From 73bf4a46d9083140c943a5d5c0ea69745ce9b905 Mon Sep 17 00:00:00 2001 From: Warren Baker Date: Mon, 16 May 2011 16:26:43 +0200 Subject: Use base 1000 on user graphs and display cumulative of Total users logged in over the 'x' period. --- usr/local/www/status_rrd_graph_img.php | 42 +++++++++------------------------- 1 file changed, 11 insertions(+), 31 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/status_rrd_graph_img.php b/usr/local/www/status_rrd_graph_img.php index d21f91c..a2aa6d2 100644 --- a/usr/local/www/status_rrd_graph_img.php +++ b/usr/local/www/status_rrd_graph_img.php @@ -933,16 +933,15 @@ elseif((strstr($curdatabase, "-loggedin.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "--start $start --end $end "; $graphcmd .= "--vertical-label \"Captive Portal Users\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; + $graphcmd .= "--base=1000 "; + $graphcmd .= "--lower-limit=0 "; + $graphcmd .= "--slope-mode "; $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"$curif-loggedinusers=$rrddbpath$curdatabase:loggedinusers:AVERAGE\" "; - $graphcmd .= "LINE2:\"$curif-loggedinusers#{$colorcaptiveportalusers[0]}:$curif-loggedinusers\" "; - $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; - $graphcmd .= "COMMENT:\"Users Online\t\" "; - $graphcmd .= "GPRINT:\"$curif-loggedinusers:LAST:%7.2lf \" "; - $graphcmd .= "GPRINT:\"$curif-loggedinusers:AVERAGE:%7.2lf \" "; - $graphcmd .= "GPRINT:\"$curif-loggedinusers:MAX:%7.2lf \" "; + $graphcmd .= "CDEF:\"$curif-totalusers_t=PREV,UN,0,PREV,IF,$curif-loggedinusers,+\" "; + $graphcmd .= "AREA:\"$curif-totalusers_t#{$colorcaptiveportalusers[0]}:Total logged in users\" "; + $graphcmd .= "GPRINT:\"$curif-totalusers_t:MAX:%8.0lf \\n\" "; $graphcmd .= "COMMENT:\"\\n\" "; $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; } @@ -953,37 +952,18 @@ elseif((strstr($curdatabase, "-concurrent.rrd")) && (file_exists("$rrddbpath$cur $graphcmd .= "--vertical-label \"Captive Portal Users\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; - $graphcmd .= "--height 200 --width 620 "; - $graphcmd .= "DEF:\"$curif-concurrentusers=$rrddbpath$curdatabase:concurrentusers:AVERAGE\" "; - $graphcmd .= "LINE2:\"$curif-concurrentusers#{$colorcaptiveportalusers[0]}:$curif-concurrentusers\" "; - $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; - $graphcmd .= "COMMENT:\"Users Online\t\" "; - $graphcmd .= "GPRINT:\"$curif-concurrentusers:LAST:%7.2lf \" "; - $graphcmd .= "GPRINT:\"$curif-concurrentusers:AVERAGE:%7.2lf \" "; - $graphcmd .= "GPRINT:\"$curif-concurrentusers:MAX:%7.2lf \" "; - $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; -} -elseif((strstr($curdatabase, "-totalusers.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { - /* define graphcmd for online Captive Portal users stats */ - $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png "; - $graphcmd .= "--start $start --end $end "; - $graphcmd .= "--vertical-label \"Total Captive Portal Users\" "; - $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; $graphcmd .= "--base=1000 "; $graphcmd .= "--lower-limit=0 "; $graphcmd .= "--slope-mode "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; - $graphcmd .= "DEF:\"$curif-totalusers=$rrddbpath$curdatabase:totalusers:AVERAGE\" "; - $graphcmd .= "AREA:\"$curif-totalusers#{$colorcaptiveportalusers[0]}:$curif-totalusers\" "; + $graphcmd .= "DEF:\"$curif-concurrentusers=$rrddbpath$curdatabase:concurrentusers:AVERAGE\" "; + $graphcmd .= "AREA:\"$curif-concurrentusers#{$colorcaptiveportalusers[0]}:Concurrent Users\" "; $graphcmd .= "COMMENT:\"\\n\" "; $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; $graphcmd .= "COMMENT:\"Users Online\t\" "; - $graphcmd .= "GPRINT:\"$curif-totalusers:LAST:%8.0lf \" "; - $graphcmd .= "GPRINT:\"$curif-totalusers:AVERAGE:%8.0lf \" "; - $graphcmd .= "GPRINT:\"$curif-totalusers:MAX:%8.0lf \" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:LAST:%8.0lf \" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:AVERAGE:%8.0lf \" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:MAX:%8.0lf \" "; $graphcmd .= "COMMENT:\"\\n\" "; $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; } -- cgit v1.1 From 701989fbe44f22fc7ea1848ac7c14f361178e5c2 Mon Sep 17 00:00:00 2001 From: jim-p Date: Mon, 16 May 2011 15:39:45 -0400 Subject: Print the MAC mfg on another line in a smaller font if it's found. Less obtrusive than completely replacing the MAC. --- usr/local/www/diag_arp.php | 4 ++-- usr/local/www/status_dhcp_leases.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/diag_arp.php b/usr/local/www/diag_arp.php index 3adc2a8..4665a44 100755 --- a/usr/local/www/diag_arp.php +++ b/usr/local/www/diag_arp.php @@ -309,8 +309,8 @@ $mac_man = load_mac_manufacturer_table(); {$mac_man[$mac_hi]}"; } - else{ print $mac; } + print $mac; + if(isset($mac_man[$mac_hi])){ print "
