]> git.gsnw.org Git - m0n0chwall.git/commitdiff
git-svn-id: https://svn.m0n0.ch/wall/trunk@50 e36fee2c-cc09-0410-a7cc-ebac5c6737de
authorptaylor <ptaylor@e36fee2c-cc09-0410-a7cc-ebac5c6737de>
Mon, 6 Feb 2006 22:06:24 +0000 (22:06 +0000)
committerptaylor <ptaylor@e36fee2c-cc09-0410-a7cc-ebac5c6737de>
Mon, 6 Feb 2006 22:06:24 +0000 (22:06 +0000)
39 files changed:
phpconf/inc/pear.inc
phpconf/inc/system.inc
phpconf/inc/xmlparse.inc
webgui/auth.inc [new file with mode: 0644]
webgui/diag_ipsec_sad.php
webgui/diag_ipsec_spd.php
webgui/diag_logs.php
webgui/diag_logs_dhcp.php
webgui/diag_logs_filter.php
webgui/diag_logs_portal.php
webgui/diag_logs_settings.php
webgui/diag_logs_vpn.php
webgui/diag_ping.php
webgui/diag_traceroute.php
webgui/exec.php
webgui/exec_raw.php
webgui/fbegin.inc
webgui/firewall_nat.php
webgui/firewall_nat_1to1.php
webgui/firewall_nat_out.php
webgui/firewall_nat_server.php
webgui/firewall_shaper.php
webgui/firewall_shaper_magic.php
webgui/firewall_shaper_pipes.php
webgui/firewall_shaper_queues.php
webgui/guiconfig.inc
webgui/services_captiveportal.php
webgui/services_captiveportal_filemanager.php
webgui/services_captiveportal_ip.php
webgui/services_captiveportal_mac.php
webgui/services_captiveportal_users.php
webgui/system_groupmanager.php [new file with mode: 0644]
webgui/system_usermanager.php [new file with mode: 0644]
webgui/vpn_ipsec.php
webgui/vpn_ipsec_ca.php
webgui/vpn_ipsec_keys.php
webgui/vpn_ipsec_mobile.php
webgui/vpn_pptp.php
webgui/vpn_pptp_users.php

index 5383e00640cb9a1303ac041e2839322934262586..74fc18db2784bb03830ca458efec9887317f9952 100644 (file)
@@ -1,5 +1,5 @@
 <?php
-$Id$
+// $Id$
 
 //
 // +--------------------------------------------------------------------+
index 3f59b042f9bbc5733fe148a53ce3bf884aa3c79f..63c9df494e08e81bf04c71edc9a8ee02891d8571 100644 (file)
@@ -385,6 +385,14 @@ function system_password_configure() {
                $username = "admin";
        
        fwrite($fd, $username . ":" . $config['system']['password'] . "\n");
+
+       if (is_array($config['system']['users'])) {
+               foreach ($config['system']['users'] as $user => $userdata) {
+                           fwrite($fd, $user . ":" 
+                             . $userdata['password'] . "\n");
+               }
+       }
+       
        fclose($fd);
        chmod("{$g['varrun_path']}/htpasswd", 0600);
        
index ea829b46c539b87b7cad27194e940a87b4ed0edd..229f333d45cd114ff1f977dc1b16163654fa5e59 100644 (file)
@@ -30,7 +30,7 @@
 */
 
 /* tags that are always to be handled as lists */
-$listtags = explode(" ", "rule user key dnsserver winsserver " .
+$listtags = explode(" ", "rule user key dnsserver winsserver pages " .
        "encryption-algorithm-option hash-algorithm-option hosts tunnel onetoone " .
        "staticmap route alias pipe queue shellcmd cacert earlyshellcmd mobilekey " .
        "servernat proxyarpnet passthrumac allowedip wolentry vlan domainoverrides element");
diff --git a/webgui/auth.inc b/webgui/auth.inc
new file mode 100644 (file)
index 0000000..26a4831
--- /dev/null
@@ -0,0 +1,67 @@
+<?\r
+/*\r
+       auth.inc\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+\r
+       Copyright (C) 2006 Paul Taylor <paultaylor@winn-dixie.com>.\r
+       All rights reserved. \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+// Once here, the user has authenticated with the web server.  \r
+// Now, we give them access only to the appropriate pages for their group.\r
+if (!($_SERVER['REMOTE_USER'] === $config['system']['username'])) {\r
+       $allowed[] = '';\r
+       if (isset($config['system']['groups'][$config['system']['users'][$_SERVER['REMOTE_USER']]['group']]['pages'])) {\r
+               $allowed = &$config['system']['groups'][$config['system']['users'][$_SERVER['REMOTE_USER']]['group']]['pages'];\r
+       } \r
+\r
+       // If the user is attempting to hit the default page, set it to specifically look for /index.php.\r
+       // Without this, any user would have access to the index page.\r
+       if ($_SERVER['PHP_SELF'] == '/') \r
+               $_SERVER['PHP_SELF'] = '/index.php';\r
+       \r
+       // Strip the leading / from the currently requested PHP page\r
+       if (!in_array(basename($_SERVER['PHP_SELF']),$allowed)) {\r
+               // The currently logged in user is not allowed to access the page\r
+               // they are attempting to go to.  Redirect them to an allowed page.\r
+\r
+               if (in_array("index.php",$allowed)) {\r
+                       header("Location: /index.php"); \r
+                       exit;\r
+               }\r
+               else {\r
+                       header("HTTP/1.0 401 Unauthorized");\r
+                       header("Status: 401 Unauthorized");\r
+\r
+                       echo "<html><head><title>401 Unauthorized</title></head><body><h3>401 Unauthorized</h3>Authorization required.</body></html>";\r
+                       exit;\r
+               }\r
+       }\r
+}\r
+\r
+\r
+\r
+?>
\ No newline at end of file
index 3d3e8a3e262040aeb17d09bd5658d185b4aa6bbe..ae2b4011cc0cfd0547f2d0b649450eca6dfcd753 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "IPsec");
-
-require("guiconfig.inc");
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-       <li class="tabact">SAD</li>
-       <li class="tabinact"><a href="diag_ipsec_spd.php">SPD</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-<?php
-
-/* delete any SA? */
-if ($_GET['act'] == "del") {
-       $fd = @popen("/usr/sbin/setkey -c > /dev/null 2>&1", "w");
-       if ($fd) {
-               fwrite($fd, "delete {$_GET['src']} {$_GET['dst']} {$_GET['proto']} {$_GET['spi']} ;\n");
-               pclose($fd);
-               sleep(1);
-       }
-}
-
-/* query SAD */
-$fd = @popen("/usr/sbin/setkey -D", "r");
-$sad = array();
-if ($fd) {
-       while (!feof($fd)) {
-               $line = chop(fgets($fd));
-               if (!$line)
-                       continue;
-               if ($line == "No SAD entries.")
-                       break;
-               if ($line[0] != "\t") {
-                       if (is_array($cursa))
-                               $sad[] = $cursa;
-                       $cursa = array();
-                       list($cursa['src'],$cursa['dst']) = explode(" ", $line);
-                       $i = 0;
-               } else {
-                       $linea = explode(" ", trim($line));
-                       if ($i == 1) {
-                               $cursa['proto'] = $linea[0];
-                               $cursa['spi'] = substr($linea[2], strpos($linea[2], "x")+1, -1);
-                       } else if ($i == 2) {
-                               $cursa['ealgo'] = $linea[1];
-                       } else if ($i == 3) {
-                               $cursa['aalgo'] = $linea[1];
-                       }
-               }
-               $i++;
-       }
-       if (is_array($cursa) && count($cursa))
-               $sad[] = $cursa;
-       pclose($fd);
-}
-if (count($sad)):
-?>
-            <table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr>
-                <td nowrap class="listhdrr">Source</td>
-                <td nowrap class="listhdrr">Destination</a></td>
-                <td nowrap class="listhdrr">Protocol</td>
-                <td nowrap class="listhdrr">SPI</td>
-                <td nowrap class="listhdrr">Enc. alg.</td>
-                <td nowrap class="listhdr">Auth. alg.</td>
-                <td nowrap class="list"></td>
-       </tr>
-<?php
-foreach ($sad as $sa): ?>
-       <tr>
-               <td class="listlr"><?=htmlspecialchars($sa['src']);?></td>
-               <td class="listr"><?=htmlspecialchars($sa['dst']);?></td>
-               <td class="listr"><?=htmlspecialchars(strtoupper($sa['proto']));?></td>
-               <td class="listr"><?=htmlspecialchars($sa['spi']);?></td>
-               <td class="listr"><?=htmlspecialchars($sa['ealgo']);?></td>
-               <td class="listr"><?=htmlspecialchars($sa['aalgo']);?></td>
-               <td class="list" nowrap>
-               <?php
-                       $args = "src=" . rawurlencode($sa['src']);
-                       $args .= "&dst=" . rawurlencode($sa['dst']);
-                       $args .= "&proto=" . rawurlencode($sa['proto']);
-                       $args .= "&spi=" . rawurlencode("0x" . $sa['spi']);
-               ?>
-                 <a href="diag_ipsec_sad.php?act=del&<?=$args;?>" onclick="return confirm('Do you really want to delete this security association?')"><img src="x.gif" title="delete SA" width="17" height="17" border="0"></a>
-               </td>
-                               
-       </tr>
-<?php endforeach; ?>
-</table>
-<?php else: ?>
-<p><strong>No IPsec security associations.</strong></p>
-<?php endif; ?>
-</td></tr></table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "IPsec");\r
+\r
+require("guiconfig.inc");\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('SAD' => 'diag_ipsec_sad.php',\r
+                         'SPD' => 'diag_ipsec_spd.php');\r
+               dynamic_tab_menu($tabs);\r
+?>\r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+<?php\r
+\r
+/* delete any SA? */\r
+if ($_GET['act'] == "del") {\r
+       $fd = @popen("/usr/sbin/setkey -c > /dev/null 2>&1", "w");\r
+       if ($fd) {\r
+               fwrite($fd, "delete {$_GET['src']} {$_GET['dst']} {$_GET['proto']} {$_GET['spi']} ;\n");\r
+               pclose($fd);\r
+               sleep(1);\r
+       }\r
+}\r
+\r
+/* query SAD */\r
+$fd = @popen("/usr/sbin/setkey -D", "r");\r
+$sad = array();\r
+if ($fd) {\r
+       while (!feof($fd)) {\r
+               $line = chop(fgets($fd));\r
+               if (!$line)\r
+                       continue;\r
+               if ($line == "No SAD entries.")\r
+                       break;\r
+               if ($line[0] != "\t") {\r
+                       if (is_array($cursa))\r
+                               $sad[] = $cursa;\r
+                       $cursa = array();\r
+                       list($cursa['src'],$cursa['dst']) = explode(" ", $line);\r
+                       $i = 0;\r
+               } else {\r
+                       $linea = explode(" ", trim($line));\r
+                       if ($i == 1) {\r
+                               $cursa['proto'] = $linea[0];\r
+                               $cursa['spi'] = substr($linea[2], strpos($linea[2], "x")+1, -1);\r
+                       } else if ($i == 2) {\r
+                               $cursa['ealgo'] = $linea[1];\r
+                       } else if ($i == 3) {\r
+                               $cursa['aalgo'] = $linea[1];\r
+                       }\r
+               }\r
+               $i++;\r
+       }\r
+       if (is_array($cursa) && count($cursa))\r
+               $sad[] = $cursa;\r
+       pclose($fd);\r
+}\r
+if (count($sad)):\r
+?>\r
+            <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr>\r
+                <td nowrap class="listhdrr">Source</td>\r
+                <td nowrap class="listhdrr">Destination</a></td>\r
+                <td nowrap class="listhdrr">Protocol</td>\r
+                <td nowrap class="listhdrr">SPI</td>\r
+                <td nowrap class="listhdrr">Enc. alg.</td>\r
+                <td nowrap class="listhdr">Auth. alg.</td>\r
+                <td nowrap class="list"></td>\r
+       </tr>\r
+<?php\r
+foreach ($sad as $sa): ?>\r
+       <tr>\r
+               <td class="listlr"><?=htmlspecialchars($sa['src']);?></td>\r
+               <td class="listr"><?=htmlspecialchars($sa['dst']);?></td>\r
+               <td class="listr"><?=htmlspecialchars(strtoupper($sa['proto']));?></td>\r
+               <td class="listr"><?=htmlspecialchars($sa['spi']);?></td>\r
+               <td class="listr"><?=htmlspecialchars($sa['ealgo']);?></td>\r
+               <td class="listr"><?=htmlspecialchars($sa['aalgo']);?></td>\r
+               <td class="list" nowrap>\r
+               <?php\r
+                       $args = "src=" . rawurlencode($sa['src']);\r
+                       $args .= "&dst=" . rawurlencode($sa['dst']);\r
+                       $args .= "&proto=" . rawurlencode($sa['proto']);\r
+                       $args .= "&spi=" . rawurlencode("0x" . $sa['spi']);\r
+               ?>\r
+                 <a href="diag_ipsec_sad.php?act=del&<?=$args;?>" onclick="return confirm('Do you really want to delete this security association?')"><img src="x.gif" title="delete SA" width="17" height="17" border="0"></a>\r
+               </td>\r
+                               \r
+       </tr>\r
+<?php endforeach; ?>\r
+</table>\r
+<?php else: ?>\r
+<p><strong>No IPsec security associations.</strong></p>\r
+<?php endif; ?>\r
+</td></tr></table>\r
+<?php include("fend.inc"); ?>\r
index aabdb3ab07226938af54b5534f6b213ddbfaf8a1..605662549d51dd6c157a193276308ad3d4659287 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "IPsec");
-
-require("guiconfig.inc");
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-       <li class="tabinact1"><a href="diag_ipsec_sad.php">SAD</a></li>
-       <li class="tabact">SPD</li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-<?php
-
-/* delete any SP? */
-if ($_GET['act'] == "del") {
-       $fd = @popen("/usr/sbin/setkey -c > /dev/null 2>&1", "w");
-       if ($fd) {
-               fwrite($fd, "spddelete {$_GET['src']} {$_GET['dst']} any -P {$_GET['dir']} ;\n");
-               pclose($fd);
-               sleep(1);
-       }
-}
-
-/* query SAD */
-$fd = @popen("/usr/sbin/setkey -DP", "r");
-$spd = array();
-if ($fd) {
-       while (!feof($fd)) {
-               $line = chop(fgets($fd));
-               if (!$line)
-                       continue;
-               if ($line == "No SPD entries.")
-                       break;
-               if ($line[0] != "\t") {
-                       if (is_array($cursp))
-                               $spd[] = $cursp;
-                       $cursp = array();
-                       $linea = explode(" ", $line);
-                       $cursp['src'] = substr($linea[0], 0, strpos($linea[0], "["));
-                       $cursp['dst'] = substr($linea[1], 0, strpos($linea[1], "["));
-                       $i = 0;
-               } else if (is_array($cursp)) {
-                       $linea = explode(" ", trim($line));
-                       if ($i == 1) {
-                               if ($linea[1] == "none")        /* don't show default anti-lockout rule */
-                                       unset($cursp);
-                               else
-                                       $cursp['dir'] = $linea[0];
-                       } else if ($i == 2) {
-                               $upperspec = explode("/", $linea[0]);
-                               $cursp['proto'] = $upperspec[0];
-                               list($cursp['ep_src'], $cursp['ep_dst']) = explode("-", $upperspec[2]);
-                       }
-               }
-               $i++;
-       }
-       if (is_array($cursp) && count($cursp))
-               $spd[] = $cursp;
-       pclose($fd);
-}
-if (count($spd)):
-?>
-            <table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr>
-                <td nowrap class="listhdrr">Source</td>
-                <td nowrap class="listhdrr">Destination</a></td>
-                <td nowrap class="listhdrr">Direction</td>
-                <td nowrap class="listhdrr">Protocol</td>
-                <td nowrap class="listhdrr">Tunnel endpoints</td>
-                <td nowrap class="list"></td>
-       </tr>
-<?php
-foreach ($spd as $sp): ?>
-       <tr>
-               <td class="listlr" valign="top"><?=htmlspecialchars($sp['src']);?></td>
-               <td class="listr" valign="top"><?=htmlspecialchars($sp['dst']);?></td>
-               <td class="listr" valign="top"><img src="<?=$sp['dir'];?>.gif" width="11" height="11" style="margin-top: 2px"></td>
-               <td class="listr" valign="top"><?=htmlspecialchars(strtoupper($sp['proto']));?></td>
-               <td class="listr" valign="top"><?=htmlspecialchars($sp['ep_src']);?> - <br>
-                       <?=htmlspecialchars($sp['ep_dst']);?></td>
-               <td class="list" nowrap>
-               <?php
-                       $args = "src=" . rawurlencode($sp['src']);
-                       $args .= "&dst=" . rawurlencode($sp['dst']);
-                       $args .= "&dir=" . rawurlencode($sp['dir']);
-               ?>
-                 <a href="diag_ipsec_spd.php?act=del&<?=$args;?>" onclick="return confirm('Do you really want to delete this security policy?')"><img src="x.gif" title="delete SP" width="17" height="17" border="0"></a>
-               </td>
-                               
-       </tr>
-<?php endforeach; ?>
-</table>
-<br>
-<table border="0" cellspacing="0" cellpadding="0">
-  <tr> 
-       <td width="16"><img src="in.gif" width="11" height="11"></td>
-       <td>incoming (as seen by firewall)</td>
-  </tr>
-  <tr> 
-       <td colspan="5" height="4"></td>
-  </tr>
-  <tr> 
-       <td><img src="out.gif" width="11" height="11"></td>
-       <td>outgoing (as seen by firewall)</td>
-  </tr>
-</table>
-<?php else: ?>
-<p><strong>No IPsec security policies.</strong></p>
-<?php endif; ?>
-</td></tr></table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "IPsec");\r
+\r
+require("guiconfig.inc");\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('SAD' => 'diag_ipsec_sad.php',\r
+                         'SPD' => 'diag_ipsec_spd.php');\r
+               dynamic_tab_menu($tabs);\r
+?>\r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+<?php\r
+\r
+/* delete any SP? */\r
+if ($_GET['act'] == "del") {\r
+       $fd = @popen("/usr/sbin/setkey -c > /dev/null 2>&1", "w");\r
+       if ($fd) {\r
+               fwrite($fd, "spddelete {$_GET['src']} {$_GET['dst']} any -P {$_GET['dir']} ;\n");\r
+               pclose($fd);\r
+               sleep(1);\r
+       }\r
+}\r
+\r
+/* query SAD */\r
+$fd = @popen("/usr/sbin/setkey -DP", "r");\r
+$spd = array();\r
+if ($fd) {\r
+       while (!feof($fd)) {\r
+               $line = chop(fgets($fd));\r
+               if (!$line)\r
+                       continue;\r
+               if ($line == "No SPD entries.")\r
+                       break;\r
+               if ($line[0] != "\t") {\r
+                       if (is_array($cursp))\r
+                               $spd[] = $cursp;\r
+                       $cursp = array();\r
+                       $linea = explode(" ", $line);\r
+                       $cursp['src'] = substr($linea[0], 0, strpos($linea[0], "["));\r
+                       $cursp['dst'] = substr($linea[1], 0, strpos($linea[1], "["));\r
+                       $i = 0;\r
+               } else if (is_array($cursp)) {\r
+                       $linea = explode(" ", trim($line));\r
+                       if ($i == 1) {\r
+                               if ($linea[1] == "none")        /* don't show default anti-lockout rule */\r
+                                       unset($cursp);\r
+                               else\r
+                                       $cursp['dir'] = $linea[0];\r
+                       } else if ($i == 2) {\r
+                               $upperspec = explode("/", $linea[0]);\r
+                               $cursp['proto'] = $upperspec[0];\r
+                               list($cursp['ep_src'], $cursp['ep_dst']) = explode("-", $upperspec[2]);\r
+                       }\r
+               }\r
+               $i++;\r
+       }\r
+       if (is_array($cursp) && count($cursp))\r
+               $spd[] = $cursp;\r
+       pclose($fd);\r
+}\r
+if (count($spd)):\r
+?>\r
+            <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr>\r
+                <td nowrap class="listhdrr">Source</td>\r
+                <td nowrap class="listhdrr">Destination</a></td>\r
+                <td nowrap class="listhdrr">Direction</td>\r
+                <td nowrap class="listhdrr">Protocol</td>\r
+                <td nowrap class="listhdrr">Tunnel endpoints</td>\r
+                <td nowrap class="list"></td>\r
+       </tr>\r
+<?php\r
+foreach ($spd as $sp): ?>\r
+       <tr>\r
+               <td class="listlr" valign="top"><?=htmlspecialchars($sp['src']);?></td>\r
+               <td class="listr" valign="top"><?=htmlspecialchars($sp['dst']);?></td>\r
+               <td class="listr" valign="top"><img src="<?=$sp['dir'];?>.gif" width="11" height="11" style="margin-top: 2px"></td>\r
+               <td class="listr" valign="top"><?=htmlspecialchars(strtoupper($sp['proto']));?></td>\r
+               <td class="listr" valign="top"><?=htmlspecialchars($sp['ep_src']);?> - <br>\r
+                       <?=htmlspecialchars($sp['ep_dst']);?></td>\r
+               <td class="list" nowrap>\r
+               <?php\r
+                       $args = "src=" . rawurlencode($sp['src']);\r
+                       $args .= "&dst=" . rawurlencode($sp['dst']);\r
+                       $args .= "&dir=" . rawurlencode($sp['dir']);\r
+               ?>\r
+                 <a href="diag_ipsec_spd.php?act=del&<?=$args;?>" onclick="return confirm('Do you really want to delete this security policy?')"><img src="x.gif" title="delete SP" width="17" height="17" border="0"></a>\r
+               </td>\r
+                               \r
+       </tr>\r
+<?php endforeach; ?>\r
+</table>\r
+<br>\r
+<table border="0" cellspacing="0" cellpadding="0">\r
+  <tr> \r
+       <td width="16"><img src="in.gif" width="11" height="11"></td>\r
+       <td>incoming (as seen by firewall)</td>\r
+  </tr>\r
+  <tr> \r
+       <td colspan="5" height="4"></td>\r
+  </tr>\r
+  <tr> \r
+       <td><img src="out.gif" width="11" height="11"></td>\r
+       <td>outgoing (as seen by firewall)</td>\r
+  </tr>\r
+</table>\r
+<?php else: ?>\r
+<p><strong>No IPsec security policies.</strong></p>\r
+<?php endif; ?>\r
+</td></tr></table>\r
+<?php include("fend.inc"); ?>\r
index 2acea3e45260469fa33226020e04d27d7eacd8b2..557764913d19f7cdd1c6def84a8f1f6de3cd029a 100644 (file)
@@ -1,95 +1,98 @@
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "Logs");
-require("guiconfig.inc");
-
-$nentries = $config['syslog']['nentries'];
-if (!$nentries)
-       $nentries = 50;
-
-if ($_POST['clear']) {
-       exec("/usr/sbin/clog -i -s 262144 /var/log/system.log");
-       /* redirect to avoid reposting form data on refresh */
-       header("Location: diag_logs.php");
-       exit;
-}
-
-function dump_clog($logfile, $tail, $withorig = true) {
-       global $g, $config;
-
-       $sor = isset($config['syslog']['reverse']) ? "-r" : "";
-
-       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
-       
-       foreach ($logarr as $logent) {
-               $logent = preg_split("/\s+/", $logent, 6);
-               echo "<tr valign=\"top\">\n";
-               
-               if ($withorig) {
-                       echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
-                       echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
-               } else {
-                       echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
-               }
-               echo "</tr>\n";
-       }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-       <li class="tabact"><a href="diag_logs.php" style="color:black" title="reload page">System</a></li>
-    <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
-    <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
-    <li class="tabinact"><a href="diag_logs_portal.php">Captive portal</a></li>
-    <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
-    <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-               <table width="100%" border="0" cellspacing="0" cellpadding="0">
-                 <tr> 
-                       <td colspan="2" class="listtopic"> 
-                         Last <?=$nentries;?> system log entries</td>
-                 </tr>
-                 <?php dump_clog("/var/log/system.log", $nentries); ?>
-               </table>
-               <br><form action="diag_logs.php" method="post">
-<input name="clear" type="submit" class="formbtn" value="Clear log">
-</form>
-       </td>
-  </tr>
-</table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "Logs");\r
+require("guiconfig.inc");\r
+\r
+$nentries = $config['syslog']['nentries'];\r
+if (!$nentries)\r
+       $nentries = 50;\r
+\r
+if ($_POST['clear']) {\r
+       exec("/usr/sbin/clog -i -s 262144 /var/log/system.log");\r
+       /* redirect to avoid reposting form data on refresh */\r
+       header("Location: diag_logs.php");\r
+       exit;\r
+}\r
+\r
+function dump_clog($logfile, $tail, $withorig = true) {\r
+       global $g, $config;\r
+\r
+       $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
+\r
+       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
+       \r
+       foreach ($logarr as $logent) {\r
+               $logent = preg_split("/\s+/", $logent, 6);\r
+               echo "<tr valign=\"top\">\n";\r
+               \r
+               if ($withorig) {\r
+                       echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
+                       echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";\r
+               } else {\r
+                       echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";\r
+               }\r
+               echo "</tr>\n";\r
+       }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('System' => 'diag_logs.php',\r
+                         'Firewall' => 'diag_logs_filter.php',\r
+                         'DHCP' => 'diag_logs_dhcp.php',\r
+                         'Captive portal' => 'diag_logs_portal.php',\r
+                         'PPTP VPN' => 'diag_logs_vpn.php',\r
+                         'Settings' => 'diag_logs_settings.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+               <table width="100%" border="0" cellspacing="0" cellpadding="0">\r
+                 <tr> \r
+                       <td colspan="2" class="listtopic"> \r
+                         Last <?=$nentries;?> system log entries</td>\r
+                 </tr>\r
+                 <?php dump_clog("/var/log/system.log", $nentries); ?>\r
+               </table>\r
+               <br><form action="diag_logs.php" method="post">\r
+<input name="clear" type="submit" class="formbtn" value="Clear log">\r
+</form>\r
+       </td>\r
+  </tr>\r
+</table>\r
+<?php include("fend.inc"); ?>\r
index 2577ef345107725cdab1fb234b5ec897556e403b..31b0af8057202555c697c08b4d7516cc54a59c2e 100644 (file)
@@ -1,95 +1,98 @@
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "Logs");
-require("guiconfig.inc");
-
-$nentries = $config['syslog']['nentries'];
-if (!$nentries)
-       $nentries = 50;
-
-if ($_POST['clear']) {
-       exec("/usr/sbin/clog -i -s 32768 /var/log/dhcpd.log");
-       /* redirect to avoid reposting form data on refresh */
-       header("Location: diag_logs_dhcp.php");
-       exit;
-}
-
-function dump_clog($logfile, $tail, $withorig = true) {
-       global $g, $config;
-
-       $sor = isset($config['syslog']['reverse']) ? "-r" : "";
-
-       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
-       
-       foreach ($logarr as $logent) {
-               $logent = preg_split("/\s+/", $logent, 6);
-               echo "<tr valign=\"top\">\n";
-               
-               if ($withorig) {
-                       echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
-                       echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
-               } else {
-                       echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
-               }
-               echo "</tr>\n";
-       }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="diag_logs.php">System</a></li>
-    <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
-    <li class="tabact"><a href="diag_logs_dhcp.php" style="color:black" title="reload page">DHCP</a></li>
-    <li class="tabinact"><a href="diag_logs_portal.php">Captive portal</a></li>
-    <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
-    <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-               <table width="100%" border="0" cellspacing="0" cellpadding="0">
-                 <tr> 
-                       <td colspan="2" class="listtopic"> 
-                         Last <?=$nentries;?> DHCP service log entries</td>
-                 </tr>
-                 <?php dump_clog("/var/log/dhcpd.log", $nentries); ?>
-               </table>
-               <br><form action="diag_logs_dhcp.php" method="post">
-<input name="clear" type="submit" class="formbtn" value="Clear log">
-</form>
-       </td>
-  </tr>
-</table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "Logs");\r
+require("guiconfig.inc");\r
+\r
+$nentries = $config['syslog']['nentries'];\r
+if (!$nentries)\r
+       $nentries = 50;\r
+\r
+if ($_POST['clear']) {\r
+       exec("/usr/sbin/clog -i -s 32768 /var/log/dhcpd.log");\r
+       /* redirect to avoid reposting form data on refresh */\r
+       header("Location: diag_logs_dhcp.php");\r
+       exit;\r
+}\r
+\r
+function dump_clog($logfile, $tail, $withorig = true) {\r
+       global $g, $config;\r
+\r
+       $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
+\r
+       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
+       \r
+       foreach ($logarr as $logent) {\r
+               $logent = preg_split("/\s+/", $logent, 6);\r
+               echo "<tr valign=\"top\">\n";\r
+               \r
+               if ($withorig) {\r
+                       echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
+                       echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";\r
+               } else {\r
+                       echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";\r
+               }\r
+               echo "</tr>\n";\r
+       }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('System' => 'diag_logs.php',\r
+                         'Firewall' => 'diag_logs_filter.php',\r
+                         'DHCP' => 'diag_logs_dhcp.php',\r
+                         'Captive portal' => 'diag_logs_portal.php',\r
+                         'PPTP VPN' => 'diag_logs_vpn.php',\r
+                         'Settings' => 'diag_logs_settings.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+               <table width="100%" border="0" cellspacing="0" cellpadding="0">\r
+                 <tr> \r
+                       <td colspan="2" class="listtopic"> \r
+                         Last <?=$nentries;?> DHCP service log entries</td>\r
+                 </tr>\r
+                 <?php dump_clog("/var/log/dhcpd.log", $nentries); ?>\r
+               </table>\r
+               <br><form action="diag_logs_dhcp.php" method="post">\r
+<input name="clear" type="submit" class="formbtn" value="Clear log">\r
+</form>\r
+       </td>\r
+  </tr>\r
+</table>\r
+<?php include("fend.inc"); ?>\r
index d75cece8aff4789d05bd7cf6dfc7c9c49a2dd880..6c40e0a5539d195a2a430b0cf2b8670625db25c2 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "Logs");
-require("guiconfig.inc");
-
-$protocols = explode(" ", "TCP UDP TCP/UDP ICMP ESP AH GRE IPv6 IGMP any");
-
-$nentries = $config['syslog']['nentries'];
-$resolve = isset($config['syslog']['resolve']);
-
-if (!$nentries)
-       $nentries = 50;
-
-if ($_POST['clear']) {
-       exec("/usr/sbin/clog -i -s 262144 /var/log/filter.log");
-       /* redirect to avoid reposting form data on refresh */
-       header("Location: diag_logs_filter.php");
-       exit;
-}
-
-
-if (isset($_GET['act']) && preg_match("/^[pb]+$/", $_GET['act'])) {
-       $action = $_GET['act'];
-       $ifstring  .= "&act=$action";
-       $srcstring .= "&act=$action";
-       $dststring .= "&act=$action";
-       $prstring  .= "&act=$action";
-}
-
-if (isset($_GET['if']) && ($_GET['if'] != "")) {
-       $iface = $_GET['if'];
-       $actstring .= "&if=$iface";
-       $srcstring .= "&if=$iface";
-       $dststring .= "&if=$iface";
-       $prstring  .= "&if=$iface";
-}
-
-if (isset($_GET['pr']) && in_array($_GET['pr'], $protocols)) {
-       $proto = $_GET['pr'];
-       $actstring .= "&pr=$proto";
-       $ifstring  .= "&pr=$proto";
-       $srcstring .= "&pr=$proto";
-       $dststring .= "&pr=$proto";
-}
-
-if (isset($_GET['sp']) && (is_numeric($_GET['sp']))) {
-       $srcport = $_GET['sp'];
-       $actstring .= "&sp=$srcport";
-       $ifstring  .= "&sp=$srcport";
-       $dststring .= "&sp=$srcport";
-       $prstring  .= "&sp=$srcport";
-}
-
-if (isset($_GET['dp']) && (is_numeric($_GET['dp']))) {
-       $dstport = $_GET['dp'];
-       $actstring .= "&dp=$dstport";
-       $ifstring  .= "&dp=$dstport";
-       $srcstring .= "&dp=$dstport";
-       $prstring  .= "&dp=$dstport";
-}
-
-
-function dump_clog($logfile, $tail, $withorig = true) {
-       global $g, $config;
-
-       $sor = isset($config['syslog']['reverse']) ? "-r" : "";
-
-       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
-       
-       foreach ($logarr as $logent) {
-               $logent = preg_split("/\s+/", $logent, 6);
-               echo "<tr valign=\"top\">\n";
-               
-               if ($withorig) {
-                       echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
-                       echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
-               } else {
-                       echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
-               }
-               echo "</tr>\n";
-       }
-}
-
-function conv_clog($logfile, $tail) {
-       global $g, $config, $iface, $action, $proto, $srcport, $dstport;
-       
-       /* make interface/port table */
-       $iftable = array();
-       $iftable[$config['interfaces']['lan']['if']] = "LAN";
-       $iftable[get_real_wan_interface()] = "WAN";
-       for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)
-               $iftable[$config['interfaces']['opt' . $i]['if']] = $config['interfaces']['opt' . $i]['descr'];
-
-       $sor = isset($config['syslog']['reverse']) ? "-r" : "";
-
-       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
-       
-       $filterlog = array();
-
-       foreach ($logarr as $logent) {
-               $logent = preg_split("/\s+/", $logent, 6);
-               $ipfa = explode(" ", $logent[5]);
-               
-               $flent = array();
-               $i = 0;
-               $flent['time'] = $ipfa[$i];
-               $i++;
-               if (substr($ipfa[$i], -1) == "x") {
-                       $flent['count'] = substr($ipfa[$i], 0, -1);
-                       $i++;
-               }
-               
-               if ($iftable[$ipfa[$i]])
-                       $flent['interface'] = $iftable[$ipfa[$i]];
-               else if (strpos($ipfa[$i], "ng") !== false)
-                       $flent['interface'] = "PPTP";
-               else
-                       $flent['interface'] = $ipfa[$i];
-               
-               if (isset($iface)) {
-                       if ($iface != $flent['interface'])
-                               continue;
-               }
-               
-               $i += 2;
-               if (!isset($action) || strstr($action, $ipfa[$i]))
-                       $flent['act'] = $ipfa[$i];
-               else
-                       continue; 
-               $i++;
-               list($flent['src'], $flent['srcport']) = format_ipf_ip($ipfa[$i],$srcport);
-               if (!isset($flent['src']))
-                       continue;
-               $i += 2;
-               list($flent['dst'], $flent['dstport']) = format_ipf_ip($ipfa[$i],$dstport);
-               if (!isset($flent['dst']))
-                       continue;
-               $i += 2;
-               $protocol = strtoupper($ipfa[$i]);
-               if (!isset($proto) || ($proto == $protocol))
-                       $flent['proto'] = $protocol;
-               else
-                       continue;
-               if ($protocol == "ICMP") {
-                       $i += 5;
-                       $flent['dst'] = $flent['dst'] . ", type " . $ipfa[$i];
-               }
-               $filterlog[] = $flent;
-       }
-       
-       return $filterlog;
-}
-
-function format_ipf_ip($ipfip,$uport) {
-       global $resolve;
-
-       list($ip,$port) = explode(",", $ipfip);
-       if ($resolve) {
-               if (!$port)
-                       return array(gethostbyaddr($ip), "");
-               if ($uport == "" || ($uport == $port))
-                       return array(gethostbyaddr($ip) . ", port " . $port, $port);
-               return;
-       }
-
-       if (!$port)
-               return array($ip, "");
-       if ($uport == "" || ($uport == $port))
-               return array($ip . ", port " . $port, $port);
-       return;
-}
-?>
-
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="diag_logs.php">System</a></li>
-    <li class="tabact"><a href="diag_logs_filter.php" style="color:black" title="reset filter and reload firewall logs page">Firewall</a></li>
-    <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
-    <li class="tabinact"><a href="diag_logs_portal.php">Captive portal</a></li>
-    <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
-    <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
-  </ul>
-  </td></tr>
-  <tr>
-    <td class="tabcont">
-<?php if (!isset($config['syslog']['rawfilter'])):
-       $filterlog = conv_clog("/var/log/filter.log", $nentries);
-?>
-               <table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>
-                 <td colspan="6" class="listtopic"> 
-                           Last <?=$nentries;?> firewall log entries</td>
-                       </tr>
-                       <tr>
-                         <td width="10%" class="listhdrr"><a href="?<?=substr($actstring, 1);?>" style="color:black" title="reset action and reload firewall logs page">Act</a></td>
-                         <td width="20%" class="listhdrr">Time</td>
-                         <td width="10%" class="listhdrr"><a href="?<?=substr($ifstring, 1);?>" style="color:black" title="reset interface and reload firewall logs page">If</a></td>
-                         <td width="20%" class="listhdrr"><a href="?<?=substr($srcstring, 1);?>" style="color:black" title="reset source port entry and reload firewall logs page">Source</a></td>
-                         <td width="20%" class="listhdrr"><a href="?<?=substr($dststring, 1);?>" style="color:black" title="reset destination port entry and reload firewall logs page">Destination</a></td>
-                         <td width="10%" class="listhdrr"><a href="?<?=substr($prstring, 1);?>" style="color:black" title="reset protocol entry and reload firewall logs page">Proto</a></td>
-                       </tr>
-       <?php
-       $actstring .= '">';
-       $ifstring  .= '" style="color:black" title="click to select interface">';
-       $srcstring .= '" style="color:black" title="click to select source port">';
-       $dststring .= '" style="color:black" title="click to select destination port">';
-       $prstring  .= '" style="color:black" title="click to select protocol">';
-       ?>
-                        <?php foreach ($filterlog as $filterent): ?>
-                       <tr>
-                         <td class="listlr" nowrap>
-                         <?php if (strstr(strtolower($filterent['act']), "p"))
-                                               $img = "pass.gif";
-                                        else 
-                                               $img = "block.gif";
-                               ?>
-                         <a href="?act=<?=$filterent['act'];?><?=$actstring;?><img src="<?=$img;?>" width="11" height="11" align="absmiddle" border="0" title="click to select action"></a>
-                         <?php if ($filterent['count']) echo $filterent['count'];?></td>
-                         <td class="listr" nowrap><?=htmlspecialchars($filterent['time']);?></td>
-                         <td class="listr" nowrap>
-                           <a href="?if=<?=$filterent['interface'];?><?=$ifstring;?><?=htmlspecialchars($filterent['interface']);?></a></td>
-                         <td class="listr" nowrap>
-                           <a href="?sp=<?=htmlspecialchars($filterent['srcport']);?><?=$srcstring;?><?=htmlspecialchars($filterent['src']);?></a></td>
-                         <td class="listr" nowrap>
-                           <a href="?dp=<?=htmlspecialchars($filterent['dstport']);?><?=$dststring;?><?=htmlspecialchars($filterent['dst']);?></a></td>
-                         <td class="listr" nowrap>
-                           <a href="?pr=<?=htmlspecialchars($filterent['proto']);?><?=$prstring;?><?=htmlspecialchars($filterent['proto']);?></a></td>
-                       </tr><?php endforeach; ?>
-                    </table>
-               <br><table width="100%" border="0" cellspacing="0" cellpadding="0">
-                      <tr> 
-                        <td width="100%"><strong><span class="red">Note:</span></strong><br>
-                          There are many possibilities to filter this log.
