src/usr/local/www/diag_ipsec_sad.php +++ /dev/null @@ -1,159 +0,0 @@ - /dev/null 2>&1", "w"); - if ($fd) { - fwrite($fd, "delete {$_GET['src']} {$_GET['dst']} {$_GET['proto']} {$_GET['spi']} ;\n"); - pclose($fd); - sleep(1); - } -} - -$tab_array = array(); -$tab_array[] = array(gettext("Overview"), false, "diag_ipsec.php"); -$tab_array[] = array(gettext("Leases"), false, "diag_ipsec_leases.php"); -$tab_array[] = array(gettext("SAD"), true, "diag_ipsec_sad.php"); -$tab_array[] = array(gettext("SPD"), false, "diag_ipsec_spd.php"); -display_top_tabs($tab_array); - -if (count($sad)) { -?> -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - Delete -
-
-' . gettext("here.") . ''); - -include("foot.inc"); diff --git a/src/usr/local/www/diag_ipsec_spd.php b/src/usr/local/www/diag_ipsec_spd.php deleted file mode 100644 index 2e807a6..0000000 --- a/src/usr/local/www/diag_ipsec_spd.php +++ /dev/null @@ -1,143 +0,0 @@ - -
- - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - -> -
-
-' . gettext("here.") . ''); - -include("foot.inc"); diff --git a/src/usr/local/www/diag_logs.php b/src/usr/local/www/diag_logs.php deleted file mode 100755 index 2102b46..0000000 --- a/src/usr/local/www/diag_logs.php +++ /dev/null @@ -1,671 +0,0 @@ - array("name" => "General", - "shortcut" => ""), - "dhcpd" => array("name" => "DHCP", - "shortcut" => "dhcp"), - "portalauth" => array("name" => "Captive Portal Authentication", - "shortcut" => "captiveportal"), - "ipsec" => array("name" => "IPsec", - "shortcut" => "ipsec"), - "ppp" => array("name" => "PPP", - "shortcut" => ""), - "relayd" => array("name" => "Load Balancer", - "shortcut" => "relayd"), - "openvpn" => array("name" => "OpenVPN", - "shortcut" => "openvpn"), - "ntpd" => array("name" => "NTPd", - "shortcut" => "ntp"), - "gateways" => array("name" => "Gateways", - "shortcut" => "gateways"), - "routing" => array("name" => "Routing", - "shortcut" => "routing"), - "resolver" => array("name" => "DNS Resolver", - "shortcut" => "resolver"), - "wireless" => array("name" => "Wireless", - "shortcut" => "wireless"), -); - -// The logs to display are specified in a GET argument. Default to 'system' logs -if (!$_GET['logfile']) { - $logfile = 'system'; -} else { - $logfile = $_GET['logfile']; - if (!array_key_exists($logfile, $allowed_logs)) { - /* Do not let someone attempt to load an unauthorized log. */ - $logfile = 'system'; - } -} - -$system_logfile = "{$g['varlog_path']}/" . basename($logfile) . ".log"; - - -function getGETPOSTsettingvalue($settingname, $default) { - $settingvalue = $default; - if ($_GET[$settingname]) { - $settingvalue = $_GET[$settingname]; - } - if ($_POST[$settingname]) { - $settingvalue = $_POST[$settingname]; - } - return $settingvalue; -} - - -$filtersubmit = getGETPOSTsettingvalue('filtersubmit', null); - -if ($filtersubmit) { - $filter_active = true; - $filtertext = getGETPOSTsettingvalue('filtertext', ""); - $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); -} - -$filterlogentries_submit = getGETPOSTsettingvalue('filterlogentries_submit', null); - -if ($filterlogentries_submit) { - $filter_active = true; - $filterfieldsarray = array(); - - $filterfieldsarray['time'] = getGETPOSTsettingvalue('filterlogentries_time', null); - $filterfieldsarray['process'] = getGETPOSTsettingvalue('filterlogentries_process', null); - $filterfieldsarray['pid'] = getGETPOSTsettingvalue('filterlogentries_pid', null); - $filterfieldsarray['message'] = getGETPOSTsettingvalue('filterlogentries_message', null); - $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); -} - - -# Manage Log - Code - -$specific_log = basename($logfile) . '_settings'; - -# All -$pconfig['cronorder'] = $config['syslog'][$specific_log]['cronorder']; -$pconfig['nentries'] = $config['syslog'][$specific_log]['nentries']; -$pconfig['logfilesize'] = $config['syslog'][$specific_log]['logfilesize']; -$pconfig['format'] = $config['syslog'][$specific_log]['format']; - -# System General (main) Specific -$pconfig['loglighttpd'] = !isset($config['syslog']['nologlighttpd']); - -$save_settings = getGETPOSTsettingvalue('save_settings', null); - -if ($save_settings) { - - # All - $cronorder = getGETPOSTsettingvalue('cronorder', null); - $nentries = getGETPOSTsettingvalue('nentries', null); - $logfilesize = getGETPOSTsettingvalue('logfilesize', null); - $format = getGETPOSTsettingvalue('format', null); - - # System General (main) Specific - $loglighttpd = getGETPOSTsettingvalue('loglighttpd', null); - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - # All - if (isset($nentries) && (strlen($nentries) > 0)) { - if (!is_numeric($nentries) || ($nentries < 5) || ($nentries > 2000)) { - $input_errors[] = gettext("Number of log entries to show must be between 5 and 2000."); - } - } - - if (isset($logfilesize) && (strlen($logfilesize) > 0)) { - if (!is_numeric($logfilesize) || ($logfilesize < 100000)) { - $input_errors[] = gettext("Log file size must be numeric and greater than or equal to 100000."); - } - } - - if (!$input_errors) { - - # Clear out the specific log settings and leave only the applied settings to override the general logging options (global) settings. - unset($config['syslog'][$specific_log]); - - # All - if ($cronorder != '') { # if not using the general logging options setting (global) - $config['syslog'][$specific_log]['cronorder'] = $cronorder; - } - - if (isset($nentries) && (strlen($nentries) > 0)) { - $config['syslog'][$specific_log]['nentries'] = (int)$nentries; - } - - if (isset($logfilesize) && (strlen($logfilesize) > 0)) { - $config['syslog'][$specific_log]['logfilesize'] = (int)$logfilesize; - } - - if ($format != '') { # if not using the general logging options setting (global) - $config['syslog'][$specific_log]['format'] = $format; - } - - # System General (main) Specific - if ($logfile == 'system') { - $oldnologlighttpd = isset($config['syslog']['nologlighttpd']); - $config['syslog']['nologlighttpd'] = $loglighttpd ? false : true; - } - - - write_config($desc = "Log Display Settings Saved: " . gettext($allowed_logs[$logfile]["name"])); - - $retval = 0; - $savemsg = get_std_save_message($retval); - - # System General (main) Specific - if ($logfile == 'system') { - if ($oldnologlighttpd !== isset($config['syslog']['nologlighttpd'])) { - ob_flush(); - flush(); - log_error(gettext("webConfigurator configuration has changed. Restarting webConfigurator.")); - send_event("service restart webgui"); - $savemsg .= "
" . gettext("WebGUI process is restarting."); - } - } - } -} - - -# Formatted/Raw Display -if ($config['syslog'][$specific_log]['format'] == 'formatted') { - $rawfilter = false; -} -else if ($config['syslog'][$specific_log]['format'] == 'raw') { - $rawfilter = true; -} -else { # Use the general logging options setting (global). - $rawfilter = isset($config['syslog']['rawfilter']); -} - - -isset($config['syslog'][$specific_log]['nentries']) ? $nentries = $config['syslog'][$specific_log]['nentries'] : $nentries = $config['syslog']['nentries']; - -# Override Display Quantity -if ($filterlogentries_qty) { - $nentries = $filterlogentries_qty; -} - -if (!$nentries || !is_numeric($nentries)) { - $nentries = 50; -} - -if ($_POST['clear']) { - clear_log_file($system_logfile); -} - -if ($filtertext) { - $filtertextmeta="?filtertext=$filtertext"; -} - -/* Setup shortcuts if they exist */ - -if (!empty($allowed_logs[$logfile]["shortcut"])) { - $shortcut_section = $allowed_logs[$logfile]["shortcut"]; -} - -$pgtitle = array(gettext("Status"), gettext("System logs"), gettext($allowed_logs[$logfile]["name"])); -include("head.inc"); - -if (!$input_errors && $savemsg) { - print_info_box($savemsg); - $manage_log_active = false; -} - -$tab_array = array(); -$tab_array[] = array(gettext("System"), ($logfile == 'system'), "diag_logs.php"); -$tab_array[] = array(gettext("Firewall"), false, "diag_logs_filter.php"); -$tab_array[] = array(gettext("DHCP"), ($logfile == 'dhcpd'), "diag_logs.php?logfile=dhcpd"); -$tab_array[] = array(gettext("Portal Auth"), ($logfile == 'portalauth'), "diag_logs.php?logfile=portalauth"); -$tab_array[] = array(gettext("IPsec"), ($logfile == 'ipsec'), "diag_logs.php?logfile=ipsec"); -$tab_array[] = array(gettext("PPP"), ($logfile == 'ppp'), "diag_logs.php?logfile=ppp"); -$tab_array[] = array(gettext("VPN"), false, "diag_logs_vpn.php"); -$tab_array[] = array(gettext("Load Balancer"), ($logfile == 'relayd'), "diag_logs.php?logfile=relayd"); -$tab_array[] = array(gettext("OpenVPN"), ($logfile == 'openvpn'), "diag_logs.php?logfile=openvpn"); -$tab_array[] = array(gettext("NTP"), ($logfile == 'ntpd'), "diag_logs.php?logfile=ntpd"); -$tab_array[] = array(gettext("Settings"), false, "diag_logs_settings.php"); -display_top_tabs($tab_array); - -$tab_array = array(); -if (in_array($logfile, array('system', 'gateways', 'routing', 'resolver', 'wireless'))) { - $tab_array[] = array(gettext("General"), ($logfile == 'system'), "/diag_logs.php"); - $tab_array[] = array(gettext("Gateways"), ($logfile == 'gateways'), "/diag_logs.php?logfile=gateways"); - $tab_array[] = array(gettext("Routing"), ($logfile == 'routing'), "/diag_logs.php?logfile=routing"); - $tab_array[] = array(gettext("Resolver"), ($logfile == 'resolver'), "/diag_logs.php?logfile=resolver"); - $tab_array[] = array(gettext("Wireless"), ($logfile == 'wireless'), "/diag_logs.php?logfile=wireless"); - display_top_tabs($tab_array, false, 'nav nav-tabs'); -} - -define(SEC_OPEN, 0x00); -define(SEC_CLOSED, 0x04); - -if ($filter_active) - $filter_state = SEC_OPEN; -else - $filter_state = SEC_CLOSED; - -if (!$rawfilter) { // Advanced log filter form - $form = new Form(false); - - $section = new Form_Section('Advanced Log Filter', 'adv-filter-panel', COLLAPSIBLE|$filter_state); - - $group = new Form_Group(''); - - $group->add(new Form_Input( - 'filterlogentries_time', - null, - 'text', - $filterfieldsarray['time'] - ))->setWidth(3)->setHelp('Time'); - - $group->add(new Form_Input( - 'filterlogentries_process', - null, - 'text', - $filterfieldsarray['process'] - ))->setWidth(2)->setHelp('Process'); - - $group->add(new Form_Input( - 'filterlogentries_pid', - null, - 'text', - $filterfieldsarray['pid'] - ))->setWidth(2)->setHelp('PID'); - - $group->add(new Form_Input( - 'filterlogentries_qty', - null, - 'number', - $filterlogentries_qty, - ['placeholder' => $nentries] - ))->setWidth(2)->setHelp('Quantity'); - - $section->add($group); - - $group = new Form_Group(''); - - $group->add(new Form_Input( - 'filterlogentries_message', - null, - 'text', - $filterfieldsarray['message'] - ))->setWidth(7)->setHelp('Message'); - - $btnsubmit = new Form_Button( - 'filterlogentries_submit', - ' ' . gettext('Apply Filter'), - null, - 'fa-filter' - ); -} -else { // Simple log filter form - $form = new Form(false); - - $section = new Form_Section('Log Filter', 'basic-filter-panel', COLLAPSIBLE|$filter_state); - - $group = new Form_Group(''); - - $group->add(new Form_Input( - 'filtertext', - null, - 'text', - $filtertext - ))->setWidth(6)->setHelp('Filter Expression'); - - $group->add(new Form_Input( - 'filterlogentries_qty', - null, - 'number', - $filterlogentries_qty, - ['placeholder' => $nentries] - ))->setWidth(2)->setHelp('Quantity'); - - $btnsubmit = new Form_Button( - 'filtersubmit', - ' ' . gettext('Apply Filter'), - null, - 'fa-filter' - ); -} - -$btnsubmit->removeClass('btn-primary')->addClass('btn-success')->addClass('btn-sm'); - -$group->add(new Form_StaticText( - '', - $btnsubmit -)); - -$group->setHelp('' . gettext('Regular expression reference') . ' ' . gettext('Precede with exclamation (!) to exclude match.')); -$section->add($group); -$form->add($section); -print $form; - -// Now the forms are complete we can draw the log table and its controls -if (!$rawfilter) { - if ($filterlogentries_submit) - $filterlog = conv_log_filter($system_logfile, $nentries, $nentries + 100, $filterfieldsarray); - else - $filterlog = conv_log_filter($system_logfile, $nentries, $nentries + 100, $filtertext); -?> - -
-
-

- -

-
-
-
- - - - - - - - - - - - - - - -
- - - - - - - -
- -
-
-
- -
-

-
- - - - - - - - - - -
- -
-
- - -addInput(new Form_StaticText( - '', - 'These settings override the "General Logging Options" settings.' -)); - - -# All -$group = new Form_Group('Forward/Reverse Display'); - -$group->add(new Form_Checkbox( - 'cronorder', - null, - 'Forward', - ($pconfig['cronorder'] == 'forward') ? true : false, - 'forward' -))->displayAsRadio(); - -$group->add(new Form_Checkbox( - 'cronorder', - null, - 'Reverse', - ($pconfig['cronorder'] == 'reverse') ? true : false, - 'reverse' -))->displayAsRadio(); - -$group->add(new Form_Checkbox( - 'cronorder', - null, - 'General Logging Options Setting', - ($pconfig['cronorder'] == '') ? true : false, - '' -))->displayAsRadio(); - -$group->setHelp('Show log entries in forward (newest at bottom) or reverse (newest at top) order.'); -$section->add($group); - -$group = new Form_Group('GUI Log Entries'); - -# Use the general logging options setting (global) as placeholder. -$group->add(new Form_Input( - 'nentries', - 'GUI Log Entries', - 'number', - $pconfig['nentries'], - ['placeholder' => $config['syslog']['nentries']] -))->setWidth(2); - -$group->setHelp('This is the number of log entries displayed in the GUI. It does not affect how many entries are contained in the log.'); -$section->add($group); - -$group = new Form_Group('Log file size (Bytes)'); - -# Use the general logging options setting (global) as placeholder. -$group->add(new Form_Input( - 'logfilesize', - 'Log file size (Bytes)', - 'number', - $pconfig['logfilesize'], - ['placeholder' => $config['syslog']['logfilesize'] ? $config['syslog']['logfilesize'] : "511488"] -))->setWidth(2); -$group->setHelp("The log is held in a constant-size circular log file. This field controls how large the log file is, and thus how many entries may exist inside the log. The default is approximately 500KB." . - '