{$mac_man[$mac_hi]}"; } ?> {$fspans}{$mac_man[$mac_hi]}{$fspane} \n"; + echo "{$fspans}{$mac}
{$mac_man[$mac_hi]}{$fspane} \n"; }else{ echo "{$fspans}{$data['mac']}{$fspane} \n"; } -- cgit v1.1 From 1a137650652a9148ef292777299f2d4f81d66eab Mon Sep 17 00:00:00 2001 From: jim-p Date: Mon, 16 May 2011 16:47:47 -0400 Subject: Fixup MAC display on this other path too --- usr/local/www/status_dhcp_leases.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr/local/www') diff --git a/usr/local/www/status_dhcp_leases.php b/usr/local/www/status_dhcp_leases.php index f84f7b3..ba18b72 100755 --- a/usr/local/www/status_dhcp_leases.php +++ b/usr/local/www/status_dhcp_leases.php @@ -369,7 +369,7 @@ foreach ($leases as $data) { } }else{ if(isset($mac_man[$mac_hi])){ // Manufacturer for this MAC is defined - echo "{$fspans}{$mac_man[$mac_hi]}{$fspane} \n"; + echo "{$fspans}{$mac}
{$mac_man[$mac_hi]}{$fspane} \n"; }else{ echo "{$fspans}{$data['mac']}{$fspane} \n"; } -- cgit v1.1 From f5adee3f6e8c74949ef51b75123ba034c7123977 Mon Sep 17 00:00:00 2001 From: jim-p Date: Tue, 17 May 2011 14:24:39 -0400 Subject: Make sure all CP form elements are disabled/enabled with the master checkbox. --- usr/local/www/services_captiveportal.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'usr/local/www') diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 24595da..23e6cd9 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -263,6 +263,7 @@ function enable_change(enable_change) { document.iform.freelogins_resettimeout.disabled = endis; document.iform.freelogins_updatetimeouts.disabled = endis; document.iform.timeout.disabled = endis; + document.iform.preauthurl.disabled = endis; document.iform.redirurl.disabled = endis; document.iform.radiusip.disabled = radius_endis; document.iform.radiusip2.disabled = radius_endis; @@ -283,6 +284,7 @@ function enable_change(enable_change) { document.iform.radmac_format.disabled = radius_endis; document.iform.httpsname.disabled = endis; document.iform.cert.disabled = endis; + document.iform.cacert.disabled = endis; document.iform.key.disabled = endis; document.iform.logoutwin_enable.disabled = endis; document.iform.nomacfilter.disabled = endis; -- cgit v1.1 From 67d78c87c95cb45e305bbb07596f99d5b4bc1a13 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 17 May 2011 21:18:33 +0000 Subject: Ticket #1534. Serialize all the xmlrpc requests coming to the firewall. Seems such request can stomp into each other and create either corruption of xmlrpc request or other issues. --- usr/local/www/xmlrpc.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'usr/local/www') diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index ebb3a24..9deffcc 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -372,6 +372,8 @@ function get_notices_xmlrpc($raw_params) { return $response; } +$xmlrpclockkey = lock('xmlrpc', LOCK_EX); + /*****************************/ $server = new XML_RPC_Server( array( @@ -412,4 +414,6 @@ $server = new XML_RPC_Server( ) ); +unlock($xmlrpclockkey); + ?> -- cgit v1.1 From 0d5c21f743a7ad133e18b3dc7ee09ac8073f4d08 Mon Sep 17 00:00:00 2001 From: Chris Buechler Date: Tue, 17 May 2011 21:59:03 -0400 Subject: fix missing images for CRLs --- usr/local/www/system_crlmanager.