-                          Just click on the accept (<img src="pass.gif">) or
-                         deny symbol (<img src="block.gif">) to filter for
-                         accepted or denied IP packets. Do the same for the desired
-                         interface, source/destination port or protocol. To deselect
-                         a selected filter entry, click on the column description above.
-                          To reset all filter entries and reload the firewall logs page,
-                         click on the &quot;Firewall&quot; tab below &quot;Diagnostics: Logs&quot;.
-                        </td>
-                     </tr>
-               </table>
-<?php else: ?>
-               <table width="100%" border="0" cellspacing="0" cellpadding="0">
-                 <tr> 
-                       <td colspan="2" class="listtopic"> 
-                         Last <?=$nentries;?> firewall log entries</td>
-                 </tr>
-                 <?php dump_clog("/var/log/filter.log", $nentries, false); ?>
-               </table>
-<?php endif; ?>
-               <br><form action="diag_logs_filter.php" method="post">
-<input name="clear" type="submit" class="formbtn" value="Clear log">
-</form>
-       </td>
-  </tr>
-</table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "Logs");\r
+require("guiconfig.inc");\r
+\r
+$protocols = explode(" ", "TCP UDP TCP/UDP ICMP ESP AH GRE IPv6 IGMP any");\r
+\r
+$nentries = $config['syslog']['nentries'];\r
+$resolve = isset($config['syslog']['resolve']);\r
+\r
+if (!$nentries)\r
+       $nentries = 50;\r
+\r
+if ($_POST['clear']) {\r
+       exec("/usr/sbin/clog -i -s 262144 /var/log/filter.log");\r
+       /* redirect to avoid reposting form data on refresh */\r
+       header("Location: diag_logs_filter.php");\r
+       exit;\r
+}\r
+\r
+\r
+if (isset($_GET['act']) && preg_match("/^[pb]+$/", $_GET['act'])) {\r
+       $action = $_GET['act'];\r
+       $ifstring  .= "&act=$action";\r
+       $srcstring .= "&act=$action";\r
+       $dststring .= "&act=$action";\r
+       $prstring  .= "&act=$action";\r
+}\r
+\r
+if (isset($_GET['if']) && ($_GET['if'] != "")) {\r
+       $iface = $_GET['if'];\r
+       $actstring .= "&if=$iface";\r
+       $srcstring .= "&if=$iface";\r
+       $dststring .= "&if=$iface";\r
+       $prstring  .= "&if=$iface";\r
+}\r
+\r
+if (isset($_GET['pr']) && in_array($_GET['pr'], $protocols)) {\r
+       $proto = $_GET['pr'];\r
+       $actstring .= "&pr=$proto";\r
+       $ifstring  .= "&pr=$proto";\r
+       $srcstring .= "&pr=$proto";\r
+       $dststring .= "&pr=$proto";\r
+}\r
+\r
+if (isset($_GET['sp']) && (is_numeric($_GET['sp']))) {\r
+       $srcport = $_GET['sp'];\r
+       $actstring .= "&sp=$srcport";\r
+       $ifstring  .= "&sp=$srcport";\r
+       $dststring .= "&sp=$srcport";\r
+       $prstring  .= "&sp=$srcport";\r
+}\r
+\r
+if (isset($_GET['dp']) && (is_numeric($_GET['dp']))) {\r
+       $dstport = $_GET['dp'];\r
+       $actstring .= "&dp=$dstport";\r
+       $ifstring  .= "&dp=$dstport";\r
+       $srcstring .= "&dp=$dstport";\r
+       $prstring  .= "&dp=$dstport";\r
+}\r
+\r
+\r
+function dump_clog($logfile, $tail, $withorig = true) {\r
+       global $g, $config;\r
+\r
+       $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
+\r
+       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
+       \r
+       foreach ($logarr as $logent) {\r
+               $logent = preg_split("/\s+/", $logent, 6);\r
+               echo "<tr valign=\"top\">\n";\r
+               \r
+               if ($withorig) {\r
+                       echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
+                       echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";\r
+               } else {\r
+                       echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";\r
+               }\r
+               echo "</tr>\n";\r
+       }\r
+}\r
+\r
+function conv_clog($logfile, $tail) {\r
+       global $g, $config, $iface, $action, $proto, $srcport, $dstport;\r
+       \r
+       /* make interface/port table */\r
+       $iftable = array();\r
+       $iftable[$config['interfaces']['lan']['if']] = "LAN";\r
+       $iftable[get_real_wan_interface()] = "WAN";\r
+       for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)\r
+               $iftable[$config['interfaces']['opt' . $i]['if']] = $config['interfaces']['opt' . $i]['descr'];\r
+\r
+       $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
+\r
+       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
+       \r
+       $filterlog = array();\r
+\r
+       foreach ($logarr as $logent) {\r
+               $logent = preg_split("/\s+/", $logent, 6);\r
+               $ipfa = explode(" ", $logent[5]);\r
+               \r
+               $flent = array();\r
+               $i = 0;\r
+               $flent['time'] = $ipfa[$i];\r
+               $i++;\r
+               if (substr($ipfa[$i], -1) == "x") {\r
+                       $flent['count'] = substr($ipfa[$i], 0, -1);\r
+                       $i++;\r
+               }\r
+               \r
+               if ($iftable[$ipfa[$i]])\r
+                       $flent['interface'] = $iftable[$ipfa[$i]];\r
+               else if (strpos($ipfa[$i], "ng") !== false)\r
+                       $flent['interface'] = "PPTP";\r
+               else\r
+                       $flent['interface'] = $ipfa[$i];\r
+               \r
+               if (isset($iface)) {\r
+                       if ($iface != $flent['interface'])\r
+                               continue;\r
+               }\r
+               \r
+               $i += 2;\r
+               if (!isset($action) || strstr($action, $ipfa[$i]))\r
+                       $flent['act'] = $ipfa[$i];\r
+               else\r
+                       continue; \r
+               $i++;\r
+               list($flent['src'], $flent['srcport']) = format_ipf_ip($ipfa[$i],$srcport);\r
+               if (!isset($flent['src']))\r
+                       continue;\r
+               $i += 2;\r
+               list($flent['dst'], $flent['dstport']) = format_ipf_ip($ipfa[$i],$dstport);\r
+               if (!isset($flent['dst']))\r
+                       continue;\r
+               $i += 2;\r
+               $protocol = strtoupper($ipfa[$i]);\r
+               if (!isset($proto) || ($proto == $protocol))\r
+                       $flent['proto'] = $protocol;\r
+               else\r
+                       continue;\r
+               if ($protocol == "ICMP") {\r
+                       $i += 5;\r
+                       $flent['dst'] = $flent['dst'] . ", type " . $ipfa[$i];\r
+               }\r
+               $filterlog[] = $flent;\r
+       }\r
+       \r
+       return $filterlog;\r
+}\r
+\r
+function format_ipf_ip($ipfip,$uport) {\r
+       global $resolve;\r
+\r
+       list($ip,$port) = explode(",", $ipfip);\r
+       if ($resolve) {\r
+               if (!$port)\r
+                       return array(gethostbyaddr($ip), "");\r
+               if ($uport == "" || ($uport == $port))\r
+                       return array(gethostbyaddr($ip) . ", port " . $port, $port);\r
+               return;\r
+       }\r
+\r
+       if (!$port)\r
+               return array($ip, "");\r
+       if ($uport == "" || ($uport == $port))\r
+               return array($ip . ", port " . $port, $port);\r
+       return;\r
+}\r
+?>\r
+\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('System' => 'diag_logs.php',\r
+                         'Firewall' => 'diag_logs_filter.php',\r
+                         'DHCP' => 'diag_logs_dhcp.php',\r
+                         'Captive portal' => 'diag_logs_portal.php',\r
+                         'PPTP VPN' => 'diag_logs_vpn.php',\r
+                         'Settings' => 'diag_logs_settings.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr>\r
+    <td class="tabcont">\r
+<?php if (!isset($config['syslog']['rawfilter'])):\r
+       $filterlog = conv_clog("/var/log/filter.log", $nentries);\r
+?>\r
+               <table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>\r
+                 <td colspan="6" class="listtopic"> \r
+                           Last <?=$nentries;?> firewall log entries</td>\r
+                       </tr>\r
+                       <tr>\r
+                         <td width="10%" class="listhdrr"><a href="?<?=substr($actstring, 1);?>" style="color:black" title="reset action and reload firewall logs page">Act</a></td>\r
+                         <td width="20%" class="listhdrr">Time</td>\r
+                         <td width="10%" class="listhdrr"><a href="?<?=substr($ifstring, 1);?>" style="color:black" title="reset interface and reload firewall logs page">If</a></td>\r
+                         <td width="20%" class="listhdrr"><a href="?<?=substr($srcstring, 1);?>" style="color:black" title="reset source port entry and reload firewall logs page">Source</a></td>\r
+                         <td width="20%" class="listhdrr"><a href="?<?=substr($dststring, 1);?>" style="color:black" title="reset destination port entry and reload firewall logs page">Destination</a></td>\r
+                         <td width="10%" class="listhdrr"><a href="?<?=substr($prstring, 1);?>" style="color:black" title="reset protocol entry and reload firewall logs page">Proto</a></td>\r
+                       </tr>\r
+       <?php\r
+       $actstring .= '">';\r
+       $ifstring  .= '" style="color:black" title="click to select interface">';\r
+       $srcstring .= '" style="color:black" title="click to select source port">';\r
+       $dststring .= '" style="color:black" title="click to select destination port">';\r
+       $prstring  .= '" style="color:black" title="click to select protocol">';\r
+       ?>\r
+                        <?php foreach ($filterlog as $filterent): ?>\r
+                       <tr>\r
+                         <td class="listlr" nowrap>\r
+                         <?php if (strstr(strtolower($filterent['act']), "p"))\r
+                                               $img = "pass.gif";\r
+                                        else \r
+                                               $img = "block.gif";\r
+                               ?>\r
+                         <a href="?act=<?=$filterent['act'];?><?=$actstring;?><img src="<?=$img;?>" width="11" height="11" align="absmiddle" border="0" title="click to select action"></a>\r
+                         <?php if ($filterent['count']) echo $filterent['count'];?></td>\r
+                         <td class="listr" nowrap><?=htmlspecialchars($filterent['time']);?></td>\r
+                         <td class="listr" nowrap>\r
+                           <a href="?if=<?=$filterent['interface'];?><?=$ifstring;?><?=htmlspecialchars($filterent['interface']);?></a></td>\r
+                         <td class="listr" nowrap>\r
+                           <a href="?sp=<?=htmlspecialchars($filterent['srcport']);?><?=$srcstring;?><?=htmlspecialchars($filterent['src']);?></a></td>\r
+                         <td class="listr" nowrap>\r
+                           <a href="?dp=<?=htmlspecialchars($filterent['dstport']);?><?=$dststring;?><?=htmlspecialchars($filterent['dst']);?></a></td>\r
+                         <td class="listr" nowrap>\r
+                           <a href="?pr=<?=htmlspecialchars($filterent['proto']);?><?=$prstring;?><?=htmlspecialchars($filterent['proto']);?></a></td>\r
+                       </tr><?php endforeach; ?>\r
+                    </table>\r
+               <br><table width="100%" border="0" cellspacing="0" cellpadding="0">\r
+                      <tr> \r
+                        <td width="100%"><strong><span class="red">Note:</span></strong><br>\r
+                          There are many possibilities to filter this log.\r
+                          Just click on the accept (<img src="pass.gif">) or\r
+                         deny symbol (<img src="block.gif">) to filter for\r
+                         accepted or denied IP packets. Do the same for the desired\r
+                         interface, source/destination port or protocol. To deselect\r
+                         a selected filter entry, click on the column description above.\r
+                          To reset all filter entries and reload the firewall logs page,\r
+                         click on the &quot;Firewall&quot; tab below &quot;Diagnostics: Logs&quot;.\r
+                        </td>\r
+                     </tr>\r
+               </table>\r
+<?php else: ?>\r
+               <table width="100%" border="0" cellspacing="0" cellpadding="0">\r
+                 <tr> \r
+                       <td colspan="2" class="listtopic"> \r
+                         Last <?=$nentries;?> firewall log entries</td>\r
+                 </tr>\r
+                 <?php dump_clog("/var/log/filter.log", $nentries, false); ?>\r
+               </table>\r
+<?php endif; ?>\r
+               <br><form action="diag_logs_filter.php" method="post">\r
+<input name="clear" type="submit" class="formbtn" value="Clear log">\r
+</form>\r
+       </td>\r
+  </tr>\r
+</table>\r
+<?php include("fend.inc"); ?>\r
index 916a2532b11cb9c816c9daf24e53225a8a6619f2..fc70dbb03fb02d67fe4bb4e0839665c29fc783fd 100644 (file)
@@ -1,90 +1,93 @@
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "Logs");
-require("guiconfig.inc");
-
-$nentries = $config['syslog']['nentries'];
-if (!$nentries)
-       $nentries = 50;
-
-if ($_POST['clear']) {
-       exec("/usr/sbin/clog -i -s 32768 /var/log/portalauth.log");
-       /* redirect to avoid reposting form data on refresh */
-       header("Location: diag_logs_portal.php");
-       exit;
-}
-
-function dump_clog($logfile, $tail) {
-       global $g, $config;
-
-       $sor = isset($config['syslog']['reverse']) ? "-r" : "";
-
-       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
-       
-       foreach ($logarr as $logent) {
-               $logent = preg_split("/\s+/", $logent, 6);
-               echo "<tr valign=\"top\">\n";
-               echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
-               echo "<td class=\"listr\">" . htmlspecialchars($logent[5]) . "</td>\n";
-               echo "</tr>\n";
-       }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="diag_logs.php">System</a></li>
-    <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
-    <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
-    <li class="tabact"><a href="diag_logs_portal.php" style="color:black" title="reload page">Captive portal</a></li>
-    <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
-    <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-               <table width="100%" border="0" cellspacing="0" cellpadding="0">
-                 <tr> 
-                       <td colspan="2" class="listtopic"> 
-                         Last <?=$nentries;?> captive portal log entries</td>
-                 </tr>
-                 <?php dump_clog("/var/log/portalauth.log", $nentries); ?>
-               </table>
-               <br><form action="diag_logs_portal.php" method="post">
-<input name="clear" type="submit" class="formbtn" value="Clear log">
-</form>
-       </td>
-  </tr>
-</table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "Logs");\r
+require("guiconfig.inc");\r
+\r
+$nentries = $config['syslog']['nentries'];\r
+if (!$nentries)\r
+       $nentries = 50;\r
+\r
+if ($_POST['clear']) {\r
+       exec("/usr/sbin/clog -i -s 32768 /var/log/portalauth.log");\r
+       /* redirect to avoid reposting form data on refresh */\r
+       header("Location: diag_logs_portal.php");\r
+       exit;\r
+}\r
+\r
+function dump_clog($logfile, $tail) {\r
+       global $g, $config;\r
+\r
+       $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
+\r
+       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
+       \r
+       foreach ($logarr as $logent) {\r
+               $logent = preg_split("/\s+/", $logent, 6);\r
+               echo "<tr valign=\"top\">\n";\r
+               echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
+               echo "<td class=\"listr\">" . htmlspecialchars($logent[5]) . "</td>\n";\r
+               echo "</tr>\n";\r
+       }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('System' => 'diag_logs.php',\r
+                         'Firewall' => 'diag_logs_filter.php',\r
+                         'DHCP' => 'diag_logs_dhcp.php',\r
+                         'Captive portal' => 'diag_logs_portal.php',\r
+                         'PPTP VPN' => 'diag_logs_vpn.php',\r
+                         'Settings' => 'diag_logs_settings.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+               <table width="100%" border="0" cellspacing="0" cellpadding="0">\r
+                 <tr> \r
+                       <td colspan="2" class="listtopic"> \r
+                         Last <?=$nentries;?> captive portal log entries</td>\r
+                 </tr>\r
+                 <?php dump_clog("/var/log/portalauth.log", $nentries); ?>\r
+               </table>\r
+               <br><form action="diag_logs_portal.php" method="post">\r
+<input name="clear" type="submit" class="formbtn" value="Clear log">\r
+</form>\r
+       </td>\r
+  </tr>\r
+</table>\r
+<?php include("fend.inc"); ?>\r
index 51c02330de0b7adc3c3480a7a66f9bc28730daf6..254b9a0324d3abbc543297a6f9911df783547c80 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "Logs");
-require("guiconfig.inc");
-
-$pconfig['reverse'] = isset($config['syslog']['reverse']);
-$pconfig['nentries'] = $config['syslog']['nentries'];
-$pconfig['remoteserver'] = $config['syslog']['remoteserver'];
-$pconfig['filter'] = isset($config['syslog']['filter']);
-$pconfig['dhcp'] = isset($config['syslog']['dhcp']);
-$pconfig['portalauth'] = isset($config['syslog']['portalauth']);
-$pconfig['vpn'] = isset($config['syslog']['vpn']);
-$pconfig['system'] = isset($config['syslog']['system']);
-$pconfig['enable'] = isset($config['syslog']['enable']);
-$pconfig['logdefaultblock'] = !isset($config['syslog']['nologdefaultblock']);
-$pconfig['rawfilter'] = isset($config['syslog']['rawfilter']);
-$pconfig['resolve'] = isset($config['syslog']['resolve']);
-
-if (!$pconfig['nentries'])
-       $pconfig['nentries'] = 50;
-
-if ($_POST) {
-
-       unset($input_errors);
-       $pconfig = $_POST;
-
-       /* input validation */
-       if ($_POST['enable'] && !is_ipaddr($_POST['remoteserver'])) {
-               $input_errors[] = "A valid IP address must be specified.";
-       }
-       if (($_POST['nentries'] < 5) || ($_POST['nentries'] > 1000)) {
-               $input_errors[] = "Number of log entries to show must be between 5 and 1000.";
-       }
-
-       if (!$input_errors) {
-               $config['syslog']['reverse'] = $_POST['reverse'] ? true : false;
-               $config['syslog']['nentries'] = (int)$_POST['nentries'];
-               $config['syslog']['remoteserver'] = $_POST['remoteserver'];
-               $config['syslog']['filter'] = $_POST['filter'] ? true : false;
-               $config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false;
-               $config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false;
-               $config['syslog']['vpn'] = $_POST['vpn'] ? true : false;
-               $config['syslog']['system'] = $_POST['system'] ? true : false;
-               $config['syslog']['enable'] = $_POST['enable'] ? true : false;
-               $oldnologdefaultblock = isset($config['syslog']['nologdefaultblock']);
-               $config['syslog']['nologdefaultblock'] = $_POST['logdefaultblock'] ? false : true;
-               $config['syslog']['rawfilter'] = $_POST['rawfilter'] ? true : false;
-               $config['syslog']['resolve'] = $_POST['resolve'] ? true : false;
-               
-               write_config();
-               
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval = system_syslogd_start();
-                       if ($oldnologdefaultblock !== isset($config['syslog']['nologdefaultblock']))
-                               $retval |= filter_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);       
-       }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<script language="JavaScript">
-<!--
-function enable_change(enable_over) {
-       if (document.iform.enable.checked || enable_over) {
-               document.iform.remoteserver.disabled = 0;
-               document.iform.filter.disabled = 0;
-               document.iform.dhcp.disabled = 0;
-               document.iform.portalauth.disabled = 0;
-               document.iform.vpn.disabled = 0;
-               document.iform.system.disabled = 0;
-       } else {
-               document.iform.remoteserver.disabled = 1;
-               document.iform.filter.disabled = 1;
-               document.iform.dhcp.disabled = 1;
-               document.iform.portalauth.disabled = 1;
-               document.iform.vpn.disabled = 1;
-               document.iform.system.disabled = 1;
-       }
-}
-// -->
-</script>
-<form action="diag_logs_settings.php" method="post" name="iform" id="iform">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="diag_logs.php">System</a></li>
-    <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
-    <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
-    <li class="tabinact"><a href="diag_logs_portal.php">Captive portal</a></li>
-    <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
-    <li class="tabact">Settings</li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-         <table width="100%" border="0" cellpadding="6" cellspacing="0">
-                      <tr> 
-                        <td width="22%" valign="top" class="vtable">&nbsp;</td>
-                        <td width="78%" class="vtable"> <input name="reverse" type="checkbox" id="reverse" value="yes" <?php if ($pconfig['reverse']) echo "checked"; ?>>
-                          <strong>Show log entries in reverse order (newest entries 
-                          on top)</strong></td>
-                      </tr>
-                      <tr> 
-                        <td width="22%" valign="top" class="vtable">&nbsp;</td>
-                        <td width="78%" class="vtable">Number of log entries to 
-                          show: 
-                          <input name="nentries" id="nentries" type="text" class="formfld" size="4" value="<?=htmlspecialchars($pconfig['nentries']);?>"></td>
-                      </tr>
-                      <tr> 
-                        <td valign="top" class="vtable">&nbsp;</td>
-                        <td class="vtable"> <input name="logdefaultblock" type="checkbox" id="logdefaultblock" value="yes" <?php if ($pconfig['logdefaultblock']) echo "checked"; ?>>
-                          <strong>Log packets blocked by the default rule</strong><br>
-                          Hint: packets that are blocked by the 
-                          implicit default block rule will not be logged anymore 
-                          if you uncheck this option. Per-rule logging options are not affected.</td>
-                      </tr>
-                      <tr> 
-                        <td valign="top" class="vtable">&nbsp;</td>
-                        <td class="vtable"> <input name="rawfilter" type="checkbox" id="rawfilter" value="yes" <?php if ($pconfig['rawfilter']) echo "checked"; ?>>
-                          <strong>Show raw filter logs</strong><br>
-                          Hint: If this is checked, filter logs are shown as generated by the packet filter, without any formatting. This will reveal more detailed information. </td>
-                      </tr>
-                      <tr> 
-                        <td valign="top" class="vtable">&nbsp;</td>
-                        <td class="vtable"> <input name="resolve" type="checkbox" id="resolve" value="yes" <?php if ($pconfig['resolve']) echo "checked"; ?>>
-                          <strong>Resolve IP addresses to hostnames</strong><br>
-                          Hint: If this is checked, IP addresses in firewall logs are resolved to real hostnames where possible.<br>
-                          Warning: This can cause a huge delay in loading the firewall log page!</td>
-                      </tr>
-                      <tr> 
-                        <td width="22%" valign="top" class="vtable">&nbsp;</td>
-                        <td width="78%" class="vtable"> <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
-                          <strong>Enable syslog'ing to remote syslog server</strong></td>
-                      </tr>
-                      <tr> 
-                        <td width="22%" valign="top" class="vncell">Remote syslog 
-                          server</td>
-                        <td width="78%" class="vtable"> <input name="remoteserver" id="remoteserver" type="text" class="formfld" size="20" value="<?=htmlspecialchars($pconfig['remoteserver']);?>"> 
-                          <br>
-                          IP address of remote syslog server<br> <br>
-                                                 <input name="system" id="system" type="checkbox" value="yes" onclick="enable_change(false)" <?php if ($pconfig['system']) echo "checked"; ?>>
-                          system events <br>
-                                                 <input name="filter" id="filter" type="checkbox" value="yes" <?php if ($pconfig['filter']) echo "checked"; ?>>
-                          firewall events<br>
-                                                 <input name="dhcp" id="dhcp" type="checkbox" value="yes" <?php if ($pconfig['dhcp']) echo "checked"; ?>>
-                          DHCP service events<br>
-                                                 <input name="portalauth" id="portalauth" type="checkbox" value="yes" <?php if ($pconfig['portalauth']) echo "checked"; ?>>
-                          Captive portal<br> 
-                                                 <input name="vpn" id="vpn" type="checkbox" value="yes" <?php if ($pconfig['vpn']) echo "checked"; ?>>
-                          PPTP VPN events</td>
-                      </tr>
-                      <tr> 
-                        <td width="22%" valign="top">&nbsp;</td>
-                        <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> 
-                        </td>
-                      </tr>
-                      <tr> 
-                        <td width="22%" valign="top">&nbsp;</td>
-                        <td width="78%"><strong><span class="red">Note:</span></strong><br>
-                          syslog sends UDP datagrams to port 514 on the specified 
-                          remote syslog server. Be sure to set syslogd on the 
-                          remote server to accept syslog messages from m0n0wall. 