' . - "NOTE: The log size is changed the next time it is cleared. To immediately change the log size, first save the options to set the size, then clear the log using the \"Clear Log\" action below. "); -$section->add($group); - -$group = new Form_Group('Formatted/Raw Display'); - -$group->add(new Form_Checkbox( - 'format', - null, - 'Formatted', - ($pconfig['format'] == 'formatted') ? true : false, - 'formatted' -))->displayAsRadio(); - -$group->add(new Form_Checkbox( - 'format', - null, - 'Raw', - ($pconfig['format'] == 'raw') ? true : false, - 'raw' -))->displayAsRadio(); - -$group->add(new Form_Checkbox( - 'format', - null, - 'General Logging Options Setting', - ($pconfig['format'] == '') ? true : false, - '' -))->displayAsRadio(); - -$group->setHelp('Show the log entries as formatted or raw output as generated by the service. The raw output will reveal more detailed information, but it is more difficult to read.'); -$section->add($group); - - -# System General (main) Specific -if ($logfile == 'system') { - $section->addInput(new Form_Checkbox( - 'loglighttpd', - 'Web Server Log', - 'Log errors from the web server process', - $pconfig['loglighttpd'] - ))->setHelp('If this is checked, errors from the lighttpd web server process for the GUI or Captive Portal will appear in the system log.'); -} - - -$group = new Form_Group('Action'); - -$btnsavesettings = new Form_Button( - 'save_settings', - gettext('Save'), - null -); - -$btnsavesettings->addClass('btn-sm'); - -$group->add(new Form_StaticText( - '', - $btnsavesettings -))->setHelp('Saves changed settings.'); - - -$btnclear = new Form_Button( - 'clear', - ' ' . gettext('Clear log'), - null, - 'fa-trash' -); - -$btnclear->removeClass('btn-primary')->addClass('btn-danger')->addClass('btn-sm'); - -$group->add(new Form_StaticText( - '', - $btnclear -))->setHelp('Clears local log file and reinitializes it as an empty log. Save any settings changes first.'); - -$section->add($group); -$form->add($section); -print $form; -?> - - diff --git a/src/usr/local/www/diag_logs_filter.php b/src/usr/local/www/diag_logs_filter.php deleted file mode 100644 index baf279e..0000000 --- a/src/usr/local/www/diag_logs_filter.php +++ /dev/null @@ -1,634 +0,0 @@ - $ip, 'resolve_text' => $res); - } else { - $response = array('resolve_ip' => $ip, 'resolve_text' => gettext("Cannot resolve")); - } - - echo json_encode(str_replace("\\", "\\\\", $response)); // single escape chars can break JSON decode - exit; -} - -function getGETPOSTsettingvalue($settingname, $default) { - $settingvalue = $default; - if ($_GET[$settingname]) { - $settingvalue = $_GET[$settingname]; - } - if ($_POST[$settingname]) { - $settingvalue = $_POST[$settingname]; - } - return $settingvalue; -} - -$rulenum = getGETPOSTsettingvalue('getrulenum', null); -if ($rulenum) { - list($rulenum, $tracker, $type) = explode(',', $rulenum); - $rule = find_rule_by_number($rulenum, $tracker, $type); - echo gettext("The rule that triggered this action is") . ":\n\n{$rule}"; - exit; -} - -$filtersubmit = getGETPOSTsettingvalue('filtersubmit', null); - -if ($filtersubmit) { - $interfacefilter = getGETPOSTsettingvalue('interface', null); - $filtertext = getGETPOSTsettingvalue('filtertext', ""); - $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); -} - -$filterlogentries_submit = getGETPOSTsettingvalue('filterlogentries_submit', null); - -if ($filterlogentries_submit) { - $filterfieldsarray = array(); - - $actpass = getGETPOSTsettingvalue('actpass', null); - $actblock = getGETPOSTsettingvalue('actblock', null); - $filterfieldsarray['act'] = str_replace(" ", " ", trim($actpass . " " . $actblock)); - $filterfieldsarray['act'] = $filterfieldsarray['act'] != "" ? $filterfieldsarray['act'] : 'All'; - $filterfieldsarray['time'] = getGETPOSTsettingvalue('filterlogentries_time', null); - $filterfieldsarray['interface'] = getGETPOSTsettingvalue('filterlogentries_interfaces', null); - $filterfieldsarray['srcip'] = getGETPOSTsettingvalue('filterlogentries_sourceipaddress', null); - $filterfieldsarray['srcport'] = getGETPOSTsettingvalue('filterlogentries_sourceport', null); - $filterfieldsarray['dstip'] = getGETPOSTsettingvalue('filterlogentries_destinationipaddress', null); - $filterfieldsarray['dstport'] = getGETPOSTsettingvalue('filterlogentries_destinationport', null); - $filterfieldsarray['proto'] = getGETPOSTsettingvalue('filterlogentries_protocol', null); - $filterfieldsarray['tcpflags'] = getGETPOSTsettingvalue('filterlogentries_protocolflags', null); - $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); -} - -$filter_logfile = "{$g['varlog_path']}/filter.log"; - -$nentries = $config['syslog']['nentries']; - -# Override Display Quantity -if ($filterlogentries_qty) { - $nentries = $filterlogentries_qty; -} - -if (!$nentries || !is_numeric($nentries)) { - $nentries = 50; -} - -if ($_POST['clear']) { - clear_log_file($filter_logfile); -} - -$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("Firewall"), gettext("Normal View")); -$shortcut_section = "firewall"; -include("head.inc"); - -function build_if_list() { - $iflist = get_configured_interface_with_descr(false, true); - //$iflist = get_interface_list(); - // Allow extending of the firewall edit interfaces - pfSense_handle_custom_code("/usr/local/pkg/firewall_nat/pre_interfaces_edit"); - foreach ($iflist as $if => $ifdesc) - $interfaces[$if] = $ifdesc; - - if ($config['l2tp']['mode'] == "server") - $interfaces['l2tp'] = "L2TP VPN"; - - if (is_pppoe_server_enabled() && have_ruleint_access("pppoe")) - $interfaces['pppoe'] = "PPPoE Server"; - - /* add ipsec interfaces */ - if (ipsec_enabled()) - $interfaces["enc0"] = "IPsec"; - - /* add openvpn/tun interfaces */ - if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) - $interfaces["openvpn"] = "OpenVPN"; - - return($interfaces); -} - -$tab_array = array(); -$tab_array[] = array(gettext("System"), false, "diag_logs.php"); -$tab_array[] = array(gettext("Firewall"), true, "diag_logs_filter.php"); -$tab_array[] = array(gettext("DHCP"), false, "diag_logs.php?logfile=dhcpd"); -$tab_array[] = array(gettext("Portal Auth"), false, "diag_logs.php?logfile=portalauth"); -$tab_array[] = array(gettext("IPsec"), false, "diag_logs.php?logfile=ipsec"); -$tab_array[] = array(gettext("PPP"), false, "diag_logs.php?logfile=ppp"); -$tab_array[] = array(gettext("VPN"), false, "diag_logs_vpn.php"); -$tab_array[] = array(gettext("Load Balancer"), false, "diag_logs.php?logfile=relayd"); -$tab_array[] = array(gettext("OpenVPN"), false, "diag_logs.php?logfile=openvpn"); -$tab_array[] = array(gettext("NTP"), false, "diag_logs.php?logfile=ntpd"); -$tab_array[] = array(gettext("Settings"), false, "diag_logs_settings.php"); -display_top_tabs($tab_array); - -$tab_array = array(); -$tab_array[] = array(gettext("Normal View"), true, "/diag_logs_filter.php"); -$tab_array[] = array(gettext("Dynamic View"), false, "/diag_logs_filter_dynamic.php"); -$tab_array[] = array(gettext("Summary View"), false, "/diag_logs_filter_summary.php"); -display_top_tabs($tab_array, false, 'nav nav-tabs'); - -$Include_Act = explode(",", str_replace(" ", ",", $filterfieldsarray['act'])); -if ($filterfieldsarray['interface'] == "All") - $interface = ""; - -if (!isset($config['syslog']['rawfilter'])) { // Advanced log filter form - $form = new Form(false); - - $section = new Form_Section('Advanced Log Filter', 'adv-filter-panel', COLLAPSIBLE|SEC_CLOSED); - - $group = new Form_Group(''); - - $group->add(new Form_Input( - 'filterlogentries_sourceipaddress', - null, - 'text', - $filterfieldsarray['srcip'] - ))->setHelp('Source IP Address'); - - $group->add(new Form_Input( - 'filterlogentries_destinationipaddress', - null, - 'text', - $filterfieldsarray['dstip'] - ))->setHelp('Destination IP Address'); - - $section->add($group); - $group = new Form_Group(''); - - $group->add(new Form_Checkbox( - 'actpass', - 'Pass', - 'Pass', - in_arrayi('Pass', $Include_Act), - 'Pass' - )); - - $group->add(new Form_Input( - 'filterlogentries_time', - null, - 'text', - $filterfieldsarray['time'] - ))->setHelp('Time'); - - $group->add(new Form_Input( - 'filterlogentries_sourceport', - null, - 'text', - $filterfieldsarray['srcport'] - ))->setHelp('Source Port'); - - $group->add(new Form_Input( - 'filterlogentries_protocol', - null, - 'text', - $filterfieldsarray['proto'] - ))->setHelp('Protocol'); - - $group->add(new Form_Input( - 'filterlogentries_qty', - null, - 'number', - $filterlogentries_qty, - ['placeholder' => $nentries] - ))->setHelp('Quantity'); - - $section->add($group); - - $group = new Form_Group(''); - - $group->add(new Form_Checkbox( - 'actblock', - 'Block', - 'Block', - in_arrayi('Block', $Include_Act), - 'Block' - )); - - $group->add(new Form_Input( - 'filterlogentries_interfaces', - null, - 'text', - $filterfieldsarray['interface'] - ))->setHelp('Interface'); - - $group->add(new Form_Input( - 'filterlogentries_destinationport', - null, - 'text', - $filterfieldsarray['dstport'] - ))->setHelp('Destination Port'); - - $group->add(new Form_Input( - 'filterlogentries_protocolflags', - null, - 'text', - $filterfieldsarray['tcpflags'] - ))->setHelp('Protocol Flags'); - - $btnsubmit = new Form_Button( - 'filterlogentries_submit', - ' ' . 'Apply Filter', - null, - 'fa-filter' - ); -} -else { // Simple log filter form - $form = new Form(false); - - $section = new Form_Section('Log Filter', 'basic-filter-panel', true); - - $group = new Form_Group(''); - - $group->add(new Form_Select( - 'interface', - 'Interface', - $interfacefilter, - build_if_list() - ))->setHelp('Interface'); - - $group->add(new Form_Input( - 'filterlogentries_qty', - null, - 'number', - $filterlogentries_qty, - ['placeholder' => $nentries] - ))->setHelp('Quantity'); - - $section->add($group); - - $group = new Form_Group(''); - - $group->add(new Form_Input( - 'filtertext', - null, - 'text', - $filtertext - ))->setHelp('Filter Expression'); - - $btnsubmit = new Form_Button( - 'filtersubmit', - ' ' . 'Apply Filter', - null, - 'fa-filter' - ); -} - -$btnsubmit->removeClass('btn-primary')->addClass('btn-success')->addClass('btn-sm'); - -$group->add(new Form_StaticText( - '', - $btnsubmit -)); - -$group->setHelp('' . 'Regular expression reference Precede with exclamation (!) to exclude match.'); -$section->add($group); -$form->add($section); -print($form); - -// Now the forms are complete we can draw the log table and its controls -if (!isset($config['syslog']['rawfilter'])) { - $iflist = get_configured_interface_with_descr(false, true); - - if ($iflist[$interfacefilter]) - $interfacefilter = $iflist[$interfacefilter]; - - if ($filterlogentries_submit) - $filterlog = conv_log_filter($filter_logfile, $nentries, $nentries + 100, $filterfieldsarray); - else - $filterlog = conv_log_filter($filter_logfile, $nentries, $nentries + 100, $filtertext, $interfacefilter); -?> - -
- " /> -
- -
-
-
-

- -

-
-
-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
- - ', outputrule);"> - - - - - - - - - - ');" title="" alt="Reverse Resolve with DNS"/> - - - " alt="Easy Rule: Add to Block List" title="" onclick="return confirm('')"> - - - '?> - - ');" title="" class="ICON-" alt="Reverse Resolve with DNS"/> - - - " title="" onclick="return confirm('')"> - - '?> - - -
-
-
-
-
- - -
-

-
- - - - - - - - - - -
-
-
- - -
' . - gettext("TCP Flags") . ': F - FIN, S - SYN, A or . - ACK, R - RST, P - PSH, U - URG, E - ECE, C - CWR' . '
' . - ' = Add to block list., = Pass traffic, = Resolve'); - -?> -
- - - - diff --git a/src/usr/local/www/diag_logs_filter_dynamic.php b/src/usr/local/www/diag_logs_filter_dynamic.php deleted file mode 100755 index b6e03bb..0000000 --- a/src/usr/local/www/diag_logs_filter_dynamic.php +++ /dev/null @@ -1,441 +0,0 @@ - - - - - - -
-
-

- -

-
-
-
- - - - - - - - - - - - - - - - - - - - - - - - -
- - ', outputrule);"> -
-
-
-
- 0) - print_info_box('' . - gettext("TCP Flags") . ': F - FIN, S - SYN, A or . - ACK, R - RST, P - PSH, U - URG, E - ECE, C - CWR'); -?> - - - - gettext("Actions"), - 'interface' => gettext("Interfaces"), - 'proto' => gettext("Protocols"), - 'srcip' => gettext("Source IPs"), - 'dstip' => gettext("Destination IPs"), - 'srcport' => gettext("Source Ports"), - 'dstport' => gettext("Destination Ports")); - -$segcolors = array("#2484c1", "#65a620", "#7b6888", "#a05d56", "#961a1a", "#d8d23a", "#e98125", "#d0743c", "#635222", "#6ada6a"); -$numcolors = 10; - -$summary = array(); -foreach (array_keys($fields) as $f) { - $summary[$f] = array(); -} - -$totals = array(); - -function cmp($a, $b) { - if ($a == $b) { - return 0; - } - return ($a < $b) ? 1 : -1; -} - -function stat_block($summary, $stat, $num) { - global $g, $gotlines, $fields; - uasort($summary[$stat] , 'cmp'); - print('
'); - print(''); - print('' . ''); - $k = array_keys($summary[$stat]); - $total = 0; - $numentries = 0; - for ($i = 0; $i < $num; $i++) { - if ($k[$i]) { - $total += $summary[$stat][$k[$i]]; - $numentries++; - $outstr = $k[$i]; - if (is_ipaddr($outstr)) { - print('' . ''); - - } elseif (substr_count($outstr, '/') == 1) { - list($proto, $port) = explode('/', $outstr); - $service = getservbyport($port, strtolower($proto)); - if ($service) { - $outstr .= ": {$service}"; - } - } - - if (!is_ipaddr($outstr)) - print(''); - } - } - $leftover = $gotlines - $total; - if ($leftover > 0) { - print ""; - } - print "
' . $fields[$stat] . '' . gettext("Data points") . '
' . $outstr . '' . $summary[$stat][$k[$i]] . 'Lookup
' . $outstr . '' . $summary[$stat][$k[$i]] . '
Other{$leftover}
"; - print('
'); -} - -// Create the JSON document for the chart to be displayed -// Todo: Be good to investigate building this with json_encode and friends some time -function pie_block($summary, $stat, $num, $chartnum) { - global $fields, $segcolors, $gotlines, $numcolors; -?> - -"); -$infomsg = sprintf('This is a summary of the last %1$s lines of the firewall log (Max %2$s).', $gotlines, $lines); -print_info_box($infomsg, info); -?> - - - - - -
-

-
-
- -
-
-
- 2000)) { - $input_errors[] = gettext("Number of log entries to show must be between 5 and 2000."); - } - - if (isset($_POST['logfilesize']) && (strlen($_POST['logfilesize']) > 0)) { - if (!is_numeric($_POST['logfilesize']) || ($_POST['logfilesize'] < 100000)) { - $input_errors[] = gettext("Log file size must be numeric and greater than or equal to 100000."); - } - } - if (!$input_errors) { - $config['syslog']['reverse'] = $_POST['reverse'] ? true : false; - $config['syslog']['nentries'] = (int)$_POST['nentries']; - $pconfig['nentries'] = $config['syslog']['nentries']; - if (isset($_POST['logfilesize']) && (strlen($_POST['logfilesize']) > 0)) { - $config['syslog']['logfilesize'] = (int)$_POST['logfilesize']; - $pconfig['logfilesize'] = $config['syslog']['logfilesize']; - } else { - unset($config['syslog']['logfilesize']); - } - $config['syslog']['remoteserver'] = $_POST['remoteserver']; - $config['syslog']['remoteserver2'] = $_POST['remoteserver2']; - $config['syslog']['remoteserver3'] = $_POST['remoteserver3']; - $config['syslog']['sourceip'] = $_POST['sourceip']; - $config['syslog']['ipproto'] = $_POST['ipproto']; - $config['syslog']['filter'] = $_POST['filter'] ? true : false; - $config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false; - $config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false; - $config['syslog']['vpn'] = $_POST['vpn'] ? true : false; - $config['syslog']['dpinger'] = $_POST['dpinger'] ? true : false; - $config['syslog']['relayd'] = $_POST['relayd'] ? true : false; - $config['syslog']['hostapd'] = $_POST['hostapd'] ? true : false; - $config['syslog']['logall'] = $_POST['logall'] ? true : false; - $config['syslog']['system'] = $_POST['system'] ? true : false; - $config['syslog']['disablelocallogging'] = $_POST['disablelocallogging'] ? true : false; - $config['syslog']['enable'] = $_POST['enable'] ? true : false; - $oldnologdefaultblock = isset($config['syslog']['nologdefaultblock']); - $oldnologdefaultpass = isset($config['syslog']['nologdefaultpass']); - $oldnologbogons = isset($config['syslog']['nologbogons']); - $oldnologprivatenets = isset($config['syslog']['nologprivatenets']); - $oldnologlighttpd = isset($config['syslog']['nologlighttpd']); - $config['syslog']['nologdefaultblock'] = $_POST['logdefaultblock'] ? false : true; - $config['syslog']['nologdefaultpass'] = $_POST['logdefaultpass'] ? true : false; - $config['syslog']['nologbogons'] = $_POST['logbogons'] ? false : true; - $config['syslog']['nologprivatenets'] = $_POST['logprivatenets'] ? false : true; - $config['syslog']['nologlighttpd'] = $_POST['loglighttpd'] ? false : true; - $config['syslog']['rawfilter'] = $_POST['rawfilter'] ? true : false; - if (is_numeric($_POST['filterdescriptions']) && $_POST['filterdescriptions'] > 0) { - $config['syslog']['filterdescriptions'] = $_POST['filterdescriptions']; - } else { - unset($config['syslog']['filterdescriptions']); - } - if ($config['syslog']['enable'] == false) { - unset($config['syslog']['remoteserver']); - unset($config['syslog']['remoteserver2']); - unset($config['syslog']['remoteserver3']); - } - - write_config(); - - $retval = 0; - $retval = system_syslogd_start(); - if (($oldnologdefaultblock !== isset($config['syslog']['nologdefaultblock'])) || - ($oldnologdefaultpass !== isset($config['syslog']['nologdefaultpass'])) || - ($oldnologbogons !== isset($config['syslog']['nologbogons'])) || - ($oldnologprivatenets !== isset($config['syslog']['nologprivatenets']))) { - $retval |= filter_configure(); - } - - $savemsg = get_std_save_message($retval); - - if ($oldnologlighttpd !== isset($config['syslog']['nologlighttpd'])) { - ob_flush(); - flush(); - log_error(gettext("webConfigurator configuration has changed. Restarting webConfigurator.")); - send_event("service restart webgui"); - $savemsg .= "
" . gettext("WebGUI process is restarting."); - } - - filter_pflog_start(true); - } -} - -$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("Settings")); -include("head.inc"); - -$logfilesizeHelp = gettext("Logs are held in constant-size circular log files. This field controls how large each log file is, and thus how many entries may exist inside the log. By default this is approximately 500KB per log file, and there are nearly 20 such log files.") . - '

' . - gettext("NOTE: Log sizes are changed the next time a log file is cleared or deleted. To immediately increase the size of the log files, you must first save the options to set the size, then clear all logs using the \"Reset Log Files\" option farther down this page. ") . - gettext("Be aware that increasing this value increases every log file size, so disk usage will increase significantly.") . '

' . - gettext("Disk space currently used by log files is: ") . exec("/usr/bin/du -sh /var/log | /usr/bin/awk '{print $1;}'") . - gettext(" Remaining disk space for log files: ") . exec("/bin/df -h /var/log | /usr/bin/awk '{print $4;}'"); - -$remoteloghelp = gettext("This option will allow the logging daemon to bind to a single IP address, rather than all IP addresses.") . - gettext("If you pick a single IP, remote syslog servers must all be of that IP type. If you wish to mix IPv4 and IPv6 remote syslog servers, you must bind to all interfaces.") . - "

