array('acl_network' => '', 'mask' => '')); } if ($_POST) { unset($input_errors); $pconfig = $_POST; for ($x = 0; $x < NUMACLS; $x++) { if (isset($pconfig["acl_network{$x}"])) { $networkacl[$x] = array(); $networkacl[$x]['acl_network'] = $pconfig["acl_network{$x}"]; $networkacl[$x]['mask'] = $pconfig["mask{$x}"]; /* ACL Flags */ if (!empty($pconfig["kod{$x}"])) { $networkacl[$x]['kod'] = $pconfig["kod{$x}"]; } elseif (isset($networkacl[$x]['kod'])) { unset($networkacl[$x]['kod']); } if (!empty($pconfig["nomodify{$x}"])) { $networkacl[$x]['nomodify'] = $pconfig["nomodify{$x}"]; } elseif (isset($networkacl[$x]['nomodify'])) { unset($networkacl[$x]['nomodify']); } if (!empty($pconfig["noquery{$x}"])) { $networkacl[$x]['noquery'] = $pconfig["noquery{$x}"]; } elseif (isset($networkacl[$x]['noquery'])) { unset($networkacl[$x]['noquery']); } if (!empty($pconfig["noserve{$x}"])) { $networkacl[$x]['noserve'] = $pconfig["noserve{$x}"]; } elseif (isset($networkacl[$x]['noserve'])) { unset($networkacl[$x]['noserve']); } if (!empty($pconfig["nopeer{$x}"])) { $networkacl[$x]['nopeer'] = $pconfig["nopeer{$x}"]; } elseif (isset($networkacl[$x]['nopeer'])) { unset($networkacl[$x]['nopeer']); } if (!empty($pconfig["notrap{$x}"])) { $networkacl[$x]['notrap'] = $pconfig["notrap{$x}"]; } elseif (isset($networkacl[$x]['notrap'])) { unset($networkacl[$x]['notrap']); } /* End ACL Flags */ if (!is_ipaddr($networkacl[$x]['acl_network'])) { $input_errors[] = gettext("A valid IP address must be entered for each row under Networks."); } if (is_ipaddr($networkacl[$x]['acl_network'])) { if (!is_subnet($networkacl[$x]['acl_network']."/".$networkacl[$x]['mask'])) { $input_errors[] = gettext("A valid IPv4 netmask must be entered for each IPv4 row under Networks."); } } else if (function_exists("is_ipaddrv6")) { if (!is_ipaddrv6($networkacl[$x]['acl_network'])) { $input_errors[] = gettext("A valid IPv6 address must be entered for {$networkacl[$x]['acl_network']}."); } else if (!is_subnetv6($networkacl[$x]['acl_network']."/".$networkacl[$x]['mask'])) { $input_errors[] = gettext("A valid IPv6 netmask must be entered for each IPv6 row under Networks."); } } else { $input_errors[] = gettext("A valid IP address must be entered for each row under Networks."); } } else if (isset($networkacl[$x])) { unset($networkacl[$x]); } } if (!$input_errors) { /* Default Access Restrictions */ if (empty($_POST['kod'])) { $config['ntpd']['kod'] = 'on'; } elseif (isset($config['ntpd']['kod'])) { unset($config['ntpd']['kod']); } if (empty($_POST['nomodify'])) { $config['ntpd']['nomodify'] = 'on'; } elseif (isset($config['ntpd']['nomodify'])) { unset($config['ntpd']['nomodify']); } if (!empty($_POST['noquery'])) { $config['ntpd']['noquery'] = $_POST['noquery']; } elseif (isset($config['ntpd']['noquery'])) { unset($config['ntpd']['noquery']); } if (!empty($_POST['noserve'])) { $config['ntpd']['noserve'] = $_POST['noserve']; } elseif (isset($config['ntpd']['noserve'])) { unset($config['ntpd']['noserve']); } if (empty($_POST['nopeer'])) { $config['ntpd']['nopeer'] = 'on'; } elseif (isset($config['ntpd']['nopeer'])) { unset($config['ntpd']['nopeer']); } if (empty($_POST['notrap'])) { $config['ntpd']['notrap'] = 'on'; } elseif (isset($config['ntpd']['notrap'])) { unset($config['ntpd']['notrap']); } /* End Default Access Restrictions */ $config['ntpd']['restrictions']['row'] = array(); foreach ($networkacl as $acl) { $config['ntpd']['restrictions']['row'][] = $acl; } write_config("Updated NTP ACL Settings"); $retval = 0; $retval = system_ntp_configure(); $savemsg = get_std_save_message($retval); } } $pconfig = &$config['ntpd']; $pgtitle = array(gettext("Services"), gettext("NTP"), gettext("ACLs")); $shortcut_section = "ntp"; include("head.inc"); if ($input_errors) { print_input_errors($input_errors); } if ($savemsg) { print_info_box($savemsg, 'success'); } $tab_array = array(); $tab_array[] = array(gettext("Settings"), false, "services_ntpd.php"); $tab_array[] = array(gettext("ACLs"), true, "services_ntpd_acls.php"); $tab_array[] = array(gettext("Serial GPS"), false, "services_ntpd_gps.php"); $tab_array[] = array(gettext("PPS"), false, "services_ntpd_pps.php"); display_top_tabs($tab_array); $form = new Form; $section = new Form_Section('Default Access Restrictions'); $section->addInput(new Form_Checkbox( 'kod', 'Kiss-o\'-death', 'Enable KOD packets.', !$pconfig['kod'] )); $section->addInput(new Form_Checkbox( 'nomodify', "Modifications", 'Deny run-time Configuration (nomodify) by ntpq and ntpdc.', !$pconfig['nomodify'] )); $section->addInput(new Form_Checkbox( 'noquery', 'Queries', 'Disable ntpq and ntpdc queries (noquery).', $pconfig['noquery'] )); $section->addInput(new Form_Checkbox( 'noserve', 'Service', 'Disable all except ntpq and ntpdc queries (noserve).', $pconfig['noserve'] )); $section->addInput(new Form_Checkbox( 'nopeer', 'Peer Association', 'Deny packets that attempt a peer association (nopeer).', !$pconfig['nopeer'] )); $section->addInput(new Form_Checkbox( 'notrap', 'Trap Service', 'Deny mode 6 control message trap service (notrap).', !$pconfig['notrap'] )); /* End Default Restrictions*/ $form->add($section); $section = new Form_Section('Custom Access Restrictions'); $numrows = count($networkacl) - 1; $counter = 0; foreach ($networkacl as $item) { $group = new Form_Group($counter == 0 ? 'Networks':''); $group->add(new Form_IpAddress( 'acl_network' . $counter, null, $item['acl_network'] ))->addMask('mask' . $counter, $item['mask'])->setWidth(3)->setHelp(($counter == $numrows) ? 'Network/mask':null); $group->add(new Form_Checkbox( 'kod' . $counter, null, null, $item['kod'] ))->setHelp('KOD'); $group->add(new Form_Checkbox( 'nomodify' . $counter, null, null, $item['nomodify'] ))->setHelp('nomodify'); $group->add(new Form_Checkbox( 'noquery' . $counter, null, null, $item['noquery'] ))->setHelp('noquery'); $group->add(new Form_Checkbox( 'noserve' . $counter, null, null, $item['noserve'] ))->setHelp('noserve'); $group->add(new Form_Checkbox( 'nopeer' . $counter, null, null, $item['nopeer'] ))->setHelp('nopeer'); $group->add(new Form_Checkbox( 'notrap' . $counter, null, null, $item['notrap'] ))->setHelp('notrap'); $group->add(new Form_Button( 'deleterow' . $counter, 'Delete', null, 'fa-trash' ))->addClass('btn-warning'); $group->addClass('repeatable'); $section->add($group); $counter++; } $section->addInput(new Form_Button( 'addrow', 'Add', null, 'fa-plus' ))->addClass('btn-success'); $form->add($section); print($form); ?>