-                        </td>
-                      </tr>
-                    </table>
-    </td>
-  </tr>
-</table>
-</form>
-<script language="JavaScript">
-<!--
-enable_change(false);
-//-->
-</script>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "Logs");\r
+require("guiconfig.inc");\r
+\r
+$pconfig['reverse'] = isset($config['syslog']['reverse']);\r
+$pconfig['nentries'] = $config['syslog']['nentries'];\r
+$pconfig['remoteserver'] = $config['syslog']['remoteserver'];\r
+$pconfig['filter'] = isset($config['syslog']['filter']);\r
+$pconfig['dhcp'] = isset($config['syslog']['dhcp']);\r
+$pconfig['portalauth'] = isset($config['syslog']['portalauth']);\r
+$pconfig['vpn'] = isset($config['syslog']['vpn']);\r
+$pconfig['system'] = isset($config['syslog']['system']);\r
+$pconfig['enable'] = isset($config['syslog']['enable']);\r
+$pconfig['logdefaultblock'] = !isset($config['syslog']['nologdefaultblock']);\r
+$pconfig['rawfilter'] = isset($config['syslog']['rawfilter']);\r
+$pconfig['resolve'] = isset($config['syslog']['resolve']);\r
+\r
+if (!$pconfig['nentries'])\r
+       $pconfig['nentries'] = 50;\r
+\r
+if ($_POST) {\r
+\r
+       unset($input_errors);\r
+       $pconfig = $_POST;\r
+\r
+       /* input validation */\r
+       if ($_POST['enable'] && !is_ipaddr($_POST['remoteserver'])) {\r
+               $input_errors[] = "A valid IP address must be specified.";\r
+       }\r
+       if (($_POST['nentries'] < 5) || ($_POST['nentries'] > 1000)) {\r
+               $input_errors[] = "Number of log entries to show must be between 5 and 1000.";\r
+       }\r
+\r
+       if (!$input_errors) {\r
+               $config['syslog']['reverse'] = $_POST['reverse'] ? true : false;\r
+               $config['syslog']['nentries'] = (int)$_POST['nentries'];\r
+               $config['syslog']['remoteserver'] = $_POST['remoteserver'];\r
+               $config['syslog']['filter'] = $_POST['filter'] ? true : false;\r
+               $config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false;\r
+               $config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false;\r
+               $config['syslog']['vpn'] = $_POST['vpn'] ? true : false;\r
+               $config['syslog']['system'] = $_POST['system'] ? true : false;\r
+               $config['syslog']['enable'] = $_POST['enable'] ? true : false;\r
+               $oldnologdefaultblock = isset($config['syslog']['nologdefaultblock']);\r
+               $config['syslog']['nologdefaultblock'] = $_POST['logdefaultblock'] ? false : true;\r
+               $config['syslog']['rawfilter'] = $_POST['rawfilter'] ? true : false;\r
+               $config['syslog']['resolve'] = $_POST['resolve'] ? true : false;\r
+               \r
+               write_config();\r
+               \r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval = system_syslogd_start();\r
+                       if ($oldnologdefaultblock !== isset($config['syslog']['nologdefaultblock']))\r
+                               $retval |= filter_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);       \r
+       }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<script language="JavaScript">\r
+<!--\r
+function enable_change(enable_over) {\r
+       if (document.iform.enable.checked || enable_over) {\r
+               document.iform.remoteserver.disabled = 0;\r
+               document.iform.filter.disabled = 0;\r
+               document.iform.dhcp.disabled = 0;\r
+               document.iform.portalauth.disabled = 0;\r
+               document.iform.vpn.disabled = 0;\r
+               document.iform.system.disabled = 0;\r
+       } else {\r
+               document.iform.remoteserver.disabled = 1;\r
+               document.iform.filter.disabled = 1;\r
+               document.iform.dhcp.disabled = 1;\r
+               document.iform.portalauth.disabled = 1;\r
+               document.iform.vpn.disabled = 1;\r
+               document.iform.system.disabled = 1;\r
+       }\r
+}\r
+// -->\r
+</script>\r
+<form action="diag_logs_settings.php" method="post" name="iform" id="iform">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('System' => 'diag_logs.php',\r
+                         'Firewall' => 'diag_logs_filter.php',\r
+                         'DHCP' => 'diag_logs_dhcp.php',\r
+                         'Captive portal' => 'diag_logs_portal.php',\r
+                         'PPTP VPN' => 'diag_logs_vpn.php',\r
+                         'Settings' => 'diag_logs_settings.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+         <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                      <tr> \r
+                        <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+                        <td width="78%" class="vtable"> <input name="reverse" type="checkbox" id="reverse" value="yes" <?php if ($pconfig['reverse']) echo "checked"; ?>>\r
+                          <strong>Show log entries in reverse order (newest entries \r
+                          on top)</strong></td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+                        <td width="78%" class="vtable">Number of log entries to \r
+                          show: \r
+                          <input name="nentries" id="nentries" type="text" class="formfld" size="4" value="<?=htmlspecialchars($pconfig['nentries']);?>"></td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td valign="top" class="vtable">&nbsp;</td>\r
+                        <td class="vtable"> <input name="logdefaultblock" type="checkbox" id="logdefaultblock" value="yes" <?php if ($pconfig['logdefaultblock']) echo "checked"; ?>>\r
+                          <strong>Log packets blocked by the default rule</strong><br>\r
+                          Hint: packets that are blocked by the \r
+                          implicit default block rule will not be logged anymore \r
+                          if you uncheck this option. Per-rule logging options are not affected.</td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td valign="top" class="vtable">&nbsp;</td>\r
+                        <td class="vtable"> <input name="rawfilter" type="checkbox" id="rawfilter" value="yes" <?php if ($pconfig['rawfilter']) echo "checked"; ?>>\r
+                          <strong>Show raw filter logs</strong><br>\r
+                          Hint: If this is checked, filter logs are shown as generated by the packet filter, without any formatting. This will reveal more detailed information. </td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td valign="top" class="vtable">&nbsp;</td>\r
+                        <td class="vtable"> <input name="resolve" type="checkbox" id="resolve" value="yes" <?php if ($pconfig['resolve']) echo "checked"; ?>>\r
+                          <strong>Resolve IP addresses to hostnames</strong><br>\r
+                          Hint: If this is checked, IP addresses in firewall logs are resolved to real hostnames where possible.<br>\r
+                          Warning: This can cause a huge delay in loading the firewall log page!</td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+                        <td width="78%" class="vtable"> <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">\r
+                          <strong>Enable syslog'ing to remote syslog server</strong></td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td width="22%" valign="top" class="vncell">Remote syslog \r
+                          server</td>\r
+                        <td width="78%" class="vtable"> <input name="remoteserver" id="remoteserver" type="text" class="formfld" size="20" value="<?=htmlspecialchars($pconfig['remoteserver']);?>"> \r
+                          <br>\r
+                          IP address of remote syslog server<br> <br>\r
+                                                 <input name="system" id="system" type="checkbox" value="yes" onclick="enable_change(false)" <?php if ($pconfig['system']) echo "checked"; ?>>\r
+                          system events <br>\r
+                                                 <input name="filter" id="filter" type="checkbox" value="yes" <?php if ($pconfig['filter']) echo "checked"; ?>>\r
+                          firewall events<br>\r
+                                                 <input name="dhcp" id="dhcp" type="checkbox" value="yes" <?php if ($pconfig['dhcp']) echo "checked"; ?>>\r
+                          DHCP service events<br>\r
+                                                 <input name="portalauth" id="portalauth" type="checkbox" value="yes" <?php if ($pconfig['portalauth']) echo "checked"; ?>>\r
+                          Captive portal<br> \r
+                                                 <input name="vpn" id="vpn" type="checkbox" value="yes" <?php if ($pconfig['vpn']) echo "checked"; ?>>\r
+                          PPTP VPN events</td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td width="22%" valign="top">&nbsp;</td>\r
+                        <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> \r
+                        </td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td width="22%" valign="top">&nbsp;</td>\r
+                        <td width="78%"><strong><span class="red">Note:</span></strong><br>\r
+                          syslog sends UDP datagrams to port 514 on the specified \r
+                          remote syslog server. Be sure to set syslogd on the \r
+                          remote server to accept syslog messages from m0n0wall. \r
+                        </td>\r
+                      </tr>\r
+                    </table>\r
+    </td>\r
+  </tr>\r
+</table>\r
+</form>\r
+<script language="JavaScript">\r
+<!--\r
+enable_change(false);\r
+//-->\r
+</script>\r
+<?php include("fend.inc"); ?>\r
index 056430bfda32cf17953cb0e2e6e90e2cafd289bf..569efe8886702a975af882e782f473bb921abe5b 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "Logs");
-require("guiconfig.inc");
-
-$nentries = $config['syslog']['nentries'];
-if (!$nentries)
-       $nentries = 50;
-
-if ($_POST['clear']) {
-       exec("/usr/sbin/clog -i -s 65536 /var/log/vpn.log");
-       /* redirect to avoid reposting form data on refresh */
-       header("Location: diag_logs_vpn.php");
-       exit;
-}
-
-function dump_clog($logfile, $tail) {
-       global $g, $config;
-
-       $sor = isset($config['syslog']['reverse']) ? "-r" : "";
-
-       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
-       
-       foreach ($logarr as $logent) {
-               $logent = preg_split("/\s+/", $logent, 6);
-               $llent = explode(",", $logent[5]);
-               
-               echo "<tr>\n";
-               echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
-               
-               if ($llent[0] == "login")
-                       echo "<td class=\"listr\"><img src=\"in.gif\" width=\"11\" height=\"11\" title=\"login\"></td>\n";
-               else
-                       echo "<td class=\"listr\"><img src=\"out.gif\" width=\"11\" height=\"11\" title=\"logout\"></td>\n";
-               
-               echo "<td class=\"listr\">" . htmlspecialchars($llent[3]) . "</td>\n";
-               echo "<td class=\"listr\">" . htmlspecialchars($llent[2]) . "&nbsp;</td>\n";
-               echo "</tr>\n";
-       }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="diag_logs.php">System</a></li>
-    <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
-    <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
-    <li class="tabinact"><a href="diag_logs_portal.php">Captive portal</a></li>
-    <li class="tabact"><a href="diag_logs_vpn.php" style="color:black" title="reload page">PPTP VPN</a></li>
-    <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
-  </ul>
-  </td></tr>
-  <tr>
-    <td class="tabcont">
-               <table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>
-                 <td colspan="4" class="listtopic"> 
-                           Last <?=$nentries;?> PPTP VPN log entries</td>
-                       </tr>
-                       <tr>
-                         <td class="listhdrr">Time</td>
-                         <td class="listhdrr">Action</td>
-                         <td class="listhdrr">User</td>
-                         <td class="listhdrr">IP address</td>
-                       </tr>
-                       <?php dump_clog("/var/log/vpn.log", $nentries); ?>
-          </table>
-               <br><form action="diag_logs_vpn.php" method="post">
-<input name="clear" type="submit" class="formbtn" value="Clear log">
-</form>
-       </td>
-  </tr>
-</table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "Logs");\r
+require("guiconfig.inc");\r
+\r
+$nentries = $config['syslog']['nentries'];\r
+if (!$nentries)\r
+       $nentries = 50;\r
+\r
+if ($_POST['clear']) {\r
+       exec("/usr/sbin/clog -i -s 65536 /var/log/vpn.log");\r
+       /* redirect to avoid reposting form data on refresh */\r
+       header("Location: diag_logs_vpn.php");\r
+       exit;\r
+}\r
+\r
+function dump_clog($logfile, $tail) {\r
+       global $g, $config;\r
+\r
+       $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
+\r
+       exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
+       \r
+       foreach ($logarr as $logent) {\r
+               $logent = preg_split("/\s+/", $logent, 6);\r
+               $llent = explode(",", $logent[5]);\r
+               \r
+               echo "<tr>\n";\r
+               echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
+               \r
+               if ($llent[0] == "login")\r
+                       echo "<td class=\"listr\"><img src=\"in.gif\" width=\"11\" height=\"11\" title=\"login\"></td>\n";\r
+               else\r
+                       echo "<td class=\"listr\"><img src=\"out.gif\" width=\"11\" height=\"11\" title=\"logout\"></td>\n";\r
+               \r
+               echo "<td class=\"listr\">" . htmlspecialchars($llent[3]) . "</td>\n";\r
+               echo "<td class=\"listr\">" . htmlspecialchars($llent[2]) . "&nbsp;</td>\n";\r
+               echo "</tr>\n";\r
+       }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('System' => 'diag_logs.php',\r
+                         'Firewall' => 'diag_logs_filter.php',\r
+                         'DHCP' => 'diag_logs_dhcp.php',\r
+                         'Captive portal' => 'diag_logs_portal.php',\r
+                         'PPTP VPN' => 'diag_logs_vpn.php',\r
+                         'Settings' => 'diag_logs_settings.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr>\r
+    <td class="tabcont">\r
+               <table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>\r
+                 <td colspan="4" class="listtopic"> \r
+                           Last <?=$nentries;?> PPTP VPN log entries</td>\r
+                       </tr>\r
+                       <tr>\r
+                         <td class="listhdrr">Time</td>\r
+                         <td class="listhdrr">Action</td>\r
+                         <td class="listhdrr">User</td>\r
+                         <td class="listhdrr">IP address</td>\r
+                       </tr>\r
+                       <?php dump_clog("/var/log/vpn.log", $nentries); ?>\r
+          </table>\r
+               <br><form action="diag_logs_vpn.php" method="post">\r
+<input name="clear" type="submit" class="formbtn" value="Clear log">\r
+</form>\r
+       </td>\r
+  </tr>\r
+</table>\r
+<?php include("fend.inc"); ?>\r
index 5452f5b19edff5a15576f34d48acb2f80c45f60b..87290745bb2bd1236e4270326a4f4cc3ed01efa7 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-
-       Copyright (C) 2003-2006 Bob Zoller (bob@kludgebox.com) and Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-
-       1. Redistributions of source code must retain the above copyright notice,
-       this list of conditions and the following disclaimer.
-
-       2. Redistributions in binary form must reproduce the above copyright
-       notice, this list of conditions and the following disclaimer in the
-       documentation and/or other materials provided with the distribution.
-
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "Ping/Traceroute");
-require("guiconfig.inc");
-
-define('MAX_COUNT', 10);
-define('DEFAULT_COUNT', 3);
-
-if ($_POST) {
-       unset($input_errors);
-       unset($do_ping);
-
-       /* input validation */
-       $reqdfields = explode(" ", "host count");
-       $reqdfieldsn = explode(",", "Host,Count");
-       do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-
-       if (($_POST['count'] < 1) || ($_POST['count'] > MAX_COUNT)) {
-               $input_errors[] = "Count must be between 1 and {MAX_COUNT}";
-       }
-
-       if (!$input_errors) {
-               $do_ping = true;
-               $host = $_POST['host'];
-               $interface = $_POST['interface'];
-               $count = $_POST['count'];
-       }
-}
-if (!isset($do_ping)) {
-       $do_ping = false;
-       $host = '';
-       $count = DEFAULT_COUNT;
-}
-
-function get_interface_addr($ifdescr) {
-       
-       global $config, $g;
-       
-       /* find out interface name */
-       if ($ifdescr == "wan")
-               $if = get_real_wan_interface();
-       else
-               $if = $config['interfaces'][$ifdescr]['if'];
-       
-       /* try to determine IP address and netmask with ifconfig */
-       unset($ifconfiginfo);
-       exec("/sbin/ifconfig " . $if, $ifconfiginfo);
-       
-       foreach ($ifconfiginfo as $ici) {
-               if (preg_match("/inet (\S+)/", $ici, $matches)) {
-                       return $matches[1];
-               }
-       }
-       
-       return false;
-}
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-       <li class="tabact">Ping</li>
-       <li class="tabinact"><a href="diag_traceroute.php">Traceroute</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-                       <form action="diag_ping.php" method="post" name="iform" id="iform">
-                         <table width="100%" border="0" cellpadding="6" cellspacing="0">
-                <tr>
-                                 <td width="22%" valign="top" class="vncellreq">Host</td>
-                                 <td width="78%" class="vtable"> 
-                    <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>"></td>
-                               </tr>
-                               <tr>
-                                 <td width="22%" valign="top" class="vncellreq">Interface</td>
-                                 <td width="78%" class="vtable">
-                                 <select name="interface" class="formfld">
-                      <?php $interfaces = array('wan' => 'WAN', 'lan' => 'LAN');
-                                         for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
-                                           if (isset($config['interfaces']['opt' . $i]['enable']) &&
-                                                       !$config['interfaces']['opt' . $i]['bridge'])
-                                                       $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
-                                         }
-                                         foreach ($interfaces as $iface => $ifacename): ?>
-                      <option value="<?=$iface;?>" <?php if ($iface == $interface) echo "selected"; ?>> 
-                      <?=htmlspecialchars($ifacename);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select>
-                                 </td>
-                               </tr>
-                               <tr>
-                                 <td width="22%" valign="top" class="vncellreq">Count</td>
-                                 <td width="78%" class="vtable">
-                                       <select name="count" class="formfld" id="count">
-                                       <?php for ($i = 1; $i <= MAX_COUNT; $i++): ?>
-                                       <option value="<?=$i;?>" <?php if ($i == $count) echo "selected"; ?>><?=$i;?></option>
-                                       <?php endfor; ?>
-                                       </select></td>
-                               </tr>
-                               <tr>
-                                 <td width="22%" valign="top">&nbsp;</td>
-                                 <td width="78%"> 
-                    <input name="Submit" type="submit" class="formbtn" value="Ping">
-                               </td>
-                               </tr>
-                               <tr>
-                               <td valign="top" colspan="2">
-                               <? if ($do_ping) {
-                                       echo("<strong>Ping output:</strong><br>");
-                                       echo('<pre>');
-                                       ob_end_flush();
-                                       $ifaddr = get_interface_addr($interface);
-                                       if ($ifaddr)
-                                               system("/sbin/ping -S$ifaddr -c$count " . escapeshellarg($host));
-                                       else
-                                               system("/sbin/ping -c$count " . escapeshellarg($host));
-                                       echo('</pre>');
-                               }
-                               ?>
-                               </td>
-                               </tr>
-                       </table>
-</form>
-</td></tr></table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+\r
+       Copyright (C) 2003-2006 Bob Zoller (bob@kludgebox.com) and Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+\r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+\r
+       1. Redistributions of source code must retain the above copyright notice,\r
+       this list of conditions and the following disclaimer.\r
+\r
+       2. Redistributions in binary form must reproduce the above copyright\r
+       notice, this list of conditions and the following disclaimer in the\r
+       documentation and/or other materials provided with the distribution.\r
+\r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "Ping");\r
+require("guiconfig.inc");\r
+\r
+define('MAX_COUNT', 10);\r
+define('DEFAULT_COUNT', 3);\r
+\r
+if ($_POST) {\r
+       unset($input_errors);\r
+       unset($do_ping);\r
+\r
+       /* input validation */\r
+       $reqdfields = explode(" ", "host count");\r
+       $reqdfieldsn = explode(",", "Host,Count");\r
+       do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
+\r
+       if (($_POST['count'] < 1) || ($_POST['count'] > MAX_COUNT)) {\r
+               $input_errors[] = "Count must be between 1 and {MAX_COUNT}";\r
+       }\r
+\r
+       if (!$input_errors) {\r
+               $do_ping = true;\r
+               $host = $_POST['host'];\r
+               $interface = $_POST['interface'];\r
+               $count = $_POST['count'];\r
+       }\r
+}\r
+if (!isset($do_ping)) {\r
+       $do_ping = false;\r
+       $host = '';\r
+       $count = DEFAULT_COUNT;\r
+}\r
+\r
+function get_interface_addr($ifdescr) {\r
+       \r
+       global $config, $g;\r
+       \r
+       /* find out interface name */\r
+       if ($ifdescr == "wan")\r
+               $if = get_real_wan_interface();\r
+       else\r
+               $if = $config['interfaces'][$ifdescr]['if'];\r
+       \r
+       /* try to determine IP address and netmask with ifconfig */\r
+       unset($ifconfiginfo);\r
+       exec("/sbin/ifconfig " . $if, $ifconfiginfo);\r
+       \r
+       foreach ($ifconfiginfo as $ici) {\r
+               if (preg_match("/inet (\S+)/", $ici, $matches)) {\r
+                       return $matches[1];\r
+               }\r
+       }\r
+       \r
+       return false;\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Ping' => 'diag_ping.php',\r
+                         'Traceroute' => 'diag_traceroute.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+                       <form action="diag_ping.php" method="post" name="iform" id="iform">\r
+                         <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                <tr>\r
+                                 <td width="22%" valign="top" class="vncellreq">Host</td>\r
+                                 <td width="78%" class="vtable"> \r
+                    <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>"></td>\r
+                               </tr>\r
+                               <tr>\r
+                                 <td width="22%" valign="top" class="vncellreq">Interface</td>\r
+                                 <td width="78%" class="vtable">\r
+                                 <select name="interface" class="formfld">\r
+                      <?php $interfaces = array('wan' => 'WAN', 'lan' => 'LAN');\r
+                                         for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {\r
+                                           if (isset($config['interfaces']['opt' . $i]['enable']) &&\r
+                                                       !$config['interfaces']['opt' . $i]['bridge'])\r
+                                                       $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];\r
+                                         }\r
+                                         foreach ($interfaces as $iface => $ifacename): ?>\r
+                      <option value="<?=$iface;?>" <?php if ($iface == $interface) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($ifacename);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select>\r
+                                 </td>\r
+                               </tr>\r
+                               <tr>\r
+                                 <td width="22%" valign="top" class="vncellreq">Count</td>\r
+                                 <td width="78%" class="vtable">\r
+                                       <select name="count" class="formfld" id="count">\r
+                                       <?php for ($i = 1; $i <= MAX_COUNT; $i++): ?>\r
+                                       <option value="<?=$i;?>" <?php if ($i == $count) echo "selected"; ?>><?=$i;?></option>\r
+                                       <?php endfor; ?>\r
+                                       </select></td>\r
+                               </tr>\r
+                               <tr>\r
+                                 <td width="22%" valign="top">&nbsp;</td>\r
+                                 <td width="78%"> \r
+                    <input name="Submit" type="submit" class="formbtn" value="Ping">\r
+                               </td>\r
+                               </tr>\r
+                               <tr>\r
+                               <td valign="top" colspan="2">\r
+                               <? if ($do_ping) {\r
+                                       echo("<strong>Ping output:</strong><br>");\r
+                                       echo('<pre>');\r
+                                       ob_end_flush();\r
+                                       $ifaddr = get_interface_addr($interface);\r
+                                       if ($ifaddr)\r
+                                               system("/sbin/ping -S$ifaddr -c$count " . escapeshellarg($host));\r
+                                       else\r
+                                               system("/sbin/ping -c$count " . escapeshellarg($host));\r
+                                       echo('</pre>');\r
+                               }\r
+                               ?>\r
+                               </td>\r
+                               </tr>\r
+                       </table>\r
+</form>\r
+</td></tr></table>\r
+<?php include("fend.inc"); ?>\r
index ccf38239e7f82a4d237fbbdabd3a238c26adbc63..524bdbc0527d9716bb2af4122ec538866e7d614b 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-
-       Copyright (C) 2005-2006 Paul Taylor (paultaylor@winndixie.com) and Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-
-       1. Redistributions of source code must retain the above copyright notice,
-       this list of conditions and the following disclaimer.
-
-       2. Redistributions in binary form must reproduce the above copyright
-       notice, this list of conditions and the following disclaimer in the
-       documentation and/or other materials provided with the distribution.
-
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Diagnostics", "Ping/Traceroute");
-require("guiconfig.inc");
-
-
-define('MAX_TTL', 64);
-define('DEFAULT_TTL', 18);
-
-if ($_POST) {
-       unset($input_errors);
-       unset($do_traceroute);
-
-       /* input validation */
-       $reqdfields = explode(" ", "host ttl");
-       $reqdfieldsn = explode(",", "Host,ttl");
-       do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-
-       if (($_POST['ttl'] < 1) || ($_POST['ttl'] > MAX_TTL)) {
-               $input_errors[] = "Maximum number of hops must be between 1 and {MAX_TTL}";
-       }
-
-       if (!$input_errors) {
-               $do_traceroute = true;
-               $host = $_POST['host'];
-               $ttl = $_POST['ttl'];
-               $resolve = $_POST['resolve'];
-       }
-}
-if (!isset($do_traceroute)) {
-       $do_traceroute = false;
-       $host = '';
-       $ttl = DEFAULT_TTL;
-       $resolve = false;
-}
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-       <li class="tabinact"><a href="diag_ping.php">Ping</a></li>
-       <li class="tabact">Traceroute</li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-                       <form action="diag_traceroute.php" method="post" name="iform" id="iform">
-                         <table width="100%" border="0" cellpadding="6" cellspacing="0">
-                <tr>
-                                 <td width="22%" valign="top" class="vncellreq">Host</td>
-                                 <td width="78%" class="vtable"> 
-                    <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>"></td>
-                               </tr>
-                               <tr>
-                                 <td width="22%" valign="top" class="vncellreq">Maximum number of hops</td>
-                                 <td width="78%" class="vtable">
-                                       <select name="ttl" class="formfld" id="ttl">
-                                       <?php for ($i = 1; $i <= MAX_TTL; $i++): ?>
-                                       <option value="<?=$i;?>" <?php if ($i == $ttl) echo "selected"; ?>><?=$i;?></option>
-                                       <?php endfor; ?>
-                                       </select></td>
-                               </tr>
-                                 <tr> 
-                                       <td valign="top" class="vtable">&nbsp;</td>
-                                       <td class="vtable"> <input name="resolve" type="checkbox" id="resolve" value="yes" <?php if ($resolve) echo "checked"; ?>>
-                                         <strong>Resolve IP addresses to hostnames</strong><br>
-                                       </td>
-                                 </tr>
-                               <tr>
-                                 <td width="22%" valign="top">&nbsp;</td>
-                                 <td width="78%"> 
-                    <input name="Submit" type="submit" class="formbtn" value="Traceroute">
-                               </td>
-                               </tr>
-                               <tr>
-                               <td valign="top" colspan="2">
-                               <p><span class="vexpl"><span class="red"><strong>Note: </strong></span> Traceroute may take a while to complete.  You may hit the Stop button on your browser at any time to see the progress of failed traceroutes.<p>
-                               <? if ($do_traceroute) {
-                                       echo("<br><strong>Traceroute output:</strong><br>");
-                                       echo('<pre>');
-                                       ob_end_flush();
-                                       system("/usr/sbin/traceroute " . ($resolve ? "" : "-n ") . "-w 2 -m " . escapeshellarg($ttl) . " " . escapeshellarg($host));
-                                       echo('</pre>');
-                               }
-                               ?>
-                               </td>
-                               </tr>
-                       </table>
-</form>
-</td></tr></table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+\r
+       Copyright (C) 2005-2006 Paul Taylor (paultaylor@winndixie.com) and Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+\r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+\r
+       1. Redistributions of source code must retain the above copyright notice,\r
+       this list of conditions and the following disclaimer.\r
+\r
+       2. Redistributions in binary form must reproduce the above copyright\r
+       notice, this list of conditions and the following disclaimer in the\r
+       documentation and/or other materials provided with the distribution.\r
+\r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Diagnostics", "Traceroute");\r
+require("guiconfig.inc");\r
+\r
+\r
+define('MAX_TTL', 64);\r
+define('DEFAULT_TTL', 18);\r
+\r
+if ($_POST) {\r
+       unset($input_errors);\r
+       unset($do_traceroute);\r
+\r
+       /* input validation */\r
+       $reqdfields = explode(" ", "host ttl");\r
+       $reqdfieldsn = explode(",", "Host,ttl");\r
+       do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
+\r
+       if (($_POST['ttl'] < 1) || ($_POST['ttl'] > MAX_TTL)) {\r
+               $input_errors[] = "Maximum number of hops must be between 1 and {MAX_TTL}";\r
+       }\r
+\r
+       if (!$input_errors) {\r
+               $do_traceroute = true;\r
+               $host = $_POST['host'];\r
+               $ttl = $_POST['ttl'];\r
+               $resolve = $_POST['resolve'];\r
+       }\r
+}\r
+if (!isset($do_traceroute)) {\r
+       $do_traceroute = false;\r
+       $host = '';\r
+       $ttl = DEFAULT_TTL;\r
+       $resolve = false;\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Ping' => 'diag_ping.php',\r
+                         'Traceroute' => 'diag_traceroute.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+                       <form action="diag_traceroute.php" method="post" name="iform" id="iform">\r
+                         <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                <tr>\r
+                                 <td width="22%" valign="top" class="vncellreq">Host</td>\r
+                                 <td width="78%" class="vtable"> \r
+                    <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>"></td>\r
+                               </tr>\r
+                               <tr>\r
+                                 <td width="22%" valign="top" class="vncellreq">Maximum number of hops</td>\r
+                                 <td width="78%" class="vtable">\r
+                                       <select name="ttl" class="formfld" id="ttl">\r
+                                       <?php for ($i = 1; $i <= MAX_TTL; $i++): ?>\r
+                                       <option value="<?=$i;?>" <?php if ($i == $ttl) echo "selected"; ?>><?=$i;?></option>\r
+                                       <?php endfor; ?>\r
+                                       </select></td>\r
+                               </tr>\r
+                                 <tr> \r
+                                       <td valign="top" class="vtable">&nbsp;</td>\r
+                                       <td class="vtable"> <input name="resolve" type="checkbox" id="resolve" value="yes" <?php if ($resolve) echo "checked"; ?>>\r
+                                         <strong>Resolve IP addresses to hostnames</strong><br>\r
+                                       </td>\r
+                                 </tr>\r
+                               <tr>\r
+                                 <td width="22%" valign="top">&nbsp;</td>\r
+                                 <td width="78%"> \r
+                    <input name="Submit" type="submit" class="formbtn" value="Traceroute">\r
+                               </td>\r
+                               </tr>\r
+                               <tr>\r
+                               <td valign="top" colspan="2">\r
+                               <p><span class="vexpl"><span class="red"><strong>Note: </strong></span> Traceroute may take a while to complete.  You may hit the Stop button on your browser at any time to see the progress of failed traceroutes.<p>\r
+                               <? if ($do_traceroute) {\r
+                                       echo("<br><strong>Traceroute output:</strong><br>");\r
+                                       echo('<pre>');\r
+                                       ob_end_flush();\r
+                                       system("/usr/sbin/traceroute " . ($resolve ? "" : "-n ") . "-w 2 -m " . escapeshellarg($ttl) . " " . escapeshellarg($host));\r
+                                       echo('</pre>');\r
+                               }\r
+                               ?>\r
+                               </td>\r
+                               </tr>\r
+                       </table>\r
+</form>\r
+</td></tr></table>\r
+<?php include("fend.inc"); ?>\r
index 0a76d55d838cf0e1feb52b67abfdb7b2581c0111..6ff8e4b1a1ab3a2828e1d3c7996c16a4ca802d6b 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 technologEase (http://www.technologEase.com) and Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-if (($_POST['submit'] == "Download") && file_exists($_POST['dlPath'])) {
-       session_cache_limiter('public');
-       $fd = fopen($_POST['dlPath'], "rb");
-       header("Content-Type: application/octet-stream");
-       header("Content-Length: " . filesize($_POST['dlPath']));
-       header("Content-Disposition: attachment; filename=\"" . 
-               trim(htmlentities(basename($_POST['dlPath']))) . "\"");
-       
-       fpassthru($fd);
-       exit;
-} else if (($_POST['submit'] == "Upload") && is_uploaded_file($_FILES['ulfile']['tmp_name'])) {
-       move_uploaded_file($_FILES['ulfile']['tmp_name'], "/tmp/" . $_FILES['ulfile']['name']);
-       $ulmsg = "Uploaded file to /tmp/" . htmlentities($_FILES['ulfile']['name']);
-       unset($_POST['txtCommand']);
-}
-?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-<?php
-
-/*
-       Exec+ v1.02-000 - Copyright 2001-2003, All rights reserved
-       Created by technologEase (http://www.technologEase.com).
-       
-       (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)
-*/
-
-// Function: is Blank
-// Returns true or false depending on blankness of argument.
-
-function isBlank( $arg ) { return ereg( "^\s*$", $arg ); }
-
-
-// Function: Puts
-// Put string, Ruby-style.
-
-function puts( $arg ) { echo "$arg\n"; }
-
-
-// "Constants".
-
-$Version    = '';
-$ScriptName = $HTTP_SERVER_VARS['SCRIPT_NAME'];
-$Title      = 'm0n0wall: execute command';
-
-// Get year.
-
-$arrDT   = localtime();
-$intYear = $arrDT[5] + 1900;
-
-?>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-<title><?=$Title ?></title>
-<script language="javascript">
-<!--
-
-   // Create recall buffer array (of encoded strings).