" . - gettext("NOTE: If an IP address cannot be located on the chosen interface, the daemon will bind to all addresses."); -if ($input_errors) - print_input_errors($input_errors); -else if ($savemsg) - print_info_box($savemsg); - -$tab_array = array(); -$tab_array[] = array(gettext("System"), false, "diag_logs.php"); -$tab_array[] = array(gettext("Firewall"), false, "diag_logs_filter.php"); -$tab_array[] = array(gettext("DHCP"), false, "diag_logs.php?logfile=dhcpd"); -$tab_array[] = array(gettext("Portal Auth"), false, "diag_logs.php?logfile=portalauth"); -$tab_array[] = array(gettext("IPsec"), false, "diag_logs.php?logfile=ipsec"); -$tab_array[] = array(gettext("PPP"), false, "diag_logs.php?logfile=ppp"); -$tab_array[] = array(gettext("VPN"), false, "diag_logs_vpn.php"); -$tab_array[] = array(gettext("Load Balancer"), false, "diag_logs.php?logfile=relayd"); -$tab_array[] = array(gettext("OpenVPN"), false, "diag_logs.php?logfile=openvpn"); -$tab_array[] = array(gettext("NTP"), false, "diag_logs.php?logfile=ntpd"); -$tab_array[] = array(gettext("Settings"), true, "diag_logs_settings.php"); -display_top_tabs($tab_array); - -$form = new Form(new Form_Button( - 'Submit', - gettext("Save") -)); - -$section = new Form_Section('General Logging Options'); - -$section->addInput(new Form_Checkbox( - 'reverse', - 'Forward/Reverse Display', - 'Show log entries in reverse order (newest entries on top)', - $pconfig['reverse'] -)); - -$section->addInput(new Form_Input( - 'nentries', - 'GUI Log Entries', - 'text', - $pconfig['nentries'], - ['placeholder' => ''] -))->setHelp('This is only the number of log entries displayed in the GUI. It does not affect how many entries are contained in the actual log files.'); - -$section->addInput(new Form_Input( - 'logfilesize', - 'Log file size (Bytes)', - 'text', - $pconfig['logfilesize'], - ['placeholder' => 'Bytes'] -))->setHelp($logfilesizeHelp); - -$section->addInput(new Form_Checkbox( - 'logdefaultblock', - 'Log firewall default blocks', - 'Log packets matched from the default block rules in the ruleset', - $pconfig['logdefaultblock'] -))->setHelp('Log packets that are blocked by the implicit default block rule. - Per-rule logging options are still respected.'); - -$section->addInput(new Form_Checkbox( - 'logdefaultpass', - null, - 'Log packets matched from the default pass rules put in the ruleset', - $pconfig['logdefaultpass'] -))->setHelp('Log packets that are allowed by the implicit default pass rule. - Per-rule logging options are still respected. '); - -$section->addInput(new Form_Checkbox( - 'logbogons', - null, - 'Log packets blocked by \'Block Bogon Networks\' rules', - $pconfig['logbogons'] -)); - -$section->addInput(new Form_Checkbox( - 'logprivatenets', - null, - 'Log packets blocked by \'Block Private Networks\' rules', - $pconfig['logprivatenets'] -)); - -$section->addInput(new Form_Checkbox( - 'loglighttpd', - 'Web Server Log', - 'Log errors from the web server process', - $pconfig['loglighttpd'] -))->setHelp('If this is checked, errors from the lighttpd web server process for the GUI or Captive Portal will appear in the main system log'); - -$section->addInput(new Form_Checkbox( - 'rawfilter', - 'Raw Logs', - 'Show raw filter logs', - $pconfig['rawfilter'] -))->setHelp(gettext('If this is checked, filter logs are shown as generated by the packet filter, without any formatting. This will reveal more detailed information, but it is more difficult to read')); - -$section->addInput(new Form_Select( - 'filterdescriptions', - 'Where to show rule descriptions', - !isset($pconfig['filterdescriptions']) ? '0':$pconfig['filterdescriptions'], - array( - '0' => 'Dont load descriptions', - '1' => 'Display as column', - '2' => 'Display as second row' - ) -))->setHelp('Show the applied rule description below or in the firewall log rows' . '
' . - 'Displaying rule descriptions for all lines in the log might affect performance with large rule sets'); - -$section->addInput(new Form_Checkbox( - 'disablelocallogging', - 'Local Logging', - $g['platform'] == $g['product_name'] ? "Disable writing log files to the local disk" : "Disable writing log files to the local RAM disk", - $pconfig['disablelocallogging'] -)); - -$section->addInput(new Form_Button( - 'resetlogs', - 'Reset Log Files' -))->addClass('btn-danger btn-xs')->setHelp('Clears all local log files and reinitializes them as empty logs. This also restarts the DHCP daemon. Use the Save button first if you have made any setting changes.'); - -$form->add($section); -$section = new Form_Section('Remote Logging Options'); -$section->addClass('toggle-remote'); - -$section->addInput(new Form_Checkbox( - 'enable', - 'Enable Remote Logging', - 'Send log messages to remote syslog server', - $pconfig['enable'] -)); - -$section->addInput(new Form_Select( - 'sourceip', - 'Source Address', - link_interface_to_bridge($pconfig['sourceip']) ? null : $pconfig['sourceip'], - ["" => gettext("Default (any)")] + get_possible_traffic_source_addresses(false) -))->setHelp($remoteloghelp); - -$section->addInput(new Form_Select( - 'ipproto', - 'IP Protocol', - $ipproto, - array('ipv4' => 'IPv4', 'ipv6' => 'IPv6') -))->setHelp('This option is only used when a non-default address is chosen as the source above. ' . - 'This option only expresses a preference; If an IP address of the selected type is not found on the chosen interface, the other type will be tried.'); - -// Group collapses/appears based on 'enable' checkbox above -$group = new Form_Group('Remote log servers'); -$group->addClass('remotelogging'); - -$group->add(new Form_Input( - 'remoteserver', - 'Server 1', - 'text', - $pconfig['remoteserver'], - ['placeholder' => 'IP[:port]'] -)); - -$group->add(new Form_Input( - 'remoteserver2', - 'Server 2', - 'text', - $pconfig['remoteserver2'], - ['placeholder' => 'IP[:port]'] -)); - -$group->add(new Form_Input( - 'remoteserver3', - 'Server 3', - 'text', - $pconfig['remoteserver3'], - ['placeholder' => 'IP[:port]'] -)); - -$section->add($group); - -$group = new Form_MultiCheckboxGroup('Remote Syslog Contents'); -$group->addClass('remotelogging'); - -$group->add(new Form_MultiCheckbox( - 'logall', - null, - 'Everything', - $pconfig['logall'] -)); - -$group->add(new Form_MultiCheckbox( - 'system', - null, - 'System Events', - $pconfig['system'] -)); - -$group->add(new Form_MultiCheckbox( - 'filter', - null, - 'Firewall Events', - $pconfig['filter'] -)); - -$group->add(new Form_MultiCheckbox( - 'dhcp', - null, - 'DHCP service events', - $pconfig['dhcp'] -)); - -$group->add(new Form_MultiCheckbox( - 'portalauth', - null, - 'Portal Auth events', - $pconfig['portalauth'] -)); - -$group->add(new Form_MultiCheckbox( - 'vpn', - null, - 'VPN (PPTP, IPsec, OpenVPN) events', - $pconfig['vpn'] -)); - -$group->add(new Form_MultiCheckbox( - 'dpinger', - null, - 'Gateway Monitor events', - $pconfig['dpinger'] -)); - -$group->add(new Form_MultiCheckbox( - 'relayd', - null, - 'Server Load Balancer events', - $pconfig['relayd'] -)); - -$group->add(new Form_MultiCheckbox( - 'hostapd', - null, - 'Wireless events', - $pconfig['hostapd'] -)); - -// Ugly hack to prevent the "Toggle all" button from being automatically created -$group->add(new Form_MultiCheckbox( - 'notoggleall', - null, - 'No toggle all', - $pconfig['hostapd'] -))->displayAsRadio(); - -$group->setHelp('Syslog sends UDP datagrams to port 514 on the specified remote '. - 'syslog server, unless another port is specified. Be sure to set syslogd on '. - 'the remote server to accept syslog messages from pfSense.'); - -$section->add($group); - -$form->add($section); - -print $form; -?> - - - 'PPPoE', 'l2tp' => 'L2TP'); - -$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("VPN")); -require("guiconfig.inc"); -require_once("vpn.inc"); - -$nentries = $config['syslog']['nentries']; -if (!$nentries) { - $nentries = 50; -} - -if (htmlspecialchars($_POST['vpntype'])) { - $vpntype = htmlspecialchars($_POST['vpntype']); -} elseif (htmlspecialchars($_GET['vpntype'])) { - $vpntype = htmlspecialchars($_GET['vpntype']); -} else { - $vpntype = "poes"; -} -if (htmlspecialchars($_POST['mode'])) { - $mode = htmlspecialchars($_POST['mode']); -} elseif (htmlspecialchars($_GET['mode'])) { - $mode = htmlspecialchars($_GET['mode']); -} else { - $mode = "login"; -} -switch ($vpntype) { - case 'poes': - $logname = "poes"; - break; - case 'l2tp': - $logname = "l2tps"; - break; -} - -if ($_POST['clear']) { - if ($mode != "raw") { - clear_log_file("/var/log/vpn.log"); - } else { - clear_log_file("/var/log/{$logname}.log"); - } -} - -function dump_clog_vpn($logfile, $tail) { - global $g, $config, $vpntype; - - $sor = isset($config['syslog']['reverse']) ? "-r" : ""; - - $logarr = ""; - - if (isset($config['system']['usefifolog'])) { - exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr); - } else { - exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr); - } - - $rows = 0; - foreach ($logarr as $logent) { - $logent = preg_split("/\s+/", $logent, 6); - $llent = explode(",", $logent[5]); - $iftype = substr($llent[1], 0, 4); - if ($iftype != $vpntype) { - continue; - } - echo "\n"; - echo "" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "\n"; - - if ($llent[0] == "login") { - echo "\n"; - } else { - echo "\n"; - } - - echo "" . htmlspecialchars($llent[3]) . "\n"; - echo "" . htmlspecialchars($llent[2]) . " \n"; - echo "\n"; - } - return($rows); -} - -include("head.inc"); - -$tab_array = array(); -$tab_array[] = array(gettext("System"), false, "diag_logs.php"); -$tab_array[] = array(gettext("Firewall"), false, "diag_logs_filter.php"); -$tab_array[] = array(gettext("DHCP"), false, "diag_logs.php?logfile=dhcpd"); -$tab_array[] = array(gettext("Portal Auth"), false, "diag_logs.php?logfile=portalauth"); -$tab_array[] = array(gettext("IPsec"), false, "diag_logs.php?logfile=ipsec"); -$tab_array[] = array(gettext("PPP"), false, "diag_logs.php?logfile=ppp"); -$tab_array[] = array(gettext("VPN"), true, "diag_logs_vpn.php"); -$tab_array[] = array(gettext("Load Balancer"), false, "diag_logs.php?logfile=relayd"); -$tab_array[] = array(gettext("OpenVPN"), false, "diag_logs.php?logfile=openvpn"); -$tab_array[] = array(gettext("NTP"), false, "diag_logs.php?logfile=ntpd"); -$tab_array[] = array(gettext("Settings"), false, "diag_logs_settings.php"); -display_top_tabs($tab_array); - -$tab_array = array(); -$tab_array[] = array(gettext("PPPoE Logins"), - (($vpntype == "poes") && ($mode != "raw")), - "/diag_logs_vpn.php?vpntype=poes"); -$tab_array[] = array(gettext("PPPoE Raw"), - (($vpntype == "poes") && ($mode == "raw")), - "/diag_logs_vpn.php?vpntype=poes&mode=raw"); -$tab_array[] = array(gettext("L2TP Logins"), - (($vpntype == "l2tp") && ($mode != "raw")), - "/diag_logs_vpn.php?vpntype=l2tp"); -$tab_array[] = array(gettext("L2TP Raw"), - (($vpntype == "l2tp") && ($mode == "raw")), - "/diag_logs_vpn.php?vpntype=l2tp&mode=raw"); -display_top_tabs($tab_array, false, 'nav nav-tabs'); -?> - - -
-

-
- -
- - - - - - - - - - -/ tags -?> - -
- -
- - 
-
-
- -

-

- - - " /> -
-

-
-
-addGlobal(new Form_Input( + 'getactivity', + null, + 'hidden', + 'yes' +)); +$section = new Form_Section('pfTop Configuration'); + +$validViews = array( + 'default', 'label', 'long', + 'queue', 'rules', 'size', + 'speed', 'state', 'time', +); +$section->addInput(new Form_Select( + 'viewtype', + 'View', + $viewtype, + array_combine($validViews, $validViews) +)); + +$section->addInput(new Form_Select( + 'sorttype', + 'Sort by', + $sorttype, + array( + 'none' => 'None', + 'age' => 'Age', + 'bytes' => 'Bytes', + 'dest' => 'Destination Address', + 'dport' => 'Destination Port', + 'exp' => 'Expiry', + 'peak' => 'Peak', + 'pkt' => 'Packet', + 'rate' => 'Rate', + 'size' => 'Size', + 'sport' => 'Source Port', + 'src' => 'Source Address', + ) +)); + +$validStates = array(50, 100, 200, 500, 100, 'all'); +$section->addInput(new Form_Select( + 'states', + 'Maximum # of States', + $numstate, + array_combine($validStates, $validStates) +)); + +$form->add($section); +print $form; +?> + + + +
+

+
+
+
+
+ + + - arpwatch - arpwatch - - - - /var/log/arpwatch.log - -*/ - -/* - pfSense_MODULE: pkgs -*/ - -##|+PRIV -##|*IDENT=page-status-packagelogs -##|*NAME=Status: Package logs -##|*DESCR=Allow access to the 'Status: Package logs' page. -##|*MATCH=diag_pkglogs.php* -##|-PRIV - -require("guiconfig.inc"); -require("pkg-utils.inc"); - -if (!($nentries = $config['syslog']['nentries'])) { - $nentries = 50; -} - -$i = 0; -$pkgwithlogging = false; -$apkg = $_GET['pkg']; -if (!$apkg) { // If we aren't looking for a specific package, locate the first package that handles logging. - if ($config['installedpackages']['package'] <> "") { - foreach ($config['installedpackages']['package'] as $package) { - if (is_array($package['logging'])) { - $pkgwithlogging = true; - $apkg = $package['name']; - $apkgid = $i; - break; - } - $i++; - } - } -} elseif ($apkg) { - $apkgid = get_package_id($apkg); - if ($apkgid != -1) { - $pkgwithlogging = true; - $i = $apkgid; - } -} - -$pgtitle = array(gettext("Status"), gettext("Package logs")); -include("head.inc"); - -if ($pkgwithlogging == false) { - print_info_box(gettext("No packages with logging facilities are currently installed.")); -} else { - $tab_array = array(); - foreach ($config['installedpackages']['package'] as $package) { - if (is_array($package['logging'])) { - if (!($logtab = $package['logging']['logtab'])) - $logtab = $package['name']; - - if ($apkg == $package['name']) { - $curtab = $logtab; - $tab_array[] = array(sprintf(gettext("%s"), $logtab), true, "diag_pkglogs.php?pkg=".$package['name']); - } else { - $tab_array[] = array(sprintf(gettext("%s"), $logtab), false, "diag_pkglogs.php?pkg=".$package['name']); - } - } - } - display_top_tabs($tab_array); -?> - -
-

-
class="panel-body"> - 
-
-
-
-
- - diff --git a/src/usr/local/www/diag_reboot.php b/src/usr/local/www/diag_reboot.php new file mode 100755 index 0000000..d011a56 --- /dev/null +++ b/src/usr/local/www/diag_reboot.php @@ -0,0 +1,154 @@ +
');
+		system_reboot();
+		print('
'); + } + +?> + +
+ + + + +
+

Are you sure you want to reboot the system?

+
+
+

Click "Reboot" to reboot the system immediately, or "No" to go to the system dashboard without rebooting. (There will be a brief delay before the dashboard appears.)

+
+ + No +
+
+
+
+ +addGlobal(new Form_Input( - 'getactivity', - null, - 'hidden', - 'yes' -)); -$section = new Form_Section('pfTop Configuration'); - -$validViews = array( - 'default', 'label', 'long', - 'queue', 'rules', 'size', - 'speed', 'state', 'time', -); -$section->addInput(new Form_Select( - 'viewtype', - 'View', - $viewtype, - array_combine($validViews, $validViews) -)); - -$section->addInput(new Form_Select( - 'sorttype', - 'Sort by', - $sorttype, - array( - 'none' => 'None', - 'age' => 'Age', - 'bytes' => 'Bytes', - 'dest' => 'Destination Address', - 'dport' => 'Destination Port', - 'exp' => 'Expiry', - 'peak' => 'Peak', - 'pkt' => 'Packet', - 'rate' => 'Rate', - 'size' => 'Size', - 'sport' => 'Source Port', - 'src' => 'Source Address', - ) -)); - -$validStates = array(50, 100, 200, 500, 100, 'all'); -$section->addInput(new Form_Select( - 'states', - 'Maximum # of States', - $numstate, - array_combine($validStates, $validStates) -)); - -$form->add($section); -print $form; -?> - - - -
-

-
-
-
-
- - - .

-, > , > .
diff --git a/src/usr/local/www/firewall_virtual_ip.php b/src/usr/local/www/firewall_virtual_ip.php index 7637278..b6b0e46 100644 --- a/src/usr/local/www/firewall_virtual_ip.php +++ b/src/usr/local/www/firewall_virtual_ip.php @@ -364,7 +364,7 @@ endforeach;
' . gettext('NAT') . '' . gettext(' mappings.') . '
' . - gettext('You can check the status of your CARP Virtual IPs and interfaces ') . '' . gettext('here') . '', info)?> + gettext('You can check the status of your CARP Virtual IPs and interfaces ') . '' . gettext('here') . '', info)?>
- - - -"); - } - else { - print('
');
-		system_halt();
-		print('
'); - } -} else { -?> - -
-
-

Are you sure you want to halt the system?

-
-
-
-

Click "Halt" to halt the system immediately, or "No" to go to the system dashboard. (There will be a brief delay before the dashboard appears.)

-
- - No -
-
-
-
- - - - 1) { @@ -279,26 +279,26 @@ $vpn_menu = msort(array_merge($vpn_menu, return_ext_menu("VPN")), 0); // Status $status_menu = array(); $status_menu[] = array(gettext("Captive Portal"), "/status_captiveportal.php"); -$status_menu[] = array(gettext("CARP (failover)"), "/carp_status.php"); +$status_menu[] = array(gettext("CARP (failover)"), "/status_carp.php"); $status_menu[] = array(gettext("Dashboard"), "/index.php"); $status_menu[] = array(gettext("Gateways"), "/status_gateways.php"); $status_menu[] = array(gettext("DHCP Leases"), "/status_dhcp_leases.php"); $status_menu[] = array(gettext("DHCPv6 Leases"), "/status_dhcpv6_leases.php"); $status_menu[] = array(gettext("Filter Reload"), "/status_filter_reload.php"); $status_menu[] = array(gettext("Interfaces"), "/status_interfaces.php"); -$status_menu[] = array(gettext("IPsec"), "/diag_ipsec.php"); +$status_menu[] = array(gettext("IPsec"), "/status_ipsec.php"); $status_menu[] = array(gettext("Load Balancer"), "/status_lb_pool.php"); $status_menu[] = array(gettext("NTP"), "/status_ntpd.php"); $status_menu[] = array(gettext("OpenVPN"), "/status_openvpn.php"); if ($g['platform'] == $g['product_name']) { - $status_menu[] = array(gettext("Package Logs"), "/diag_pkglogs.php"); + $status_menu[] = array(gettext("Package Logs"), "/status_pkglogs.php"); } $status_menu[] = array(gettext("Queues"), "/status_queues.php"); $status_menu[] = array(gettext("RRD Graphs"), "/status_rrd_graph.php"); $status_menu[] = array(gettext("Services"), "/status_services.php"); -$status_menu[] = array(gettext("System Logs"), "/diag_logs.php"); +$status_menu[] = array(gettext("System Logs"), "/status_logs.php"); $status_menu[] = array(gettext("Traffic Graph"), "/status_graph.php?if=wan"); if (count($config['interfaces']) > 1) { @@ -333,15 +333,15 @@ if (file_exists("/var/run/gmirror_active")) { $diagnostics_menu[] = array(gettext("GEOM Mirrors"), "/diag_gmirror.php"); } -$diagnostics_menu[] = array(gettext("Halt System"), "/halt.php"); +$diagnostics_menu[] = array(gettext("Halt System"), "/diag_halt.php"); $diagnostics_menu[] = array(gettext("Limiter Info"), "/diag_limiter_info.php"); $diagnostics_menu[] = array(gettext("NDP Table"), "/diag_ndp.php"); $diagnostics_menu[] = array(gettext("Tables"), "/diag_tables.php"); $diagnostics_menu[] = array(gettext("Ping"), "/diag_ping.php"); $diagnostics_menu[] = array(gettext("Test Port"), "/diag_testport.php"); $diagnostics_menu[] = array(gettext("pfInfo"), "/diag_pf_info.php"); -$diagnostics_menu[] = array(gettext("pfTop"), "/diag_system_pftop.php"); -$diagnostics_menu[] = array(gettext("Reboot"), "/reboot.php"); +$diagnostics_menu[] = array(gettext("pfTop"), "/diag_pftop.php"); +$diagnostics_menu[] = array(gettext("Reboot"), "/diag_reboot.php"); $diagnostics_menu[] = array(gettext("Routes"), "/diag_routes.php"); $diagnostics_menu[] = array(gettext("SMART Status"), "/diag_smart.php"); $diagnostics_menu[] = array(gettext("Sockets"), "/diag_sockets.php"); diff --git a/src/usr/local/www/help.php b/src/usr/local/www/help.php index 70e0c6c..485e33f 100644 --- a/src/usr/local/www/help.php +++ b/src/usr/local/www/help.php @@ -79,7 +79,7 @@ $helppages = array( 'interfaces_vlan_edit.php' => 'https://doc.pfsense.org/index.php/VLAN_Trunking', 'diag_routes.php' => 'https://doc.pfsense.org/index.php/Viewing_Routes', 'diag_packet_capture.php' => 'https://doc.pfsense.org/index.php/Sniffers,_Packet_Capture', - 'diag_system_pftop.php' => 'https://doc.pfsense.org/index.php/How_can_I_monitor_bandwidth_usage#pftop', + 'diag_pftop.php' => 'https://doc.pfsense.org/index.php/How_can_I_monitor_bandwidth_usage#pftop', 'status_rrd_graph.php' => 'https://doc.pfsense.org/index.php/RRD_Graphs', 'status_rrd_graph_img.php' => 'https://doc.pfsense.org/index.php/RRD_Graphs', 'status_rrd_graph_settings.php' => 'https://doc.pfsense.org/index.php/RRD_Graphs', @@ -98,22 +98,22 @@ $helppages = array( 'diag_dns.php' => 'https://doc.pfsense.org/index.php/DNS_Lookup', 'diag_dump_states.php' => 'https://doc.pfsense.org/index.php/Show_States', 'diag_resetstate.php' => 'https://doc.pfsense.org/index.php/Reset_States', - 'diag_logs.php' => 'https://doc.pfsense.org/index.php/System_Logs', + 'status_logs.php' => 'https://doc.pfsense.org/index.php/System_Logs', 'diag_logs_auth.php' => 'https://doc.pfsense.org/index.php/Captive_Portal_Authentication_Logs', 'diag_logs_dhcp.php' => 'https://doc.pfsense.org/index.php/DHCP_Logs', - 'diag_logs_filter.php' => 'https://doc.pfsense.org/index.php/Firewall_Logs', - 'diag_logs_filter_dynamic.php' => 'https://doc.pfsense.org/index.php/Firewall_Logs', - 'diag_logs_filter_summary.php' => 'https://doc.pfsense.org/index.php/Firewall_Logs', + 'status_logs_filter.php' => 'https://doc.pfsense.org/index.php/Firewall_Logs', + 'status_logs_filter_dynamic.php' => 'https://doc.pfsense.org/index.php/Firewall_Logs', + 'status_logs_filter_summary.php' => 'https://doc.pfsense.org/index.php/Firewall_Logs', 'diag_logs_ntpd.php' => 'https://doc.pfsense.org/index.php/NTP_Logs', 'diag_logs_ppp.php' => 'https://doc.pfsense.org/index.php/PPP_Logs', 'diag_logs_relayd.php' => 'https://doc.pfsense.org/index.php/Load_Balancer_Logs', - 'diag_logs_settings.php' => 'https://doc.pfsense.org/index.php/Log_Settings', - 'diag_logs_vpn.php' => 'https://doc.pfsense.org/index.php/PPTP_VPN_Logs', + 'status_logs_settings.php' => 'https://doc.pfsense.org/index.php/Log_Settings', + 'status_logs_vpn.php' => 'https://doc.pfsense.org/index.php/PPTP_VPN_Logs', 'diag_logs_ipsec.php' => 'https://doc.pfsense.org/index.php/IPsec_Logs', 'diag_logs_openvpn.php' => 'https://doc.pfsense.org/index.php/OpenVPN_Logs', 'diag_nanobsd.php' => 'https://doc.pfsense.org/index.php/NanoBSD_Diagnostics', 'diag_ping.php' => 'https://doc.pfsense.org/index.php/Ping_Host', - 'diag_pkglogs.php' => 'https://doc.pfsense.org/index.php/Package_Logs', + 'status_pkglogs.php' => 'https://doc.pfsense.org/index.php/Package_Logs', 'diag_tables.php' => 'https://doc.pfsense.org/index.php/Tables', 'diag_system_activity.php' => 'https://doc.pfsense.org/index.php/System_Activity', 'diag_traceroute.php' => 'https://doc.pfsense.org/index.php/Traceroute', @@ -122,8 +122,8 @@ $helppages = array( 'exec.php' => 'https://doc.pfsense.org/index.php/Execute_Command', 'firewall_nat_1to1.php' => 'https://doc.pfsense.org/index.php/1:1_NAT', 'firewall_nat_1to1_edit.php' => 'https://doc.pfsense.org/index.php/1:1_NAT', - 'halt.php' => 'https://doc.pfsense.org/index.php/Halt_System', - 'reboot.php' => 'https://doc.pfsense.org/index.php/Reboot_System', + 'diag_halt.php' => 'https://doc.pfsense.org/index.php/Halt_System', + 'diag_reboot.php' => 'https://doc.pfsense.org/index.php/Reboot_System', 'status_filter_reload.php' => 'https://doc.pfsense.org/index.php/Filter_Reload_Status', 'status_gateway_groups.php' => 'https://doc.pfsense.org/index.php/Gateway_Status', 'status_gateways.php' => 'https://doc.pfsense.org/index.php/Gateway_Status', @@ -194,17 +194,17 @@ $helppages = array( 'vpn_l2tp.php' => 'https://doc.pfsense.org/index.php/L2TP_VPN_Settings', 'vpn_l2tp_users.php' => 'https://doc.pfsense.org/index.php/L2TP_VPN_Settings', 'vpn_l2tp_users_edit.php' => 'https://doc.pfsense.org/index.php/L2TP_VPN_Settings', - 'vpn_pppoe.php' => 'https://doc.pfsense.org/index.php/PPPoE_Server_Settings', - 'vpn_pppoe_edit.php' => 'https://doc.pfsense.org/index.php/PPPoE_Server_Settings', + 'services_pppoe.php' => 'https://doc.pfsense.org/index.php/PPPoE_Server_Settings', + 'services_pppoe_edit.php' => 'https://doc.pfsense.org/index.php/PPPoE_Server_Settings', 'vpn_pptp.php' => 'https://doc.pfsense.org/index.php/PPTP_VPN_Settings', 'vpn_pptp_users.php' => 'https://doc.pfsense.org/index.php/PPTP_VPN_Settings', 'vpn_pptp_users_edit.php' => 'https://doc.pfsense.org/index.php/PPTP_VPN_Settings', - 'diag_ipsec.php' => 'https://doc.pfsense.org/index.php/IPsec_Status', - 'diag_ipsec_sad.php' => 'https://doc.pfsense.org/index.php/IPsec_Status', - 'diag_ipsec_spd.php' => 'https://doc.pfsense.org/index.php/IPsec_Status', + 'status_ipsec.php' => 'https://doc.pfsense.org/index.php/IPsec_Status', + 'status_ipsec_sad.php' => 'https://doc.pfsense.org/index.php/IPsec_Status', + 'status_ipsec_spd.php' => 'https://doc.pfsense.org/index.php/IPsec_Status', 'vpn_ipsec.php' => 'https://doc.pfsense.org/index.php/IPsec_Tunnels', 'vpn_ipsec_mobile.php' => 'https://doc.pfsense.org/index.php/IPsec_Mobile_Clients', - 'diag_ipsec_leases.php' => 'https://doc.pfsense.org/index.php/IPsec_Mobile_Clients', + 'status_ipsec_leases.php' => 'https://doc.pfsense.org/index.php/IPsec_Mobile_Clients', 'vpn_ipsec_phase1.php' => 'https://doc.pfsense.org/index.php/IPsec_Tunnels', 'vpn_ipsec_phase2.php' => 'https://doc.pfsense.org/index.php/IPsec_Tunnels', 'vpn_ipsec_keys.php' => 'https://doc.pfsense.org/index.php/IPsec_Tunnels', @@ -270,7 +270,7 @@ $helppages = array( 'services_dhcpv6.php' => 'https://doc.pfsense.org/index.php/DHCPv6_Server', 'services_dhcpv6_edit.php' => 'https://doc.pfsense.org/index.php/DHCPv6_Server', 'services_router_advertisements.php' => 'https://doc.pfsense.org/index.php/Router_Advertisements', - 'carp_status.php' => 'https://doc.pfsense.org/index.php/CARP_Status', + 'status_carp.php' => 'https://doc.pfsense.org/index.php/CARP_Status', 'system_hasync.php' => 'https://doc.pfsense.org/index.php/High_Availability', 'services_unbound.php' => 'https://doc.pfsense.org/index.php/Unbound_DNS_Resolver', 'services_unbound_advanced.php' => 'https://doc.pfsense.org/index.php/Unbound_DNS_Resolver#Advanced_Settings_Tab', diff --git a/src/usr/local/www/reboot.php b/src/usr/local/www/reboot.php deleted file mode 100755 index 77642fb..0000000 --- a/src/usr/local/www/reboot.php +++ /dev/null @@ -1,154 +0,0 @@ -
');
-		system_reboot();
-		print('
'); - } - -?> - -
- - - - -
-