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr/local/www') diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php index 72e795b..1beb75b 100644 --- a/usr/local/www/system_crlmanager.php +++ b/usr/local/www/system_crlmanager.php @@ -494,6 +494,7 @@ function method_change() { Date: Wed, 18 May 2011 21:03:50 +0000 Subject: Ticket #1534, #1433. Properly merge carp interfaces and do not reload carp interfaces that have not change any configuration parameter. Also make merge_config_section_xmlrpc() an alias for restore_config_section_xmlrpc() since that what it is. --- usr/local/www/xmlrpc.php | 98 +++++++++++++++++++++++++++++++++--------------- 1 file changed, 68 insertions(+), 30 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index 9deffcc..55fac86 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -159,25 +159,85 @@ function restore_config_section_xmlrpc($raw_params) { if(!xmlrpc_auth($params)) return $xmlrpc_g['return']['authfail']; $vipbackup = array(); + $oldvips = array(); if (isset($params[0]['virtualip'])) { if(is_array($config['virtualip']['vip'])) { - foreach ($config['virtualip']['vip'] as $vip) - interface_vip_bring_down($vip); + foreach ($config['virtualip']['vip'] as $vipindex => $vip) { + if ($vip['mode'] == "carp") + $oldvips[$vip['vhid']] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; + if ((($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp')) && substr($vip['interface'], 0, 3) != "vip") + $vipbackup[] = $vip; + } } - $vipbackup = $config['virtualip']['vip']; } // For vip section, first keep items sent from the master $config = array_merge($config, $params[0]); - // Then add ipalias and proxyarp types already defined on the backup + + /* + * NOTE: Do not rely on array_merge since it might keep vips in there if there were + * many vips previously and only a reduced list is sent for synching. + */ + if (is_array($params[0]['virtualip']) && is_array($params[0]['virtualip']['vip'])) { + if (!is_array($config['virtualip'])) + $config['virtualip'] = array(); + $config['virtualip'] = $params[0]['virtualip']; + } else + $config['virtualip'] = array(); // Reset + + /* Then add ipalias and proxyarp types already defined on the backup */ if (is_array($vipbackup)) { foreach ($vipbackup as $vip) { - if ((($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp')) && substr($vip['interface'], 0, 3) != "vip") - array_unshift($config['virtualip']['vip'], $vip); + array_unshift($config['virtualip']['vip'], $vip); } } + + /* Log what happened */ $mergedkeys = implode(",", array_keys($params[0])); write_config(sprintf(gettext("Merged in config (%s sections) from XMLRPC client."),$mergedkeys)); - interfaces_vips_configure(); + + /* + * The real work on handling the vips specially + * This is a copy of intefaces_vips_configure with addition of not reloading existing/not changed carps + */ + if (is_array($config['virtualip']) && is_array($config['virtualip']['vip'])) { + $carp_setuped = false; + $anyproxyarp = false; + foreach ($config['virtualip']['vip'] as $vip) { + if (isset($oldvips[$vip['vhid']])) { + if ($oldvips[$vip['vhid']] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") { + if (does_interface_exist("vip{$vip['vhid']}")) + continue; // Skip reconfiguring this vips since nothing has changed. + } else + unset($oldvips['vhid']); + } + + switch ($vip['mode']) { + case "proxyarp": + $anyproxyarp = true; + break; + case "ipalias": + interface_ipalias_configure(&$vip); + break; + case "carp": + if ($carp_setuped == false) + $carp_setuped = true; + interface_carp_configure($vip); + break; + case "carpdev-dhcp": + interface_carpdev_configure($vip); + break; + } + } + /* Cleanup remaining old carps */ + foreach ($oldvips as $oldvipif => $oldvippar) { + if (does_interface_exist("vip{$oldvipif}")) + pfSense_interface_destroy("vip{$oldvipif}"); + } + if ($carp_setuped == true) + interfaces_carp_setup(); + if ($anyproxyarp == true) + interface_proxyarp_configure(); + } return $xmlrpc_g['return']['true']; } @@ -218,29 +278,7 @@ $merge_config_section_sig = array( function merge_config_section_xmlrpc($raw_params) { global $config, $xmlrpc_g; - $params = xmlrpc_params_to_php($raw_params); - if(!xmlrpc_auth($params)) - return $xmlrpc_g['return']['authfail']; - if (isset($params[0]['virtualip'])) { - if(is_array($config['virtualip']['vip'])) { - foreach ($config['virtualip']['vip'] as $vip) - interface_vip_bring_down($vip); - } - $vipbackup = $config['virtualip']['vip']; - } - $config = array_merge_recursive_unique($config, $params[0]); - // Then add ipalias and proxyarp types already defined on the backup - if (is_array($vipbackup)) { - foreach ($vipbackup as $vip) { - if ((($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp')) && substr($vip['interface'], 0, 