-
-<?php
-
-if (isBlank( $_POST['txtRecallBuffer'] )) {
-   puts( "   var arrRecallBuffer = new Array;" );
-} else {
-   puts( "   var arrRecallBuffer = new Array(" );
-   $arrBuffer = explode( "&", $_POST['txtRecallBuffer'] );
-   for ($i=0; $i < (count( $arrBuffer ) - 1); $i++) puts( "      '" . $arrBuffer[$i] . "'," );
-   puts( "      '" . $arrBuffer[count( $arrBuffer ) - 1] . "'" );
-   puts( "   );" );
-}
-
-?>
-
-   // Set pointer to end of recall buffer.
-   var intRecallPtr = arrRecallBuffer.length;
-
-   // Functions to extend String class.
-   function str_encode() { return escape( this ) }
-   function str_decode() { return unescape( this ) }
-      
-   // Extend string class to include encode() and decode() functions.
-   String.prototype.encode = str_encode
-   String.prototype.decode = str_decode
-
-   // Function: is Blank
-   // Returns boolean true or false if argument is blank.
-   function isBlank( strArg ) { return strArg.match( /^\s*$/ ) }
-
-   // Function: frmExecPlus onSubmit (event handler)
-   // Builds the recall buffer from the command string on submit.
-   function frmExecPlus_onSubmit( form ) {
-
-      if (!isBlank(form.txtCommand.value)) {
-                 // If this command is repeat of last command, then do not store command.
-                 if (form.txtCommand.value.encode() == arrRecallBuffer[arrRecallBuffer.length-1]) { return true }
-       
-                 // Stuff encoded command string into the recall buffer.
-                 if (isBlank(form.txtRecallBuffer.value))
-                        form.txtRecallBuffer.value = form.txtCommand.value.encode();
-                 else
-                        form.txtRecallBuffer.value += '&' + form.txtCommand.value.encode();
-         }
-
-      return true;
-   }
-
-   // Function: btnRecall onClick (event handler)
-   // Recalls command buffer going either up or down.
-   function btnRecall_onClick( form, n ) {
-
-      // If nothing in recall buffer, then error.
-      if (!arrRecallBuffer.length) {
-         alert( 'Nothing to recall!' );
-         form.txtCommand.focus();
-         return;
-      }
-
-      // Increment recall buffer pointer in positive or negative direction
-      // according to <n>.
-      intRecallPtr += n;
-
-      // Make sure the buffer stays circular.
-      if (intRecallPtr < 0) { intRecallPtr = arrRecallBuffer.length - 1 }
-      if (intRecallPtr > (arrRecallBuffer.length - 1)) { intRecallPtr = 0 }
-
-      // Recall the command.
-      form.txtCommand.value = arrRecallBuffer[intRecallPtr].decode();
-   }
-
-   // Function: Reset onClick (event handler)
-   // Resets form on reset button click event.
-   function Reset_onClick( form ) {
-
-      // Reset recall buffer pointer.
-      intRecallPtr = arrRecallBuffer.length;
-
-      // Clear form (could have spaces in it) and return focus ready for cmd.
-      form.txtCommand.value = '';
-      form.txtCommand.focus();
-
-      return true;
-   }
-
-   // hansmi, 2005-01-13
-   function txtCommand_onKey(e) {
-       if(!e) var e = window.event; // IE-Fix
-       var code = (e.keyCode?e.keyCode:(e.which?e.which:0));
-       if(!code) return;
-       var f = document.getElementsByName('frmExecPlus')[0];
-       if(!f) return;
-       switch(code) {
-       case 38: // up
-           btnRecall_onClick(f, -1);
-           break;
-       case 40: // down
-           btnRecall_onClick(f, 1);
-           break;
-       }
-   }
-//-->
-</script>
-<link href="gui.css" rel="stylesheet" type="text/css">
-<style>
-<!--
-
-input {
-   font-family: courier new, courier;
-   font-weight: normal;
-   font-size: 9pt;
-}
-
-pre {
-   border: 2px solid #435370;
-   background: #F0F0F0;
-   padding: 1em;
-   font-family: courier new, courier;
-   white-space: pre;
-   line-height: 10pt;
-   font-size: 10pt;
-}
-
-.label {
-   font-family: tahoma, verdana, arial, helvetica;
-   font-size: 11px;
-   font-weight: bold;
-}
-
-.button {
-   font-family: tahoma, verdana, arial, helvetica;
-   font-weight: bold;
-   font-size: 11px;
-}
-
--->
-</style>
-</head>
-<body<?php
-if(!isBlank($_POST['txtCommand'])) {
-    echo ' onload="document.forms[\'frmExecPlus\'].txtCommand.focus();"';
-}
-?>>
-<p><span class="pgtitle"><?=$Title ?></span>
-<?php if (isBlank($_POST['txtCommand'])): ?>
-<p class="red"><strong>Note: this function is unsupported. Use it
-on your own risk!</strong></p>
-<?php endif; ?>
-<?php if ($ulmsg) echo "<p><strong>" . $ulmsg . "</strong></p>\n"; ?>
-<?php
-
-if (!isBlank($_POST['txtCommand'])) {
-   puts("<pre>");
-   puts("\$ " . htmlspecialchars($_POST['txtCommand']));
-   putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");
-   putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " "));     /* PHP scripts */
-   $ph = popen($_POST['txtCommand'], "r" );
-   while ($line = fgets($ph)) echo htmlspecialchars($line);
-   pclose($ph);
-   puts("</pre>");
-}
-
-?>
-
-<form action="<?=$ScriptName ?>" method="POST" enctype="multipart/form-data" name="frmExecPlus" onSubmit="return frmExecPlus_onSubmit( this );">
-  <table>
-    <tr>
-      <td class="label" align="right">Command:</td>
-      <td class="type"><input name="txtCommand" type="text" size="80" value="" onkeypress="txtCommand_onKey(event);"></td>
-    </tr>
-    <tr>
-      <td valign="top">&nbsp;</td>
-      <td valign="top" class="label">
-         <input type="hidden" name="txtRecallBuffer" value="<?=$_POST['txtRecallBuffer'] ?>">
-         <input type="button" class="button" name="btnRecallPrev" value="<" onClick="btnRecall_onClick( this.form, -1 );">
-         <input type="submit" class="button" value="Execute">
-         <input type="button" class="button" name="btnRecallNext" value=">" onClick="btnRecall_onClick( this.form,  1 );">
-         <input type="button"  class="button" value="Clear" onClick="return Reset_onClick( this.form );">
-      </td>
-    </tr>
-    <tr>
-      <td height="8"></td>
-      <td></td>
-    </tr>
-    <tr>
-      <td align="right">Download:</td>
-      <td>
-        <input name="dlPath" type="text" id="dlPath" size="50">
-        <input name="submit" type="submit"  class="button" id="download" value="Download">
-        </td>
-    </tr>
-    <tr>
-      <td align="right">Upload:</td>
-      <td valign="top" class="label">
-<input name="ulfile" type="file" class="button" id="ulfile">
-        <input name="submit" type="submit"  class="button" id="upload" value="Upload"></td>
-    </tr>
-  </table>
-</form>
-</body>
-</html>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 technologEase (http://www.technologEase.com) and Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+require("guiconfig.inc");\r
+\r
+if (($_POST['submit'] == "Download") && file_exists($_POST['dlPath'])) {\r
+       session_cache_limiter('public');\r
+       $fd = fopen($_POST['dlPath'], "rb");\r
+       header("Content-Type: application/octet-stream");\r
+       header("Content-Length: " . filesize($_POST['dlPath']));\r
+       header("Content-Disposition: attachment; filename=\"" . \r
+               trim(htmlentities(basename($_POST['dlPath']))) . "\"");\r
+       \r
+       fpassthru($fd);\r
+       exit;\r
+} else if (($_POST['submit'] == "Upload") && is_uploaded_file($_FILES['ulfile']['tmp_name'])) {\r
+       move_uploaded_file($_FILES['ulfile']['tmp_name'], "/tmp/" . $_FILES['ulfile']['name']);\r
+       $ulmsg = "Uploaded file to /tmp/" . htmlentities($_FILES['ulfile']['name']);\r
+       unset($_POST['txtCommand']);\r
+}\r
+?>\r
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">\r
+<html>\r
+<head>\r
+<?php\r
+\r
+/*\r
+       Exec+ v1.02-000 - Copyright 2001-2003, All rights reserved\r
+       Created by technologEase (http://www.technologEase.com).\r
+       \r
+       (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)\r
+*/\r
+\r
+// Function: is Blank\r
+// Returns true or false depending on blankness of argument.\r
+\r
+function isBlank( $arg ) { return ereg( "^\s*$", $arg ); }\r
+\r
+\r
+// Function: Puts\r
+// Put string, Ruby-style.\r
+\r
+function puts( $arg ) { echo "$arg\n"; }\r
+\r
+\r
+// "Constants".\r
+\r
+$Version    = '';\r
+$ScriptName = $HTTP_SERVER_VARS['SCRIPT_NAME'];\r
+$Title      = 'm0n0wall: execute command';\r
+\r
+// Get year.\r
+\r
+$arrDT   = localtime();\r
+$intYear = $arrDT[5] + 1900;\r
+\r
+?>\r
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">\r
+<title><?=$Title ?></title>\r
+<script language="javascript">\r
+<!--\r
+\r
+   // Create recall buffer array (of encoded strings).\r
+\r
+<?php\r
+\r
+if (isBlank( $_POST['txtRecallBuffer'] )) {\r
+   puts( "   var arrRecallBuffer = new Array;" );\r
+} else {\r
+   puts( "   var arrRecallBuffer = new Array(" );\r
+   $arrBuffer = explode( "&", $_POST['txtRecallBuffer'] );\r
+   for ($i=0; $i < (count( $arrBuffer ) - 1); $i++) puts( "      '" . $arrBuffer[$i] . "'," );\r
+   puts( "      '" . $arrBuffer[count( $arrBuffer ) - 1] . "'" );\r
+   puts( "   );" );\r
+}\r
+\r
+?>\r
+\r
+   // Set pointer to end of recall buffer.\r
+   var intRecallPtr = arrRecallBuffer.length;\r
+\r
+   // Functions to extend String class.\r
+   function str_encode() { return escape( this ) }\r
+   function str_decode() { return unescape( this ) }\r
+      \r
+   // Extend string class to include encode() and decode() functions.\r
+   String.prototype.encode = str_encode\r
+   String.prototype.decode = str_decode\r
+\r
+   // Function: is Blank\r
+   // Returns boolean true or false if argument is blank.\r
+   function isBlank( strArg ) { return strArg.match( /^\s*$/ ) }\r
+\r
+   // Function: frmExecPlus onSubmit (event handler)\r
+   // Builds the recall buffer from the command string on submit.\r
+   function frmExecPlus_onSubmit( form ) {\r
+\r
+      if (!isBlank(form.txtCommand.value)) {\r
+                 // If this command is repeat of last command, then do not store command.\r
+                 if (form.txtCommand.value.encode() == arrRecallBuffer[arrRecallBuffer.length-1]) { return true }\r
+       \r
+                 // Stuff encoded command string into the recall buffer.\r
+                 if (isBlank(form.txtRecallBuffer.value))\r
+                        form.txtRecallBuffer.value = form.txtCommand.value.encode();\r
+                 else\r
+                        form.txtRecallBuffer.value += '&' + form.txtCommand.value.encode();\r
+         }\r
+\r
+      return true;\r
+   }\r
+\r
+   // Function: btnRecall onClick (event handler)\r
+   // Recalls command buffer going either up or down.\r
+   function btnRecall_onClick( form, n ) {\r
+\r
+      // If nothing in recall buffer, then error.\r
+      if (!arrRecallBuffer.length) {\r
+         alert( 'Nothing to recall!' );\r
+         form.txtCommand.focus();\r
+         return;\r
+      }\r
+\r
+      // Increment recall buffer pointer in positive or negative direction\r
+      // according to <n>.\r
+      intRecallPtr += n;\r
+\r
+      // Make sure the buffer stays circular.\r
+      if (intRecallPtr < 0) { intRecallPtr = arrRecallBuffer.length - 1 }\r
+      if (intRecallPtr > (arrRecallBuffer.length - 1)) { intRecallPtr = 0 }\r
+\r
+      // Recall the command.\r
+      form.txtCommand.value = arrRecallBuffer[intRecallPtr].decode();\r
+   }\r
+\r
+   // Function: Reset onClick (event handler)\r
+   // Resets form on reset button click event.\r
+   function Reset_onClick( form ) {\r
+\r
+      // Reset recall buffer pointer.\r
+      intRecallPtr = arrRecallBuffer.length;\r
+\r
+      // Clear form (could have spaces in it) and return focus ready for cmd.\r
+      form.txtCommand.value = '';\r
+      form.txtCommand.focus();\r
+\r
+      return true;\r
+   }\r
+\r
+   // hansmi, 2005-01-13\r
+   function txtCommand_onKey(e) {\r
+       if(!e) var e = window.event; // IE-Fix\r
+       var code = (e.keyCode?e.keyCode:(e.which?e.which:0));\r
+       if(!code) return;\r
+       var f = document.getElementsByName('frmExecPlus')[0];\r
+       if(!f) return;\r
+       switch(code) {\r
+       case 38: // up\r
+           btnRecall_onClick(f, -1);\r
+           break;\r
+       case 40: // down\r
+           btnRecall_onClick(f, 1);\r
+           break;\r
+       }\r
+   }\r
+//-->\r
+</script>\r
+<link href="gui.css" rel="stylesheet" type="text/css">\r
+<style>\r
+<!--\r
+\r
+input {\r
+   font-family: courier new, courier;\r
+   font-weight: normal;\r
+   font-size: 9pt;\r
+}\r
+\r
+pre {\r
+   border: 2px solid #435370;\r
+   background: #F0F0F0;\r
+   padding: 1em;\r
+   font-family: courier new, courier;\r
+   white-space: pre;\r
+   line-height: 10pt;\r
+   font-size: 10pt;\r
+}\r
+\r
+.label {\r
+   font-family: tahoma, verdana, arial, helvetica;\r
+   font-size: 11px;\r
+   font-weight: bold;\r
+}\r
+\r
+.button {\r
+   font-family: tahoma, verdana, arial, helvetica;\r
+   font-weight: bold;\r
+   font-size: 11px;\r
+}\r
+\r
+-->\r
+</style>\r
+</head>\r
+<body<?php\r
+if(!isBlank($_POST['txtCommand'])) {\r
+    echo ' onload="document.forms[\'frmExecPlus\'].txtCommand.focus();"';\r
+}\r
+?>>\r
+<p><span class="pgtitle"><?=$Title ?></span>\r
+<?php if (isBlank($_POST['txtCommand'])): ?>\r
+<p class="red"><strong>Note: this function is unsupported. Use it\r
+on your own risk!</strong></p>\r
+<?php endif; ?>\r
+<?php if ($ulmsg) echo "<p><strong>" . $ulmsg . "</strong></p>\n"; ?>\r
+<?php\r
+\r
+if (!isBlank($_POST['txtCommand'])) {\r
+   puts("<pre>");\r
+   puts("\$ " . htmlspecialchars($_POST['txtCommand']));\r
+   putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");\r
+   putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " "));     /* PHP scripts */\r
+   $ph = popen($_POST['txtCommand'], "r" );\r
+   while ($line = fgets($ph)) echo htmlspecialchars($line);\r
+   pclose($ph);\r
+   puts("</pre>");\r
+}\r
+\r
+?>\r
+\r
+<form action="<?=$ScriptName ?>" method="POST" enctype="multipart/form-data" name="frmExecPlus" onSubmit="return frmExecPlus_onSubmit( this );">\r
+  <table>\r
+    <tr>\r
+      <td class="label" align="right">Command:</td>\r
+      <td class="type"><input name="txtCommand" type="text" size="80" value="" onkeypress="txtCommand_onKey(event);"></td>\r
+    </tr>\r
+    <tr>\r
+      <td valign="top">&nbsp;</td>\r
+      <td valign="top" class="label">\r
+         <input type="hidden" name="txtRecallBuffer" value="<?=$_POST['txtRecallBuffer'] ?>">\r
+         <input type="button" class="button" name="btnRecallPrev" value="<" onClick="btnRecall_onClick( this.form, -1 );">\r
+         <input type="submit" class="button" value="Execute">\r
+         <input type="button" class="button" name="btnRecallNext" value=">" onClick="btnRecall_onClick( this.form,  1 );">\r
+         <input type="button"  class="button" value="Clear" onClick="return Reset_onClick( this.form );">\r
+      </td>\r
+    </tr>\r
+    <tr>\r
+      <td height="8"></td>\r
+      <td></td>\r
+    </tr>\r
+    <tr>\r
+      <td align="right">Download:</td>\r
+      <td>\r
+        <input name="dlPath" type="text" id="dlPath" size="50">\r
+        <input name="submit" type="submit"  class="button" id="download" value="Download">\r
+        </td>\r
+    </tr>\r
+    <tr>\r
+      <td align="right">Upload:</td>\r
+      <td valign="top" class="label">\r
+<input name="ulfile" type="file" class="button" id="ulfile">\r
+        <input name="submit" type="submit"  class="button" id="upload" value="Upload"></td>\r
+    </tr>\r
+  </table>\r
+</form>\r
+</body>\r
+</html>\r
index a51b4e95acc772d705418786c5bcc282bec55e63..f27ae71634b4608a0f194c7816022f5cae8e6bbb 100644 (file)
@@ -1,38 +1,39 @@
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-
-       1. Redistributions of source code must retain the above copyright notice,
-       this list of conditions and the following disclaimer.
-
-       2. Redistributions in binary form must reproduce the above copyright
-       notice, this list of conditions and the following disclaimer in the
-       documentation and/or other materials provided with the distribution.
-
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-header("Content-Type: text/plain");
-
-putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");
-passthru($_GET['cmd']);
-
-exit(0);
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+\r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+\r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+\r
+       1. Redistributions of source code must retain the above copyright notice,\r
+       this list of conditions and the following disclaimer.\r
+\r
+       2. Redistributions in binary form must reproduce the above copyright\r
+       notice, this list of conditions and the following disclaimer in the\r
+       documentation and/or other materials provided with the distribution.\r
+\r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+require("guiconfig.inc");\r
+\r
+header("Content-Type: text/plain");\r
+\r
+putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");\r
+passthru($_GET['cmd']);\r
+\r
+exit(0);\r
 ?>
\ No newline at end of file
index 833fd7658d1e6ba7a0425a37b5be3035e976bb9c..cbcb73d9789072e3b21636cd4fe549d1ab4cde6c 100644 (file)
@@ -41,7 +41,135 @@ function genhtmltitle($title) {
        global $config;
        return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . gentitle($title);
 }
+
+function dynamic_menu(&$menu, $menu_title) {
+       global $allowed, $config;
+       
+       // Make sure the admin can see everything
+       if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {
+               unset($allowed);
+               foreach ($menu as $item) {
+                       $allowed[] = $item[0];
+               }
+       }
+       
+       foreach ($menu as $desc => $links) {
+               if ($intersect = array_intersect($menu[$desc],$allowed)) {
+                       if (!isset($header_displayed) && !($menu_title=='Diagnostics')) {
+                               echo "\n                        <strong>".$menu_title.'</strong><br>';
+                               $header_displayed = true;
+                       }
+                       else { 
+                               if (!isset($header_displayed)) {
+                                       if (isset($config['system']['webgui']['expanddiags']) || strstr($_SERVER['SCRIPT_FILENAME'], "diag_") || strstr($_SERVER['SCRIPT_FILENAME'], "reboot")): ?>
+                                       <a href="javascript:showhide('diag','tri_diag')"><img src="/tri_o.gif" id="tri_diag" width="14" height="10" border="0"></a><strong><a href="javascript:showhide('diag','tri_diag')" class="navlnk">Diagnostics</a></strong><br>
+                                       <span id="diag">
+                                       <?php else: ?>
+                                       <a href="javascript:showhide('diag','tri_diag')"><img src="/tri_c.gif" id="tri_diag" width="14" height="10" border="0"></a><strong><a href="javascript:showhide('diag','tri_diag')" class="navlnk">Diagnostics</a></strong><br>
+                                       <span id="diag" style="display: none">
+                                       <?php endif;
+                                       $header_displayed = true;                         
+                               }
+                               
+                       }
+                       // $intersect may contain one or more links, but we only need the first one
+                       // BUT, we are doing a foreach here because it might not be element [0]
+                       foreach ($intersect as $link) { 
+                               // Below lines are spaced out oddly to help improve the look of resulting HTML code.
+                               ?>
+
+                               &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/<?=$link?>" class="navlnk"><?=$desc?></a><br><?
+                               // Only need the first one, so break out of foreach
+                               break;
+                       }
+               }
+       }
+}
+
+// Check for issues when changing the web admin username
+// $allowed is set in auth.inc *IF* the user is not the webGUI admin
+// so, if it's not set here, they were the admin user when they submited the admin username change.
+if ((!is_array($allowed)) and 
+    ($_SERVER['PHP_SELF'] == '/system.php') and 
+    ($_SERVER['REMOTE_USER'] != $config['system']['username'])) {
+       // webGUI username was just changed, let us change what PHP sees the remote user as so
+       // the menu will build properly.  When user hits next link, they will be prompted to reauthenticate.
+       $_SERVER['REMOTE_USER'] = $config['system']['username'];                
+}
+
+$menu['System']['General setup'] = array('system.php');
+$menu['System']['Static routes'] = array('system_routes.php');
+$menu['System']['Firmware']      = array('system_firmware.php');
+$menu['System']['Advanced']      = array('system_advanced.php');
+if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {
+       $menu['System']['User manager']  = array('system_usermanager.php');
+}
+else {
+       $menu['System']['User password']  = array('system_usermanager.php');
+}
+
+$menu['Firewall']['Rules']          = array('firewall_rules.php');
+$menu['Firewall']['NAT']            = array('firewall_nat.php',
+                                                                                       'firewall_nat_server.php',
+                                                                                       'firewall_nat_1to1.php',
+                                                                                       'firewall_nat_out.php');
+$menu['Firewall']['Traffic shaper'] = array('firewall_shaper.php',
+                                                                                       'firewall_shaper_pipes.php',
+                                                                                       'firewall_shaper_queues.php',
+                                                                                       'firewall_shaper_magic.php');
+$menu['Firewall']['Aliases']        = array('firewall_aliases.php');
+
+$menu['Services']['DNS forwarder']     = array('services_dnsmasq.php');
+$menu['Services']['Dynamic DNS']       = array('services_dyndns.php');
+$menu['Services']['DHCP server']       = array('services_dhcp.php');
+$menu['Services']['DHCP relay']        = array('services_dhcp_relay.php');
+$menu['Services']['SNMP']                      = array('services_snmp.php');
+$menu['Services']['Proxy ARP']         = array('services_proxyarp.php');
+$menu['Services']['Captive portal'] = array('services_captiveportal.php',
+                                                                                       'services_captiveportal_mac.php',
+                                                                       'services_captiveportal_ip.php',
+                                                                       'services_captiveportal_users.php',
+                                                                                       'services_captiveportal_elementmanager.php');
+$menu['Services']['Wake on LAN']       = array('services_wol.php');
+
+$menu['VPN']['IPsec']                                  = array('vpn_ipsec.php',
+                                                                                       'vpn_ipsec_mobile.php',
+                                                                                       'vpn_ipsec_keys.php',
+                                                                                       'vpn_ipsec_ca.php');
+$menu['VPN']['PPTP']                           = array('vpn_pptp.php',
+                                                                                       'vpn_pptp_users.php');
+                                                                                       
+$menu['Status']['System']                      = array('index.php');
+$menu['Status']['Interfaces']          = array('status_interfaces.php');
+
+$menu['Status']['Traffic graph']       = array('status_graph.php');
+$menu['Status']['Wireless']                    = array('status_wireless.php');
+if (isset($config['captiveportal']['enable'])) {
+       $menu['Status']['Captive portal']       = array('status_captiveportal.php');
+}
+
+$menu['Diagnostics']['Logs']                   = array('diag_logs.php',
+                                                                                               'diag_logs_filter.php',
+                                                                                               'diag_logs_dhcp.php',
+                                                                                               'diag_logs_portal.php',
+                                                                                               'diag_logs_vpn.php',
+                                                                                               'diag_logs_settings.php');  
+$menu['Diagnostics']['DHCP Leases']    = array('diag_dhcp_leases.php');
+$menu['Diagnostics']['IPsec']                  = array('diag_ipsec_sad.php',
+                                                                                               'diag_ipsec_spd.php');
+$menu['Diagnostics']['Ping/Traceroute'] = array('diag_ping.php',
+                                                                                               'diag_traceroute.php');
+$menu['Diagnostics']['ARP Table']              = array('diag_arp.php');
+$menu['Diagnostics']['NS Lookup']              = array('diag_nslookup.php');
+$menu['Diagnostics']['Whois']                  = array('diag_whois.php');
+$menu['Diagnostics']['Firewall states'] = array('diag_ipfstat.php');
+$menu['Diagnostics']['Reset state']    = array('diag_resetstate.php');
+$menu['Diagnostics']['Backup/Restore']         = array('diag_backup.php');
+$menu['Diagnostics']['Factory Defaults']= array('diag_defaults.php');
+$menu['Diagnostics']['Reboot system']  = array('reboot.php');
+
 ?>
+
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
 <head>
@@ -96,51 +224,47 @@ function showhide(tspan, tri) {
     <td width="150" bgcolor="#9D9D9D">
        <table width="100%" border="0" cellpadding="6" cellspacing="0">
         <tr>
-          <td><span class="navlnk"><font color="#FFFFFF"> <strong>System</strong> 
-              <br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/system.php" class="navlnk">General 
-              setup</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/system_routes.php" class="navlnk">Static 
-              routes</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/system_firmware.php" class="navlnk">Firmware</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/system_advanced.php" class="navlnk">Advanced</a><br>
-              <strong>Interfaces</strong>
-                         <?php if (!isset($config['system']['webgui']['noassigninterfaces'])): ?>
-                         <a href="/interfaces_assign.php" class="navlnks">(assign)</a>
-                         <?php endif; ?>
-                         <br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/interfaces_lan.php" class="navlnk">LAN</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/interfaces_wan.php" class="navlnk">WAN</a><br>
-                         <?php for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++): ?>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/interfaces_opt.php?index=<?=$i;?>" class="navlnk"><?=htmlspecialchars($config['interfaces']['opt' . $i]['descr']);?></a><br>
-                         <?php endfor; ?>
-              <strong>Firewall</strong><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/firewall_rules.php" class="navlnk">Rules</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/firewall_nat.php" class="navlnk">NAT</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/firewall_shaper.php" class="navlnk">Traffic 
-              shaper</a> <br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/firewall_aliases.php" class="navlnk">Aliases</a><br>
-              <strong>Services</strong><br>
-                         &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/services_dnsmasq.php" class="navlnk">DNS forwarder</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/services_dyndns.php" class="navlnk">Dynamic 
-              DNS</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/services_dhcp.php" class="navlnk">DHCP server</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/services_dhcp_relay.php" class="navlnk">DHCP relay</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/services_snmp.php" class="navlnk">SNMP</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/services_proxyarp.php" class="navlnk">Proxy ARP</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/services_captiveportal.php" class="navlnk">Captive portal</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/services_wol.php" class="navlnk">Wake on LAN</a><br>
-              <strong>VPN</strong><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/vpn_ipsec.php" class="navlnk">IPsec</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/vpn_pptp.php" class="navlnk">PPTP</a><br>
-              <strong>Status</strong><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/index.php" class="navlnk">System</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/status_interfaces.php" class="navlnk">Interfaces</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/status_graph.php" class="navlnk">Traffic graph</a><br>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/status_wireless.php" class="navlnk">Wireless</a><br>
-                         <?php if (isset($config['captiveportal']['enable'])): ?>
-              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/status_captiveportal.php" class="navlnk">Captive portal</a><br>
-                         <?php endif; ?>
+          <td><span class="navlnk"><font color="#FFFFFF"> 
+            <?php 
+                   
+dynamic_menu($menu['System'], 'System');
+            
+// The Interfaces menu is different than the rest because of the Assign link and
+// The dynamic nature of the optional interfaces.
+$if_menu = array('(assign)' => 'interfaces_assign.php',
+                        'LAN' => 'interfaces_lan.php',
+                                'WAN' => 'interfaces_wan.php',
+                            'OPTx' => 'interfaces_opt.php');
+if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {
+       $allowed = $if_menu;
+}
+if (array_intersect($if_menu,$allowed)) {
+       echo '<strong>Interfaces</strong>';
+       if ((!isset($config['system']['webgui']['noassigninterfaces'])) && 
+           (in_array('interfaces_assign.php',$allowed))) {
+               echo '<a href="/interfaces_assign.php" class="navlnks"> (assign)</a>';
+       }
+    echo '<br>';
+    if (in_array('interfaces_lan.php',$allowed)) {
+       echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/interfaces_lan.php" class="navlnk">LAN</a><br>';
+    }
+    if (in_array('interfaces_wan.php',$allowed)) {
+       echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/interfaces_wan.php" class="navlnk">WAN</a><br>';
+    }
+    if (in_array('interfaces_opt.php',$allowed)) {
+       for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
+                       echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/interfaces_opt.php?index=' .$i.
+                            '" class="navlnk">'.htmlspecialchars($config['interfaces']['opt' . $i]['descr']).'</a><br>';
+       }
+    }
+}             
+
+dynamic_menu($menu['Firewall'], 'Firewall');
+dynamic_menu($menu['Services'], 'Services');
+dynamic_menu($menu['VPN'], 'VPN');
+dynamic_menu($menu['Status'], 'Status');
+?>
+                         
 <?php
 /* extensions section */
 if (is_dir("{$g['www_path']}/ext")):
@@ -158,25 +282,10 @@ if ($dh) {
 }
 endif;
 ?>
-                         <?php if (isset($config['system']['webgui']['expanddiags']) || strstr($_SERVER['SCRIPT_FILENAME'], "diag_") || strstr($_SERVER['SCRIPT_FILENAME'], "reboot")): ?>
-                         <a href="javascript:showhide('diag','tri_diag')"><img src="/tri_o.gif" id="tri_diag" width="14" height="10" border="0"></a><strong><a href="javascript:showhide('diag','tri_diag')" class="navlnk">Diagnostics</a></strong><br>
-                         <span id="diag">
-                         <?php else: ?>
-                         <a href="javascript:showhide('diag','tri_diag')"><img src="/tri_c.gif" id="tri_diag" width="14" height="10" border="0"></a><strong><a href="javascript:showhide('diag','tri_diag')" class="navlnk">Diagnostics</a></strong><br>
-                         <span id="diag" style="display: none">
-                         <?php endif; ?>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_logs.php" class="navlnk">Logs</a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_dhcp_leases.php" class="navlnk">DHCP leases</a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_ipsec_sad.php" class="navlnk">IPsec</a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_ping.php" class="navlnk">Ping/Traceroute</a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_arp.php" class="navlnk">ARP table</a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_ipfstat.php" class="navlnk">Firewall states</a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_resetstate.php" class="navlnk">Reset state</a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_backup.php" class="navlnk">Backup/Restore</a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/diag_defaults.php" class="navlnk">Factory 
-                                 defaults </a><br>
-                                 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="/reboot.php" class="navlnk">Reboot 
-                                 system</a>
+
+<?php 
+dynamic_menu($menu['Diagnostics'], 'Diagnostics');
+?>
                          </span>
                          </font></span>
             </td>
index 0518810813e79aad1b497feb1da78941919061bc..2dd94e9d4096c8902da98bca0d44064a031e9810 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Firewall", "NAT");
-require("guiconfig.inc");
-
-if (!is_array($config['nat']['rule'])) {
-       $config['nat']['rule'] = array();
-}
-nat_rules_sort();
-$a_nat = &$config['nat']['rule'];
-
-if ($_POST) {
-
-       $pconfig = $_POST;
-
-       if ($_POST['apply']) {
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval |= filter_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);
-               
-               if ($retval == 0) {
-                       if (file_exists($d_natconfdirty_path))
-                               unlink($d_natconfdirty_path);
-                       if (file_exists($d_filterconfdirty_path))
-                               unlink($d_filterconfdirty_path);
-               }
-       }
-}
-
-if ($_GET['act'] == "del") {
-       if ($a_nat[$_GET['id']]) {
-               unset($a_nat[$_GET['id']]);
-               write_config();
-               touch($d_natconfdirty_path);
-               header("Location: firewall_nat.php");
-               exit;
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="firewall_nat.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_natconfdirty_path)): ?><p>
-<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabact">Inbound</li>
-    <li class="tabinact"><a href="firewall_nat_server.php">Server NAT</a></li>
-    <li class="tabinact"><a href="firewall_nat_1to1.php">1:1</a></li>
-    <li class="tabinact"><a href="firewall_nat_out.php">Outbound</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="100%" border="0" cellpadding="0" cellspacing="0">
-                <tr> 
-                  <td width="5%" class="listhdrr">If</td>
-                  <td width="5%" class="listhdrr">Proto</td>
-                  <td width="20%" class="listhdrr">Ext. port range</td>
-                  <td width="20%" class="listhdrr">NAT IP</td>
-                  <td width="20%" class="listhdrr">Int. port range</td>
-                  <td width="20%" class="listhdr">Description</td>
-                  <td width="5%" class="list"></td>
-                               </tr>
-                         <?php $i = 0; foreach ($a_nat as $natent): ?>
-                <tr valign="top"> 
-                                 <td class="listlr">
-                  <?php
-                                               if (!$natent['interface'] || ($natent['interface'] == "wan"))
-                                                       echo "WAN";
-                                               else
-                                                       echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
-                                 ?>
-                  </td>
-                  <td class="listr"> 
-                    <?=strtoupper($natent['protocol']);?>
-                  </td>
-                  <td class="listr">
-                    <?php 
-                                               list($beginport, $endport) = split("-", $natent['external-port']);
-                                               if ((!$endport) || ($beginport == $endport)) {
-                                                       echo $beginport;
-                                                       if ($wkports[$beginport])
-                                                               echo " (" . $wkports[$beginport] . ")";
-                                               } else
-                                                       echo $beginport . " - " . $endport;
-                                 ?>
-                  </td>
-                  <td class="listr"> 
-                    <?=$natent['target'];?>
-                                       <?php if ($natent['external-address'])
-                                               echo "<br>(ext.: " . $natent['external-address'] . ")";
-                                       ?>
-                  </td>
-                  <td class="listr"> 
-                    <?php if ((!$endport) || ($beginport == $endport)) {
-                                                       echo $natent['local-port'];
-                                                       if ($wkports[$natent['local-port']])
-                                                               echo " (" . $wkports[$natent['local-port']] . ")";
-                                               } else
-                                                       echo $natent['local-port'] . " - " . 