Are you sure you want to reboot the system?

-
-
-

Click "Reboot" to reboot the system immediately, or "No" to go to the system dashboard without rebooting. (There will be a brief delay before the dashboard appears.)

-
- - No -
-
-
-
- -' . gettext('You must apply the changes in order for them to take effect.')); +?> + +
+ + + + + + + + + + + + + + + + + + + + + +
+ + + + + + + + + + +
+
+ + + += $subnet_start) && + (ip2ulong($_POST['localip']) <= $subnet_end)) { + $input_errors[] = gettext("The specified server address lies in the remote subnet."); + } + if ($_POST['localip'] == get_interface_ip($_POST['interface'])) { + $input_errors[] = gettext("The specified server address is equal to an interface ip address."); + } + + for ($x = 0; $x < 4999; $x++) { + if ($_POST["username{$x}"]) { + if (empty($_POST["password{$x}"])) { + $input_errors[] = sprintf(gettext("No password specified for username %s"), $_POST["username{$x}"]); + } + if ($_POST["ip{$x}"] != "" && !is_ipaddr($_POST["ip{$x}"])) { + $input_errors[] = sprintf(gettext("Incorrect ip address specified for username %s"), $_POST["username{$x}"]); + } + } + } + } + + if ($_POST['pppoeid'] && !is_numeric($_POST['pppoeid'])) { + $input_errors[] = gettext("Wrong data submitted"); + } + + if (!$input_errors) { + $pppoecfg = array(); + + $pppoecfg['remoteip'] = $_POST['remoteip']; + $pppoecfg['localip'] = $_POST['localip']; + $pppoecfg['mode'] = $_POST['mode']; + $pppoecfg['interface'] = $_POST['interface']; + $pppoecfg['n_pppoe_units'] = $_POST['n_pppoe_units']; + $pppoecfg['pppoe_subnet'] = $_POST['pppoe_subnet']; + $pppoecfg['descr'] = $_POST['descr']; + if ($_POST['radiusserver'] || $_POST['radiusserver2']) { + $pppoecfg['radius'] = array(); + + $pppoecfg['radius']['nasip'] = $_POST['radius_nasip']; + $pppoecfg['radius']['acct_update'] = $_POST['radius_acct_update']; + } + + if ($_POST['radiusserver']) { + $pppoecfg['radius']['server'] = array(); + + $pppoecfg['radius']['server']['ip'] = $_POST['radiusserver']; + $pppoecfg['radius']['server']['secret'] = $_POST['radiussecret']; + $pppoecfg['radius']['server']['port'] = $_POST['radiusserverport']; + $pppoecfg['radius']['server']['acctport'] = $_POST['radiusserveracctport']; + } + + if ($_POST['radiusserver2']) { + $pppoecfg['radius']['server2'] = array(); + + $pppoecfg['radius']['server2']['ip'] = $_POST['radiusserver2']; + $pppoecfg['radius']['server2']['secret2'] = $_POST['radiussecret2']; + $pppoecfg['radius']['server2']['port'] = $_POST['radiusserver2port']; + $pppoecfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport']; + } + + if ($_POST['pppoe_dns1'] <> "") { + $pppoecfg['dns1'] = $_POST['pppoe_dns1']; + } + + if ($_POST['pppoe_dns2'] <> "") { + $pppoecfg['dns2'] = $_POST['pppoe_dns2']; + } + + if ($_POST['radiusenable'] == "yes") { + $pppoecfg['radius']['server']['enable'] = true; + } + + if ($_POST['radiussecenable'] == "yes") { + $pppoecfg['radius']['server2']['enable'] = true; + } + + if ($_POST['radacct_enable'] == "yes") { + $pppoecfg['radius']['accounting'] = true; + } + + if ($_POST['radiusissueips'] == "yes") { + $pppoecfg['radius']['radiusissueips'] = true; + } + + if ($_POST['pppoeid']) { + $pppoecfg['pppoeid'] = $_POST['pppoeid']; + } else { + $pppoecfg['pppoeid'] = vpn_pppoe_get_id(); + } + + $users = array(); + for ($x = 0; $x < 4999; $x++) { + if ($_POST["username{$x}"]) { + $usernam = $_POST["username{$x}"] . ":" . base64_encode($_POST["password{$x}"]); + if ($_POST["ip{$x}"]) { + $usernam .= ":" . $_POST["ip{$x}"]; + } + + $users[] = $usernam; + } + } + + if (count($users) > 0) { + $pppoecfg['username'] = implode(" ", $users); + } + + if (!isset($id)) { + $id = count($a_pppoes); + } + + if (file_exists("{$g['tmp_path']}/.vpn_pppoe.apply")) { + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.vpn_pppoe.apply")); + } else { + $toapplylist = array(); + } + + $toapplylist[] = $pppoecfg['pppoeid']; + $a_pppoes[$id] = $pppoecfg; + + write_config(); + mark_subsystem_dirty('vpnpppoe'); + file_put_contents("{$g['tmp_path']}/.vpn_pppoe.apply", serialize($toapplylist)); + header("Location: services_pppoe.php"); + exit; + } +} + +function build_interface_list() { + $list = array(); + + $interfaces = get_configured_interface_with_descr(); + + foreach ($interfaces as $iface => $ifacename) + $list[$iface] = $ifacename; + + return($list); +} + +$pgtitle = array(gettext("Services"),gettext("PPPoE Server"), gettext("Edit")); +$shortcut_section = "pppoes"; +include("head.inc"); + +if ($input_errors) + print_input_errors($input_errors); + +if ($savemsg) + print_info_box($savemsg, 'success'); + +$form = new Form(); + +$section = new Form_Section('PPPoE Server Configuration'); + +$section->addInput(new Form_Checkbox( + 'mode', + 'Enable', + 'Enable PPPoE Server', + ($pconfig['mode'] == "server"), + 'server' +)) ->toggles('.form-group:not(:first-child)'); + +$section->addInput(new Form_Select( + 'interface', + 'Interface', + $pconfig['interface'], + build_interface_list() + +)); + +$section->addInput(new Form_Select( + 'pppoe_subnet', + 'Subnet mask', + $pconfig['pppoe_subnet'], + array_combine(range(0, 32, 1), range(0, 32, 1)) +))->setHelp('Hint: 24 is 255.255.255.0'); + +$section->addInput(new Form_Select( + 'n_pppoe_units', + 'No. of PPPoE Users', + $pconfig['n_pppoe_units'], + array_combine(range(0, 255, 1), range(0, 255, 1)) +)); + +$section->addInput(new Form_IpAddress( + 'localip', + 'Server Address', + $pconfig['localip'] +))->setHelp('Enter the IP address the PPPoE server should give to clients for use as their "gateway"' . '
' . + 'Typically this is set to an unused IP just outside of the client range '. '
' . + 'NOTE: This should NOT be set to any IP address currently in use on this firewall'); + +$section->addInput(new Form_IpAddress( + 'remoteip', + 'Remote Address Range', + $pconfig['remoteip'] +))->setHelp('Specify the starting address for the client IP address subnet'); + +$section->addInput(new Form_Input( + 'descr', + 'Description', + 'text', + $pconfig['descr'] +)); + +$section->addInput(new Form_Input( + 'pppoe_dns1', + 'DNS Servers', + 'text', + $pconfig['pppoe_dns1'] +)); + +$section->addInput(new Form_IpAddress( + 'pppoe_dns2', + null, + $pconfig['pppoe_dns2'] +))->setHelp('If entered these servers will be given to all PPPoE clients, otherwise LAN DNS and one WAN DNS will go to all clients'); + +$section->addInput(new Form_Checkbox( + 'radiusenable', + 'RADIUS', + 'Use a RADIUS Server for authentication', + $pconfig['radiusenable'] +))->setHelp('All users will be authenticated using the RADIUS server specified below. The local user database ' . + 'will not be used'); + +$section->addInput(new Form_Checkbox( + 'radacct_enable', + null, + 'Enable RADIUS Accounting', + $pconfig['radacct_enable'] +))->setHelp('Sends accounting packets to the RADIUS server'); + +$section->addInput(new Form_Checkbox( + 'radiussecenable', + null, + 'Use backup RADIUS server', + $pconfig['radiussecenable'] +))->setHelp('If primary server fails all requests will be sent via backup server'); + +$section->addInput(new Form_IpAddress( + 'radius_nasip', + 'NAS IP Address', + $pconfig['radius_nasip'] +))->setHelp('RADIUS server NAS IP Address'); + +$section->addInput(new Form_Input( + 'radius_acct_update', + 'RADIUS Accounting Update', + 'text', + $pconfig['radius_acct_update'] +))->setHelp('RADIUS accounting update period in seconds'); + +$section->addInput(new Form_Checkbox( + 'radiusissueips', + 'Radius Issued IPs', + 'Issue IP Addresses via RADIUS server', + $pconfig['radiusissueips'] +)); + +$group = new Form_Group('RADIUS server Primary'); + +$group->add(new Form_IpAddress( + 'radiusserver', + null, + $pconfig['radiusserver'] +))->setHelp('IP Address'); + +$group->add(new Form_Input( + 'radiusserverport', + null, + 'text', + $pconfig['radiusserverport'] +))->setHelp('Authentication port '); + +$group->add(new Form_Input( + 'radiusserveracctport', + null, + 'text', + $pconfig['radiusserveracctport'] +))->setHelp('Accounting port (optional)'); + +$group->setHelp('Standard ports are 1812 (authentication) and 1813 (accounting)'); + +$section->add($group); + +$section->addInput(new Form_Input( + 'radiussecret', + 'RADIUS primary shared secret', + 'password', + $pconfig['radiussecret'] +))->setHelp('Enter the shared secret that will be used to authenticate to the RADIUS server.'); + +$group = new Form_Group('RADIUS server Secondary'); + +$group->add(new Form_IpAddress( + 'radiusserver2', + null, + $pconfig['radiusserver2'] +))->setHelp('IP Address'); + +$group->add(new Form_Input( + 'radiusserver2port', + null, + 'text', + $pconfig['radiusserver2port'] +))->setHelp('Authentication port '); + +$group->add(new Form_Input( + 'radiusserver2acctport', + null, + 'text', + $pconfig['radiusserver2acctport'] +))->setHelp('Accounting port (optional)'); + +$group->setHelp('Standard ports are 1812 (authentication) and 1813 (accounting)'); + +$section->add($group); + +$section->addInput(new Form_Input( + 'radiussecret2', + 'RADIUS secondary shared secret', + 'password', + $pconfig['radiussecret2'] +))->setHelp('Enter the shared secret that will be used to authenticate to the backup RADIUS server.'); + +$counter = 0; +$numrows = count($item) -1; + +$usernames = $pconfig['username']; + +//DEBUG +//$usernames = 'sbeaver:TXlQYXNzd2Q=:192.168.1.1 smith:TXlQYXNzd2Q=:192.168.2.1 sjones:TXlQYXNzd2Q=:192.168.3.1 salpha:TXlQYXNzd2Q=:192.168.4.1'; + +if($usernames == "") + $usernames = '::'; + +if ($usernames != ""){ + $item = explode(" ", $usernames); + + $numrows = count($item) -1; + + foreach($item as $ww) { + $wws = explode(":", $ww); + $user = $wws[0]; + $passwd = base64_decode($wws[1]); + $ip = $wws[2]; + + $group = new Form_Group($counter == 0 ? 'User table':null); + $group->addClass('repeatable'); + + $group->add(new Form_Input( + 'username' . $counter, + null, + 'text', + $user + ))->setHelp($numrows == $counter ? 'User name':null); + + $group->add(new Form_Input( + 'password' . $counter, + null, + 'password', + $passwd + ))->setHelp($numrows == $counter ? 'Password':null); + + $group->add(new Form_IpAddress( + 'ip' . $counter, + null, + $ip + ))->setHelp($numrows == $counter ? 'IP Address':null); + + $group->add(new Form_Button( + 'deleterow' . $counter, + 'Delete' + ))->removeClass('btn-primary')->addClass('btn-warning'); + + $section->add($group); + + $counter++; + } +} + +$btnaddrow = new Form_Button( + 'addrow', + 'Add user' +); + +$btnaddrow->removeClass('btn-primary')->addClass('btn-success'); + +$section->addInput(new Form_StaticText( + null, + ' ' . $btnaddrow +)); + +// Hidden fields +if(isset($id)) { + $section->addInput(new Form_Input( + 'id', + null, + 'hidden', + htmlspecialchars($id, ENT_QUOTES | ENT_HTML401) + )); +} + +if (isset($pconfig['pppoeid'])) { + $section->addInput(new Form_Input( + 'pppoeid', + null, + 'hidden', + $pconfig['pppoeid'] + )); +} + +$form->add($section); + +print($form); + +print_info_box(gettext('Don\'t forget to add a firewall rule to permit traffic from PPPoE clients')); +?> + +"); } else { - $savemsg .= sprintf(gettext('Please check the %1$ssystem log%2$s, the wol command for %3$s (%4$s) did not complete successfully%5$s'), '', '', $description, $mac, ".
"); + $savemsg .= sprintf(gettext('Please check the %1$ssystem log%2$s, the wol command for %3$s (%4$s) did not complete successfully%5$s'), '', '', $description, $mac, ".
"); } } } @@ -128,7 +128,7 @@ if ($_POST || $_GET['mac']) { if (!mwexec("/usr/local/bin/wol -i {$bcip} " . escapeshellarg($mac))) { $savemsg .= sprintf(gettext("Sent magic packet to %s."), $mac); } else { - $savemsg .= sprintf(gettext('Please check the %1$ssystem log%2$s, the wol command for %3$s did not complete successfully%4$s'), '', '', $mac, ".
"); + $savemsg .= sprintf(gettext('Please check the %1$ssystem log%2$s, the wol command for %3$s did not complete successfully%4$s'), '', '', $mac, ".
"); } } } diff --git a/src/usr/local/www/shortcuts.inc b/src/usr/local/www/shortcuts.inc index d21c171..e0a95bc 100644 --- a/src/usr/local/www/shortcuts.inc +++ b/src/usr/local/www/shortcuts.inc @@ -182,70 +182,70 @@ if (is_dir("/usr/local/pkg/shortcuts")) { $shortcuts['relayd'] = array(); $shortcuts['relayd']['main'] = "load_balancer_pool.php"; -$shortcuts['relayd']['log'] = "diag_logs.php?logfile=relayd"; +$shortcuts['relayd']['log'] = "status_logs.php?logfile=relayd"; $shortcuts['relayd']['status'] = "status_lb_pool.php"; $shortcuts['relayd']['service'] = "relayd"; $shortcuts['relayd-virtualservers'] = array(); $shortcuts['relayd-virtualservers']['main'] = "load_balancer_virtual_server.php"; -$shortcuts['relayd-virtualservers']['log'] = "diag_logs.php?logfile=relayd"; +$shortcuts['relayd-virtualservers']['log'] = "status_logs.php?logfile=relayd"; $shortcuts['relayd-virtualservers']['status'] = "status_lb_vs.php"; $shortcuts['relayd-virtualservers']['service'] = "relayd"; $shortcuts['captiveportal'] = array(); $shortcuts['captiveportal']['main'] = "services_captiveportal_zones.php"; -$shortcuts['captiveportal']['log'] = "diag_logs.php?logfile=portalauth"; +$shortcuts['captiveportal']['log'] = "status_logs.php?logfile=portalauth"; $shortcuts['captiveportal']['status'] = "status_captiveportal.php"; $shortcuts['captiveportal']['service'] = "captiveportal"; $shortcuts['captiveportal-vouchers'] = array(); -$shortcuts['captiveportal-vouchers']['log'] = "diag_logs.php?logfile=auth"; +$shortcuts['captiveportal-vouchers']['log'] = "status_logs.php?logfile=auth"; $shortcuts['captiveportal-vouchers']['status'] = "status_captiveportal_vouchers.php"; $shortcuts['captiveportal-vouchers']['service'] = "captiveportal"; $shortcuts['dhcp'] = array(); $shortcuts['dhcp']['main'] = "services_dhcp.php"; -$shortcuts['dhcp']['log'] = "diag_logs.php?logfile=dhcpd"; +$shortcuts['dhcp']['log'] = "status_logs.php?logfile=dhcpd"; $shortcuts['dhcp']['status'] = "status_dhcp_leases.php"; $shortcuts['dhcp']['service'] = "dhcpd"; $shortcuts['dhcp6'] = array(); $shortcuts['dhcp6']['main'] = "services_dhcpv6.php"; -$shortcuts['dhcp6']['log'] = "diag_logs.php?logfile=dhcp"; +$shortcuts['dhcp6']['log'] = "status_logs.php?logfile=dhcp"; $shortcuts['dhcp6']['status'] = "status_dhcpv6_leases.php"; $shortcuts['ipsec'] = array(); $shortcuts['ipsec']['main'] = "vpn_ipsec.php"; -$shortcuts['ipsec']['log'] = "diag_logs.php?logfile=ipsec"; -$shortcuts['ipsec']['status'] = "diag_ipsec.php"; +$shortcuts['ipsec']['log'] = "status_logs.php?logfile=ipsec"; +$shortcuts['ipsec']['status'] = "status_ipsec.php"; $shortcuts['ipsec']['service'] = "ipsec"; $shortcuts['openvpn'] = array(); $shortcuts['openvpn']['main'] = "vpn_openvpn_server.php"; -$shortcuts['openvpn']['log'] = "diag_logs.php?logfile=openvpn"; +$shortcuts['openvpn']['log'] = "status_logs.php?logfile=openvpn"; $shortcuts['openvpn']['status'] = "status_openvpn.php"; $shortcuts['openvpn']['service'] = "openvpn"; $shortcuts['firewall'] = array(); $shortcuts['firewall']['main'] = "firewall_rules.php"; -$shortcuts['firewall']['log'] = "diag_logs_filter.php"; +$shortcuts['firewall']['log'] = "status_logs_filter.php"; $shortcuts['firewall']['status'] = "status_filter_reload.php"; $shortcuts['routing'] = array(); $shortcuts['routing']['main'] = "system_routes.php"; -$shortcuts['routing']['log'] = "diag_logs.php?logfile=routing"; +$shortcuts['routing']['log'] = "status_logs.php?logfile=routing"; $shortcuts['routing']['status'] = "diag_routes.php"; $shortcuts['gateways'] = array(); $shortcuts['gateways']['main'] = "system_gateways.php"; -$shortcuts['gateways']['log'] = "diag_logs.php?logfile=gateways"; +$shortcuts['gateways']['log'] = "status_logs.php?logfile=gateways"; $shortcuts['gateways']['status'] = "status_gateways.php"; $shortcuts['gateways']['service'] = "dpinger"; $shortcuts['gateway-groups'] = array(); $shortcuts['gateway-groups']['main'] = "system_gateway_groups.php"; -$shortcuts['gateway-groups']['log'] = "diag_logs.php?logfile=gateways"; +$shortcuts['gateway-groups']['log'] = "status_logs.php?logfile=gateways"; $shortcuts['gateway-groups']['status'] = "status_gateway_groups.php"; $shortcuts['interfaces'] = array(); @@ -262,36 +262,36 @@ $shortcuts['trafficshaper-limiters']['status'] = "diag_limiter_info.php"; $shortcuts['forwarder'] = array(); $shortcuts['forwarder']['main'] = "services_dnsmasq.php"; -$shortcuts['forwarder']['log'] = "diag_logs.php?logfile=resolver"; +$shortcuts['forwarder']['log'] = "status_logs.php?logfile=resolver"; $shortcuts['forwarder']['service'] = "dnsmasq"; $shortcuts['resolver'] = array(); $shortcuts['resolver']['main'] = "services_unbound.php"; -$shortcuts['resolver']['log'] = "diag_logs.php?logfile=resolver"; +$shortcuts['resolver']['log'] = "status_logs.php?logfile=resolver"; $shortcuts['resolver']['service'] = "unbound"; $shortcuts['wireless'] = array(); $shortcuts['wireless']['main'] = "interfaces_wireless.php"; -$shortcuts['wireless']['log'] = "diag_logs.php?logfile=wireless"; +$shortcuts['wireless']['log'] = "status_logs.php?logfile=wireless"; $shortcuts['wireless']['status'] = "status_wireless.php"; $shortcuts['ntp'] = array(); $shortcuts['ntp']['main'] = "services_ntpd.php"; -$shortcuts['ntp']['log'] = "diag_logs.php?logfile=ntpd"; +$shortcuts['ntp']['log'] = "status_logs.php?logfile=ntpd"; $shortcuts['ntp']['status'] = "status_ntpd.php"; $shortcuts['ntp']['service'] = "ntpd"; $shortcuts['pptps'] = array(); $shortcuts['pptps']['main'] = "vpn_pptp.php"; -$shortcuts['pptps']['log'] = "diag_logs_vpn.php"; +$shortcuts['pptps']['log'] = "status_logs_vpn.php"; $shortcuts['pppoes'] = array(); -$shortcuts['pppoes']['main'] = "vpn_pppoe.php"; -$shortcuts['pppoes']['log'] = "diag_logs_vpn.php?vpntype=poes"; +$shortcuts['pppoes']['main'] = "services_pppoe.php"; +$shortcuts['pppoes']['log'] = "status_logs_vpn.php?vpntype=poes"; $shortcuts['l2tps'] = array(); $shortcuts['l2tps']['main'] = "vpn_l2tp.php"; -$shortcuts['l2tps']['log'] = "diag_logs_vpn.php?vpntype=l2tp"; +$shortcuts['l2tps']['log'] = "status_logs_vpn.php?vpntype=l2tp"; $shortcuts['carp'] = array(); $shortcuts['carp']['main'] = "system_hasync.php"; diff --git a/src/usr/local/www/status_carp.php b/src/usr/local/www/status_carp.php new file mode 100644 index 0000000..b6a3d93 --- /dev/null +++ b/src/usr/local/www/status_carp.php @@ -0,0 +1,275 @@ + 0) { + set_single_sysctl('net.inet.carp.allow', '0'); + if (is_array($config['virtualip']['vip'])) { + $viparr = &$config['virtualip']['vip']; + foreach ($viparr as $vip) { + switch ($vip['mode']) { + case "carp": + interface_vip_bring_down($vip); + + /* + * Reconfigure radvd when necessary + * XXX: Is it the best way to do it? + */ + if (isset($config['dhcpdv6']) && is_array($config['dhcpdv6'])) { + foreach ($config['dhcpdv6'] as $dhcpv6if => $dhcpv6ifconf) { + if ($dhcpv6if !== $vip['interface'] || + $dhcpv6ifconf['ramode'] === "disabled") { + continue; + } + + services_radvd_configure(); + break; + } + } + + sleep(1); + break; + } + } + } + $savemsg = sprintf(gettext("%s IPs have been disabled. Please note that disabling does not survive a reboot and some configuration changes will re-enable."), $carp_counter); + $status = 0; + } else { + $savemsg = gettext("CARP has been enabled."); + if (is_array($config['virtualip']['vip'])) { + $viparr = &$config['virtualip']['vip']; + foreach ($viparr as $vip) { + switch ($vip['mode']) { + case "carp": + interface_carp_configure($vip); + sleep(1); + break; + case 'ipalias': + if (strpos($vip['interface'], '_vip')) { + interface_ipalias_configure($vip); + } + break; + } + } + } + interfaces_sync_setup(); + set_single_sysctl('net.inet.carp.allow', '1'); + $status = 1; + } +} + +$carp_detected_problems = get_single_sysctl("net.inet.carp.demotion"); + +if (!empty($_POST['resetdemotion'])) { + set_single_sysctl("net.inet.carp.demotion", "-{$carp_detected_problems}"); + sleep(1); + $carp_detected_problems = get_single_sysctl("net.inet.carp.demotion"); +} + +$pgtitle = array(gettext("Status"), gettext("CARP")); +$shortcut_section = "carp"; + +include("head.inc"); +if ($savemsg) + print_info_box($savemsg, 'success'); + +$carpcount = 0; +if (is_array($config['virtualip']['vip'])) { + foreach ($config['virtualip']['vip'] as $carp) { + if ($carp['mode'] == "carp") { + $carpcount++; + break; + } + } +} + + +// If $carpcount > 0 display buttons then display table +// otherwise display error box and quit + +?> + +' . + '' . + gettext("You can configure high availability sync settings here") . + ''); +} else +{ +?> +
+ 0) + $carp_enabled = true; + else + $carp_enabled = false; + + // Sadly this needs to be here so that it is inside the form + if ($carp_detected_problems > 0) { + print_info_box( + gettext("CARP has detected a problem and this unit has been demoted to BACKUP status.") . "
" . + gettext("Check the link status on all interfaces with configured CARP VIPs.") . "
" . + gettext("Search the") . + " " . + gettext("system log") . + " " . + gettext("for CARP demotion-related events.") . "