3) != "vip") - array_unshift($config['virtualip']['vip'], $vip); - } - } - $mergedkeys = implode(",", array_keys($params[0])); - write_config("Merged in config ({$mergedkeys} sections) from XMLRPC client."); - interfaces_vips_configure(); - - return $xmlrpc_g['return']['true']; + return restore_config_section_xmlrpc($raw_params); } /*****************************/ -- cgit v1.1 From f51d4f989eaa8d1e943c6cbf68faae499cddc961 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 18 May 2011 21:31:35 +0000 Subject: Ticket #1534, #1433. Remove custom sync code for vip, since it array_merge() replaces same keys data when merging. But make the code for reloading only changed vips after merge better and some more checks. --- usr/local/www/xmlrpc.php | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index 55fac86..7ddbfc6 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -158,6 +158,7 @@ function restore_config_section_xmlrpc($raw_params) { $params = xmlrpc_params_to_php($raw_params); if(!xmlrpc_auth($params)) return $xmlrpc_g['return']['authfail']; + $vipbackup = array(); $oldvips = array(); if (isset($params[0]['virtualip'])) { @@ -170,25 +171,18 @@ function restore_config_section_xmlrpc($raw_params) { } } } + // For vip section, first keep items sent from the master $config = array_merge($config, $params[0]); - /* - * NOTE: Do not rely on array_merge since it might keep vips in there if there were - * many vips previously and only a reduced list is sent for synching. - */ - if (is_array($params[0]['virtualip']) && is_array($params[0]['virtualip']['vip'])) { + /* Then add ipalias and proxyarp types already defined on the backup */ + if (is_array($vipbackup) && !empty($vipbackup)) { if (!is_array($config['virtualip'])) $config['virtualip'] = array(); - $config['virtualip'] = $params[0]['virtualip']; - } else - $config['virtualip'] = array(); // Reset - - /* Then add ipalias and proxyarp types already defined on the backup */ - if (is_array($vipbackup)) { - foreach ($vipbackup as $vip) { + if (!is_array($config['virtualip']['vip'])) + $config['virtualip']['vip'] = array(); + foreach ($vipbackup as $vip) array_unshift($config['virtualip']['vip'], $vip); - } } /* Log what happened */ @@ -201,7 +195,7 @@ function restore_config_section_xmlrpc($raw_params) { */ if (is_array($config['virtualip']) && is_array($config['virtualip']['vip'])) { $carp_setuped = false; - $anyproxyarp = false; + $anyproxyarp = false; foreach ($config['virtualip']['vip'] as $vip) { if (isset($oldvips[$vip['vhid']])) { if ($oldvips[$vip['vhid']] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") { -- cgit v1.1 From bb4fcffd7d89b48429bae5f8913f5c17bfee6952 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 18 May 2011 21:54:12 +0000 Subject: Fixes #1522. Call interface reconfigure so we bring down the interface and than re-configure it. --- usr/local/www/interfaces.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr/local/www') diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index 53df333..ead78cc 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -310,7 +310,7 @@ if ($_POST['apply']) { $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.interfaces.apply")); foreach ($toapplylist as $ifapply) { if (isset($config['interfaces'][$ifapply]['enable'])) - interface_configure($ifapply, true); + interface_reconfigure($ifapply); else interface_bring_down($ifapply); } -- cgit v1.1 From c415a55bd3466bb9c67e9a6f81b88b285f9bd7b5 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 18 May 2011 21:56:13 +0000 Subject: Micro optimization. --- usr/local/www/xmlrpc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr/local/www') diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index 7ddbfc6..a732b95 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -166,7 +166,7 @@ function restore_config_section_xmlrpc($raw_params) { foreach ($config['virtualip']['vip'] as $vipindex => $vip) { if ($vip['mode'] == "carp") $oldvips[$vip['vhid']] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; - if ((($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp')) && substr($vip['interface'], 0, 3) != "vip") + else if ((($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp')) && substr($vip['interface'], 0, 3) != "vip") $vipbackup[] = $vip; } } -- cgit v1.1