-                                                               ($natent['local-port']+$endport-$beginport);
-                                 ?>
-                  </td>
-                  <td class="listbg"> 
-                    <?=htmlspecialchars($natent['descr']);?>&nbsp;
-                  </td>
-                  <td valign="middle" class="list" nowrap> <a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a>
-                     &nbsp;<a href="firewall_nat.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a></td>
-                               </tr>
-                         <?php $i++; endforeach; ?>
-                <tr> 
-                  <td class="list" colspan="6"></td>
-                  <td class="list"> <a href="firewall_nat_edit.php"><img src="plus.gif" title="add rule" width="17" height="17" border="0"></a></td>
-                               </tr>
-              </table><br>
-                    <span class="vexpl"><span class="red"><strong>Note:<br>
-                      </strong></span>It is not possible to access NATed services 
-                      using the WAN IP address from within LAN (or an optional 
-                      network).</span></td>
-  </tr>
-</table>
-            </form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Firewall", "NAT", "Inbound");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['nat']['rule'])) {\r
+       $config['nat']['rule'] = array();\r
+}\r
+nat_rules_sort();\r
+$a_nat = &$config['nat']['rule'];\r
+\r
+if ($_POST) {\r
+\r
+       $pconfig = $_POST;\r
+\r
+       if ($_POST['apply']) {\r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval |= filter_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+               \r
+               if ($retval == 0) {\r
+                       if (file_exists($d_natconfdirty_path))\r
+                               unlink($d_natconfdirty_path);\r
+                       if (file_exists($d_filterconfdirty_path))\r
+                               unlink($d_filterconfdirty_path);\r
+               }\r
+       }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_nat[$_GET['id']]) {\r
+               unset($a_nat[$_GET['id']]);\r
+               write_config();\r
+               touch($d_natconfdirty_path);\r
+               header("Location: firewall_nat.php");\r
+               exit;\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="firewall_nat.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_natconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php\r
+       $tabs = array('Inbound' => 'firewall_nat.php',\r
+                         'Server NAT' => 'firewall_nat_server.php',\r
+                         '1:1' => 'firewall_nat_1to1.php',\r
+                         'Outbound' => 'firewall_nat_out.php');\r
+       dynamic_tab_menu($tabs);\r
+?>         \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr> \r
+                  <td width="5%" class="listhdrr">If</td>\r
+                  <td width="5%" class="listhdrr">Proto</td>\r
+                  <td width="20%" class="listhdrr">Ext. port range</td>\r
+                  <td width="20%" class="listhdrr">NAT IP</td>\r
+                  <td width="20%" class="listhdrr">Int. port range</td>\r
+                  <td width="20%" class="listhdr">Description</td>\r
+                  <td width="5%" class="list"></td>\r
+                               </tr>\r
+                         <?php $i = 0; foreach ($a_nat as $natent): ?>\r
+                <tr valign="top"> \r
+                                 <td class="listlr">\r
+                  <?php\r
+                                               if (!$natent['interface'] || ($natent['interface'] == "wan"))\r
+                                                       echo "WAN";\r
+                                               else\r
+                                                       echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);\r
+                                 ?>\r
+                  </td>\r
+                  <td class="listr"> \r
+                    <?=strtoupper($natent['protocol']);?>\r
+                  </td>\r
+                  <td class="listr">\r
+                    <?php \r
+                                               list($beginport, $endport) = split("-", $natent['external-port']);\r
+                                               if ((!$endport) || ($beginport == $endport)) {\r
+                                                       echo $beginport;\r
+                                                       if ($wkports[$beginport])\r
+                                                               echo " (" . $wkports[$beginport] . ")";\r
+                                               } else\r
+                                                       echo $beginport . " - " . $endport;\r
+                                 ?>\r
+                  </td>\r
+                  <td class="listr"> \r
+                    <?=$natent['target'];?>\r
+                                       <?php if ($natent['external-address'])\r
+                                               echo "<br>(ext.: " . $natent['external-address'] . ")";\r
+                                       ?>\r
+                  </td>\r
+                  <td class="listr"> \r
+                    <?php if ((!$endport) || ($beginport == $endport)) {\r
+                                                       echo $natent['local-port'];\r
+                                                       if ($wkports[$natent['local-port']])\r
+                                                               echo " (" . $wkports[$natent['local-port']] . ")";\r
+                                               } else\r
+                                                       echo $natent['local-port'] . " - " . \r
+                                                               ($natent['local-port']+$endport-$beginport);\r
+                                 ?>\r
+                  </td>\r
+                  <td class="listbg"> \r
+                    <?=htmlspecialchars($natent['descr']);?>&nbsp;\r
+                  </td>\r
+                  <td valign="middle" class="list" nowrap> <a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a>\r
+                     &nbsp;<a href="firewall_nat.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+                         <?php $i++; endforeach; ?>\r
+                <tr> \r
+                  <td class="list" colspan="6"></td>\r
+                  <td class="list"> <a href="firewall_nat_edit.php"><img src="plus.gif" title="add rule" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+              </table><br>\r
+                    <span class="vexpl"><span class="red"><strong>Note:<br>\r
+                      </strong></span>It is not possible to access NATed services \r
+                      using the WAN IP address from within LAN (or an optional \r
+                      network).</span></td>\r
+  </tr>\r
+</table>\r
+            </form>\r
+<?php include("fend.inc"); ?>\r
index 41f3594559443f1e5f93680b6ce9bdeef850280b..b148684cde426f3c77b4a1c741b06cc1c88d9410 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Firewall", "NAT");
-require("guiconfig.inc");
-
-if (!is_array($config['nat']['onetoone'])) {
-       $config['nat']['onetoone'] = array();
-}
-$a_1to1 = &$config['nat']['onetoone'];
-nat_1to1_rules_sort();
-
-if ($_POST) {
-
-       $pconfig = $_POST;
-
-       if ($_POST['apply']) {
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval |= filter_configure();
-                       $retval |= services_proxyarp_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);
-               
-               if ($retval == 0) {
-                       if (file_exists($d_natconfdirty_path))
-                               unlink($d_natconfdirty_path);
-                       if (file_exists($d_filterconfdirty_path))
-                               unlink($d_filterconfdirty_path);
-                       if (file_exists($d_proxyarpdirty_path))
-                               unlink($d_proxyarpdirty_path);
-               }
-       }
-}
-
-if ($_GET['act'] == "del") {
-       if ($a_1to1[$_GET['id']]) {
-               unset($a_1to1[$_GET['id']]);
-               write_config();
-               touch($d_natconfdirty_path);
-               header("Location: firewall_nat_1to1.php");
-               exit;
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="firewall_nat_1to1.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_natconfdirty_path)): ?><p>
-<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-<tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="firewall_nat.php">Inbound</a></li>
-    <li class="tabinact"><a href="firewall_nat_server.php">Server NAT</a></li>
-    <li class="tabact">1:1</li>
-    <li class="tabinact"><a href="firewall_nat_out.php">Outbound</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="100%" border="0" cellpadding="0" cellspacing="0">
-                <tr> 
-                                 <td width="10%" class="listhdrr">Interface</td>
-                  <td width="20%" class="listhdrr">External IP</td>
-                  <td width="20%" class="listhdrr">Internal IP</td>
-                  <td width="40%" class="listhdr">Description</td>
-                  <td width="10%" class="list"></td>
-                               </tr>
-                         <?php $i = 0; foreach ($a_1to1 as $natent): ?>
-                <tr> 
-                                 <td class="listlr">
-                  <?php
-                                       if (!$natent['interface'] || ($natent['interface'] == "wan"))
-                                               echo "WAN";
-                                       else
-                                               echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
-                                 ?>
-                  </td>
-                  <td class="listr"> 
-                    <?php echo $natent['external'];
-                                       if ($natent['subnet']) echo "/" . $natent['subnet']; ?>
-                  </td>
-                  <td class="listr"> 
-                    <?php echo $natent['internal'];
-                                       if ($natent['subnet']) echo "/" . $natent['subnet']; ?>
-                  </td>
-                  <td class="listbg"> 
-                    <?=htmlspecialchars($natent['descr']);?>&nbsp;
-                  </td>
-                  <td class="list" nowrap> <a href="firewall_nat_1to1_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit mapping" width="17" height="17" border="0"></a>
-                     &nbsp;<a href="firewall_nat_1to1.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this mapping?')"><img src="x.gif" title="delete mapping" width="17" height="17" border="0"></a></td>
-                               </tr>
-                         <?php $i++; endforeach; ?>
-                <tr> 
-                  <td class="list" colspan="4"></td>
-                  <td class="list"> <a href="firewall_nat_1to1_edit.php"><img src="plus.gif" title="add mapping" width="17" height="17" border="0"></a></td>
-                               </tr>
-              </table><br>
-                               <span class="vexpl"><span class="red"><strong>Note:<br>
-                </strong></span>Depending on the way your WAN connection is setup, you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span>
-</td>
-</tr>
-</table>
-</form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Firewall", "NAT", "1:1");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['nat']['onetoone'])) {\r
+       $config['nat']['onetoone'] = array();\r
+}\r
+$a_1to1 = &$config['nat']['onetoone'];\r
+nat_1to1_rules_sort();\r
+\r
+if ($_POST) {\r
+\r
+       $pconfig = $_POST;\r
+\r
+       if ($_POST['apply']) {\r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval |= filter_configure();\r
+                       $retval |= services_proxyarp_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+               \r
+               if ($retval == 0) {\r
+                       if (file_exists($d_natconfdirty_path))\r
+                               unlink($d_natconfdirty_path);\r
+                       if (file_exists($d_filterconfdirty_path))\r
+                               unlink($d_filterconfdirty_path);\r
+                       if (file_exists($d_proxyarpdirty_path))\r
+                               unlink($d_proxyarpdirty_path);\r
+               }\r
+       }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_1to1[$_GET['id']]) {\r
+               unset($a_1to1[$_GET['id']]);\r
+               write_config();\r
+               touch($d_natconfdirty_path);\r
+               header("Location: firewall_nat_1to1.php");\r
+               exit;\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="firewall_nat_1to1.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_natconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+<tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php\r
+       $tabs = array('Inbound' => 'firewall_nat.php',\r
+                         'Server NAT' => 'firewall_nat_server.php',\r
+                         '1:1' => 'firewall_nat_1to1.php',\r
+                         'Outbound' => 'firewall_nat_out.php');\r
+       dynamic_tab_menu($tabs);\r
+?>    \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr> \r
+                                 <td width="10%" class="listhdrr">Interface</td>\r
+                  <td width="20%" class="listhdrr">External IP</td>\r
+                  <td width="20%" class="listhdrr">Internal IP</td>\r
+                  <td width="40%" class="listhdr">Description</td>\r
+                  <td width="10%" class="list"></td>\r
+                               </tr>\r
+                         <?php $i = 0; foreach ($a_1to1 as $natent): ?>\r
+                <tr> \r
+                                 <td class="listlr">\r
+                  <?php\r
+                                       if (!$natent['interface'] || ($natent['interface'] == "wan"))\r
+                                               echo "WAN";\r
+                                       else\r
+                                               echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);\r
+                                 ?>\r
+                  </td>\r
+                  <td class="listr"> \r
+                    <?php echo $natent['external'];\r
+                                       if ($natent['subnet']) echo "/" . $natent['subnet']; ?>\r
+                  </td>\r
+                  <td class="listr"> \r
+                    <?php echo $natent['internal'];\r
+                                       if ($natent['subnet']) echo "/" . $natent['subnet']; ?>\r
+                  </td>\r
+                  <td class="listbg"> \r
+                    <?=htmlspecialchars($natent['descr']);?>&nbsp;\r
+                  </td>\r
+                  <td class="list" nowrap> <a href="firewall_nat_1to1_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit mapping" width="17" height="17" border="0"></a>\r
+                     &nbsp;<a href="firewall_nat_1to1.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this mapping?')"><img src="x.gif" title="delete mapping" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+                         <?php $i++; endforeach; ?>\r
+                <tr> \r
+                  <td class="list" colspan="4"></td>\r
+                  <td class="list"> <a href="firewall_nat_1to1_edit.php"><img src="plus.gif" title="add mapping" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+              </table><br>\r
+                               <span class="vexpl"><span class="red"><strong>Note:<br>\r
+                </strong></span>Depending on the way your WAN connection is setup, you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span>\r
+</td>\r
+</tr>\r
+</table>\r
+</form>\r
+<?php include("fend.inc"); ?>\r
index c0a79c4bfad69e2e9e882b735f5cde4301708bf4..4b2610c2595201681465828f9faddd47cf99a9f8 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-    part of m0n0wall (http://m0n0.ch/wall)
-    
-    Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-    All rights reserved.
-    
-    Redistribution and use in source and binary forms, with or without
-    modification, are permitted provided that the following conditions are met:
-    
-    1. Redistributions of source code must retain the above copyright notice,
-       this list of conditions and the following disclaimer.
-    
-    2. Redistributions in binary form must reproduce the above copyright
-       notice, this list of conditions and the following disclaimer in the
-       documentation and/or other materials provided with the distribution.
-    
-    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-    POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Firewall", "NAT");
-require("guiconfig.inc");
-
-if (!is_array($config['nat']['advancedoutbound']['rule']))
-    $config['nat']['advancedoutbound']['rule'] = array();
-    
-$a_out = &$config['nat']['advancedoutbound']['rule'];
-nat_out_rules_sort();
-
-if ($_POST) {
-
-    $pconfig = $_POST;
-
-    $config['nat']['advancedoutbound']['enable'] = ($_POST['enable']) ? true : false;
-    write_config();
-    
-    $retval = 0;
-    
-    if (!file_exists($d_sysrebootreqd_path)) {
-               config_lock();
-        $retval |= filter_configure();
-               config_unlock();
-    }
-    $savemsg = get_std_save_message($retval);
-    
-    if ($retval == 0) {
-        if (file_exists($d_natconfdirty_path))
-            unlink($d_natconfdirty_path);
-        if (file_exists($d_filterconfdirty_path))
-            unlink($d_filterconfdirty_path);
-    }
-}
-
-if ($_GET['act'] == "del") {
-    if ($a_out[$_GET['id']]) {
-        unset($a_out[$_GET['id']]);
-        write_config();
-        touch($d_natconfdirty_path);
-        header("Location: firewall_nat_out.php");
-        exit;
-    }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="firewall_nat_out.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_natconfdirty_path)): ?><p>
-<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-<tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="firewall_nat.php">Inbound</a></li>
-    <li class="tabinact"><a href="firewall_nat_server.php">Server NAT</a></li>
-    <li class="tabinact"><a href="firewall_nat_1to1.php">1:1</a></li>
-    <li class="tabact">Outbound</li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="100%" border="0" cellpadding="6" cellspacing="0">
-                <tr> 
-                  <td class="vtable">
-                      <input name="enable" type="checkbox" id="enable" value="yes" <?php if (isset($config['nat']['advancedoutbound']['enable'])) echo "checked";?>>
-                      <strong>Enable advanced outbound NAT</strong></td>
-                </tr>
-                <tr> 
-                  <td> <input name="submit" type="submit" class="formbtn" value="Save"> 
-                  </td>
-                </tr>
-                <tr>
-                  <td><p><span class="vexpl"><span class="red"><strong>Note:<br>
-                      </strong></span>If advanced outbound NAT is enabled, no outbound NAT
-                      rules will be automatically generated anymore. Instead, only the mappings
-                      you specify below will be used. With advanced outbound NAT disabled,
-                      a mapping is automatically created for each interface's subnet
-                      (except WAN) and any mappings specified below will be ignored.</span>
-                      If you use target addresses other than the WAN interface's IP address,
-                      then depending on<span class="vexpl"> the way your WAN connection is setup,
-                      you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span><br>
-                      <br>
-                      You may enter your own mappings below.</p>
-                    </td>
-                </tr>
-              </table>
-              <table width="100%" border="0" cellpadding="0" cellspacing="0">
-                <tr> 
-                  <td width="10%" class="listhdrr">Interface</td>
-                  <td width="20%" class="listhdrr">Source</td>
-                  <td width="20%" class="listhdrr">Destination</td>
-                  <td width="20%" class="listhdrr">Target</td>
-                  <td width="25%" class="listhdr">Description</td>
-                  <td width="5%" class="list"></td>
-                </tr>
-              <?php $i = 0; foreach ($a_out as $natent): ?>
-                <tr> 
-                  <td class="listlr">
-                    <?php
-                                       if (!$natent['interface'] || ($natent['interface'] == "wan"))
-                                               echo "WAN";
-                                       else
-                                               echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
-                                       ?>
-                  </td>
-                  <td class="listr"> 
-                    <?=$natent['source']['network'];?>
-                  </td>
-                  <td class="listr"> 
-                    <?php
-                      if (isset($natent['destination']['any']))
-                          echo "*";
-                      else {
-                          if (isset($natent['destination']['not']))
-                              echo "!&nbsp;";
-                          echo $natent['destination']['network'];
-                      }
-                    ?>
-                  </td>
-                  <td class="listr"> 
-                    <?php
-                      if (!$natent['target'])
-                          echo "*";
-                      else
-                          echo $natent['target'];
-                    ?>
-                  </td>
-                  <td class="listbg"> 
-                    <?=htmlspecialchars($natent['descr']);?>&nbsp;
-                  </td>
-                  <td class="list" nowrap> <a href="firewall_nat_out_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit mapping" width="17" height="17" border="0"></a>
-                     &nbsp;<a href="firewall_nat_out.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this mapping?')"><img src="x.gif" title="delete mapping" width="17" height="17" border="0"></a></td>
-                </tr>
-              <?php $i++; endforeach; ?>
-                <tr> 
-                  <td class="list" colspan="5"></td>
-                  <td class="list"> <a href="firewall_nat_out_edit.php"><img src="plus.gif" title="add mapping" width="17" height="17" border="0"></a></td>
-                </tr>
-              </table>
-</td>
-  </tr>
-</table>
-            </form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+    part of m0n0wall (http://m0n0.ch/wall)\r
+    \r
+    Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+    All rights reserved.\r
+    \r
+    Redistribution and use in source and binary forms, with or without\r
+    modification, are permitted provided that the following conditions are met:\r
+    \r
+    1. Redistributions of source code must retain the above copyright notice,\r
+       this list of conditions and the following disclaimer.\r
+    \r
+    2. Redistributions in binary form must reproduce the above copyright\r
+       notice, this list of conditions and the following disclaimer in the\r
+       documentation and/or other materials provided with the distribution.\r
+    \r
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+    POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Firewall", "NAT", "Outbound");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['nat']['advancedoutbound']['rule']))\r
+    $config['nat']['advancedoutbound']['rule'] = array();\r
+    \r
+$a_out = &$config['nat']['advancedoutbound']['rule'];\r
+nat_out_rules_sort();\r
+\r
+if ($_POST) {\r
+\r
+    $pconfig = $_POST;\r
+\r
+    $config['nat']['advancedoutbound']['enable'] = ($_POST['enable']) ? true : false;\r
+    write_config();\r
+    \r
+    $retval = 0;\r
+    \r
+    if (!file_exists($d_sysrebootreqd_path)) {\r
+               config_lock();\r
+        $retval |= filter_configure();\r
+               config_unlock();\r
+    }\r
+    $savemsg = get_std_save_message($retval);\r
+    \r
+    if ($retval == 0) {\r
+        if (file_exists($d_natconfdirty_path))\r
+            unlink($d_natconfdirty_path);\r
+        if (file_exists($d_filterconfdirty_path))\r
+            unlink($d_filterconfdirty_path);\r
+    }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+    if ($a_out[$_GET['id']]) {\r
+        unset($a_out[$_GET['id']]);\r
+        write_config();\r
+        touch($d_natconfdirty_path);\r
+        header("Location: firewall_nat_out.php");\r
+        exit;\r
+    }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="firewall_nat_out.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_natconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+<tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php\r
+       $tabs = array('Inbound' => 'firewall_nat.php',\r
+                         'Server NAT' => 'firewall_nat_server.php',\r
+                         '1:1' => 'firewall_nat_1to1.php',\r
+                         'Outbound' => 'firewall_nat_out.php');\r
+       dynamic_tab_menu($tabs);\r
+?>    \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                <tr> \r
+                  <td class="vtable">\r
+                      <input name="enable" type="checkbox" id="enable" value="yes" <?php if (isset($config['nat']['advancedoutbound']['enable'])) echo "checked";?>>\r
+                      <strong>Enable advanced outbound NAT</strong></td>\r
+                </tr>\r
+                <tr> \r
+                  <td> <input name="submit" type="submit" class="formbtn" value="Save"> \r
+                  </td>\r
+                </tr>\r
+                <tr>\r
+                  <td><p><span class="vexpl"><span class="red"><strong>Note:<br>\r
+                      </strong></span>If advanced outbound NAT is enabled, no outbound NAT\r
+                      rules will be automatically generated anymore. Instead, only the mappings\r
+                      you specify below will be used. With advanced outbound NAT disabled,\r
+                      a mapping is automatically created for each interface's subnet\r
+                      (except WAN) and any mappings specified below will be ignored.</span>\r
+                      If you use target addresses other than the WAN interface's IP address,\r
+                      then depending on<span class="vexpl"> the way your WAN connection is setup,\r
+                      you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span><br>\r
+                      <br>\r
+                      You may enter your own mappings below.</p>\r
+                    </td>\r
+                </tr>\r
+              </table>\r
+              <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr> \r
+                  <td width="10%" class="listhdrr">Interface</td>\r
+                  <td width="20%" class="listhdrr">Source</td>\r
+                  <td width="20%" class="listhdrr">Destination</td>\r
+                  <td width="20%" class="listhdrr">Target</td>\r
+                  <td width="25%" class="listhdr">Description</td>\r
+                  <td width="5%" class="list"></td>\r
+                </tr>\r
+              <?php $i = 0; foreach ($a_out as $natent): ?>\r
+                <tr> \r
+                  <td class="listlr">\r
+                    <?php\r
+                                       if (!$natent['interface'] || ($natent['interface'] == "wan"))\r
+                                               echo "WAN";\r
+                                       else\r
+                                               echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);\r
+                                       ?>\r
+                  </td>\r
+                  <td class="listr"> \r
+                    <?=$natent['source']['network'];?>\r
+                  </td>\r
+                  <td class="listr"> \r
+                    <?php\r
+                      if (isset($natent['destination']['any']))\r
+                          echo "*";\r
+                      else {\r
+                          if (isset($natent['destination']['not']))\r
+                              echo "!&nbsp;";\r
+                          echo $natent['destination']['network'];\r
+                      }\r
+                    ?>\r
+                  </td>\r
+                  <td class="listr"> \r
+                    <?php\r
+                      if (!$natent['target'])\r
+                          echo "*";\r
+                      else\r
+                          echo $natent['target'];\r
+                    ?>\r
+                  </td>\r
+                  <td class="listbg"> \r
+                    <?=htmlspecialchars($natent['descr']);?>&nbsp;\r
+                  </td>\r
+                  <td class="list" nowrap> <a href="firewall_nat_out_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit mapping" width="17" height="17" border="0"></a>\r
+                     &nbsp;<a href="firewall_nat_out.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this mapping?')"><img src="x.gif" title="delete mapping" width="17" height="17" border="0"></a></td>\r
+                </tr>\r
+              <?php $i++; endforeach; ?>\r
+                <tr> \r
+                  <td class="list" colspan="5"></td>\r
+                  <td class="list"> <a href="firewall_nat_out_edit.php"><img src="plus.gif" title="add mapping" width="17" height="17" border="0"></a></td>\r
+                </tr>\r
+              </table>\r
+</td>\r
+  </tr>\r
+</table>\r
+            </form>\r
+<?php include("fend.inc"); ?>\r
index 0740ed14b6b542cf61534b2c1abec74ff6b603de..da3dbfd6c3d6e610e021dfb8464c08a571fea359 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Firewall", "NAT");
-require("guiconfig.inc");
-
-if (!is_array($config['nat']['servernat'])) {
-       $config['nat']['servernat'] = array();
-}
-$a_snat = &$config['nat']['servernat'];
-nat_server_rules_sort();
-
-if ($_POST) {
-
-       $pconfig = $_POST;
-
-       if ($_POST['apply']) {
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval |= filter_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);
-               
-               if ($retval == 0) {
-                       if (file_exists($d_natconfdirty_path))
-                               unlink($d_natconfdirty_path);
-                       if (file_exists($d_filterconfdirty_path))
-                               unlink($d_filterconfdirty_path);
-               }
-       }
-}
-
-if ($_GET['act'] == "del") {
-       if ($a_snat[$_GET['id']]) {
-               /* make sure no inbound NAT mappings reference this entry */
-               if (is_array($config['nat']['rule'])) {
-                       foreach ($config['nat']['rule'] as $rule) {
-                               if ($rule['external-address'] == $a_snat[$_GET['id']]['ipaddr']) {
-                                       $input_errors[] = "This entry cannot be deleted because it is still referenced by at least one inbound NAT mapping.";
-                                       break;
-                               }
-                       }
-               }
-               
-               if (!$input_errors) {
-                       unset($a_snat[$_GET['id']]);
-                       write_config();
-                       touch($d_natconfdirty_path);
-                       header("Location: firewall_nat_server.php");
-                       exit;
-               }
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="firewall_nat_server.php" method="post">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_natconfdirty_path)): ?><p>
-<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-<tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="firewall_nat.php">Inbound</a></li>
-    <li class="tabact">Server NAT</li>
-    <li class="tabinact"><a href="firewall_nat_1to1.php">1:1</a></li>
-    <li class="tabinact"><a href="firewall_nat_out.php">Outbound</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="80%" border="0" cellpadding="0" cellspacing="0">
-                <tr> 
-                  <td width="40%" class="listhdrr">External IP address</td>
-                  <td width="50%" class="listhdr">Description</td>
-                  <td width="10%" class="list"></td>
-                               </tr>
-                         <?php $i = 0; foreach ($a_snat as $natent): ?>
-                <tr> 
-                  <td class="listlr"> 
-                    <?=$natent['ipaddr'];?>
-                  </td>
-                  <td class="listbg"> 
-                    <?=htmlspecialchars($natent['descr']);?>&nbsp;
-                  </td>
-                  <td class="list" nowrap> <a href="firewall_nat_server_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit entry" width="17" height="17" border="0"></a>
-                     &nbsp;<a href="firewall_nat_server.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="x.gif" title="delete entry" width="17" height="17" border="0"></a></td>
-                               </tr>
-                         <?php $i++; endforeach; ?>
-                <tr> 
-                  <td class="list" colspan="2"></td>
-                  <td class="list"> <a href="firewall_nat_server_edit.php"><img src="plus.gif" title="add entry" width="17" height="17" border="0"></a></td>
-                               </tr>
-              </table><br>
-                               <span class="vexpl"><span class="red"><strong>Note:<br>
-                      </strong></span>The external IP addresses defined on this page may be used in <a href="firewall_nat.php">inbound NAT</a> mappings. Depending on the way your WAN connection is setup, you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span>
-</td>
-  </tr>
-</table>
-            </form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Firewall", "NAT", "Server NAT");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['nat']['servernat'])) {\r
+       $config['nat']['servernat'] = array();\r
+}\r
+$a_snat = &$config['nat']['servernat'];\r
+nat_server_rules_sort();\r
+\r
+if ($_POST) {\r
+\r
+       $pconfig = $_POST;\r
+\r
+       if ($_POST['apply']) {\r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval |= filter_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+               \r
+               if ($retval == 0) {\r
+                       if (file_exists($d_natconfdirty_path))\r
+                               unlink($d_natconfdirty_path);\r
+                       if (file_exists($d_filterconfdirty_path))\r
+                               unlink($d_filterconfdirty_path);\r
+               }\r
+       }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_snat[$_GET['id']]) {\r
+               /* make sure no inbound NAT mappings reference this entry */\r
+               if (is_array($config['nat']['rule'])) {\r
+                       foreach ($config['nat']['rule'] as $rule) {\r
+                               if ($rule['external-address'] == $a_snat[$_GET['id']]['ipaddr']) {\r
+                                       $input_errors[] = "This entry cannot be deleted because it is still referenced by at least one inbound NAT mapping.";\r
+                                       break;\r
+                               }\r
+                       }\r
+               }\r
+               \r
+               if (!$input_errors) {\r
+                       unset($a_snat[$_GET['id']]);\r
+                       write_config();\r
+                       touch($d_natconfdirty_path);\r
+                       header("Location: firewall_nat_server.php");\r
+                       exit;\r
+               }\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="firewall_nat_server.php" method="post">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_natconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+<tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php\r
+       $tabs = array('Inbound' => 'firewall_nat.php',\r
+                         'Server NAT' => 'firewall_nat_server.php',\r
+                         '1:1' => 'firewall_nat_1to1.php',\r
+                         'Outbound' => 'firewall_nat_out.php');\r
+       dynamic_tab_menu($tabs);\r
+?>    \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr> \r
+                  <td width="40%" class="listhdrr">External IP address</td>\r
+                  <td width="50%" class="listhdr">Description</td>\r
+                  <td width="10%" class="list"></td>\r
+                               </tr>\r
+                         <?php $i = 0; foreach ($a_snat as $natent): ?>\r
+                <tr> \r
+                  <td class="listlr"> \r
+                    <?=$natent['ipaddr'];?>\r
+                  </td>\r
+                  <td class="listbg"> \r
+                    <?=htmlspecialchars($natent['descr']);?>&nbsp;\r
+                  </td>\r
+                  <td class="list" nowrap> <a href="firewall_nat_server_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit entry" width="17" height="17" border="0"></a>\r
+                     &nbsp;<a href="firewall_nat_server.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="x.gif" title="delete entry" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+                         <?php $i++; endforeach; ?>\r
+                <tr> \r
+                  <td class="list" colspan="2"></td>\r
+                  <td class="list"> <a href="firewall_nat_server_edit.php"><img src="plus.gif" title="add entry" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+              </table><br>\r
+                               <span class="vexpl"><span class="red"><strong>Note:<br>\r
+                      </strong></span>The external IP addresses defined on this page may be used in <a href="firewall_nat.php">inbound NAT</a> mappings. Depending on the way your WAN connection is setup, you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span>\r
+</td>\r
+  </tr>\r
+</table>\r
+            </form>\r
+<?php include("fend.inc"); ?>\r
index bddfadc32749af281c96debcd9adc58d5cca7d99..459b57657317bbf01b835df53079688cf46db69b 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Firewall", "Traffic shaper");
-require("guiconfig.inc");
-
-if (!is_array($config['shaper']['rule'])) {
-       $config['shaper']['rule'] = array();
-}
-if (!is_array($config['shaper']['pipe'])) {
-       $config['shaper']['pipe'] = array();
-}
-if (!is_array($config['shaper']['queue'])) {
-       $config['shaper']['queue'] = array();
-}
-$a_shaper = &$config['shaper']['rule'];
-$a_pipe = &$config['shaper']['pipe'];
-$a_queue = &$config['shaper']['queue'];
-
-$pconfig['enable'] = isset($config['shaper']['enable']);
-
-if ($_POST) {
-
-       if ($_POST['submit']) {
-               $pconfig = $_POST;
-               $config['shaper']['enable'] = $_POST['enable'] ? true : false;
-               write_config();
-       }
-       
-       if ($_POST['apply'] || $_POST['submit']) {
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval = shaper_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);
-               if ($retval == 0) {
-                       if (file_exists($d_shaperconfdirty_path))
-                               unlink($d_shaperconfdirty_path);
-               }
-       }
-}
-
-if ($_GET['act'] == "del") {
-       if ($a_shaper[$_GET['id']]) {
-               unset($a_shaper[$_GET['id']]);
-               write_config();
-               touch($d_shaperconfdirty_path);
-               header("Location: firewall_shaper.php");
-               exit;
-       }
-} else if ($_GET['act'] == "down") {