" . + '', 'danger' + ); + } + +?> + " /> + " /> + +

+ +
+

+
+ + + + + + + + + + + + + + + + + +
@ 
+
+
+
+ +
+

+
+
    +'. $node .''; + } +?> +
+
+
+ +. + * + * Parts of this code originally based on vpn_ipsec_sad.php from m0n0wall, + * Copyright (c) 2003-2004 Manuel Kasper (BSD 2 clause) + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgment: + * "This product includes software developed by the pfSense Project + * for use in the pfSense software distribution. (http://www.pfsense.org/). + * + * 4. The names "pfSense" and "pfSense Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * coreteam@pfsense.org. + * + * 5. Products derived from this software may not be called "pfSense" + * nor may "pfSense" appear in their names without prior written + * permission of the Electric Sheep Fencing, LLC. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * + * "This product includes software developed by the pfSense Project + * for use in the pfSense software distribution (http://www.pfsense.org/). + * + * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + * ==================================================================== + * + */ + +/* + pfSense_MODULE: ipsec +*/ + +##|+PRIV +##|*IDENT=page-status-ipsec +##|*NAME=Status: IPsec +##|*DESCR=Allow access to the 'Status: IPsec' page. +##|*MATCH=status_ipsec.php* +##|-PRIV + + +global $g; + +$pgtitle = array(gettext("Status"), gettext("IPsec"), gettext("Overview")); +$shortcut_section = "ipsec"; + +require("guiconfig.inc"); +include("head.inc"); +require_once("ipsec.inc"); + +if ($_GET['act'] == 'connect') { + if (ctype_digit($_GET['ikeid'])) { + $ph1ent = ipsec_get_phase1($_GET['ikeid']); + if (!empty($ph1ent)) { + if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == 'ikev1') { + $ph2entries = ipsec_get_number_of_phase2($_GET['ikeid']); + for ($i = 0; $i < $ph2entries; $i++) { + $connid = escapeshellarg("con{$_GET['ikeid']}00{$i}"); + mwexec("/usr/local/sbin/ipsec down {$connid}"); + mwexec("/usr/local/sbin/ipsec up {$connid}"); + } + } else { + mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid'])); + mwexec("/usr/local/sbin/ipsec up con" . escapeshellarg($_GET['ikeid'])); + } + } + } +} else if ($_GET['act'] == 'ikedisconnect') { + if (ctype_digit($_GET['ikeid'])) { + if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid'])) { + mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "[" . escapeshellarg($_GET['ikesaid']) . "]"); + } else { + mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid'])); + } + } +} else if ($_GET['act'] == 'childdisconnect') { + if (ctype_digit($_GET['ikeid'])) { + if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid'])) { + mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "{" . escapeshellarg($_GET['ikesaid']) . "}"); + } + } +} + +if (!is_array($config['ipsec']['phase1'])) { + $config['ipsec']['phase1'] = array(); +} + +$a_phase1 = &$config['ipsec']['phase1']; + +$status = ipsec_list_sa(); + +$tab_array = array(); +$tab_array[] = array(gettext("Overview"), true, "status_ipsec.php"); +$tab_array[] = array(gettext("Leases"), false, "status_ipsec_leases.php"); +$tab_array[] = array(gettext("SAD"), false, "status_ipsec_sad.php"); +$tab_array[] = array(gettext("SPD"), false, "status_ipsec_spd.php"); +display_top_tabs($tab_array); +?> + +
+
IPsec status
+
+ + + + + + + + + + + + + + + + + $ikesa) { + $con_id = substr($ikeid, 3); + + if ($ikesa['version'] == 1) { + $ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00')); + $ipsecconnected[$ph1idx] = $ph1idx; + } else { + $ipsecconnected[$con_id] = $ph1idx = $con_id; + } +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + + + + +{$identity}"; + } elseif (!empty($ikesa['remote-eap-id'])) { + echo htmlspecialchars($ikesa['remote-eap-id']); + echo "
{$identity}"; + } else { + if (empty($identity)) { + print(gettext("Unknown")); + } else { + print($identity); + } + } +?> + 		+ + + IKEv +
+ + 		+ + + +
+ +
+ +
+ + 		+'); + } else { + print(''); + } +?> + +
+ + 		+ + + + + + + +
+ +
+ 0)) { +?> +
+ + + +
+ + + + + + + + + + + + + + + $childsa) { +?> + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + +Here'); +include("foot.inc"); ?> diff --git a/src/usr/local/www/status_ipsec_leases.php b/src/usr/local/www/status_ipsec_leases.php new file mode 100644 index 0000000..7fee324 --- /dev/null +++ b/src/usr/local/www/status_ipsec_leases.php @@ -0,0 +1,163 @@ + +
+ + + + + + + + + + + + + + + + + + + 0) { + foreach ($pool['lease'] as $lease) { + if (!$leaserow) { + // On subsequent rows the first three columns are blank +?> + + + + + + + + + + + + + + +
+ + + + + +
+ + + + + +
+
+' . gettext("here.") . ''); + +include("foot.inc"); diff --git a/src/usr/local/www/status_ipsec_sad.php b/src/usr/local/www/status_ipsec_sad.php new file mode 100644 index 0000000..fa2b8d6 --- /dev/null +++ b/src/usr/local/www/status_ipsec_sad.php @@ -0,0 +1,159 @@ + /dev/null 2>&1", "w"); + if ($fd) { + fwrite($fd, "delete {$_GET['src']} {$_GET['dst']} {$_GET['proto']} {$_GET['spi']} ;\n"); + pclose($fd); + sleep(1); + } +} + +$tab_array = array(); +$tab_array[] = array(gettext("Overview"), false, "status_ipsec.php"); +$tab_array[] = array(gettext("Leases"), false, "status_ipsec_leases.php"); +$tab_array[] = array(gettext("SAD"), true, "status_ipsec_sad.php"); +$tab_array[] = array(gettext("SPD"), false, "status_ipsec_spd.php"); +display_top_tabs($tab_array); + +if (count($sad)) { +?> +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + Delete +
+
+' . gettext("here.") . ''); + +include("foot.inc"); diff --git a/src/usr/local/www/status_ipsec_spd.php b/src/usr/local/www/status_ipsec_spd.php new file mode 100644 index 0000000..464408b --- /dev/null +++ b/src/usr/local/www/status_ipsec_spd.php @@ -0,0 +1,143 @@ + +
+ + + + + + + + + + + + + + + + + + + + + + +
+ + + + + + + + + -> +
+
+' . gettext("here.") . ''); + +include("foot.inc"); diff --git a/src/usr/local/www/status_logs.php b/src/usr/local/www/status_logs.php new file mode 100755 index 0000000..5672f2e --- /dev/null +++ b/src/usr/local/www/status_logs.php @@ -0,0 +1,671 @@ + array("name" => "General", + "shortcut" => ""), + "dhcpd" => array("name" => "DHCP", + "shortcut" => "dhcp"), + "portalauth" => array("name" => "Captive Portal Authentication", + "shortcut" => "captiveportal"), + "ipsec" => array("name" => "IPsec", + "shortcut" => "ipsec"), + "ppp" => array("name" => "PPP", + "shortcut" => ""), + "relayd" => array("name" => "Load Balancer", + "shortcut" => "relayd"), + "openvpn" => array("name" => "OpenVPN", + "shortcut" => "openvpn"), + "ntpd" => array("name" => "NTPd", + "shortcut" => "ntp"), + "gateways" => array("name" => "Gateways", + "shortcut" => "gateways"), + "routing" => array("name" => "Routing", + "shortcut" => "routing"), + "resolver" => array("name" => "DNS Resolver", + "shortcut" => "resolver"), + "wireless" => array("name" => "Wireless", + "shortcut" => "wireless"), +); + +// The logs to display are specified in a GET argument. Default to 'system' logs +if (!$_GET['logfile']) { + $logfile = 'system'; +} else { + $logfile = $_GET['logfile']; + if (!array_key_exists($logfile, $allowed_logs)) { + /* Do not let someone attempt to load an unauthorized log. */ + $logfile = 'system'; + } +} + +$system_logfile = "{$g['varlog_path']}/" . basename($logfile) . ".log"; + + +function getGETPOSTsettingvalue($settingname, $default) { + $settingvalue = $default; + if ($_GET[$settingname]) { + $settingvalue = $_GET[$settingname]; + } + if ($_POST[$settingname]) { + $settingvalue = $_POST[$settingname]; + } + return $settingvalue; +} + + +$filtersubmit = getGETPOSTsettingvalue('filtersubmit', null); + +if ($filtersubmit) { + $filter_active = true; + $filtertext = getGETPOSTsettingvalue('filtertext', ""); + $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); +} + +$filterlogentries_submit = getGETPOSTsettingvalue('filterlogentries_submit', null); + +if ($filterlogentries_submit) { + $filter_active = true; + $filterfieldsarray = array(); + + $filterfieldsarray['time'] = getGETPOSTsettingvalue('filterlogentries_time', null); + $filterfieldsarray['process'] = getGETPOSTsettingvalue('filterlogentries_process', null); + $filterfieldsarray['pid'] = getGETPOSTsettingvalue('filterlogentries_pid', null); + $filterfieldsarray['message'] = getGETPOSTsettingvalue('filterlogentries_message', null); + $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); +} + + +# Manage Log - Code + +$specific_log = basename($logfile) . '_settings'; + +# All +$pconfig['cronorder'] = $config['syslog'][$specific_log]['cronorder']; +$pconfig['nentries'] = $config['syslog'][$specific_log]['nentries']; +$pconfig['logfilesize'] = $config['syslog'][$specific_log]['logfilesize']; +$pconfig['format'] = $config['syslog'][$specific_log]['format']; + +# System General (main) Specific +$pconfig['loglighttpd'] = !isset($config['syslog']['nologlighttpd']); + +$save_settings = getGETPOSTsettingvalue('save_settings', null); + +if ($save_settings) { + + # All + $cronorder = getGETPOSTsettingvalue('cronorder', null); + $nentries = getGETPOSTsettingvalue('nentries', null); + $logfilesize = getGETPOSTsettingvalue('logfilesize', null); + $format = getGETPOSTsettingvalue('format', null); + + # System General (main) Specific + $loglighttpd = getGETPOSTsettingvalue('loglighttpd', null); + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + # All + if (isset($nentries) && (strlen($nentries) > 0)) { + if (!is_numeric($nentries) || ($nentries < 5) || ($nentries > 2000)) { + $input_errors[] = gettext("Number of log entries to show must be between 5 and 2000."); + } + } + + if (isset($logfilesize) && (strlen($logfilesize) > 0)) { + if (!is_numeric($logfilesize) || ($logfilesize < 100000)) { + $input_errors[] = gettext("Log file size must be numeric and greater than or equal to 100000."); + } + } + + if (!$input_errors) { + + # Clear out the specific log settings and leave only the applied settings to override the general logging options (global) settings. + unset($config['syslog'][$specific_log]); + + # All + if ($cronorder != '') { # if not using the general logging options setting (global) + $config['syslog'][$specific_log]['cronorder'] = $cronorder; + } + + if (isset($nentries) && (strlen($nentries) > 0)) { + $config['syslog'][$specific_log]['nentries'] = (int)$nentries; + } + + if (isset($logfilesize) && (strlen($logfilesize) > 0)) { + $config['syslog'][$specific_log]['logfilesize'] = (int)$logfilesize; + } + + if ($format != '') { # if not using the general logging options setting (global) + $config['syslog'][$specific_log]['format'] = $format; + } + + # System General (main) Specific + if ($logfile == 'system') { + $oldnologlighttpd = isset($config['syslog']['nologlighttpd']); + $config['syslog']['nologlighttpd'] = $loglighttpd ? false : true; + } + + + write_config($desc = "Log Display Settings Saved: " . gettext($allowed_logs[$logfile]["name"])); + + $retval = 0; + $savemsg = get_std_save_message($retval); + + # System General (main) Specific + if ($logfile == 'system') { + if ($oldnologlighttpd !== isset($config['syslog']['nologlighttpd'])) { + ob_flush(); + flush(); + log_error(gettext("webConfigurator configuration has changed. Restarting webConfigurator.")); + send_event("service restart webgui"); + $savemsg .= "
" . gettext("WebGUI process is restarting."); + } + } + } +} + + +# Formatted/Raw Display +if ($config['syslog'][$specific_log]['format'] == 'formatted') { + $rawfilter = false; +} +else if ($config['syslog'][$specific_log]['format'] == 'raw') { + $rawfilter = true; +} +else { # Use the general logging options setting (global). + $rawfilter = isset($config['syslog']['rawfilter']); +} + + +isset($config['syslog'][$specific_log]['nentries']) ? $nentries = $config['syslog'][$specific_log]['nentries'] : $nentries = $config['syslog']['nentries']; + +# Override Display Quantity +if ($filterlogentries_qty) { + $nentries = $filterlogentries_qty; +} + +if (!$nentries || !is_numeric($nentries)) { + $nentries = 50; +} + +if ($_POST['clear']) { + clear_log_file($system_logfile); +} + +if ($filtertext) { + $filtertextmeta="?filtertext=$filtertext"; +} + +/* Setup shortcuts if they exist */ + +if (!empty($allowed_logs[$logfile]["shortcut"])) { + $shortcut_section = $allowed_logs[$logfile]["shortcut"]; +} + +$pgtitle = array(gettext("Status"), gettext("System logs"), gettext($allowed_logs[$logfile]["name"])); +include("head.inc"); + +if (!$input_errors && $savemsg) { + print_info_box($savemsg); + $manage_log_active = false; +} + +$tab_array = array(); +$tab_array[] = array(gettext("System"), ($logfile == 'system'), "status_logs.php"); +$tab_array[] = array(gettext("Firewall"), false, "status_logs_filter.php"); +$tab_array[] = array(gettext("DHCP"), ($logfile == 'dhcpd'), "status_logs.php?logfile=dhcpd"); +$tab_array[] = array(gettext("Portal Auth"), ($logfile == 'portalauth'), "status_logs.php?logfile=portalauth"); +$tab_array[] = array(gettext("IPsec"), ($logfile == 'ipsec'), "status_logs.php?logfile=ipsec"); +$tab_array[] = array(gettext("PPP"), ($logfile == 'ppp'), "status_logs.php?logfile=ppp"); +$tab_array[] = array(gettext("VPN"), false, "status_logs_vpn.php"); +$tab_array[] = array(gettext("Load Balancer"), ($logfile == 'relayd'), "status_logs.php?logfile=relayd"); +$tab_array[] = array(gettext("OpenVPN"), ($logfile == 'openvpn'), "status_logs.php?logfile=openvpn"); +$tab_array[] = array(gettext("NTP"), ($logfile == 'ntpd'), "status_logs.php?logfile=ntpd"); +$tab_array[] = array(gettext("Settings"), false, "diag_logs_settings.php"); +display_top_tabs($tab_array); + +$tab_array = array(); +if (in_array($logfile, array('system', 'gateways', 'routing', 'resolver', 'wireless'))) { + $tab_array[] = array(gettext("General"), ($logfile == 'system'), "/status_logs.php"); + $tab_array[] = array(gettext("Gateways"), ($logfile == 'gateways'), "/status_logs.php?logfile=gateways"); + $tab_array[] = array(gettext("Routing"), ($logfile == 'routing'), "/status_logs.php?logfile=routing"); + $tab_array[] = array(gettext("Resolver"), ($logfile == 'resolver'), "/status_logs.php?logfile=resolver"); + $tab_array[] = array(gettext("Wireless"), ($logfile == 'wireless'), "/status_logs.php?logfile=wireless"); + display_top_tabs($tab_array, false, 'nav nav-tabs'); +} + +define(SEC_OPEN, 0x00); +define(SEC_CLOSED, 0x04); + +if ($filter_active) + $filter_state = SEC_OPEN; +else + $filter_state = SEC_CLOSED; + +if (!$rawfilter) { // Advanced log filter form + $form = new Form(false); + + $section = new Form_Section('Advanced Log Filter', 'adv-filter-panel', COLLAPSIBLE|$filter_state); + + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filterlogentries_time', + null, + 'text', + $filterfieldsarray['time'] + ))->setWidth(3)->setHelp('Time'); + + $group->add(new Form_Input( + 'filterlogentries_process', + null, + 'text', + $filterfieldsarray['process'] + ))->setWidth(2)->setHelp('Process'); + + $group->add(new Form_Input( + 'filterlogentries_pid', + null, + 'text', + $filterfieldsarray['pid'] + ))->setWidth(2)->setHelp('PID'); + + $group->add(new Form_Input( + 'filterlogentries_qty', + null, + 'number', + $filterlogentries_qty, + ['placeholder' => $nentries] + ))->setWidth(2)->setHelp('Quantity'); + + $section->add($group); + + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filterlogentries_message', + null, + 'text', + $filterfieldsarray['message'] + ))->setWidth(7)->setHelp('Message'); + + $btnsubmit = new Form_Button( + 'filterlogentries_submit', + ' ' . gettext('Apply Filter'), + null, + 'fa-filter' + ); +} +else { // Simple log filter form + $form = new Form(false); + + $section = new Form_Section('Log Filter', 'basic-filter-panel', COLLAPSIBLE|$filter_state); + + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filtertext', + null, + 'text', + $filtertext + ))->setWidth(6)->setHelp('Filter Expression'); + + $group->add(new Form_Input( + 'filterlogentries_qty', + null, + 'number', + $filterlogentries_qty, + ['placeholder' => $nentries] + ))->setWidth(2)->setHelp('Quantity'); + + $btnsubmit = new Form_Button( + 'filtersubmit', + ' ' . gettext('Apply Filter'), + null, + 'fa-filter' + ); +} + +$btnsubmit->removeClass('btn-primary')->addClass('btn-success')->addClass('btn-sm'); + +$group->add(new Form_StaticText( + '', + $btnsubmit +)); + +$group->setHelp('' . gettext('Regular expression reference') . ' ' . gettext('Precede with exclamation (!) to exclude match.')); +$section->add($group); +$form->add($section); +print $form; + +// Now the forms are complete we can draw the log table and its controls +if (!$rawfilter) { + if ($filterlogentries_submit) + $filterlog = conv_log_filter($system_logfile, $nentries, $nentries + 100, $filterfieldsarray); + else + $filterlog = conv_log_filter($system_logfile, $nentries, $nentries + 100, $filtertext); +?> + +
+
+