-       if ($a_shaper[$_GET['id']] && $a_shaper[$_GET['id']+1]) {
-               $tmp = $a_shaper[$_GET['id']+1];
-               $a_shaper[$_GET['id']+1] = $a_shaper[$_GET['id']];
-               $a_shaper[$_GET['id']] = $tmp;
-               write_config();
-               touch($d_shaperconfdirty_path);
-               header("Location: firewall_shaper.php");
-               exit;
-       }
-} else if ($_GET['act'] == "up") {
-       if (($_GET['id'] > 0) && $a_shaper[$_GET['id']]) {
-               $tmp = $a_shaper[$_GET['id']-1];
-               $a_shaper[$_GET['id']-1] = $a_shaper[$_GET['id']];
-               $a_shaper[$_GET['id']] = $tmp;
-               write_config();
-               touch($d_shaperconfdirty_path);
-               header("Location: firewall_shaper.php");
-               exit;
-       }
-} else if ($_GET['act'] == "toggle") {
-       if ($a_shaper[$_GET['id']]) {
-               $a_shaper[$_GET['id']]['disabled'] = !isset($a_shaper[$_GET['id']]['disabled']);
-               write_config();
-               touch($d_shaperconfdirty_path);
-               header("Location: firewall_shaper.php");
-               exit;
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="firewall_shaper.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_shaperconfdirty_path)): ?><p>
-<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabact">Rules</li>
-    <li class="tabinact"><a href="firewall_shaper_pipes.php">Pipes</a></li>
-    <li class="tabinact"><a href="firewall_shaper_queues.php">Queues</a></li>
-    <li class="tabinact"><a href="firewall_shaper_magic.php">Magic shaper wizard</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="100%" border="0" cellpadding="6" cellspacing="0">
-                <tr> 
-                  <td class="vtable">
-                      <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked";?>>
-                      <strong>Enable traffic shaper</strong></td>
-                </tr>
-                <tr> 
-                  <td> <input name="submit" type="submit" class="formbtn" value="Save"> 
-                  </td>
-                </tr>
-              </table>
-              &nbsp;<br>
-              <table width="100%" border="0" cellpadding="0" cellspacing="0">
-                      <tr> 
-                        <td width="5%" class="listhdrrns">If</td>
-                        <td width="5%" class="listhdrrns">Proto</td>
-                        <td width="20%" class="listhdrr">Source</td>
-                        <td width="20%" class="listhdrr">Destination</td>
-                        <td width="15%" class="listhdrrns">Target</td>
-                        <td width="25%" class="listhdr">Description</td>
-                        <td width="10%" class="list"></td>
-                      </tr>
-                      <?php $i = 0; foreach ($a_shaper as $shaperent): ?>
-                      <tr valign="top"> 
-                        <td class="listlr"> 
-                          <?php
-                                 $dis = "";
-                                 if (isset($shaperent['disabled'])) {
-                                       $dis = "_d";
-                                       $textss = "<span class=\"gray\">";
-                                       $textse = "</span>";
-                                 } else {
-                                       $textss = $textse = "";
-                                 }
-                                 $iflabels = array('lan' => 'LAN', 'wan' => 'WAN', 'pptp' => 'PPTP');
-                                 for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)
-                                       $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];
-                                 echo $textss . htmlspecialchars($iflabels[$shaperent['interface']]);
-                                 echo "<br>";
-                                 echo "<a href=\"?act=toggle&id={$i}\">";
-                                 if ($shaperent['direction'] != "in")
-                                       echo "<img src=\"out{$dis}.gif\" width=\"11\" height=\"11\" border=\"0\" style=\"margin-top: 5px\" title=\"click to toggle enabled/disabled status\">";
-                                 if ($shaperent['direction'] != "out")
-                                       echo "<img src=\"in{$dis}.gif\" width=\"11\" height=\"11\" border=\"0\" style=\"margin-top: 5px\" title=\"click to toggle enabled/disabled status\">";
-                                 echo "</a>" . $textse;;
-                                 ?>
-                        </td>
-                        <td class="listr"> 
-                          <?=$textss;?><?php if (isset($shaperent['protocol'])) echo strtoupper($shaperent['protocol']); else echo "*"; ?><?=$textse;?>
-                        </td>
-                        <td class="listr"><?=$textss;?><?php echo htmlspecialchars(pprint_address($shaperent['source'])); ?>
-                                               <?php if ($shaperent['source']['port']): ?><br>
-                                               Port: <?=htmlspecialchars(pprint_port($shaperent['source']['port'])); ?> 
-                                               <?php endif; ?><?=$textse;?>
-                        </td>
-                        <td class="listr"><?=$textss;?><?php echo htmlspecialchars(pprint_address($shaperent['destination'])); ?>
-                                               <?php if ($shaperent['destination']['port']): ?><br>
-                                               Port: <?=htmlspecialchars(pprint_port($shaperent['destination']['port'])); ?>
-                                               <?php endif; ?><?=$textse;?>
-                        </td>
-                        <td class="listr"><?=$textss;?>
-                          <?php 
-                                                       if (isset($shaperent['targetpipe'])) {
-                                                               if ($a_pipe[$shaperent['targetpipe']]['descr'])
-                                                                       $desc = htmlspecialchars($a_pipe[$shaperent['targetpipe']]['descr']);
-                                                               else 
-                                                                       $desc = "Pipe " . ($shaperent['targetpipe']+1);
-                                                               echo "<a href=\"firewall_shaper_pipes_edit.php?id={$shaperent['targetpipe']}\">{$desc}</a>";
-                                                       } else if (isset($shaperent['targetqueue'])) {
-                                                               if ($a_queue[$shaperent['targetqueue']]['descr'])
-                                                                       $desc = htmlspecialchars($a_queue[$shaperent['targetqueue']]['descr']);
-                                                               else 
-                                                                       $desc = "Queue " . ($shaperent['targetqueue']+1);
-                                                               echo "<a href=\"firewall_shaper_queues_edit.php?id={$shaperent['targetqueue']}\">{$desc}</a>";
-                                                       }
-                                                 ?><?=$textse;?>
-                        </td>
-                        <td class="listbg"> 
-                          <?=$textss;?><?=htmlspecialchars($shaperent['descr']);?><?=$textse;?>
-                          &nbsp; </td>
-                        <td valign="middle" nowrap class="list"> <a href="firewall_shaper_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a> 
-                          <?php if ($i > 0): ?>
-                          <a href="firewall_shaper.php?act=up&id=<?=$i;?>"><img src="up.gif" title="move up" width="17" height="17" border="0"></a> 
-                          <?php else: ?>
-                          <img src="up_d.gif" width="17" height="17" border="0"> 
-                          <?php endif; ?><br>
-                                                 <a href="firewall_shaper.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a> 
-                          <?php if (isset($a_shaper[$i+1])): ?>
-                          <a href="firewall_shaper.php?act=down&id=<?=$i;?>"><img src="down.gif" title="move down" width="17" height="17" border="0"></a> 
-                          <?php else: ?>
-                          <img src="down_d.gif" width="17" height="17" border="0"> 
-                          <?php endif; ?>
-                          <a href="firewall_shaper_edit.php?dup=<?=$i;?>"><img src="plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a> 
-                        </td>
-                      </tr>
-                      <?php $i++; endforeach; ?>
-                      <tr> 
-                        <td class="list" colspan="6"></td>
-                        <td class="list"> <a href="firewall_shaper_edit.php"><img src="plus.gif" title="add rule" width="17" height="17" border="0"></a></td>
-                      </tr>
-                    </table>
-                                         
-                    <table border="0" cellspacing="0" cellpadding="0">
-                      <tr> 
-                        <td width="16"><img src="in.gif" width="11" height="11"></td>
-                        <td>incoming (as seen by firewall)</td>
-                        <td width="14"></td>
-                        <td width="16"><img src="out.gif" width="11" height="11"></td>
-                        <td>outgoing (as seen by firewall)</td>
-                      </tr>
-                      <tr> 
-                        <td colspan="5" height="4"></td>
-                      </tr>
-                      <tr> 
-                        <td><img src="in_d.gif" width="11" height="11"></td>
-                        <td>incoming (disabled)</td>
-                        <td width="14"></td>
-                        <td><img src="out_d.gif" width="11" height="11"></td>
-                        <td>outgoing (disabled)</td>
-                      </tr>
-                    </table><br>
-                               <span class="red"><strong>Note:</strong></span><strong><br>
-                    </strong>the first rule that matches a packet will be executed.<br>
-                    The following match patterns are not shown in the list above: 
-                    IP packet length, TCP flags.</td>
-       </tr>
-</table>
-            </form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Firewall", "Traffic shaper", "Rules");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['shaper']['rule'])) {\r
+       $config['shaper']['rule'] = array();\r
+}\r
+if (!is_array($config['shaper']['pipe'])) {\r
+       $config['shaper']['pipe'] = array();\r
+}\r
+if (!is_array($config['shaper']['queue'])) {\r
+       $config['shaper']['queue'] = array();\r
+}\r
+$a_shaper = &$config['shaper']['rule'];\r
+$a_pipe = &$config['shaper']['pipe'];\r
+$a_queue = &$config['shaper']['queue'];\r
+\r
+$pconfig['enable'] = isset($config['shaper']['enable']);\r
+\r
+if ($_POST) {\r
+\r
+       if ($_POST['submit']) {\r
+               $pconfig = $_POST;\r
+               $config['shaper']['enable'] = $_POST['enable'] ? true : false;\r
+               write_config();\r
+       }\r
+       \r
+       if ($_POST['apply'] || $_POST['submit']) {\r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval = shaper_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+               if ($retval == 0) {\r
+                       if (file_exists($d_shaperconfdirty_path))\r
+                               unlink($d_shaperconfdirty_path);\r
+               }\r
+       }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_shaper[$_GET['id']]) {\r
+               unset($a_shaper[$_GET['id']]);\r
+               write_config();\r
+               touch($d_shaperconfdirty_path);\r
+               header("Location: firewall_shaper.php");\r
+               exit;\r
+       }\r
+} else if ($_GET['act'] == "down") {\r
+       if ($a_shaper[$_GET['id']] && $a_shaper[$_GET['id']+1]) {\r
+               $tmp = $a_shaper[$_GET['id']+1];\r
+               $a_shaper[$_GET['id']+1] = $a_shaper[$_GET['id']];\r
+               $a_shaper[$_GET['id']] = $tmp;\r
+               write_config();\r
+               touch($d_shaperconfdirty_path);\r
+               header("Location: firewall_shaper.php");\r
+               exit;\r
+       }\r
+} else if ($_GET['act'] == "up") {\r
+       if (($_GET['id'] > 0) && $a_shaper[$_GET['id']]) {\r
+               $tmp = $a_shaper[$_GET['id']-1];\r
+               $a_shaper[$_GET['id']-1] = $a_shaper[$_GET['id']];\r
+               $a_shaper[$_GET['id']] = $tmp;\r
+               write_config();\r
+               touch($d_shaperconfdirty_path);\r
+               header("Location: firewall_shaper.php");\r
+               exit;\r
+       }\r
+} else if ($_GET['act'] == "toggle") {\r
+       if ($a_shaper[$_GET['id']]) {\r
+               $a_shaper[$_GET['id']]['disabled'] = !isset($a_shaper[$_GET['id']]['disabled']);\r
+               write_config();\r
+               touch($d_shaperconfdirty_path);\r
+               header("Location: firewall_shaper.php");\r
+               exit;\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="firewall_shaper.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_shaperconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Rules' => 'firewall_shaper.php',\r
+                         'Pipes' => 'firewall_shaper_pipes.php',\r
+                         'Queues' => 'firewall_shaper_queues.php',\r
+                         'Magic shaper wizard' => 'firewall_shaper_magic.php');\r
+       dynamic_tab_menu($tabs);\r
+?>       \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                <tr> \r
+                  <td class="vtable">\r
+                      <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked";?>>\r
+                      <strong>Enable traffic shaper</strong></td>\r
+                </tr>\r
+                <tr> \r
+                  <td> <input name="submit" type="submit" class="formbtn" value="Save"> \r
+                  </td>\r
+                </tr>\r
+              </table>\r
+              &nbsp;<br>\r
+              <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+                      <tr> \r
+                        <td width="5%" class="listhdrrns">If</td>\r
+                        <td width="5%" class="listhdrrns">Proto</td>\r
+                        <td width="20%" class="listhdrr">Source</td>\r
+                        <td width="20%" class="listhdrr">Destination</td>\r
+                        <td width="15%" class="listhdrrns">Target</td>\r
+                        <td width="25%" class="listhdr">Description</td>\r
+                        <td width="10%" class="list"></td>\r
+                      </tr>\r
+                      <?php $i = 0; foreach ($a_shaper as $shaperent): ?>\r
+                      <tr valign="top"> \r
+                        <td class="listlr"> \r
+                          <?php\r
+                                 $dis = "";\r
+                                 if (isset($shaperent['disabled'])) {\r
+                                       $dis = "_d";\r
+                                       $textss = "<span class=\"gray\">";\r
+                                       $textse = "</span>";\r
+                                 } else {\r
+                                       $textss = $textse = "";\r
+                                 }\r
+                                 $iflabels = array('lan' => 'LAN', 'wan' => 'WAN', 'pptp' => 'PPTP');\r
+                                 for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)\r
+                                       $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];\r
+                                 echo $textss . htmlspecialchars($iflabels[$shaperent['interface']]);\r
+                                 echo "<br>";\r
+                                 echo "<a href=\"?act=toggle&id={$i}\">";\r
+                                 if ($shaperent['direction'] != "in")\r
+                                       echo "<img src=\"out{$dis}.gif\" width=\"11\" height=\"11\" border=\"0\" style=\"margin-top: 5px\" title=\"click to toggle enabled/disabled status\">";\r
+                                 if ($shaperent['direction'] != "out")\r
+                                       echo "<img src=\"in{$dis}.gif\" width=\"11\" height=\"11\" border=\"0\" style=\"margin-top: 5px\" title=\"click to toggle enabled/disabled status\">";\r
+                                 echo "</a>" . $textse;;\r
+                                 ?>\r
+                        </td>\r
+                        <td class="listr"> \r
+                          <?=$textss;?><?php if (isset($shaperent['protocol'])) echo strtoupper($shaperent['protocol']); else echo "*"; ?><?=$textse;?>\r
+                        </td>\r
+                        <td class="listr"><?=$textss;?><?php echo htmlspecialchars(pprint_address($shaperent['source'])); ?>\r
+                                               <?php if ($shaperent['source']['port']): ?><br>\r
+                                               Port: <?=htmlspecialchars(pprint_port($shaperent['source']['port'])); ?> \r
+                                               <?php endif; ?><?=$textse;?>\r
+                        </td>\r
+                        <td class="listr"><?=$textss;?><?php echo htmlspecialchars(pprint_address($shaperent['destination'])); ?>\r
+                                               <?php if ($shaperent['destination']['port']): ?><br>\r
+                                               Port: <?=htmlspecialchars(pprint_port($shaperent['destination']['port'])); ?>\r
+                                               <?php endif; ?><?=$textse;?>\r
+                        </td>\r
+                        <td class="listr"><?=$textss;?>\r
+                          <?php \r
+                                                       if (isset($shaperent['targetpipe'])) {\r
+                                                               if ($a_pipe[$shaperent['targetpipe']]['descr'])\r
+                                                                       $desc = htmlspecialchars($a_pipe[$shaperent['targetpipe']]['descr']);\r
+                                                               else \r
+                                                                       $desc = "Pipe " . ($shaperent['targetpipe']+1);\r
+                                                               echo "<a href=\"firewall_shaper_pipes_edit.php?id={$shaperent['targetpipe']}\">{$desc}</a>";\r
+                                                       } else if (isset($shaperent['targetqueue'])) {\r
+                                                               if ($a_queue[$shaperent['targetqueue']]['descr'])\r
+                                                                       $desc = htmlspecialchars($a_queue[$shaperent['targetqueue']]['descr']);\r
+                                                               else \r
+                                                                       $desc = "Queue " . ($shaperent['targetqueue']+1);\r
+                                                               echo "<a href=\"firewall_shaper_queues_edit.php?id={$shaperent['targetqueue']}\">{$desc}</a>";\r
+                                                       }\r
+                                                 ?><?=$textse;?>\r
+                        </td>\r
+                        <td class="listbg"> \r
+                          <?=$textss;?><?=htmlspecialchars($shaperent['descr']);?><?=$textse;?>\r
+                          &nbsp; </td>\r
+                        <td valign="middle" nowrap class="list"> <a href="firewall_shaper_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a> \r
+                          <?php if ($i > 0): ?>\r
+                          <a href="firewall_shaper.php?act=up&id=<?=$i;?>"><img src="up.gif" title="move up" width="17" height="17" border="0"></a> \r
+                          <?php else: ?>\r
+                          <img src="up_d.gif" width="17" height="17" border="0"> \r
+                          <?php endif; ?><br>\r
+                                                 <a href="firewall_shaper.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a> \r
+                          <?php if (isset($a_shaper[$i+1])): ?>\r
+                          <a href="firewall_shaper.php?act=down&id=<?=$i;?>"><img src="down.gif" title="move down" width="17" height="17" border="0"></a> \r
+                          <?php else: ?>\r
+                          <img src="down_d.gif" width="17" height="17" border="0"> \r
+                          <?php endif; ?>\r
+                          <a href="firewall_shaper_edit.php?dup=<?=$i;?>"><img src="plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a> \r
+                        </td>\r
+                      </tr>\r
+                      <?php $i++; endforeach; ?>\r
+                      <tr> \r
+                        <td class="list" colspan="6"></td>\r
+                        <td class="list"> <a href="firewall_shaper_edit.php"><img src="plus.gif" title="add rule" width="17" height="17" border="0"></a></td>\r
+                      </tr>\r
+                    </table>\r
+                                         \r
+                    <table border="0" cellspacing="0" cellpadding="0">\r
+                      <tr> \r
+                        <td width="16"><img src="in.gif" width="11" height="11"></td>\r
+                        <td>incoming (as seen by firewall)</td>\r
+                        <td width="14"></td>\r
+                        <td width="16"><img src="out.gif" width="11" height="11"></td>\r
+                        <td>outgoing (as seen by firewall)</td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td colspan="5" height="4"></td>\r
+                      </tr>\r
+                      <tr> \r
+                        <td><img src="in_d.gif" width="11" height="11"></td>\r
+                        <td>incoming (disabled)</td>\r
+                        <td width="14"></td>\r
+                        <td><img src="out_d.gif" width="11" height="11"></td>\r
+                        <td>outgoing (disabled)</td>\r
+                      </tr>\r
+                    </table><br>\r
+                               <span class="red"><strong>Note:</strong></span><strong><br>\r
+                    </strong>the first rule that matches a packet will be executed.<br>\r
+                    The following match patterns are not shown in the list above: \r
+                    IP packet length, TCP flags.</td>\r
+       </tr>\r
+</table>\r
+            </form>\r
+<?php include("fend.inc"); ?>\r
index a25b3da1ad0ee59789c4848a933c381121b35447..930d1695ee3b53ad8cc85eca43aa4eddfd5b2ff4 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-    part of m0n0wall (http://m0n0.ch/wall)
-    
-    Copyright (C) 2004 Justin Ellison <justin@techadvise.com> 
-    Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>
-
-    All rights reserved.
-    
-    Redistribution and use in source and binary forms, with or without
-    modification, are permitted provided that the following conditions are met:
-    
-    1. Redistributions of source code must retain the above copyright notice,
-       this list of conditions and the following disclaimer.
-    
-    2. Redistributions in binary form must reproduce the above copyright
-       notice, this list of conditions and the following disclaimer in the
-       documentation and/or other materials provided with the distribution.
-    
-    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-    POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Firewall", "Traffic shaper");
-require("guiconfig.inc");
-
-function wipe_magic () {
-  global $config;
-
-  /* wipe previous */
-  $types=array("pipe","queue","rule");
-  foreach ($types as $type) {
-    foreach (array_keys($config['shaper'][$type]) as $num) {
-    if (substr($config['shaper'][$type][$num]['descr'],0,2) == "m_") {
-      unset($config['shaper'][$type][$num]);
-    }
-    }
-  }
-  /* Although we don't delete user-defined rules, it's probably best to
-     disable the shaper to prevent bad things from happening */
-  $config['shaper']['enable'] = FALSE;
-}
-
-function populate_p2p(&$rulei) {
-  global $config;
-  
-  /* To add p2p clients, push Descr,Protocol,Start,End,src/dest/both onto p2plist */
-  $p2plist[] = array('BitTorrent','tcp','6881','6999','both');
-  $p2plist[] = array('DirectConnect','','412','412','both');
-  $p2plist[] = array('DirectFileExpress','','1044','1045','both');
-  $p2plist[] = array('FastTrack','','1214','1214','both');
-  $p2plist[] = array('CuteMX','','2340','2340','both');
-  $p2plist[] = array('iMest','','4329','4329','both');
-  $p2plist[] = array('EDonkey2000','','4661','4665','both');
-  $p2plist[] = array('SongSpy','','5190','5190','both');
-  $p2plist[] = array('HotlineConnect','','5500','5503','both');
-  $p2plist[] = array('Gnutella','','6346','6346','both');
-  $p2plist[] = array('dcc','','6666','6668','both');
-  $p2plist[] = array('Napster','','6699','6701','both');
-  $p2plist[] = array('Aimster','','7668','7668','both');
-  $p2plist[] = array('BuddyShare','','7788','7788','both');
-  $p2plist[] = array('Scour','','8311','8311','both');
-  $p2plist[] = array('OpenNap','','8888','8889','both');
-  $p2plist[] = array('hotComm','','28864','28865','both');
-
-  /* Set up/down p2p as lowest weight */
-  $direction = array("in","out");
-  foreach ($p2plist as $p2pclient) {
-   foreach ($direction as $dir) {
-     foreach (array('source','destination') as $srcdest) {
-       if (($p2pclient[4] == $srcdest) || ($p2pclient[4] == 'both')) { 
-         $config['shaper']['rule'][$rulei]['descr'] = "m_P2P $p2pclient[0]";
-         $config['shaper']['rule'][$rulei]['interface'] = "wan";
-            $config['shaper']['rule'][$rulei]['direction'] = "$dir";
-         $config['shaper']['rule'][$rulei]['source']['any'] = 1;
-         $config['shaper']['rule'][$rulei]['destination']['any'] = 1;
-         $config['shaper']['rule'][$rulei][$srcdest]['port'] = $p2pclient[2]."-".$p2pclient[3];
-         if($p2pclient[1] != '')
-           $config['shaper']['rule'][$rulei]['protocol'] = $p2pclient[1];
-         if ($dir == "out") {
-           $config['shaper']['rule'][$rulei]['targetqueue'] = 4;
-         } else {
-           $config['shaper']['rule'][$rulei]['targetqueue'] = 6;
-         }
-         $rulei++;
-       }
-     }
-   }
-  }
-}
-
-function create_magic ($maxup, $maxdown, $p2plow,$maskq) {
-  global $config;
-
-  $config['shaper']['enable'] = TRUE;
-  $pipei = 0;
-  $queuei = 0;
-  $rulei = 0;
-
-  /* Create new pipes */
-  $config['shaper']['pipe'][$pipei]['descr'] = "m_Total Upload";
-  $config['shaper']['pipe'][$pipei]['bandwidth'] = round($maxup * .90);
-  $pipei++;
-  $config['shaper']['pipe'][$pipei]['descr'] = "m_Total Download";
-  $config['shaper']['pipe'][$pipei]['bandwidth'] = round($maxdown * .95);
-  $pipei++;
-
-  /* Create new queues */
-  $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #1 Upload";
-  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
-  $config['shaper']['queue'][$queuei]['weight'] = 50;
-  $queuei++;
-  $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #2 Upload";
-  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
-  $config['shaper']['queue'][$queuei]['weight'] = 30;
-  $queuei++;
-  $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #3 Upload";
-  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
-  $config['shaper']['queue'][$queuei]['weight'] = 15;
-  $queuei++;
-  $config['shaper']['queue'][$queuei]['descr'] = "m_Bulk Upload";
-  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
-  $config['shaper']['queue'][$queuei]['weight'] = 4;
-  $queuei++;
-  $config['shaper']['queue'][$queuei]['descr'] = "m_Hated Upload";
-  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
-  $config['shaper']['queue'][$queuei]['weight'] = 1;
-  $queuei++;
-  $config['shaper']['queue'][$queuei]['descr'] = "m_Bulk Download";
-  $config['shaper']['queue'][$queuei]['targetpipe'] = 1;
-  $config['shaper']['queue'][$queuei]['weight'] = 30;
-  $queuei++;
-  $config['shaper']['queue'][$queuei]['descr'] = "m_Hated Download";
-  $config['shaper']['queue'][$queuei]['targetpipe'] = 1;
-  $config['shaper']['queue'][$queuei]['weight'] = 10;
-  $queuei++;
-  $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority Download";
-  $config['shaper']['queue'][$queuei]['targetpipe'] = 1;
-  $config['shaper']['queue'][$queuei]['weight'] = 60;
-  $queuei++;
-  if ($maskq) {
-       for ($i = 0; $i < $queuei; $i++) {
-           if (stristr($config['shaper']['queue'][$i]['descr'],"upload")) {
-                       $config['shaper']['queue'][$i]['mask'] = 'source';
-           } else if (stristr($config['shaper']['queue'][$i]['descr'],"download")) {
-                       $config['shaper']['queue'][$i]['mask'] = 'destination';
-           }
-       }
-  }
-
-  /* Create new rules */
-  if ($p2plow) 
-    populate_p2p($rulei);
-
-  $config['shaper']['rule'][$rulei]['descr'] = "m_TCP ACK Upload";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 2;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "out";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['iplen'] = "0-80";
-  $config['shaper']['rule'][$rulei]['protocol'] = "tcp";
-  $config['shaper']['rule'][$rulei]['tcpflags'] = "ack";
-  $rulei++; 
-  $config['shaper']['rule'][$rulei]['descr'] = "m_Small Pkt Upload";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "out";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['iplen'] = "0-100";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_Outbound DNS Query";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "out";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['port'] = 53;
-  $config['shaper']['rule'][$rulei]['protocol'] = "udp";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_AH Upload";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "out";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['protocol'] = "ah";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_ESP Upload";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "out";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['protocol'] = "esp";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_GRE Upload";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "out";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['protocol'] = "gre";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_ICMP Upload";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 1;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "out";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['protocol'] = "icmp";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_Catch-All Upload";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 3;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "out";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_ICMP Download";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "in";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['protocol'] = "icmp";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_Small Pkt Download";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "in";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['iplen'] = "0-100";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_AH Download";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "in";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['protocol'] = "ah";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_ESP Download";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "in";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['protocol'] = "esp";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_GRE Download";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "in";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['protocol'] = "gre";
-  $rulei++;
-  $config['shaper']['rule'][$rulei]['descr'] = "m_Catch-All Download";
-  $config['shaper']['rule'][$rulei]['targetqueue'] = 5;
-  $config['shaper']['rule'][$rulei]['interface'] = "wan";
-  $config['shaper']['rule'][$rulei]['direction'] = "in";
-  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
-  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
-  $rulei++;
-}
-
-if (!is_array($config['shaper']['rule'])) {
-    $config['shaper']['rule'] = array();
-}
-if (!is_array($config['shaper']['pipe'])) {
-    $config['shaper']['pipe'] = array();
-}
-if (!is_array($config['shaper']['queue'])) {
-    $config['shaper']['queue'] = array();
-}
-
-$a_shaper = &$config['shaper']['rule'];
-$a_queues = &$config['shaper']['queue'];
-$a_pipes = &$config['shaper']['pipe'];
-
-$pconfig['p2plow'] = isset($config['shaper']['magic']['p2plow']);
-$pconfig['maskq'] = isset($config['shaper']['magic']['maskq']);
-$pconfig['maxup'] = $config['shaper']['magic']['maxup'];
-$pconfig['maxdown'] = $config['shaper']['magic']['maxdown'];
-
-if ($_POST) {
-
-    if ($_POST['install']) {
-        unset($input_errors);
-        $pconfig = $_POST;
-        $reqdfields = explode(" ", "maxup maxdown");
-        $reqdfieldsn = explode(",", "Max. Upload,Max.Download");
-        do_input_validation($_POST,$reqdfields, $reqdfieldsn, &$input_errors);
-        if (($_POST['maxup'] && !is_numericint($_POST['maxup']))) {
-            $input_errors[] = "The max upload bandwidth must be an integer.";
-        }
-        if (($_POST['maxdown'] && !is_numericint($_POST['maxdown']))) {
-            $input_errors[] = "The max download bandwidth must be an integer.";
-        }
-        if (!$input_errors) {
-          if ($_POST['install']) {
-                unset ($config['shaper']);
-             create_magic($_POST['maxup'],$_POST['maxdown'],$_POST['p2plow']?TRUE:FALSE,$_POST['maskq']?TRUE:FALSE);
-             touch($d_shaperconfdirty_path);
-          }
-          $config['shaper']['magic']['p2plow'] = $_POST['p2plow'] ? TRUE : FALSE;
-          $config['shaper']['magic']['maskq'] = $_POST['maskq'] ? TRUE : FALSE;
-          $config['shaper']['magic']['maxup'] = $_POST['maxup'];
-          $config['shaper']['magic']['maxdown'] = $_POST['maxdown'];
-          write_config();
-        }
-    }
-    if ($_POST['remove']) {
-               wipe_magic();
-               $note = '<p><span class="red"><strong>Note: The traffic shaper has been disabled.<br>All of your user-defined rules/pipes/queues are still intact.</strong></span><strong><br>';
-               touch($d_shaperconfdirty_path);
-               write_config();
-    }
-    if ($_POST['apply']) {
-        $retval = 0;
-        if (!file_exists($d_sysrebootreqd_path)) {
-            config_lock();
-            $retval = shaper_configure();
-            config_unlock();
-        }
-        $savemsg = get_std_save_message($retval);
-        if ($retval == 0) {
-            if (file_exists($d_shaperconfdirty_path))
-                unlink($d_shaperconfdirty_path);
-        }
-    }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<form action="firewall_shaper_magic.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_shaperconfdirty_path)): ?><p>
-<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.$note");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="firewall_shaper.php">Rules</a></li>
-    <li class="tabinact"><a href="firewall_shaper_pipes.php">Pipes</a></li>
-    <li class="tabinact"><a href="firewall_shaper_queues.php">Queues</a></li>
-    <li class="tabact">Magic shaper wizard</li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-     <table width="100%" border="0" cellpadding="6" cellspacing="0">
-               <tr> 
-                 <td width="22%" valign="top" class="vtable">&nbsp;</td>
-                 <td width="78%" class="vtable">
-                         <input name="p2plow" type="checkbox" id="p2plow" value="yes" <?php if ($pconfig['p2plow']) echo "checked";?>>
-                         Set P2P traffic to lowest priority</td>
-               </tr>
-               <tr> 
-                 <td width="22%" valign="top" class="vtable">&nbsp;</td>
-                 <td width="78%" class="vtable">
-                         <input name="maskq" type="checkbox" id="maskq" value="yes" <?php if ($pconfig['maskq']) echo "checked";?>>
-                         Share bandwidth evenly on LAN</td>
-               </tr>
-        <tr valign="top">
-          <td width="22%" class="vncellreq">Downstream<br>
-            speed </td>
-          <td width="78%" class="vtable">
-              <?=$mandfldhtml;?><input name="maxdown" type="text" size="10" value="<?php if ($pconfig['maxdown']) echo $pconfig['maxdown']; ?>"> 
-              kbps<br>
-              Enter the speed of your WAN downstream link here.</td>
-               </tr>
-        <tr valign="top">
-          <td width="22%" class="vncellreq">Upstream<br>
-            speed</td>
-          <td width="78%" class="vtable"><?=$mandfldhtml;?><input name="maxup" type="text" size="10" value="<?php if ($pconfig['maxup']) echo $pconfig['maxup']; ?>">
-              kbps<br>
-              Enter the speed of your WAN upstream link here.</td>
-               </tr>
-               <tr> 
-                 <td width="22%">&nbsp;</td>
-                 <td width="78%">
-                       <input name="install" type="submit" class="formbtn" id="install" value="Install/Update"> 
-                     &nbsp;
-                           <input name="remove" type="submit" class="formbtn" id="remove" value="Remove">
-                 <br><br>
-                   <span class="red"><strong>All existing traffic shaper <strong>rules</strong>/pipes/queues will be deleted once "Install/Update" has been pressed! Backup your configuration before proceeding! </strong></span></td>
-               </tr>
-         </table><br>
-               <span class="vexpl"><span class="red"><strong>Note:</strong></span><strong><br>
-               </strong>By entering your maximum upload and download values and pressing the "Install/Update" button, the magic shaper will do its best to create the optimum shaping rules, queues, and pipes for you.  These rules will help ensure that interactive traffic remains acceptable while the upstream bandwidth is being consumed by heavy traffic.</span>
-       </td>
-    </tr>
-</table>
-</form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+    part of m0n0wall (http://m0n0.ch/wall)\r
+    \r
+    Copyright (C) 2004 Justin Ellison <justin@techadvise.com> \r
+    Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>\r
+\r
+    All rights reserved.\r
+    \r
+    Redistribution and use in source and binary forms, with or without\r
+    modification, are permitted provided that the following conditions are met:\r
+    \r
+    1. Redistributions of source code must retain the above copyright notice,\r
+       this list of conditions and the following disclaimer.\r
+    \r
+    2. Redistributions in binary form must reproduce the above copyright\r
+       notice, this list of conditions and the following disclaimer in the\r
+       documentation and/or other materials provided with the distribution.\r
+    \r
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+    POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Firewall", "Traffic shaper", "Magic shaper wizard");\r
+require("guiconfig.inc");\r
+\r
+function wipe_magic () {\r
+  global $config;\r
+\r
+  /* wipe previous */\r
+  $types=array("pipe","queue","rule");\r
+  foreach ($types as $type) {\r
+    foreach (array_keys($config['shaper'][$type]) as $num) {\r
+    if (substr($config['shaper'][$type][$num]['descr'],0,2) == "m_") {\r
+      unset($config['shaper'][$type][$num]);\r
+    }\r
+    }\r
+  }\r
+  /* Although we don't delete user-defined rules, it's probably best to\r
+     disable the shaper to prevent bad things from happening */\r
+  $config['shaper']['enable'] = FALSE;\r
+}\r
+\r
+function populate_p2p(&$rulei) {\r
+  global $config;\r
+  \r
+  /* To add p2p clients, push Descr,Protocol,Start,End,src/dest/both onto p2plist */\r
+  $p2plist[] = array('BitTorrent','tcp','6881','6999','both');\r
+  $p2plist[] = array('DirectConnect','','412','412','both');\r
+  $p2plist[] = array('DirectFileExpress','','1044','1045','both');\r
+  $p2plist[] = array('FastTrack','','1214','1214','both');\r
+  $p2plist[] = array('CuteMX','','2340','2340','both');\r
+  $p2plist[] = array('iMest','','4329','4329','both');\r
+  $p2plist[] = array('EDonkey2000','','4661','4665','both');\r
+  $p2plist[] = array('SongSpy','','5190','5190','both');\r
+  $p2plist[] = array('HotlineConnect','','5500','5503','both');\r
+  $p2plist[] = array('Gnutella','','6346','6346','both');\r
+  $p2plist[] = array('dcc','','6666','6668','both');\r
+  $p2plist[] = array('Napster','','6699','6701','both');\r
+  $p2plist[] = array('Aimster','','7668','7668','both');\r
+  $p2plist[] = array('BuddyShare','','7788','7788','both');\r
+  $p2plist[] = array('Scour','','8311','8311','both');\r
+  $p2plist[] = array('OpenNap','','8888','8889','both');\r
+  $p2plist[] = array('hotComm','','28864','28865','both');\r
+\r
+  /* Set up/down p2p as lowest weight */\r
+  $direction = array("in","out");\r
+  foreach ($p2plist as $p2pclient) {\r
+   foreach ($direction as $dir) {\r
+     foreach (array('source','destination') as $srcdest) {\r
+       if (($p2pclient[4] == $srcdest) || ($p2pclient[4] == 'both')) { \r
+         $config['shaper']['rule'][$rulei]['descr'] = "m_P2P $p2pclient[0]";\r
+         $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+            $config['shaper']['rule'][$rulei]['direction'] = "$dir";\r
+         $config['shaper']['rule'][$rulei]['source']['any'] = 1;\r
+         $config['shaper']['rule'][$rulei]['destination']['any'] = 1;\r
+         $config['shaper']['rule'][$rulei][$srcdest]['port'] = $p2pclient[2]."-".$p2pclient[3];\r
+         if($p2pclient[1] != '')\r
+           $config['shaper']['rule'][$rulei]['protocol'] = $p2pclient[1];\r
+         if ($dir == "out") {\r
+           $config['shaper']['rule'][$rulei]['targetqueue'] = 4;\r
+         } else {\r
+           $config['shaper']['rule'][$rulei]['targetqueue'] = 6;\r
+         }\r
+         $rulei++;\r
+       }\r
+     }\r
+   }\r
+  }\r
+}\r
+\r
+function create_magic ($maxup, $maxdown, $p2plow,$maskq) {\r
+  global $config;\r
+\r
+  $config['shaper']['enable'] = TRUE;\r
+  $pipei = 0;\r
+  $queuei = 0;\r
+  $rulei = 0;\r
+\r
+  /* Create new pipes */\r
+  $config['shaper']['pipe'][$pipei]['descr'] = "m_Total Upload";\r
+  $config['shaper']['pipe'][$pipei]['bandwidth'] = round($maxup * .90);\r
+  $pipei++;\r
+  $config['shaper']['pipe'][$pipei]['descr'] = "m_Total Download";\r
+  $config['shaper']['pipe'][$pipei]['bandwidth'] = round($maxdown * .95);\r
+  $pipei++;\r
+\r
+  /* Create new queues */\r
+  $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #1 Upload";\r
+  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
+  $config['shaper']['queue'][$queuei]['weight'] = 50;\r
+  $queuei++;\r
+  $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #2 Upload";\r
+  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
+  $config['shaper']['queue'][$queuei]['weight'] = 30;\r
+  $queuei++;\r
+  $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #3 Upload";\r
+  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
+  $config['shaper']['queue'][$queuei]['weight'] = 15;\r
+  $queuei++;\r
+  $config['shaper']['queue'][$queuei]['descr'] = "m_Bulk Upload";\r
+  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
+  $config['shaper']['queue'][$queuei]['weight'] = 4;\r
+  $queuei++;\r
+  $config['shaper']['queue'][$queuei]['descr'] = "m_Hated Upload";\r
+  $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
+  $config['shaper']['queue'][$queuei]['weight'] = 1;\r
+  $queuei++;\r
+  $config['shaper']['queue'][$queuei]['descr'] = "m_Bulk Download";\r
+  $config['shaper']['queue'][$queuei]['targetpipe'] = 1;\r
+  $config['shaper']['queue'][$queuei]['weight'] = 30;\r
+  $queuei++;\r
+  $config['shaper']['queue'][$queuei]['descr'] = "m_Hated Download";\r
+  $config['shaper']['queue'][$queuei]['targetpipe'] = 1;\r
+  $config['shaper']['queue'][$queuei]['weight'] = 10;\r
+  $queuei++;\r
+  $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority Download";\r
+  $config['shaper']['queue'][$queuei]['targetpipe'] = 1;\r
+  $config['shaper']['queue'][$queuei]['weight'] = 60;\r
+  $queuei++;\r
+  if ($maskq) {\r
+       for ($i = 0; $i < $queuei; $i++) {\r
+           if (stristr($config['shaper']['queue'][$i]['descr'],"upload")) {\r
+                       $config['shaper']['queue'][$i]['mask'] = 'source';\r
+           } else if (stristr($config['shaper']['queue'][$i]['descr'],"download")) {\r
+                       $config['shaper']['queue'][$i]['mask'] = 'destination';\r
+           }\r
+       }\r
+  }\r
+\r
+  /* Create new rules */\r
+  if ($p2plow) \r
+    populate_p2p($rulei);\r
+\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_TCP ACK Upload";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 2;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "out";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['iplen'] = "0-80";\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "tcp";\r
+  $config['shaper']['rule'][$rulei]['tcpflags'] = "ack";\r
+  $rulei++; \r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_Small Pkt Upload";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "out";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['iplen'] = "0-100";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_Outbound DNS Query";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "out";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['port'] = 53;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "udp";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_AH Upload";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "out";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "ah";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_ESP Upload";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "out";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "esp";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_GRE Upload";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "out";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "gre";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_ICMP Upload";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 1;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "out";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "icmp";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_Catch-All Upload";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 3;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "out";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_ICMP Download";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "in";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "icmp";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_Small Pkt Download";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "in";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['iplen'] = "0-100";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_AH Download";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "in";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "ah";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_ESP Download";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "in";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "esp";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_GRE Download";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "in";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['protocol'] = "gre";\r
+  $rulei++;\r
+  $config['shaper']['rule'][$rulei]['descr'] = "m_Catch-All Download";\r
+  $config['shaper']['rule'][$rulei]['targetqueue'] = 5;\r
+  $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
+  $config['shaper']['rule'][$rulei]['direction'] = "in";\r
+  $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
+  $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
+  $rulei++;\r
+}\r
+\r
+if (!is_array($config['shaper']['rule'])) {\r
+    $config['shaper']['rule'] = array();\r
+}\r
+if (!is_array($config['shaper']['pipe'])) {\r
+    $config['shaper']['pipe'] = array();\r
+}\r
+if (!is_array($config['shaper']['queue'])) {\r
+    $config['shaper']['queue'] = array();\r
+}\r
+\r
+$a_shaper = &$config['shaper']['rule'];\r
+$a_queues = &$config['shaper']['queue'];\r
+$a_pipes = &$config['shaper']['pipe'];\r
+\r
+$pconfig['p2plow'] = isset($config['shaper']['magic']['p2plow']);\r
+$pconfig['maskq'] = isset($config['shaper']['magic']['maskq']);\r
+$pconfig['maxup'] = $config['shaper']['magic']['maxup'];\r
+$pconfig['maxdown'] = $config['shaper']['magic']['maxdown'];\r
+\r
+if ($_POST) {\r
+\r
+    if ($_POST['install']) {\r
+        unset($input_errors);\r
+        $pconfig = $_POST;\r
+        $reqdfields = explode(" ", "maxup maxdown");\r
+        $reqdfieldsn = explode(",", "Max. Upload,Max.Download");\r
+        do_input_validation($_POST,$reqdfields, $reqdfieldsn, &$input_errors);\r
+        if (($_POST['maxup'] && !is_numericint($_POST['maxup']))) {\r
+            $input_errors[] = "The max upload bandwidth must be an integer.";\r
+        }\r
+        if (($_POST['maxdown'] && !is_numericint($_POST['maxdown']))) {\r
+            $input_errors[] = "The max download bandwidth must be an integer.";\r
+        }\r
+        if (!$input_errors) {\r
+          if ($_POST['install']) {\r
+                unset ($config['shaper']);\r
+             create_magic($_POST['maxup'],$_POST['maxdown'],$_POST['p2plow']?TRUE:FALSE,$_POST['maskq']?TRUE:FALSE);\r
+             touch($d_shaperconfdirty_path);\r
+          }\r
+          $config['shaper']['magic']['p2plow'] = $_POST['p2plow'] ? TRUE : FALSE;\r
+          $config['shaper']['magic']['maskq'] = $_POST['maskq'] ? TRUE : FALSE;\r
+          $config['shaper']['magic']['maxup'] = $_POST['maxup'];\r
+          $config['shaper']['magic']['maxdown'] = $_POST['maxdown'];\r
+          write_config();\r
+        }\r
+    }\r
+    if ($_POST['remove']) {\r
+               wipe_magic();\r
+               $note = '<p><span class="red"><strong>Note: The traffic shaper has been disabled.<br>All of your user-defined rules/pipes/queues are still intact.</strong></span><strong><br>';\r
+               touch($d_shaperconfdirty_path);\r
+               write_config();\r
+    }\r
+    if ($_POST['apply']) {\r
+        $retval = 0;\r
+        if (!file_exists($d_sysrebootreqd_path)) {\r
+            config_lock();\r
+            $retval = shaper_configure();\r
+            config_unlock();\r
+        }\r
+        $savemsg = get_std_save_message($retval);\r
+        if ($retval == 0) {\r
+            if (file_exists($d_shaperconfdirty_path))\r
+                unlink($d_shaperconfdirty_path);\r
+        }\r
+    }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="firewall_shaper_magic.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_shaperconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.$note");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Rules' => 'firewall_shaper.php',\r
+                         'Pipes' => 'firewall_shaper_pipes.php',\r
+                         'Queues' => 'firewall_shaper_queues.php',\r
+                         'Magic shaper wizard' => 'firewall_shaper_magic.php');\r
+       dynamic_tab_menu($tabs);\r
+?>       \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+     <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+               <tr> \r
+                 <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+                 <td width="78%" class="vtable">\r
+                         <input name="p2plow" type="checkbox" id="p2plow" value="yes" <?php if ($pconfig['p2plow']) echo "checked";?>>\r
+                         Set P2P traffic to lowest priority</td>\r
+               </tr>\r
+               <tr> \r
+                 <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+                 <td width="78%" class="vtable">\r
+                         <input name="maskq" type="checkbox" id="maskq" value="yes" <?php if ($pconfig['maskq']) echo "checked";?>>\r
+                         Share bandwidth evenly on LAN</td>\r
+               </tr>\r
+        <tr valign="top">\r
+          <td width="22%" class="vncellreq">Downstream<br>\r
+            speed </td>\r
+          <td width="78%" class="vtable">\r
+              <?=$mandfldhtml;?><input name="maxdown" type="text" size="10" value="<?php if ($pconfig['maxdown']) echo $pconfig['maxdown']; ?>"> \r
+              kbps<br>\r
+              Enter the speed of your WAN downstream link here.</td>\r
+               </tr>\r
+        <tr valign="top">\r
+          <td width="22%" class="vncellreq">Upstream<br>\r
+            speed</td>\r
+          <td width="78%" class="vtable"><?=$mandfldhtml;?><input name="maxup" type="text" size="10" value="<?php if ($pconfig['maxup']) echo $pconfig['maxup']; ?>">\r
+              kbps<br>\r
+              Enter the speed of your WAN upstream link here.</td>\r
+               </tr>\r
+               <tr> \r
+                 <td width="22%">&nbsp;</td>\r
+                 <td width="78%">\r
+                       <input name="install" type="submit" class="formbtn" id="install" value="Install/Update"> \r
+                     &nbsp;\r
+                           <input name="remove" type="submit" class="formbtn" id="remove" value="Remove">\r
+                 <br><br>\r
+                   <span class="red"><strong>All existing traffic shaper <strong>rules</strong>/pipes/queues will be deleted once "Install/Update" has been pressed! Backup your configuration before proceeding! </strong></span></td>\r
+               </tr>\r
+         </table><br>\r
+               <span class="vexpl"><span class="red"><strong>Note:</strong></span><strong><br>\r
+               </strong>By entering your maximum upload and download values and pressing the "Install/Update" button, the magic shaper will do its best to create the optimum shaping rules, queues, and pipes for you.  These rules will help ensure that interactive traffic remains acceptable while the upstream bandwidth is being consumed by heavy traffic.</span>\r
+       </td>\r
+    </tr>\r
+</table>\r
+</form>\r
+<?php include("fend.inc"); ?>\r
index 098dc1b0baff321c57fb990ab748762d0e770ad5..43698648c17ca4fc08c6c7a5aa33f665c437450c 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Firewall", "Traffic shaper");
-require("guiconfig.inc");
-
-if (!is_array($config['shaper']['pipe'])) {
-       $config['shaper']['pipe'] = array();
-}
-if (!is_array($config['shaper']['queue'])) {
-       $config['shaper']['queue'] = array();
-}
-$a_pipes = &$config['shaper']['pipe'];
-
-if ($_GET['act'] == "del") {
-       if ($a_pipes[$_GET['id']]) {
-               /* check that no rule references this pipe */
-               if (is_array($config['shaper']['rule'])) {
-                       foreach ($config['shaper']['rule'] as $rule) {
-                               if (isset($rule['targetpipe']) && ($rule['targetpipe'] == $_GET['id'])) {
-                                       $input_errors[] = "This pipe cannot be deleted because it is still referenced by a rule.";
-                                       break;
-                               }
-                       }
-               }
-               
-               /* check that no queue references this pipe */
-               if (is_array($config['shaper']['queue'])) {
-                       foreach ($config['shaper']['queue'] as $queue) {
-                               if ($queue['targetpipe'] == $_GET['id']) {
-                                       $input_errors[] = "This pipe cannot be deleted because it is still referenced by a queue.";
-                                       break;
-                               }
-                       }
-               }
-               
-               if (!$input_errors) {
-                       unset($a_pipes[$_GET['id']]);
-                       
-                       /* renumber all rules and queues */
-                       if (is_array($config['shaper']['rule'])) {
-                               for ($i = 0; isset($config['shaper']['rule'][$i]); $i++) {
-                                       $currule = &$config['shaper']['rule'][$i];
-                                       if (isset($currule['targetpipe']) && ($currule['targetpipe'] > $_GET['id']))
-                                               $currule['targetpipe']--;
-                               }
-                       }
-                       if (is_array($config['shaper']['queue'])) {
-                               for ($i = 0; isset($config['shaper']['queue'][$i]); $i++) {
-                                       $curqueue = &$config['shaper']['queue'][$i];
-                                       if ($curqueue['targetpipe'] > $_GET['id'])
-                                               $curqueue['targetpipe']--;
-                               }
-                       }
-                       
-                       write_config();
-                       touch($d_shaperconfdirty_path);
-                       header("Location: firewall_shaper_pipes.php");
-                       exit;
-               }
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="firewall_shaper.php" method="post">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_shaperconfdirty_path)): ?><p>
-<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="firewall_shaper.php">Rules</a></li>
-    <li class="tabact">Pipes</li>
-    <li class="tabinact"><a href="firewall_shaper_queues.php">Queues</a></li>
-    <li class="tabinact"><a href="firewall_shaper_magic.php">Magic shaper wizard</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="100%" border="0" cellpadding="0" cellspacing="0">
-                      <tr> 
-                        <td width="10%" class="listhdrr">No.</td>
-                        <td width="15%" class="listhdrr">Bandwidth</td>
-                        <td width="10%" class="listhdrr">Delay</td>
-                        <td width="10%" class="listhdrr">PLR</td>
-                        <td width="10%" class="listhdrr">Queue</td>
-                        <td width="15%" class="listhdrr">Mask</td>
-                        <td width="20%" class="listhdr">Description</td>
-                        <td width="10%" class="list"></td>
-                      </tr>
-                      <?php $i = 0; foreach ($a_pipes as $pipe): ?>
-                      <tr valign="top">
-                        <td class="listlr"> 
-                          <?=($i+1);?></td>
-                        <td class="listr"> 
-                          <?=htmlspecialchars($pipe['bandwidth']);?>
-                          Kbit/s </td>
-                        <td class="listr"> 
-                          <?php if ($pipe['delay']): ?>
-                          <?=$pipe['delay'];?>
-                          ms 
-                          <?php endif; ?>
-                          &nbsp; </td>
-                        <td class="listr"> 
-                          <?php if ($pipe['plr']): ?>
-                          <?=$pipe['plr'];?>
-                          <?php endif; ?>
-                          &nbsp; </td>
-                        <td class="listr"> 
-                          <?php if ($pipe['qsize']): ?>
-                          <?=htmlspecialchars($pipe['qsize']);?>
-                          <?php endif; ?>
-                          &nbsp; </td>
-                        <td class="listr"> 
-                          <?php if ($pipe['mask']): ?>
-                          <?=$pipe['mask'];?>
-                          <?php endif; ?>
-                          &nbsp; </td>
-                        <td class="listbg"> 
-                          <?=htmlspecialchars($pipe['descr']);?>
-                          &nbsp; </td>
-                        <td valign="middle" nowrap class="list"> <a href="firewall_shaper_pipes_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit pipe" width="17" height="17" border="0"></a> 
-                          &nbsp;<a href="firewall_shaper_pipes.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pipe?')"><img src="x.gif" title="delete pipe" width="17" height="17" border="0"></a></td>
-                      </tr>
-                      <?php $i++; endforeach; ?>
-                      <tr> 
-                        <td class="list" colspan="7"></td>
-                        <td class="list"> <a href="firewall_shaper_pipes_edit.php"><img src="plus.gif" title="add pipe" width="17" height="17" border="0"></a></td>
-                      </tr>
-                    </table><br>
-                    <strong><span class="red">Note:</span></strong> a pipe can 
-                    only be deleted if it is not referenced by any rules or queues.</td>
-       </tr>
-</table>
-            </form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Firewall", "Traffic shaper", "Pipes");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['shaper']['pipe'])) {\r
+       $config['shaper']['pipe'] = array();\r
+}\r
+if (!is_array($config['shaper']['queue'])) {\r
+       $config['shaper']['queue'] = array();\r
+}\r
+$a_pipes = &$config['shaper']['pipe'];\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_pipes[$_GET['id']]) {\r
+               /* check that no rule references this pipe */\r
+               if (is_array($config['shaper']['rule'])) {\r
+                       foreach ($config['shaper']['rule'] as $rule) {\r
+                               if (isset($rule['targetpipe']) && ($rule['targetpipe'] == $_GET['id'])) {\r
+                                       $input_errors[] = "This pipe cannot be deleted because it is still referenced by a rule.";\r
+                                       break;\r
+                               }\r
+                       }\r
+               }\r
+               \r
+               /* check that no queue references this pipe */\r
+               if (is_array($config['shaper']['queue'])) {\r
+                       foreach ($config['shaper']['queue'] as $queue) {\r
+                               if ($queue['targetpipe'] == $_GET['id']) {\r
+                                       $input_errors[] = "This pipe cannot be deleted because it is still referenced by a queue.";\r
+                                       break;\r
+                               }\r
+                       }\r
+               }\r
+               \r
+               if (!$input_errors) {\r
+                       unset($a_pipes[$_GET['id']]);\r
+                       \r
+                       /* renumber all rules and queues */\r
+                       if (is_array($config['shaper']['rule'])) {\r
+                               for ($i = 0; isset($config['shaper']['rule'][$i]); $i++) {\r
+                                       $currule = &$config['shaper']['rule'][$i];\r
+                                       if (isset($currule['targetpipe']) && ($currule['targetpipe'] > $_GET['id']))\r
+                                               $currule['targetpipe']--;\r
+                               }\r
+                       }\r
+                       if (is_array($config['shaper']['queue'])) {\r
+                               for ($i = 0; isset($config['shaper']['queue'][$i]); $i++) {\r
+                                       $curqueue = &$config['shaper']['queue'][$i];\r
+                                       if ($curqueue['targetpipe'] > $_GET['id'])\r
+                                               $curqueue['targetpipe']--;\r
+                               }\r
+                       }\r
+                       \r
+                       write_config();\r
+                       touch($d_shaperconfdirty_path);\r
+                       header("Location: firewall_shaper_pipes.php");\r
+                       exit;\r
+               }\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="firewall_shaper.php" method="post">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_shaperconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Rules' => 'firewall_shaper.php',\r
+                         'Pipes' => 'firewall_shaper_pipes.php',\r
+                         'Queues' => 'firewall_shaper_queues.php',\r
+                         'Magic shaper wizard' => 'firewall_shaper_magic.php');\r
+       dynamic_tab_menu($tabs);\r
+?>       \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+                      <tr> \r
+                        <td width="10%" class="listhdrr">No.</td>\r
+                        <td width="15%" class="listhdrr">Bandwidth</td>\r
+                        <td width="10%" class="listhdrr">Delay</td>\r
+                        <td width="10%" class="listhdrr">PLR</td>\r
+                        <td width="10%" class="listhdrr">Queue</td>\r
+                        <td width="15%" class="listhdrr">Mask</td>\r
+                        <td width="20%" class="listhdr">Description</td>\r
+                        <td width="10%" class="list"></td>\r
+                      </tr>\r
+                      <?php $i = 0; foreach ($a_pipes as $pipe): ?>\r
+                      <tr valign="top">\r
+                        <td class="listlr"> \r
+                          <?=($i+1);?></td>\r
+                        <td class="listr"> \r
+                          <?=htmlspecialchars($pipe['bandwidth']);?>\r
+                          Kbit/s </td>\r
+                        <td class="listr"> \r
+                          <?php if ($pipe['delay']): ?>\r
+                          <?=$pipe['delay'];?>\r
+                          ms \r
+                          <?php endif; ?>\r
+                          &nbsp; </td>\r
+                        <td class="listr"> \r
+                          <?php if ($pipe['plr']): ?>\r
+                          <?=$pipe['plr'];?>\r
+                          <?php endif; ?>\r
+                          &nbsp; </td>\r
+                        <td class="listr"> \r
+                          <?php if ($pipe['qsize']): ?>\r
+                          <?=htmlspecialchars($pipe['qsize']);?>\r
+                          <?php endif; ?>\r
+                          &nbsp; </td>\r
+                        <td class="listr"> \r
+                          <?php if ($pipe['mask']): ?>\r
+                          <?=$pipe['mask'];?>\r
+                          <?php endif; ?>\r
+                          &nbsp; </td>\r
+                        <td class="listbg"> \r
+                          <?=htmlspecialchars($pipe['descr']);?>\r
+                          &nbsp; </td>\r
+                        <td valign="middle" nowrap class="list"> <a href="firewall_shaper_pipes_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit pipe" width="17" height="17" border="0"></a> \r
+                          &nbsp;<a href="firewall_shaper_pipes.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pipe?')"><img src="x.gif" title="delete pipe" width="17" height="17" border="0"></a></td>\r
+                      </tr>\r
+                      <?php $i++; endforeach; ?>\r
+                      <tr> \r
+                        <td class="list" colspan="7"></td>\r
+                        <td class="list"> <a href="firewall_shaper_pipes_edit.php"><img src="plus.gif" title="add pipe" width="17" height="17" border="0"></a></td>\r
+                      </tr>\r
+                    </table><br>\r
+                    <strong><span class="red">Note:</span></strong> a pipe can \r
+                    only be deleted if it is not referenced by any rules or queues.</td>\r
+       </tr>\r
+</table>\r
+            </form>\r
+<?php include("fend.inc"); ?>\r
index eb7a700a81bcbcd379e73dc48cbb99f4834f6ffb..057c2659cc96f239759c50bfd201c0cef2746b21 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Firewall", "Traffic shaper");
-require("guiconfig.inc");
-
-if (!is_array($config['shaper']['pipe'])) {
-       $config['shaper']['pipe'] = array();
-}
-if (!is_array($config['shaper']['queue'])) {
-       $config['shaper']['queue'] = array();
-}
-$a_queues = &$config['shaper']['queue'];
-$a_pipe = &$config['shaper']['pipe'];
-
-if ($_GET['act'] == "del") {
-       if ($a_queues[$_GET['id']]) {
-               /* check that no rule references this queue */
-               if (is_array($config['shaper']['rule'])) {
-                       foreach ($config['shaper']['rule'] as $rule) {
-                               if (isset($rule['targetqueue']) && ($rule['targetqueue'] == $_GET['id'])) {
-                                       $input_errors[] = "This queue cannot be deleted because it is still referenced by a rule.";
-                                       break;
-                               }
-                       }
-               }
-               
-               if (!$input_errors) {
-                       unset($a_queues[$_GET['id']]);
-                       
-                       /* renumber all rules */
-                       if (is_array($config['shaper']['rule'])) {
-                               for ($i = 0; isset($config['shaper']['rule'][$i]); $i++) {
-                                       $currule = &$config['shaper']['rule'][$i];
-                                       if (isset($currule['targetqueue']) && ($currule['targetqueue'] > $_GET['id']))
-                                               $currule['targetqueue']--;
-                               }
-                       }
-                       
-                       write_config();
-                       touch($d_shaperconfdirty_path);
-                       header("Location: firewall_shaper_queues.php");
-                       exit;
-               }
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="firewall_shaper.php" method="post">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_shaperconfdirty_path)): ?><p>
-<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="firewall_shaper.php">Rules</a></li>
-    <li class="tabinact"><a href="firewall_shaper_pipes.php">Pipes</a></li>
-    <li class="tabact">Queues</li>
-    <li class="tabinact"><a href="firewall_shaper_magic.php">Magic shaper wizard</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="100%" border="0" cellpadding="0" cellspacing="0">
-                      <tr> 
-                        <td width="10%" class="listhdrr">No.</td>
-                        <td width="25%" class="listhdrr">Pipe</td>
-                        <td width="5%" class="listhdrr">Weight</td>
-                        <td width="20%" class="listhdrr">Mask</td>
-                        <td width="30%" class="listhdr">Description</td>
-                        <td width="10%" class="list"></td>
-                      </tr>
-                      <?php $i = 0; foreach ($a_queues as $queue): ?>
-                      <tr valign="top"> 
-                        <td class="listlr"> 
-                          <?=($i+1);?></td>
-                        <td class="listr"> 
-                                                       <?php
-                                                       if ($a_pipe[$queue['targetpipe']]['descr'])
-                                                               $desc = htmlspecialchars($a_pipe[$queue['targetpipe']]['descr']);
-                                                       else 
-                                                               $desc = "Pipe " . ($queue['targetpipe']+1);
-                                                       ?>      
-                          <a href="firewall_shaper_pipes_edit.php?id=<?=$queue['targetpipe'];?>"><?=$desc;?></a></td>
-                        <td class="listr"> 
-                          <?=$queue['weight'];?></td>
-                        <td class="listr"> 
-                          <?php if ($queue['mask']): ?>
-                          <?=$queue['mask'];?>
-                          <?php endif; ?>
-                          &nbsp; </td>
-                        <td class="listbg"> 
-                          <?=htmlspecialchars($queue['descr']);?>
-                          &nbsp; </td>
-                        <td valign="middle" nowrap class="list"> <a href="firewall_shaper_queues_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit queue" width="17" height="17" border="0"></a> 
-                          &nbsp;<a href="firewall_shaper_queues.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this queue?')"><img src="x.gif" title="delete queue" width="17" height="17" border="0"></a></td>
-                      </tr>
-                      <?php $i++; endforeach; ?>
-                      <tr> 
-                        <td class="list" colspan="5"></td>
-                        <td class="list"> <a href="firewall_shaper_queues_edit.php"><img src="plus.gif" title="add queue" width="17" height="17" border="0"></a></td>
-                      </tr>
-                    </table><br>
-                    <strong><span class="red">Note:</span></strong> a queue can 
-                    only be deleted if it is not referenced by any rules.</td>
-       </tr>
-</table>
-            </form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Firewall", "Traffic shaper", "Queues");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['shaper']['pipe'])) {\r
+       $config['shaper']['pipe'] = array();\r
+}\r
+if (!is_array($config['shaper']['queue'])) {\r
+       $config['shaper']['queue'] = array();\r
+}\r
+$a_queues = &$config['shaper']['queue'];\r
+$a_pipe = &$config['shaper']['pipe'];\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_queues[$_GET['id']]) {\r
+               /* check that no rule references this queue */\r
+               if (is_array($config['shaper']['rule'])) {\r
+                       foreach ($config['shaper']['rule'] as $rule) {\r
+                               if (isset($rule['targetqueue']) && ($rule['targetqueue'] == $_GET['id'])) {\r
+                                       $input_errors[] = "This queue cannot be deleted because it is still referenced by a rule.";\r
+                                       break;\r
+                               }\r
+                       }\r
+               }\r
+               \r
+               if (!$input_errors) {\r
+                       unset($a_queues[$_GET['id']]);\r
+                       \r
+                       /* renumber all rules */\r
+                       if (is_array($config['shaper']['rule'])) {\r
+                               for ($i = 0; isset($config['shaper']['rule'][$i]); $i++) {\r
+                                       $currule = &$config['shaper']['rule'][$i];\r
+                                       if (isset($currule['targetqueue']) && ($currule['targetqueue'] > $_GET['id']))\r
+                                               $currule['targetqueue']--;\r
+                               }\r
+                       }\r
+                       \r
+                       write_config();\r
+                       touch($d_shaperconfdirty_path);\r
+                       header("Location: firewall_shaper_queues.php");\r
+                       exit;\r
+               }\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="firewall_shaper.php" method="post">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_shaperconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Rules' => 'firewall_shaper.php',\r
+                         'Pipes' => 'firewall_shaper_pipes.php',\r
+                         'Queues' => 'firewall_shaper_queues.php',\r
+                         'Magic shaper wizard' => 'firewall_shaper_magic.php');\r
+       dynamic_tab_menu($tabs);\r
+?>       \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+                      <tr> \r
+                        <td width="10%" class="listhdrr">No.</td>\r
+                        <td width="25%" class="listhdrr">Pipe</td>\r
+                        <td width="5%" class="listhdrr">Weight</td>\r
+                        <td width="20%" class="listhdrr">Mask</td>\r
+                        <td width="30%" class="listhdr">Description</td>\r
+                        <td width="10%" class="list"></td>\r
+                      </tr>\r
+                      <?php $i = 0; foreach ($a_queues as $queue): ?>\r
+                      <tr valign="top"> \r
+                        <td class="listlr"> \r
+                          <?=($i+1);?></td>\r
+                        <td class="listr"> \r
+                                                       <?php\r
+                                                       if ($a_pipe[$queue['targetpipe']]['descr'])\r
+                                                               $desc = htmlspecialchars($a_pipe[$queue['targetpipe']]['descr']);\r
+                                                       else \r
+                                                               $desc = "Pipe " . ($queue['targetpipe']+1);\r
+                                                       ?>      \r
+                          <a href="firewall_shaper_pipes_edit.php?id=<?=$queue['targetpipe'];?>"><?=$desc;?></a></td>\r
+                        <td class="listr"> \r
+                          <?=$queue['weight'];?></td>\r
+                        <td class="listr"> \r
+                          <?php if ($queue['mask']): ?>\r
+                          <?=$queue['mask'];?>\r
+                          <?php endif; ?>\r
+                          &nbsp; </td>\r
+                        <td class="listbg"> \r
+                          <?=htmlspecialchars($queue['descr']);?>\r
+                          &nbsp; </td>\r
+                        <td valign="middle" nowrap class="list"> <a href="firewall_shaper_queues_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit queue" width="17" height="17" border="0"></a> \r
+                          &nbsp;<a href="firewall_shaper_queues.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this queue?')"><img src="x.gif" title="delete queue" width="17" height="17" border="0"></a></td>\r
+                      </tr>\r
+                      <?php $i++; endforeach; ?>\r
+                      <tr> \r
+                        <td class="list" colspan="5"></td>\r
+                        <td class="list"> <a href="firewall_shaper_queues_edit.php"><img src="plus.gif" title="add queue" width="17" height="17" border="0"></a></td>\r
+                      </tr>\r
+                    </table><br>\r
+                    <strong><span class="red">Note:</span></strong> a queue can \r
+                    only be deleted if it is not referenced by any rules.</td>\r
+       </tr>\r
+</table>\r
+            </form>\r
+<?php include("fend.inc"); ?>\r
index ab0ddbe80b529ef89497e831c5cef4acc7df7704..77d125aebf50d77e4b5730c7e03de7c23e495442 100644 (file)
@@ -41,6 +41,9 @@ if (!$omit_nocacheheaders) {
 require_once("config.inc");
 require_once("functions.inc");
 
+/* ensure the user is authorized to view the current page */
+require_once("auth.inc");
+
 $d_natconfdirty_path = $g['varrun_path'] . "/nat.conf.dirty";
 $d_filterconfdirty_path = $g['varrun_path'] . "/filter.conf.dirty";
 $d_ipsecconfdirty_path = $g['varrun_path'] . "/ipsec.conf.dirty";
@@ -477,4 +480,40 @@ function ipsec_ca_sort() {
        usort($config['ipsec']['cacert'], "ipseccacmp");
 }
 
+function dynamic_tab_menu(&$tabs) {
+       global $allowed, $config;
+       
+       if ($_SERVER['REMOTE_USER'] == $config['system']['username']) {
+               $authorized = &$tabs;
+       } else {
+               $authorized = &$allowed;
+       }
+       
+       // Below needed to add the "1" onto the end of the class name for the first tab, if it is inactive.