+ +

+
+
+
+ + + + + + + + + + + + + + + +
+ + + + + + + +
+ +
+
+
+ +
+

+
+ + + + + + + + + + +
+ +
+
+ + +addInput(new Form_StaticText( + '', + 'These settings override the "General Logging Options" settings.' +)); + + +# All +$group = new Form_Group('Forward/Reverse Display'); + +$group->add(new Form_Checkbox( + 'cronorder', + null, + 'Forward', + ($pconfig['cronorder'] == 'forward') ? true : false, + 'forward' +))->displayAsRadio(); + +$group->add(new Form_Checkbox( + 'cronorder', + null, + 'Reverse', + ($pconfig['cronorder'] == 'reverse') ? true : false, + 'reverse' +))->displayAsRadio(); + +$group->add(new Form_Checkbox( + 'cronorder', + null, + 'General Logging Options Setting', + ($pconfig['cronorder'] == '') ? true : false, + '' +))->displayAsRadio(); + +$group->setHelp('Show log entries in forward (newest at bottom) or reverse (newest at top) order.'); +$section->add($group); + +$group = new Form_Group('GUI Log Entries'); + +# Use the general logging options setting (global) as placeholder. +$group->add(new Form_Input( + 'nentries', + 'GUI Log Entries', + 'number', + $pconfig['nentries'], + ['placeholder' => $config['syslog']['nentries']] +))->setWidth(2); + +$group->setHelp('This is the number of log entries displayed in the GUI. It does not affect how many entries are contained in the log.'); +$section->add($group); + +$group = new Form_Group('Log file size (Bytes)'); + +# Use the general logging options setting (global) as placeholder. +$group->add(new Form_Input( + 'logfilesize', + 'Log file size (Bytes)', + 'number', + $pconfig['logfilesize'], + ['placeholder' => $config['syslog']['logfilesize'] ? $config['syslog']['logfilesize'] : "511488"] +))->setWidth(2); +$group->setHelp("The log is held in a constant-size circular log file. This field controls how large the log file is, and thus how many entries may exist inside the log. The default is approximately 500KB." . + '

' . + "NOTE: The log size is changed the next time it is cleared. To immediately change the log size, first save the options to set the size, then clear the log using the \"Clear Log\" action below. "); +$section->add($group); + +$group = new Form_Group('Formatted/Raw Display'); + +$group->add(new Form_Checkbox( + 'format', + null, + 'Formatted', + ($pconfig['format'] == 'formatted') ? true : false, + 'formatted' +))->displayAsRadio(); + +$group->add(new Form_Checkbox( + 'format', + null, + 'Raw', + ($pconfig['format'] == 'raw') ? true : false, + 'raw' +))->displayAsRadio(); + +$group->add(new Form_Checkbox( + 'format', + null, + 'General Logging Options Setting', + ($pconfig['format'] == '') ? true : false, + '' +))->displayAsRadio(); + +$group->setHelp('Show the log entries as formatted or raw output as generated by the service. The raw output will reveal more detailed information, but it is more difficult to read.'); +$section->add($group); + + +# System General (main) Specific +if ($logfile == 'system') { + $section->addInput(new Form_Checkbox( + 'loglighttpd', + 'Web Server Log', + 'Log errors from the web server process', + $pconfig['loglighttpd'] + ))->setHelp('If this is checked, errors from the lighttpd web server process for the GUI or Captive Portal will appear in the system log.'); +} + + +$group = new Form_Group('Action'); + +$btnsavesettings = new Form_Button( + 'save_settings', + gettext('Save'), + null +); + +$btnsavesettings->addClass('btn-sm'); + +$group->add(new Form_StaticText( + '', + $btnsavesettings +))->setHelp('Saves changed settings.'); + + +$btnclear = new Form_Button( + 'clear', + ' ' . gettext('Clear log'), + null, + 'fa-trash' +); + +$btnclear->removeClass('btn-primary')->addClass('btn-danger')->addClass('btn-sm'); + +$group->add(new Form_StaticText( + '', + $btnclear +))->setHelp('Clears local log file and reinitializes it as an empty log. Save any settings changes first.'); + +$section->add($group); +$form->add($section); +print $form; +?> + + diff --git a/src/usr/local/www/status_logs_filter.php b/src/usr/local/www/status_logs_filter.php new file mode 100644 index 0000000..96799cf --- /dev/null +++ b/src/usr/local/www/status_logs_filter.php @@ -0,0 +1,634 @@ + $ip, 'resolve_text' => $res); + } else { + $response = array('resolve_ip' => $ip, 'resolve_text' => gettext("Cannot resolve")); + } + + echo json_encode(str_replace("\\", "\\\\", $response)); // single escape chars can break JSON decode + exit; +} + +function getGETPOSTsettingvalue($settingname, $default) { + $settingvalue = $default; + if ($_GET[$settingname]) { + $settingvalue = $_GET[$settingname]; + } + if ($_POST[$settingname]) { + $settingvalue = $_POST[$settingname]; + } + return $settingvalue; +} + +$rulenum = getGETPOSTsettingvalue('getrulenum', null); +if ($rulenum) { + list($rulenum, $tracker, $type) = explode(',', $rulenum); + $rule = find_rule_by_number($rulenum, $tracker, $type); + echo gettext("The rule that triggered this action is") . ":\n\n{$rule}"; + exit; +} + +$filtersubmit = getGETPOSTsettingvalue('filtersubmit', null); + +if ($filtersubmit) { + $interfacefilter = getGETPOSTsettingvalue('interface', null); + $filtertext = getGETPOSTsettingvalue('filtertext', ""); + $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); +} + +$filterlogentries_submit = getGETPOSTsettingvalue('filterlogentries_submit', null); + +if ($filterlogentries_submit) { + $filterfieldsarray = array(); + + $actpass = getGETPOSTsettingvalue('actpass', null); + $actblock = getGETPOSTsettingvalue('actblock', null); + $filterfieldsarray['act'] = str_replace(" ", " ", trim($actpass . " " . $actblock)); + $filterfieldsarray['act'] = $filterfieldsarray['act'] != "" ? $filterfieldsarray['act'] : 'All'; + $filterfieldsarray['time'] = getGETPOSTsettingvalue('filterlogentries_time', null); + $filterfieldsarray['interface'] = getGETPOSTsettingvalue('filterlogentries_interfaces', null); + $filterfieldsarray['srcip'] = getGETPOSTsettingvalue('filterlogentries_sourceipaddress', null); + $filterfieldsarray['srcport'] = getGETPOSTsettingvalue('filterlogentries_sourceport', null); + $filterfieldsarray['dstip'] = getGETPOSTsettingvalue('filterlogentries_destinationipaddress', null); + $filterfieldsarray['dstport'] = getGETPOSTsettingvalue('filterlogentries_destinationport', null); + $filterfieldsarray['proto'] = getGETPOSTsettingvalue('filterlogentries_protocol', null); + $filterfieldsarray['tcpflags'] = getGETPOSTsettingvalue('filterlogentries_protocolflags', null); + $filterlogentries_qty = getGETPOSTsettingvalue('filterlogentries_qty', null); +} + +$filter_logfile = "{$g['varlog_path']}/filter.log"; + +$nentries = $config['syslog']['nentries']; + +# Override Display Quantity +if ($filterlogentries_qty) { + $nentries = $filterlogentries_qty; +} + +if (!$nentries || !is_numeric($nentries)) { + $nentries = 50; +} + +if ($_POST['clear']) { + clear_log_file($filter_logfile); +} + +$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("Firewall"), gettext("Normal View")); +$shortcut_section = "firewall"; +include("head.inc"); + +function build_if_list() { + $iflist = get_configured_interface_with_descr(false, true); + //$iflist = get_interface_list(); + // Allow extending of the firewall edit interfaces + pfSense_handle_custom_code("/usr/local/pkg/firewall_nat/pre_interfaces_edit"); + foreach ($iflist as $if => $ifdesc) + $interfaces[$if] = $ifdesc; + + if ($config['l2tp']['mode'] == "server") + $interfaces['l2tp'] = "L2TP VPN"; + + if (is_pppoe_server_enabled() && have_ruleint_access("pppoe")) + $interfaces['pppoe'] = "PPPoE Server"; + + /* add ipsec interfaces */ + if (ipsec_enabled()) + $interfaces["enc0"] = "IPsec"; + + /* add openvpn/tun interfaces */ + if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) + $interfaces["openvpn"] = "OpenVPN"; + + return($interfaces); +} + +$tab_array = array(); +$tab_array[] = array(gettext("System"), false, "status_logs.php"); +$tab_array[] = array(gettext("Firewall"), true, "status_logs_filter.php"); +$tab_array[] = array(gettext("DHCP"), false, "status_logs.php?logfile=dhcpd"); +$tab_array[] = array(gettext("Portal Auth"), false, "status_logs.php?logfile=portalauth"); +$tab_array[] = array(gettext("IPsec"), false, "status_logs.php?logfile=ipsec"); +$tab_array[] = array(gettext("PPP"), false, "status_logs.php?logfile=ppp"); +$tab_array[] = array(gettext("VPN"), false, "status_logs_vpn.php"); +$tab_array[] = array(gettext("Load Balancer"), false, "status_logs.php?logfile=relayd"); +$tab_array[] = array(gettext("OpenVPN"), false, "status_logs.php?logfile=openvpn"); +$tab_array[] = array(gettext("NTP"), false, "status_logs.php?logfile=ntpd"); +$tab_array[] = array(gettext("Settings"), false, "diag_logs_settings.php"); +display_top_tabs($tab_array); + +$tab_array = array(); +$tab_array[] = array(gettext("Normal View"), true, "/status_logs_filter.php"); +$tab_array[] = array(gettext("Dynamic View"), false, "/status_logs_filter_dynamic.php"); +$tab_array[] = array(gettext("Summary View"), false, "/status_logs_filter_summary.php"); +display_top_tabs($tab_array, false, 'nav nav-tabs'); + +$Include_Act = explode(",", str_replace(" ", ",", $filterfieldsarray['act'])); +if ($filterfieldsarray['interface'] == "All") + $interface = ""; + +if (!isset($config['syslog']['rawfilter'])) { // Advanced log filter form + $form = new Form(false); + + $section = new Form_Section('Advanced Log Filter', 'adv-filter-panel', COLLAPSIBLE|SEC_CLOSED); + + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filterlogentries_sourceipaddress', + null, + 'text', + $filterfieldsarray['srcip'] + ))->setHelp('Source IP Address'); + + $group->add(new Form_Input( + 'filterlogentries_destinationipaddress', + null, + 'text', + $filterfieldsarray['dstip'] + ))->setHelp('Destination IP Address'); + + $section->add($group); + $group = new Form_Group(''); + + $group->add(new Form_Checkbox( + 'actpass', + 'Pass', + 'Pass', + in_arrayi('Pass', $Include_Act), + 'Pass' + )); + + $group->add(new Form_Input( + 'filterlogentries_time', + null, + 'text', + $filterfieldsarray['time'] + ))->setHelp('Time'); + + $group->add(new Form_Input( + 'filterlogentries_sourceport', + null, + 'text', + $filterfieldsarray['srcport'] + ))->setHelp('Source Port'); + + $group->add(new Form_Input( + 'filterlogentries_protocol', + null, + 'text', + $filterfieldsarray['proto'] + ))->setHelp('Protocol'); + + $group->add(new Form_Input( + 'filterlogentries_qty', + null, + 'number', + $filterlogentries_qty, + ['placeholder' => $nentries] + ))->setHelp('Quantity'); + + $section->add($group); + + $group = new Form_Group(''); + + $group->add(new Form_Checkbox( + 'actblock', + 'Block', + 'Block', + in_arrayi('Block', $Include_Act), + 'Block' + )); + + $group->add(new Form_Input( + 'filterlogentries_interfaces', + null, + 'text', + $filterfieldsarray['interface'] + ))->setHelp('Interface'); + + $group->add(new Form_Input( + 'filterlogentries_destinationport', + null, + 'text', + $filterfieldsarray['dstport'] + ))->setHelp('Destination Port'); + + $group->add(new Form_Input( + 'filterlogentries_protocolflags', + null, + 'text', + $filterfieldsarray['tcpflags'] + ))->setHelp('Protocol Flags'); + + $btnsubmit = new Form_Button( + 'filterlogentries_submit', + ' ' . 'Apply Filter', + null, + 'fa-filter' + ); +} +else { // Simple log filter form + $form = new Form(false); + + $section = new Form_Section('Log Filter', 'basic-filter-panel', true); + + $group = new Form_Group(''); + + $group->add(new Form_Select( + 'interface', + 'Interface', + $interfacefilter, + build_if_list() + ))->setHelp('Interface'); + + $group->add(new Form_Input( + 'filterlogentries_qty', + null, + 'number', + $filterlogentries_qty, + ['placeholder' => $nentries] + ))->setHelp('Quantity'); + + $section->add($group); + + $group = new Form_Group(''); + + $group->add(new Form_Input( + 'filtertext', + null, + 'text', + $filtertext + ))->setHelp('Filter Expression'); + + $btnsubmit = new Form_Button( + 'filtersubmit', + ' ' . 'Apply Filter', + null, + 'fa-filter' + ); +} + +$btnsubmit->removeClass('btn-primary')->addClass('btn-success')->addClass('btn-sm'); + +$group->add(new Form_StaticText( + '', + $btnsubmit +)); + +$group->setHelp('' . 'Regular expression reference Precede with exclamation (!) to exclude match.'); +$section->add($group); +$form->add($section); +print($form); + +// Now the forms are complete we can draw the log table and its controls +if (!isset($config['syslog']['rawfilter'])) { + $iflist = get_configured_interface_with_descr(false, true); + + if ($iflist[$interfacefilter]) + $interfacefilter = $iflist[$interfacefilter]; + + if ($filterlogentries_submit) + $filterlog = conv_log_filter($filter_logfile, $nentries, $nentries + 100, $filterfieldsarray); + else + $filterlog = conv_log_filter($filter_logfile, $nentries, $nentries + 100, $filtertext, $interfacefilter); +?> + +
+ " /> +
+ +
+
+
+

+ +

+
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + ', outputrule);"> + + + + + + + + + + ');" title="" alt="Reverse Resolve with DNS"/> + + + " alt="Easy Rule: Add to Block List" title="" onclick="return confirm('')"> + + + '?> + + ');" title="" class="ICON-" alt="Reverse Resolve with DNS"/> + + + " title="" onclick="return confirm('')"> + + '?> + + +
+
+
+
+
+ + +
+

+
+ + + + + + + + + + +
+
+
+ + +
' . + gettext("TCP Flags") . ': F - FIN, S - SYN, A or . - ACK, R - RST, P - PSH, U - URG, E - ECE, C - CWR' . '
' . + ' = Add to block list., = Pass traffic, = Resolve'); + +?> +
+ + + + diff --git a/src/usr/local/www/status_logs_filter_dynamic.php b/src/usr/local/www/status_logs_filter_dynamic.php new file mode 100755 index 0000000..fb8c8d7 --- /dev/null +++ b/src/usr/local/www/status_logs_filter_dynamic.php @@ -0,0 +1,441 @@ + + + + + + +
+
+

+ +

+
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
+ + ', outputrule);"> +
+
+
+
+ 0) + print_info_box('' . + gettext("TCP Flags") . ': F - FIN, S - SYN, A or . - ACK, R - RST, P - PSH, U - URG, E - ECE, C - CWR'); +?> + + + + gettext("Actions"), + 'interface' => gettext("Interfaces"), + 'proto' => gettext("Protocols"), + 'srcip' => gettext("Source IPs"), + 'dstip' => gettext("Destination IPs"), + 'srcport' => gettext("Source Ports"), + 'dstport' => gettext("Destination Ports")); + +$segcolors = array("#2484c1", "#65a620", "#7b6888", "#a05d56", "#961a1a", "#d8d23a", "#e98125", "#d0743c", "#635222", "#6ada6a"); +$numcolors = 10; + +$summary = array(); +foreach (array_keys($fields) as $f) { + $summary[$f] = array(); +} + +$totals = array(); + +function cmp($a, $b) { + if ($a == $b) { + return 0; + } + return ($a < $b) ? 1 : -1; +} + +function stat_block($summary, $stat, $num) { + global $g, $gotlines, $fields; + uasort($summary[$stat] , 'cmp'); + print('
'); + print(''); + print('' . ''); + $k = array_keys($summary[$stat]); + $total = 0; + $numentries = 0; + for ($i = 0; $i < $num; $i++) { + if ($k[$i]) { + $total += $summary[$stat][$k[$i]]; + $numentries++; + $outstr = $k[$i]; + if (is_ipaddr($outstr)) { + print('' . ''); + + } elseif (substr_count($outstr, '/') == 1) { + list($proto, $port) = explode('/', $outstr); + $service = getservbyport($port, strtolower($proto)); + if ($service) { + $outstr .= ": {$service}"; + } + } + + if (!is_ipaddr($outstr)) + print(''); + } + } + $leftover = $gotlines - $total; + if ($leftover > 0) { + print ""; + } + print "
' . $fields[$stat] . '' . gettext("Data points") . '
' . $outstr . '' . $summary[$stat][$k[$i]] . 'Lookup
' . $outstr . '' . $summary[$stat][$k[$i]] . '
Other{$leftover}
"; + print('
'); +} + +// Create the JSON document for the chart to be displayed +// Todo: Be good to investigate building this with json_encode and friends some time +function pie_block($summary, $stat, $num, $chartnum) { + global $fields, $segcolors, $gotlines, $numcolors; +?> + +"); +$infomsg = sprintf('This is a summary of the last %1$s lines of the firewall log (Max %2$s).', $gotlines, $lines); +print_info_box($infomsg, info); +?> + + + + + +
+

+
+
+ +
+
+
+ 2000)) { + $input_errors[] = gettext("Number of log entries to show must be between 5 and 2000."); + } + + if (isset($_POST['logfilesize']) && (strlen($_POST['logfilesize']) > 0)) { + if (!is_numeric($_POST['logfilesize']) || ($_POST['logfilesize'] < 100000)) { + $input_errors[] = gettext("Log file size must be numeric and greater than or equal to 100000."); + } + } + if (!$input_errors) { + $config['syslog']['reverse'] = $_POST['reverse'] ? true : false; + $config['syslog']['nentries'] = (int)$_POST['nentries']; + $pconfig['nentries'] = $config['syslog']['nentries']; + if (isset($_POST['logfilesize']) && (strlen($_POST['logfilesize']) > 0)) { + $config['syslog']['logfilesize'] = (int)$_POST['logfilesize']; + $pconfig['logfilesize'] = $config['syslog']['logfilesize']; + } else { + unset($config['syslog']['logfilesize']); + } + $config['syslog']['remoteserver'] = $_POST['remoteserver']; + $config['syslog']['remoteserver2'] = $_POST['remoteserver2']; + $config['syslog']['remoteserver3'] = $_POST['remoteserver3']; + $config['syslog']['sourceip'] = $_POST['sourceip']; + $config['syslog']['ipproto'] = $_POST['ipproto']; + $config['syslog']['filter'] = $_POST['filter'] ? true : false; + $config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false; + $config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false; + $config['syslog']['vpn'] = $_POST['vpn'] ? true : false; + $config['syslog']['dpinger'] = $_POST['dpinger'] ? true : false; + $config['syslog']['relayd'] = $_POST['relayd'] ? true : false; + $config['syslog']['hostapd'] = $_POST['hostapd'] ? true : false; + $config['syslog']['logall'] = $_POST['logall'] ? true : false; + $config['syslog']['system'] = $_POST['system'] ? true : false; + $config['syslog']['disablelocallogging'] = $_POST['disablelocallogging'] ? true : false; + $config['syslog']['enable'] = $_POST['enable'] ? true : false; + $oldnologdefaultblock = isset($config['syslog']['nologdefaultblock']); + $oldnologdefaultpass = isset($config['syslog']['nologdefaultpass']); + $oldnologbogons = isset($config['syslog']['nologbogons']); + $oldnologprivatenets = isset($config['syslog']['nologprivatenets']); + $oldnologlighttpd = isset($config['syslog']['nologlighttpd']); + $config['syslog']['nologdefaultblock'] = $_POST['logdefaultblock'] ? false : true; + $config['syslog']['nologdefaultpass'] = $_POST['logdefaultpass'] ? true : false; + $config['syslog']['nologbogons'] = $_POST['logbogons'] ? false : true; + $config['syslog']['nologprivatenets'] = $_POST['logprivatenets'] ? false : true; + $config['syslog']['nologlighttpd'] = $_POST['loglighttpd'] ? false : true; + $config['syslog']['rawfilter'] = $_POST['rawfilter'] ? true : false; + if (is_numeric($_POST['filterdescriptions']) && $_POST['filterdescriptions'] > 0) { + $config['syslog']['filterdescriptions'] = $_POST['filterdescriptions']; + } else { + unset($config['syslog']['filterdescriptions']); + } + if ($config['syslog']['enable'] == false) { + unset($config['syslog']['remoteserver']); + unset($config['syslog']['remoteserver2']); + unset($config['syslog']['remoteserver3']); + } + + write_config(); + + $retval = 0; + $retval = system_syslogd_start(); + if (($oldnologdefaultblock !== isset($config['syslog']['nologdefaultblock'])) || + ($oldnologdefaultpass !== isset($config['syslog']['nologdefaultpass'])) || + ($oldnologbogons !== isset($config['syslog']['nologbogons'])) || + ($oldnologprivatenets !== isset($config['syslog']['nologprivatenets']))) { + $retval |= filter_configure(); + } + + $savemsg = get_std_save_message($retval); + + if ($oldnologlighttpd !== isset($config['syslog']['nologlighttpd'])) { + ob_flush(); + flush(); + log_error(gettext("webConfigurator configuration has changed. Restarting webConfigurator.")); + send_event("service restart webgui"); + $savemsg .= "
" . gettext("WebGUI process is restarting."); + } + + filter_pflog_start(true); + } +} + +$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("Settings")); +include("head.inc"); + +$logfilesizeHelp = gettext("Logs are held in constant-size circular log files. This field controls how large each log file is, and thus how many entries may exist inside the log. By default this is approximately 500KB per log file, and there are nearly 20 such log files.") . + '

' . + gettext("NOTE: Log sizes are changed the next time a log file is cleared or deleted. To immediately increase the size of the log files, you must first save the options to set the size, then clear all logs using the \"Reset Log Files\" option farther down this page. ") . + gettext("Be aware that increasing this value increases every log file size, so disk usage will increase significantly.") . '

' . + gettext("Disk space currently used by log files is: ") . exec("/usr/bin/du -sh /var/log | /usr/bin/awk '{print $1;}'") . + gettext(" Remaining disk space for log files: ") . exec("/bin/df -h /var/log | /usr/bin/awk '{print $4;}'"); + +$remoteloghelp = gettext("This option will allow the logging daemon to bind to a single IP address, rather than all IP addresses.") . + gettext("If you pick a single IP, remote syslog servers must all be of that IP type. If you wish to mix IPv4 and IPv6 remote syslog servers, you must bind to all interfaces.") . + "

" . + gettext("NOTE: If an IP address cannot be located on the chosen interface, the daemon will bind to all addresses."); +if ($input_errors) + print_input_errors($input_errors); +else if ($savemsg) + print_info_box($savemsg); + +$tab_array = array(); +$tab_array[] = array(gettext("System"), false, "status_logs.php"); +$tab_array[] = array(gettext("Firewall"), false, "status_logs_filter.php"); +$tab_array[] = array(gettext("DHCP"), false, "status_logs.php?logfile=dhcpd"); +$tab_array[] = array(gettext("Portal Auth"), false, "status_logs.php?logfile=portalauth"); +$tab_array[] = array(gettext("IPsec"), false, "status_logs.php?logfile=ipsec"); +$tab_array[] = array(gettext("PPP"), false, "status_logs.php?logfile=ppp"); +$tab_array[] = array(gettext("VPN"), false, "status_logs_vpn.php"); +$tab_array[] = array(gettext("Load Balancer"), false, "status_logs.php?logfile=relayd"); +$tab_array[] = array(gettext("OpenVPN"), false, "status_logs.php?logfile=openvpn"); +$tab_array[] = array(gettext("NTP"), false, "status_logs.php?logfile=ntpd"); +$tab_array[] = array(gettext("Settings"), true, "status_logs_settings.php"); +display_top_tabs($tab_array); + +$form = new Form(new Form_Button( + 'Submit', + gettext("Save") +)); + +$section = new Form_Section('General Logging Options'); + +$section->addInput(new Form_Checkbox( + 'reverse', + 'Forward/Reverse Display', + 'Show log entries in reverse order (newest entries on top)', + $pconfig['reverse'] +)); + +$section->addInput(new Form_Input( + 'nentries', + 'GUI Log Entries', + 'text', + $pconfig['nentries'], + ['placeholder' => ''] +))->setHelp('This is only the number of log entries displayed in the GUI. It does not affect how many entries are contained in the actual log files.'); + +$section->addInput(new Form_Input( + 'logfilesize', + 'Log file size (Bytes)', + 'text', + $pconfig['logfilesize'], + ['placeholder' => 'Bytes'] +))->setHelp($logfilesizeHelp); + +$section->addInput(new Form_Checkbox( + 'logdefaultblock', + 'Log firewall default blocks', + 'Log packets matched from the default block rules in the ruleset', + $pconfig['logdefaultblock'] +))->setHelp('Log packets that are blocked by the implicit default block rule. - Per-rule logging options are still respected.'); + +$section->addInput(new Form_Checkbox( + 'logdefaultpass', + null, + 'Log packets matched from the default pass rules put in the ruleset', + $pconfig['logdefaultpass'] +))->setHelp('Log packets that are allowed by the implicit default pass rule. - Per-rule logging options are still respected. '); + +$section->addInput(new Form_Checkbox( + 'logbogons', + null, + 'Log packets blocked by \'Block Bogon Networks\' rules', + $pconfig['logbogons'] +)); + +$section->addInput(new Form_Checkbox( + 'logprivatenets', + null, + 'Log packets blocked by \'Block Private Networks\' rules', + $pconfig['logprivatenets'] +)); + +$section->addInput(new Form_Checkbox( + 'loglighttpd', + 'Web Server Log', + 'Log errors from the web server process', + $pconfig['loglighttpd'] +))->setHelp('If this is checked, errors from the lighttpd web server process for the GUI or Captive Portal will appear in the main system log'); + +$section->addInput(new Form_Checkbox( + 'rawfilter', + 'Raw Logs', + 'Show raw filter logs', + $pconfig['rawfilter'] +))->setHelp(gettext('If this is checked, filter logs are shown as generated by the packet filter, without any formatting. This will reveal more detailed information, but it is more difficult to read')); + +$section->addInput(new Form_Select( + 'filterdescriptions', + 'Where to show rule descriptions', + !isset($pconfig['filterdescriptions']) ? '0':$pconfig['filterdescriptions'], + array( + '0' => 'Dont load descriptions', + '1' => 'Display as column', + '2' => 'Display as second row' + ) +))->setHelp('Show the applied rule description below or in the firewall log rows' . '
' . + 'Displaying rule descriptions for all lines in the log might affect performance with large rule sets'); + +$section->addInput(new Form_Checkbox( + 'disablelocallogging', + 'Local Logging', + $g['platform'] == $g['product_name'] ? "Disable writing log files to the local disk" : "Disable writing log files to the local RAM disk", + $pconfig['disablelocallogging'] +)); + +$section->addInput(new Form_Button( + 'resetlogs', + 'Reset Log Files' +))->addClass('btn-danger btn-xs')->setHelp('Clears all local log files and reinitializes them as empty logs. This also restarts the DHCP daemon. Use the Save button first if you have made any setting changes.'); + +$form->add($section); +$section = new Form_Section('Remote Logging Options'); +$section->addClass('toggle-remote'); + +$section->addInput(new Form_Checkbox( + 'enable', + 'Enable Remote Logging', + 'Send log messages to remote syslog server', + $pconfig['enable'] +)); + +$section->addInput(new Form_Select( + 'sourceip', + 'Source Address', + link_interface_to_bridge($pconfig['sourceip']) ? null : $pconfig['sourceip'], + ["" => gettext("Default (any)")] + get_possible_traffic_source_addresses(false) +))->setHelp($remoteloghelp); + +$section->addInput(new Form_Select( + 'ipproto', + 'IP Protocol', + $ipproto, + array('ipv4' => 'IPv4', 'ipv6' => 'IPv6') +))->setHelp('This option is only used when a non-default address is chosen as the source above. ' . + 'This option only expresses a preference; If an IP address of the selected type is not found on the chosen interface, the other type will be tried.'); + +// Group collapses/appears based on 'enable' checkbox above +$group = new Form_Group('Remote log servers'); +$group->addClass('remotelogging'); + +$group->add(new Form_Input( + 'remoteserver', + 'Server 1', + 'text', + $pconfig['remoteserver'], + ['placeholder' => 'IP[:port]'] +)); + +$group->add(new Form_Input( + 'remoteserver2', + 'Server 2', + 'text', + $pconfig['remoteserver2'], + ['placeholder' => 'IP[:port]'] +)); + +$group->add(new Form_Input( + 'remoteserver3', + 'Server 3', + 'text', + $pconfig['remoteserver3'], + ['placeholder' => 'IP[:port]'] +)); + +$section->add($group); + +$group = new Form_MultiCheckboxGroup('Remote Syslog Contents'); +$group->addClass('remotelogging'); + +$group->add(new Form_MultiCheckbox( + 'logall', + null, + 'Everything', + $pconfig['logall'] +)); + +$group->add(new Form_MultiCheckbox( + 'system', + null, + 'System Events', + $pconfig['system'] +)); + +$group->add(new Form_MultiCheckbox( + 'filter', + null, + 'Firewall Events', + $pconfig['filter'] +)); + +$group->add(new Form_MultiCheckbox( + 'dhcp', + null, + 'DHCP service events', + $pconfig['dhcp'] +)); + +$group->add(new Form_MultiCheckbox( + 'portalauth', + null, + 'Portal Auth events', + $pconfig['portalauth'] +)); + +$group->add(new Form_MultiCheckbox( + 'vpn', + null, + 'VPN (PPTP, IPsec, OpenVPN) events', + $pconfig['vpn'] +)); + +$group->add(new Form_MultiCheckbox( + 'dpinger', + null, + 'Gateway Monitor events', + $pconfig['dpinger'] +)); + +$group->add(new Form_MultiCheckbox( + 'relayd', + null, + 'Server Load Balancer events', + $pconfig['relayd'] +)); + +$group->add(new Form_MultiCheckbox( + 'hostapd', + null, + 'Wireless events', + $pconfig['hostapd'] +)); + +// Ugly hack to prevent the "Toggle all" button from being automatically created +$group->add(new Form_MultiCheckbox( + 'notoggleall', + null, + 'No toggle all', + $pconfig['hostapd'] +))->displayAsRadio(); + +$group->setHelp('Syslog sends UDP datagrams to port 514 on the specified remote '. + 'syslog server, unless another port is specified. Be sure to set syslogd on '. + 'the remote server to accept syslog messages from pfSense.'); + +$section->add($group); + +$form->add($section); + +print $form; +?> + + + 'PPPoE', 'l2tp' => 'L2TP'); + +$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("VPN")); +require("guiconfig.inc"); +require_once("vpn.inc"); + +$nentries = $config['syslog']['nentries']; +if (!$nentries) { + $nentries = 50; +} + +if (htmlspecialchars($_POST['vpntype'])) { + $vpntype = htmlspecialchars($_POST['vpntype']); +} elseif (htmlspecialchars($_GET['vpntype'])) { + $vpntype = htmlspecialchars($_GET['vpntype']); +} else { + $vpntype = "poes"; +} +if (htmlspecialchars($_POST['mode'])) { + $mode = htmlspecialchars($_POST['mode']); +} elseif (htmlspecialchars($_GET['mode'])) { + $mode = htmlspecialchars($_GET['mode']); +} else { + $mode = "login"; +} +switch ($vpntype) { + case 'poes': + $logname = "poes"; + break; + case 'l2tp': + $logname = "l2tps"; + break; +} + +if ($_POST['clear']) { + if ($mode != "raw") { + clear_log_file("/var/log/vpn.log"); + } else { + clear_log_file("/var/log/{$logname}.log"); + } +} + +function dump_clog_vpn($logfile, $tail) { + global $g, $config, $vpntype; + + $sor = isset($config['syslog']['reverse']) ? "-r" : ""; + + $logarr = ""; + + if (isset($config['system']['usefifolog'])) { + exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr); + } else { + exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr); + } + + $rows = 0; + foreach ($logarr as $logent) { + $logent = preg_split("/\s+/", $logent, 6); + $llent = explode(",", $logent[5]); + $iftype = substr($llent[1], 0, 4); + if ($iftype != $vpntype) { + continue; + } + echo "\n"; + echo "" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "\n"; + + if ($llent[0] == "login") { + echo "\n"; + } else { + echo "\n"; + } + + echo "" . htmlspecialchars($llent[3]) . "\n"; + echo "" . htmlspecialchars($llent[2]) . " \n"; + echo "\n"; + } + return($rows); +} + +include("head.inc"); + +$tab_array = array(); +$tab_array[] = array(gettext("System"), false, "status_logs.php"); +$tab_array[] = array(gettext("Firewall"), false, "status_logs_filter.php"); +$tab_array[] = array(gettext("DHCP"), false, "status_logs.php?logfile=dhcpd"); +$tab_array[] = array(gettext("Portal Auth"), false, "status_logs.php?logfile=portalauth"); +$tab_array[] = array(gettext("IPsec"), false, "status_logs.php?logfile=ipsec"); +$tab_array[] = array(gettext("PPP"), false, "status_logs.php?logfile=ppp"); +$tab_array[] = array(gettext("VPN"), true, "status_logs_vpn.php"); +$tab_array[] = array(gettext("Load Balancer"), false, "status_logs.php?logfile=relayd"); +$tab_array[] = array(gettext("OpenVPN"), false, "status_logs.php?logfile=openvpn"); +$tab_array[] = array(gettext("NTP"), false, "status_logs.php?logfile=ntpd"); +$tab_array[] = array(gettext("Settings"), false, "diag_logs_settings.php"); +display_top_tabs($tab_array); + +$tab_array = array(); +$tab_array[] = array(gettext("PPPoE Logins"), + (($vpntype == "poes") && ($mode != "raw")), + "/status_logs_vpn.php?vpntype=poes"); +$tab_array[] = array(gettext("PPPoE Raw"), + (($vpntype == "poes") && ($mode == "raw")), + "/status_logs_vpn.php?vpntype=poes&mode=raw"); +$tab_array[] = array(gettext("L2TP Logins"), + (($vpntype == "l2tp") && ($mode != "raw")), + "/status_logs_vpn.php?vpntype=l2tp"); +$tab_array[] = array(gettext("L2TP Raw"), + (($vpntype == "l2tp") && ($mode == "raw")), + "/status_logs_vpn.php?vpntype=l2tp&mode=raw"); +display_top_tabs($tab_array, false, 'nav nav-tabs'); +?> + + +
+

+
+ +
+ + + + + + + + + + +/ tags +?> + +
+ +
+ + 
+
+
+ +

+

+ + + " /> +
+

+
+
+ + arpwatch + arpwatch + + + + /var/log/arpwatch.log + +*/ + +/* + pfSense_MODULE: pkgs +*/ + +##|+PRIV +##|*IDENT=page-status-packagelogs +##|*NAME=Status: Package logs +##|*DESCR=Allow access to the 'Status: Package logs' page. +##|*MATCH=status_pkglogs.php* +##|-PRIV + +require("guiconfig.inc"); +require("pkg-utils.inc"); + +if (!($nentries = $config['syslog']['nentries'])) { + $nentries = 50; +} + +$i = 0; +$pkgwithlogging = false; +$apkg = $_GET['pkg']; +if (!$apkg) { // If we aren't looking for a specific package, locate the first package that handles logging. + if ($config['installedpackages']['package'] <> "") { + foreach ($config['installedpackages']['package'] as $package) { + if (is_array($package['logging'])) { + $pkgwithlogging = true; + $apkg = $package['name']; + $apkgid = $i; + break; + } + $i++; + } + } +} elseif ($apkg) { + $apkgid = get_package_id($apkg); + if ($apkgid != -1) { + $pkgwithlogging = true; + $i = $apkgid; + } +} + +$pgtitle = array(gettext("Status"), gettext("Package logs")); +include("head.inc"); + +if ($pkgwithlogging == false) { + print_info_box(gettext("No packages with logging facilities are currently installed.")); +} else { + $tab_array = array(); + foreach ($config['installedpackages']['package'] as $package) { + if (is_array($package['logging'])) { + if (!($logtab = $package['logging']['logtab'])) + $logtab = $package['name']; + + if ($apkg == $package['name']) { + $curtab = $logtab; + $tab_array[] = array(sprintf(gettext("%s"), $logtab), true, "status_pkglogs.php?pkg=".$package['name']); + } else { + $tab_array[] = array(sprintf(gettext("%s"), $logtab), false, "status_pkglogs.php?pkg=".$package['name']); + } + } + } + display_top_tabs($tab_array); +?> + +
+

+
class="panel-body"> + 
+
+
+
+
+ + diff --git a/src/usr/local/www/vpn_ipsec.php b/src/usr/local/www/vpn_ipsec.php index 6087ec9..9a81ab6 100644 --- a/src/usr/local/www/vpn_ipsec.php +++ b/src/usr/local/www/vpn_ipsec.php @@ -550,7 +550,7 @@ display_top_tabs($tab_array);
' . gettext("Note:") . '
' . - gettext("You can check your IPsec status at ") . '' . gettext("Status:IPsec") . '.
' . + gettext("You can check your IPsec status at ") . '' . gettext("Status:IPsec") . '.
' . gettext("IPsec Debug Mode can be enabled at ") . '' .gettext("VPN:IPsec:Advanced Settings") . '.
' . gettext("IPsec can be set to prefer older SAs at ") . '' . gettext("VPN:IPsec:Advanced Settings") . '', info)?>
diff --git a/src/usr/local/www/vpn_pppoe.php b/src/usr/local/www/vpn_pppoe.php deleted file mode 100644 index 14aea1f..0000000 --- a/src/usr/local/www/vpn_pppoe.php +++ /dev/null @@ -1,180 +0,0 @@ -' . gettext('You must apply the changes in order for them to take effect.')); -?> - -
- - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - -
-
- - - -= $subnet_start) && - (ip2ulong($_POST['localip']) <= $subnet_end)) { - $input_errors[] = gettext("The specified server address lies in the remote subnet."); - } - if ($_POST['localip'] == get_interface_ip($_POST['interface'])) { - $input_errors[] = gettext("The specified server address is equal to an interface ip address."); - } - - for ($x = 0; $x < 4999; $x++) { - if ($_POST["username{$x}"]) { - if (empty($_POST["password{$x}"])) { - $input_errors[] = sprintf(gettext("No password specified for username %s"), $_POST["username{$x}"]); - } - if ($_POST["ip{$x}"] != "" && !is_ipaddr($_POST["ip{$x}"])) { - $input_errors[] = sprintf(gettext("Incorrect ip address specified for username %s"), $_POST["username{$x}"]); - } - } - } - } - - if ($_POST['pppoeid'] && !is_numeric($_POST['pppoeid'])) { - $input_errors[] = gettext("Wrong data submitted"); - } - - if (!$input_errors) { - $pppoecfg = array(); - - $pppoecfg['remoteip'] = $_POST['remoteip']; - $pppoecfg['localip'] = $_POST['localip']; - $pppoecfg['mode'] = $_POST['mode']; - $pppoecfg['interface'] = $_POST['interface']; - $pppoecfg['n_pppoe_units'] = $_POST['n_pppoe_units']; - $pppoecfg['pppoe_subnet'] = $_POST['pppoe_subnet']; - $pppoecfg['descr'] = $_POST['descr']; - if ($_POST['radiusserver'] || $_POST['radiusserver2']) { - $pppoecfg['radius'] = array(); - - $pppoecfg['radius']['nasip'] = $_POST['radius_nasip']; - $pppoecfg['radius']['acct_update'] = $_POST['radius_acct_update']; - } - - if ($_POST['radiusserver']) { - $pppoecfg['radius']['server'] = array(); - - $pppoecfg['radius']['server']['ip'] = $_POST['radiusserver']; - $pppoecfg['radius']['server']['secret'] = $_POST['radiussecret']; - $pppoecfg['radius']['server']['port'] = $_POST['radiusserverport']; - $pppoecfg['radius']['server']['acctport'] = $_POST['radiusserveracctport']; - } - - if ($_POST['radiusserver2']) { - $pppoecfg['radius']['server2'] = array(); - - $pppoecfg['radius']['server2']['ip'] = $_POST['radiusserver2']; - $pppoecfg['radius']['server2']['secret2'] = $_POST['radiussecret2']; - $pppoecfg['radius']['server2']['port'] = $_POST['radiusserver2port']; - $pppoecfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport']; - } - - if ($_POST['pppoe_dns1'] <> "") { - $pppoecfg['dns1'] = $_POST['pppoe_dns1']; - } - - if ($_POST['pppoe_dns2'] <> "") { - $pppoecfg['dns2'] = $_POST['pppoe_dns2']; - } - - if ($_POST['radiusenable'] == "yes") { - $pppoecfg['radius']['server']['enable'] = true; - } - - if ($_POST['radiussecenable'] == "yes") { - $pppoecfg['radius']['server2']['enable'] = true; - } - - if ($_POST['radacct_enable'] == "yes") { - $pppoecfg['radius']['accounting'] = true; - } - - if ($_POST['radiusissueips'] == "yes") { - $pppoecfg['radius']['radiusissueips'] = true; - } - - if ($_POST['pppoeid']) { - $pppoecfg['pppoeid'] = $_POST['pppoeid']; - } else { - $pppoecfg['pppoeid'] = vpn_pppoe_get_id(); - } - - $users = array(); - for ($x = 0; $x < 4999; $x++) { - if ($_POST["username{$x}"]) { - $usernam = $_POST["username{$x}"] . ":" . base64_encode($_POST["password{$x}"]); - if ($_POST["ip{$x}"]) { - $usernam .= ":" . $_POST["ip{$x}"]; - } - - $users[] = $usernam; - } - } - - if (count($users) > 0) { - $pppoecfg['username'] = implode(" ", $users); - } - - if (!isset($id)) { - $id = count($a_pppoes); - } - - if (file_exists("{$g['tmp_path']}/.vpn_pppoe.apply")) { - $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.vpn_pppoe.apply")); - } else { - $toapplylist = array(); - } - - $toapplylist[] = $pppoecfg['pppoeid']; - $a_pppoes[$id] = $pppoecfg; - - write_config(); - mark_subsystem_dirty('vpnpppoe'); - file_put_contents("{$g['tmp_path']}/.vpn_pppoe.apply", serialize($toapplylist)); - header("Location: vpn_pppoe.php"); - exit; - } -} - -function build_interface_list() { - $list = array(); - - $interfaces = get_configured_interface_with_descr(); - - foreach ($interfaces as $iface => $ifacename) - $list[$iface] = $ifacename; - - return($list); -} - -$pgtitle = array(gettext("Services"),gettext("PPPoE Server"), gettext("Edit")); -$shortcut_section = "pppoes"; -include("head.inc"); - -if ($input_errors) - print_input_errors($input_errors); - -if ($savemsg) - print_info_box($savemsg, 'success'); - -$form = new Form(); - -$section = new Form_Section('PPPoE Server Configuration'); - -$section->addInput(new Form_Checkbox( - 'mode', - 'Enable', - 'Enable PPPoE Server', - ($pconfig['mode'] == "server"), - 'server' -)) ->toggles('.form-group:not(:first-child)'); - -$section->addInput(new Form_Select( - 'interface', - 'Interface', - $pconfig['interface'], - build_interface_list() - -)); - -$section->addInput(new Form_Select( - 'pppoe_subnet', - 'Subnet mask', - $pconfig['pppoe_subnet'], - array_combine(range(0, 32, 1), range(0, 32, 1)) -))->setHelp('Hint: 24 is 255.255.255.0'); - -$section->addInput(new Form_Select( - 'n_pppoe_units', - 'No. of PPPoE Users', - $pconfig['n_pppoe_units'], - array_combine(range(0, 255, 1), range(0, 255, 1)) -)); - -$section->addInput(new Form_IpAddress( - 'localip', - 'Server Address', - $pconfig['localip'] -))->setHelp('Enter the IP address the PPPoE server should give to clients for use as their "gateway"' . '
' . - 'Typically this is set to an unused IP just outside of the client range '. '
' . - 'NOTE: This should NOT be set to any IP address currently in use on this firewall'); - -$section->addInput(new Form_IpAddress( - 'remoteip', - 'Remote Address Range', - $pconfig['remoteip'] -))->setHelp('Specify the starting address for the client IP address subnet'); - -$section->addInput(new Form_Input( - 'descr', - 'Description', - 'text', - $pconfig['descr'] -)); - -$section->addInput(new Form_Input( - 'pppoe_dns1', - 'DNS Servers', - 'text', - $pconfig['pppoe_dns1'] -)); - -$section->addInput(new Form_IpAddress( - 'pppoe_dns2', - null, - $pconfig['pppoe_dns2'] -))->setHelp('If entered these servers will be given to all PPPoE clients, otherwise LAN DNS and one WAN DNS will go to all clients'); - -$section->addInput(new Form_Checkbox( - 'radiusenable', - 'RADIUS', - 'Use a RADIUS Server for authentication', - $pconfig['radiusenable'] -))->setHelp('All users will be authenticated using the RADIUS server specified below. The local user database ' . - 'will not be used'); - -$section->addInput(new Form_Checkbox( - 'radacct_enable', - null, - 'Enable RADIUS Accounting', - $pconfig['radacct_enable'] -))->setHelp('Sends accounting packets to the RADIUS server'); - -$section->addInput(new Form_Checkbox( - 'radiussecenable', - null, - 'Use backup RADIUS server', - $pconfig['radiussecenable'] -))->setHelp('If primary server fails all requests will be sent via backup server'); - -$section->addInput(new Form_IpAddress( - 'radius_nasip', - 'NAS IP Address', - $pconfig['radius_nasip'] -))->setHelp('RADIUS server NAS IP Address'); - -$section->addInput(new Form_Input( - 'radius_acct_update', - 'RADIUS Accounting Update', - 'text', - $pconfig['radius_acct_update'] -))->setHelp('RADIUS accounting update period in seconds'); - -$section->addInput(new Form_Checkbox( - 'radiusissueips', - 'Radius Issued IPs', - 'Issue IP Addresses via RADIUS server', - $pconfig['radiusissueips'] -)); - -$group = new Form_Group('RADIUS server Primary'); - -$group->add(new Form_IpAddress( - 'radiusserver', - null, - $pconfig['radiusserver'] -))->setHelp('IP Address'); - -$group->add(new Form_Input( - 'radiusserverport', - null, - 'text', - $pconfig['radiusserverport'] -))->setHelp('Authentication port '); - -$group->add(new Form_Input( - 'radiusserveracctport', - null, - 'text', - $pconfig['radiusserveracctport'] -))->setHelp('Accounting port (optional)'); - -$group->setHelp('Standard ports are 1812 (authentication) and 1813 (accounting)'); - -$section->add($group); - -$section->addInput(new Form_Input( - 'radiussecret', - 'RADIUS primary shared secret', - 'password', - $pconfig['radiussecret'] -))->setHelp('Enter the shared secret that will be used to authenticate to the RADIUS server.'); - -$group = new Form_Group('RADIUS server Secondary'); - -$group->add(new Form_IpAddress( - 'radiusserver2', - null, - $pconfig['radiusserver2'] -))->setHelp('IP Address'); - -$group->add(new Form_Input( - 'radiusserver2port', - null, - 'text', - $pconfig['radiusserver2port'] -))->setHelp('Authentication port '); - -$group->add(new Form_Input( - 'radiusserver2acctport', - null, - 'text', - $pconfig['radiusserver2acctport'] -))->setHelp('Accounting port (optional)'); - -$group->setHelp('Standard ports are 1812 (authentication) and 1813 (accounting)'); - -$section->add($group); - -$section->addInput(new Form_Input( - 'radiussecret2', - 'RADIUS secondary shared secret', - 'password', - $pconfig['radiussecret2'] -))->setHelp('Enter the shared secret that will be used to authenticate to the backup RADIUS server.'); - -$counter = 0; -$numrows = count($item) -1; - -$usernames = $pconfig['username']; - -//DEBUG -//$usernames = 'sbeaver:TXlQYXNzd2Q=:192.168.1.1 smith:TXlQYXNzd2Q=:192.168.2.1 sjones:TXlQYXNzd2Q=:192.168.3.1 salpha:TXlQYXNzd2Q=:192.168.4.1'; - -if($usernames == "") - $usernames = '::'; - -if ($usernames != ""){ - $item = explode(" ", $usernames); - - $numrows = count($item) -1; - - foreach($item as $ww) { - $wws = explode(":", $ww); - $user = $wws[0]; - $passwd = base64_decode($wws[1]); - $ip = $wws[2]; - - $group = new Form_Group($counter == 0 ? 'User table':null); - $group->addClass('repeatable'); - - $group->add(new Form_Input( - 'username' . $counter, - null, - 'text', - $user - ))->setHelp($numrows == $counter ? 'User name':null); - - $group->add(new Form_Input( - 'password' . $counter, - null, - 'password', - $passwd - ))->setHelp($numrows == $counter ? 'Password':null); - - $group->add(new Form_IpAddress( - 'ip' . $counter, - null, - $ip - ))->setHelp($numrows == $counter ? 'IP Address':null); - - $group->add(new Form_Button( - 'deleterow' . $counter, - 'Delete' - ))->removeClass('btn-primary')->addClass('btn-warning'); - - $section->add($group); - - $counter++; - } -} - -$btnaddrow = new Form_Button( - 'addrow', - 'Add user' -); - -$btnaddrow->removeClass('btn-primary')->addClass('btn-success'); - -$section->addInput(new Form_StaticText( - null, - ' ' . $btnaddrow -)); - -// Hidden fields -if(isset($id)) { - $section->addInput(new Form_Input( - 'id', - null, - 'hidden', - htmlspecialchars($id, ENT_QUOTES | ENT_HTML401) - )); -} - -if (isset($pconfig['pppoeid'])) { - $section->addInput(new Form_Input( - 'pppoeid', - null, - 'hidden', - $pconfig['pppoeid'] - )); -} - -$form->add($section); - -print($form); - -print_info_box(gettext('Don\'t forget to add a firewall rule to permit traffic from PPPoE clients')); -?> - - diff --git a/src/usr/local/www/widgets/include/ipsec.inc b/src/usr/local/www/widgets/include/ipsec.inc index 6df0a7c..59fe454 100644 --- a/src/usr/local/www/widgets/include/ipsec.inc +++ b/src/usr/local/www/widgets/include/ipsec.inc @@ -1,4 +1,4 @@ diff --git a/src/usr/local/www/widgets/include/log.inc b/src/usr/local/www/widgets/include/log.inc index 7ad453a..d2bafb0 100644 --- a/src/usr/local/www/widgets/include/log.inc +++ b/src/usr/local/www/widgets/include/log.inc @@ -1,6 +1,6 @@ \ No newline at end of file diff --git a/src/usr/local/www/widgets/widgets/carp_status.widget.php b/src/usr/local/www/widgets/widgets/carp_status.widget.php index e5c2e0e..8884e2b 100644 --- a/src/usr/local/www/widgets/widgets/carp_status.widget.php +++ b/src/usr/local/www/widgets/widgets/carp_status.widget.php @@ -114,7 +114,7 @@ $carp_enabled = get_carp_status(); } } else { ?> - No CARP Interfaces Defined. Click here to configure CARP. + No CARP Interfaces Defined. Click here to configure CARP. diff --git a/src/usr/local/www/widgets/widgets/log.widget.php b/src/usr/local/www/widgets/widgets/log.widget.php index a9d9a27..fb31aef 100644 --- a/src/usr/local/www/widgets/widgets/log.widget.php +++ b/src/usr/local/www/widgets/widgets/log.widget.php @@ -166,7 +166,7 @@ if (isset($_POST['lastsawtime'])) { $dstIP = str_replace(':', ':', $dstIP); ?> - ', outputrule);" + ', outputrule);" role="button" data-toggle="popover" data-trigger="hover" data-title="Rule that triggered this action" data-content="">