+    $linkStyle = '1';
+       foreach ($tabs as $desc => $link) {
+               if (in_array($link,$authorized)) {
+                       if ($link == str_replace('/','',$_SERVER['PHP_SELF'])) {
+                               // special handling for diagnostic Logs tabs.
+                               if ((strpos($link,'diag_logs') > -1) && ($link != 'diag_logs_settings.php')) {
+                                       if ($desc == "Firewall") {
+                                       echo '<li class="tabact"><a href="diag_logs_filter.php" style="color:black" title="reset filter and reload firewall logs page">Firewall</a></li>';
+                                       }
+                                       else {
+                                               echo '<li class="tabact"><a href="'.$link.'" style="color:black" title="reload page">'.$desc.'</a></li>';
+                                       }
+                               }
+                               else {
+                                       echo '<li class="tabact">'.$desc.'</li>';
+                               }
+                               $linkStyle = '';
+                       }
+                       else {
+                               echo '<li class="tabinact'.$linkStyle.'"><a href="'.$link.'">'.$desc.'</a></li>';
+                               $linkStyle = '';
+                       }
+               }
+    }  
+ }
+
 ?>
index 91aae6af366612db8fb206e93d398b61079c7bed..7c60c59b100a9be7160bd0bf9e95ad62587a5423 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Services", "Captive portal");
-require("guiconfig.inc");
-
-if (!is_array($config['captiveportal'])) {
-       $config['captiveportal'] = array();
-       $config['captiveportal']['page'] = array();
-       $config['captiveportal']['timeout'] = 60;
-}
-
-if ($_GET['act'] == "viewhtml") {
-       echo base64_decode($config['captiveportal']['page']['htmltext']);
-       exit;
-} else if ($_GET['act'] == "viewerrhtml") {
-       echo base64_decode($config['captiveportal']['page']['errtext']);
-       exit;
-}
-
-$pconfig['cinterface'] = $config['captiveportal']['interface'];
-$pconfig['maxproc'] = $config['captiveportal']['maxproc'];
-$pconfig['maxprocperip'] = $config['captiveportal']['maxprocperip'];
-$pconfig['timeout'] = $config['captiveportal']['timeout'];
-$pconfig['idletimeout'] = $config['captiveportal']['idletimeout'];
-$pconfig['enable'] = isset($config['captiveportal']['enable']);
-$pconfig['auth_method'] = $config['captiveportal']['auth_method'];
-$pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']);
-$pconfig['radmac_enable'] = isset($config['captiveportal']['radmac_enable']);
-$pconfig['radmac_secret'] = $config['captiveportal']['radmac_secret'];
-$pconfig['reauthenticate'] = isset($config['captiveportal']['reauthenticate']);
-$pconfig['reauthenticateacct'] = $config['captiveportal']['reauthenticateacct'];
-$pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']);
-$pconfig['httpsname'] = $config['captiveportal']['httpsname'];
-$pconfig['cert'] = base64_decode($config['captiveportal']['certificate']);
-$pconfig['key'] = base64_decode($config['captiveportal']['private-key']);
-$pconfig['logoutwin_enable'] = isset($config['captiveportal']['logoutwin_enable']);
-$pconfig['nomacfilter'] = isset($config['captiveportal']['nomacfilter']);
-$pconfig['noconcurrentlogins'] = isset($config['captiveportal']['noconcurrentlogins']);
-$pconfig['redirurl'] = $config['captiveportal']['redirurl'];
-$pconfig['radiusip'] = $config['captiveportal']['radiusip'];
-$pconfig['radiusip2'] = $config['captiveportal']['radiusip2'];
-$pconfig['radiusport'] = $config['captiveportal']['radiusport'];
-$pconfig['radiusport2'] = $config['captiveportal']['radiusport2'];
-$pconfig['radiusacctport'] = $config['captiveportal']['radiusacctport'];
-$pconfig['radiuskey'] = $config['captiveportal']['radiuskey'];
-$pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2'];
-$pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor'];
-$pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']);
-
-if ($_POST) {
-
-       unset($input_errors);
-       $pconfig = $_POST;
-
-       /* input validation */
-       if ($_POST['enable']) {
-               $reqdfields = explode(" ", "cinterface");
-               $reqdfieldsn = explode(",", "Interface");
-               
-               do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-               
-               /* make sure no interfaces are bridged */
-               for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
-                       $coptif = &$config['interfaces']['opt' . $i];
-                       if (isset($coptif['enable']) && $coptif['bridge']) {
-                               $input_errors[] = "The captive portal cannot be used when one or more interfaces are bridged.";
-                               break;
-                       }
-               }
-               
-               if ($_POST['httpslogin_enable']) {
-                       if (!$_POST['cert'] || !$_POST['key']) {
-                               $input_errors[] = "Certificate and key must be specified for HTTPS login.";
-                       } else {
-                               if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))
-                                       $input_errors[] = "This certificate does not appear to be valid.";
-                               if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['key'], "END RSA PRIVATE KEY"))
-                                       $input_errors[] = "This key does not appear to be valid.";
-                       }
-                       
-                       if (!$_POST['httpsname'] || !is_domain($_POST['httpsname'])) {
-                               $input_errors[] = "The HTTPS server name must be specified for HTTPS login.";
-                       }
-               }
-       }
-       
-       if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1))) {
-               $input_errors[] = "The timeout must be at least 1 minute.";
-       }
-       if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) || ($_POST['idletimeout'] < 1))) {
-               $input_errors[] = "The idle timeout must be at least 1 minute.";
-       }
-       if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {
-               $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip']."]";
-       }
-       if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) {
-               $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip2']."]";
-       }
-       if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {
-               $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport']."]";
-       }
-       if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) {
-               $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport2']."]";
-       }
-       if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {
-               $input_errors[] = "A valid port number must be specified. [".$_POST['radiusacctport']."]";
-       }
-       if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) || ($_POST['maxproc'] < 4) || ($_POST['maxproc'] > 100))) {
-               $input_errors[] = "The total maximum number of concurrent connections must be between 4 and 100.";
-       }
-       $mymaxproc = $_POST['maxproc'] ? $_POST['maxproc'] : 16;
-       if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) || ($_POST['maxprocperip'] > $mymaxproc))) {
-               $input_errors[] = "The maximum number of concurrent connections per client IP address may not be larger than the global maximum.";
-       }
-
-       if (!$input_errors) {
-               $config['captiveportal']['interface'] = $_POST['cinterface'];
-               $config['captiveportal']['maxproc'] = $_POST['maxproc'];
-               $config['captiveportal']['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false;
-               $config['captiveportal']['timeout'] = $_POST['timeout'];
-               $config['captiveportal']['idletimeout'] = $_POST['idletimeout'];
-               $config['captiveportal']['enable'] = $_POST['enable'] ? true : false;
-               $config['captiveportal']['auth_method'] = $_POST['auth_method'];
-               $config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false;
-               $config['captiveportal']['reauthenticate'] = $_POST['reauthenticate'] ? true : false;
-               $config['captiveportal']['radmac_enable'] = $_POST['radmac_enable'] ? true : false;
-               $config['captiveportal']['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false;
-               $config['captiveportal']['reauthenticateacct'] = $_POST['reauthenticateacct'];
-               $config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;
-               $config['captiveportal']['httpsname'] = $_POST['httpsname'];
-               $config['captiveportal']['certificate'] = base64_encode($_POST['cert']);
-               $config['captiveportal']['private-key'] = base64_encode($_POST['key']);
-               $config['captiveportal']['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;
-               $config['captiveportal']['nomacfilter'] = $_POST['nomacfilter'] ? true : false;
-               $config['captiveportal']['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false;
-               $config['captiveportal']['redirurl'] = $_POST['redirurl'];
-               $config['captiveportal']['radiusip'] = $_POST['radiusip'];
-               $config['captiveportal']['radiusip2'] = $_POST['radiusip2'];
-               $config['captiveportal']['radiusport'] = $_POST['radiusport'];
-               $config['captiveportal']['radiusport2'] = $_POST['radiusport2'];
-               $config['captiveportal']['radiusacctport'] = $_POST['radiusacctport'];
-               $config['captiveportal']['radiuskey'] = $_POST['radiuskey'];
-               $config['captiveportal']['radiuskey2'] = $_POST['radiuskey2'];
-               $config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false;
-               $config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false;
-               
-               /* file upload? */
-               if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))
-                       $config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));
-               if (is_uploaded_file($_FILES['errfile']['tmp_name']))
-                       $config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));
-                       
-               write_config();
-               
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval = captiveportal_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<script language="JavaScript">
-<!--
-function enable_change(enable_change) {
-       var endis, radius_endis;
-       endis = !(document.iform.enable.checked || enable_change);
-       radius_endis = !((!endis && document.iform.auth_method[2].checked) || enable_change);
-       
-       document.iform.cinterface.disabled = endis;
-       document.iform.maxproc.disabled = endis;
-       document.iform.maxprocperip.disabled = endis;
-       document.iform.idletimeout.disabled = endis;
-       document.iform.timeout.disabled = endis;
-       document.iform.redirurl.disabled = endis;
-       document.iform.radiusip.disabled = radius_endis;
-       document.iform.radiusip2.disabled = radius_endis;
-       document.iform.radiusport.disabled = radius_endis;
-       document.iform.radiusport2.disabled = radius_endis;
-       document.iform.radiuskey.disabled = radius_endis;
-       document.iform.radiuskey2.disabled = radius_endis;
-       document.iform.radacct_enable.disabled = radius_endis;
-       document.iform.reauthenticate.disabled = radius_endis;
-       document.iform.auth_method[0].disabled = endis;
-       document.iform.auth_method[1].disabled = endis;
-       document.iform.auth_method[2].disabled = endis;
-       document.iform.radmac_enable.disabled = radius_endis;
-       document.iform.httpslogin_enable.disabled = endis;
-       document.iform.httpsname.disabled = endis;
-       document.iform.cert.disabled = endis;
-       document.iform.key.disabled = endis;
-       document.iform.logoutwin_enable.disabled = endis;
-       document.iform.nomacfilter.disabled = endis;
-       document.iform.noconcurrentlogins.disabled = endis;
-       document.iform.radiusvendor.disabled = radius_endis;
-       document.iform.radiussession_timeout.disabled = radius_endis;
-       document.iform.htmlfile.disabled = endis;
-       document.iform.errfile.disabled = endis;
-       
-       document.iform.radiusacctport.disabled = (radius_endis || !document.iform.radacct_enable.checked) && !enable_change;
-       
-       document.iform.radmac_secret.disabled = (radius_endis || !document.iform.radmac_enable.checked) && !enable_change;
-       
-       var reauthenticate_dis = (radius_endis || !document.iform.reauthenticate.checked) && !enable_change;
-       document.iform.reauthenticateacct[0].disabled = reauthenticate_dis;
-       document.iform.reauthenticateacct[1].disabled = reauthenticate_dis;
-       document.iform.reauthenticateacct[2].disabled = reauthenticate_dis;
-}
-//-->
-</script>
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-       <li class="tabact">Captive portal</li>
-       <li class="tabinact"><a href="services_captiveportal_mac.php">Pass-through MAC</a></li>
-       <li class="tabinact"><a href="services_captiveportal_ip.php">Allowed IP addresses</a></li>
-       <li class="tabinact"><a href="services_captiveportal_users.php">Users</a></li>
-       <li class="tabinact"><a href="services_captiveportal_filemanager.php">File manager</a></li>
-  </ul>
-  </td></tr>
-  <tr>
-  <td class="tabcont">
-  <table width="100%" border="0" cellpadding="6" cellspacing="0">
-       <tr> 
-         <td width="22%" valign="top" class="vtable">&nbsp;</td>
-         <td width="78%" class="vtable">
-               <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
-               <strong>Enable captive portal </strong></td>
-       </tr>
-       <tr> 
-         <td width="22%" valign="top" class="vncellreq">Interface</td>
-         <td width="78%" class="vtable">
-               <select name="cinterface" class="formfld" id="cinterface">
-                 <?php $interfaces = array('lan' => 'LAN');
-                 for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
-                       if (isset($config['interfaces']['opt' . $i]['enable']))
-                               $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
-                 }
-                 foreach ($interfaces as $iface => $ifacename): ?>
-                 <option value="<?=$iface;?>" <?php if ($iface == $pconfig['cinterface']) echo "selected"; ?>> 
-                 <?=htmlspecialchars($ifacename);?>
-                 </option>
-                 <?php endforeach; ?>
-               </select> <br>
-               <span class="vexpl">Choose which interface to run the captive portal on.</span></td>
-       </tr>
-       <tr>
-         <td valign="top" class="vncell">Maximum concurrent connections</td>
-         <td class="vtable">
-               <table cellpadding="0" cellspacing="0">
-                 <tr>
-           <td><input name="maxprocperip" type="text" class="formfld" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> per client IP address (0 = no limit)</td>
-                 </tr>
-                 <tr>
-           <td><input name="maxproc" type="text" class="formfld" id="maxproc" size="5" value="<?=htmlspecialchars($pconfig['maxproc']);?>"> total</td>
-                 </tr>
-               </table>
-This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in
-to the captive portal, but rather how many users can load the portal page or authenticate at the same time!
-Default is 4 connections per client IP address, with a total maximum of 16 connections.</td>
-       </tr>
-       <tr>
-         <td valign="top" class="vncell">Idle timeout</td>
-         <td class="vtable">
-               <input name="idletimeout" type="text" class="formfld" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">
-minutes<br>
-Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout.</td>
-       </tr>
-       <tr> 
-         <td width="22%" valign="top" class="vncell">Hard timeout</td>
-         <td width="78%" class="vtable"> 
-               <input name="timeout" type="text" class="formfld" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>"> 
-               minutes<br>
-         Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set).</td>
-       </tr>
-       <tr> 
-         <td width="22%" valign="top" class="vncell">Logout popup window</td>
-         <td width="78%" class="vtable"> 
-               <input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>
-               <strong>Enable logout popup window</strong><br>
-         If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs.</td>
-       </tr>
-       <tr>
-         <td valign="top" class="vncell">Redirection URL</td>
-         <td class="vtable">
-               <input name="redirurl" type="text" class="formfld" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">
-               <br>
-If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried
-to access after they've authenticated.</td>
-       </tr>
-       <tr>
-      <td valign="top" class="vncell">Concurrent user logins</td>
-      <td class="vtable">
-       <input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked"; ?>>
-       <strong>Disable concurrent logins</strong><br>
-       If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected.</td>
-       </tr>
-       <tr>
-      <td valign="top" class="vncell">MAC filtering </td>
-      <td class="vtable">
-        <input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked"; ?>>
-        <strong>Disable MAC filtering</strong><br>
-    If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in.
-    This is required when the MAC address of the client cannot be determined (usually because there are routers between m0n0wall and the clients).</td>
-         </tr>
-       <tr> 
-         <td width="22%" valign="top" class="vncell">Authentication</td>
-         <td width="78%" class="vtable"> 
-               <table cellpadding="0" cellspacing="0">
-               <tr>
-                 <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onClick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked"; ?>>
-  No authentication</td>  
-                 </tr>
-               <tr>
-                 <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked"; ?>>
-  Local <a href="services_captiveportal_users.php">user manager</a></td>  
-                 </tr>
-               <tr>
-                 <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?>>
-  RADIUS authentication</td>  
-                 </tr><tr>
-                 <td>&nbsp;</td>
-                 <td>&nbsp;</td>
-                 </tr>
-               </table>
-               <table width="100%" border="0" cellpadding="6" cellspacing="0">
-               <tr> 
-               <td colspan="2" valign="top" class="optsect_t2">Primary RADIUS server</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell" valign="top">IP address</td>
-                               <td class="vtable"><input name="radiusip" type="text" class="formfld" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"><br>
-                               Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against.</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell" valign="top">Port</td>
-                               <td class="vtable"><input name="radiusport" type="text" class="formfld" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"><br>
-                                Leave this field blank to use the default port (1812).</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell" valign="top">Shared secret&nbsp;&nbsp;</td>
-                               <td class="vtable"><input name="radiuskey" type="text" class="formfld" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"><br>
-                               Leave this field blank to not use a RADIUS shared secret (not recommended).</td>
-                       </tr>
-                       <tr> 
-                         <td colspan="2" class="list" height="12"></td>
-                       </tr>
-                       <tr>
-                               <td colspan="2" valign="top" class="optsect_t2">Secondary RADIUS server</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell" valign="top">IP address</td>
-                               <td class="vtable"><input name="radiusip2" type="text" class="formfld" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>"><br>
-                               If you have a second RADIUS server, you can activate it by entering its IP address here.</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell" valign="top">Port</td>
-                               <td class="vtable"><input name="radiusport2" type="text" class="formfld" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>"></td>
-                       </tr>
-                       <tr>
-                               <td class="vncell" valign="top">Shared secret&nbsp;&nbsp;</td>
-                               <td class="vtable"><input name="radiuskey2" type="text" class="formfld" id="radiuskey2" size="16" value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td>
-                       </tr>
-                       <tr> 
-                         <td colspan="2" class="list" height="12"></td>
-                       </tr>
-                       <tr>
-                               <td colspan="2" valign="top" class="optsect_t2">Accounting</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell">&nbsp;</td>
-                               <td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked"; ?>>
-                               <strong>send RADIUS accounting packets</strong><br>
-                               If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server.</td>
-                       </tr>
-                       <tr>
-                         <td class="vncell" valign="top">Accounting port</td>
-                         <td class="vtable"><input name="radiusacctport" type="text" class="formfld" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"><br>
-                         Leave blank to use the default port (1813).</td>
-                         </tr>
-                       <tr>
-                         <td colspan="2" class="list" height="12"></td>
-                       </tr>
-                       <tr>
-                               <td colspan="2" valign="top" class="optsect_t2">Reauthentication</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell">&nbsp;</td>
-                               <td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onClick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked"; ?>>
-                         <strong>Reauthenticate connected users every minute</strong><br>
-                         If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is
-                         logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately.</td>
-                       </tr>
-                       <tr>
-                         <td class="vncell" valign="top">Accounting updates</td>
-                         <td class="vtable">
-                         <input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked"; ?>> no accounting updates<br>
-                         <input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked"; ?>> stop/start accounting<br>
-                         <input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked"; ?>> interim update
-                         </td>
-                       </tr>
-                       <tr>
-                         <td colspan="2" class="list" height="12"></td>
-                       </tr>
-                       <tr>
-                               <td colspan="2" valign="top" class="optsect_t2">RADIUS MAC authentication</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell">&nbsp;</td>
-                               <td class="vtable">
-                               <input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onClick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked"; ?>><strong>Enable RADIUS MAC authentication</strong><br>
-                               If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password
-                               entered below to the RADIUS server.</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell">Shared secret</td>
-                               <td class="vtable"><input name="radmac_secret" type="text" class="formfld" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>"></td>
-                       </tr>
-                       <tr>
-                         <td colspan="2" class="list" height="12"></td>
-                       </tr>
-                       <tr>
-                               <td colspan="2" valign="top" class="optsect_t2">RADIUS options</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell" valign="top">Session-Timeout</td>
-                               <td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong>Use RADIUS Session-Timeout attributes</strong><br>
-                               When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute.</td>
-                       </tr>
-                       <tr>
-                               <td class="vncell" valign="top">Type</td>
-                               <td class="vtable"><select name="radiusvendor" id="radiusvendor">
-                               <option>default</option>
-                               <?php 
-                               $radiusvendors = array("cisco");
-                               foreach ($radiusvendors as $radiusvendor){
-                                       if ($pconfig['radiusvendor'] == $radiusvendor)
-                                               echo "<option selected value=\"$radiusvendor\">$radiusvendor</option>\n";
-                                       else
-                                               echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n";
-                               }
-                               ?></select><br>
-                               If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and
-                               the Called-Station-Id to the client's MAC address. Default behaviour is Calling-Station-Id = client's MAC address and Called-Station-Id = m0n0wall's WAN IP address.</td>
-                       </tr>
-               </table>
-       </tr>
-       <tr>
-      <td valign="top" class="vncell">HTTPS login</td>
-      <td class="vtable">
-        <input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>>
-        <strong>Enable HTTPS login</strong><br>
-    If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below.</td>
-         </tr>
-       <tr>
-      <td valign="top" class="vncell">HTTPS server name </td>
-      <td class="vtable">
-        <input name="httpsname" type="text" class="formfld" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>
-    This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS. </td>
-         </tr>
-       <tr>
-      <td valign="top" class="vncell">HTTPS certificate</td>
-      <td class="vtable">
-        <textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>
-        <br>
-    Paste a signed certificate in X.509 PEM format here.</td>
-         </tr>
-       <tr>
-      <td valign="top" class="vncell">HTTPS private key</td>
-      <td class="vtable">
-        <textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>
-        <br>
-    Paste an RSA private key in PEM format here.</td>
-         </tr>
-       <tr> 
-         <td width="22%" valign="top" class="vncellreq">Portal page contents</td>
-         <td width="78%" class="vtable">    
-               <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld" id="htmlfile"><br>
-               <?php if ($config['captiveportal']['page']['htmltext']): ?>
-               <a href="?act=viewhtml" target="_blank">View current page</a>                      
-                 <br>
-                 <br>
-               <?php endif; ?>
-                 Upload an HTML file for the portal page here (leave blank to keep the current one). Make sure to include a form (POST to &quot;$PORTAL_ACTION$&quot;)
-with a submit button (name=&quot;accept&quot;) and a hidden field with name=&quot;redirurl&quot; and value=&quot;$PORTAL_REDIRURL$&quot;.
-Include the &quot;auth_user&quot; and &quot;auth_pass&quot; input fields if authentication is enabled, otherwise it will always fail.
-Example code for the form:<br>
-                 <br>
-                 <tt>&lt;form method=&quot;post&quot; action=&quot;$PORTAL_ACTION$&quot;&gt;<br>
-                 &nbsp;&nbsp;&nbsp;&lt;input name=&quot;auth_user&quot; type=&quot;text&quot;&gt;<br>
-                 &nbsp;&nbsp;&nbsp;&lt;input name=&quot;auth_pass&quot; type=&quot;password&quot;&gt;<br>
-                 &nbsp;&nbsp;&nbsp;&lt;input name=&quot;redirurl&quot; type=&quot;hidden&quot; value=&quot;$PORTAL_REDIRURL$&quot;&gt;<br>
-&nbsp;&nbsp;&nbsp;&lt;input name=&quot;accept&quot; type=&quot;submit&quot; value=&quot;Continue&quot;&gt;<br>
-                 &lt;/form&gt;</tt></td>
-       </tr>
-       <tr>
-         <td width="22%" valign="top" class="vncell">Authentication<br>
-               error page<br>
-               contents</td>
-         <td class="vtable">
-               <input name="errfile" type="file" class="formfld" id="errfile"><br>
-               <?php if ($config['captiveportal']['page']['errtext']): ?>
-               <a href="?act=viewerrhtml" target="_blank">View current page</a>                      
-                 <br>
-                 <br>
-               <?php endif; ?>
-The contents of the HTML file that you upload here are displayed when an authentication error occurs.
-You may include &quot;$PORTAL_MESSAGE$&quot;, which will be replaced by the error or reply messages from the RADIUS server, if any.</td>
-       </tr>
-       <tr> 
-         <td width="22%" valign="top">&nbsp;</td>
-         <td width="78%"> 
-               <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)"> 
-         </td>
-       </tr>
-       <tr> 
-         <td width="22%" valign="top">&nbsp;</td>
-         <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>
-               </strong></span>Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work. </span></td>
-       </tr>
-  </table>
-  </td>
-  </tr>
-  </table>
-</form>
-<script language="JavaScript">
-<!--
-enable_change(false);
-//-->
-</script>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Services", "Captive portal");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['captiveportal'])) {\r
+       $config['captiveportal'] = array();\r
+       $config['captiveportal']['page'] = array();\r
+       $config['captiveportal']['timeout'] = 60;\r
+}\r
+\r
+if ($_GET['act'] == "viewhtml") {\r
+       echo base64_decode($config['captiveportal']['page']['htmltext']);\r
+       exit;\r
+} else if ($_GET['act'] == "viewerrhtml") {\r
+       echo base64_decode($config['captiveportal']['page']['errtext']);\r
+       exit;\r
+}\r
+\r
+$pconfig['cinterface'] = $config['captiveportal']['interface'];\r
+$pconfig['maxproc'] = $config['captiveportal']['maxproc'];\r
+$pconfig['maxprocperip'] = $config['captiveportal']['maxprocperip'];\r
+$pconfig['timeout'] = $config['captiveportal']['timeout'];\r
+$pconfig['idletimeout'] = $config['captiveportal']['idletimeout'];\r
+$pconfig['enable'] = isset($config['captiveportal']['enable']);\r
+$pconfig['auth_method'] = $config['captiveportal']['auth_method'];\r
+$pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']);\r
+$pconfig['radmac_enable'] = isset($config['captiveportal']['radmac_enable']);\r
+$pconfig['radmac_secret'] = $config['captiveportal']['radmac_secret'];\r
+$pconfig['reauthenticate'] = isset($config['captiveportal']['reauthenticate']);\r
+$pconfig['reauthenticateacct'] = $config['captiveportal']['reauthenticateacct'];\r
+$pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']);\r
+$pconfig['httpsname'] = $config['captiveportal']['httpsname'];\r
+$pconfig['cert'] = base64_decode($config['captiveportal']['certificate']);\r
+$pconfig['key'] = base64_decode($config['captiveportal']['private-key']);\r
+$pconfig['logoutwin_enable'] = isset($config['captiveportal']['logoutwin_enable']);\r
+$pconfig['nomacfilter'] = isset($config['captiveportal']['nomacfilter']);\r
+$pconfig['noconcurrentlogins'] = isset($config['captiveportal']['noconcurrentlogins']);\r
+$pconfig['redirurl'] = $config['captiveportal']['redirurl'];\r
+$pconfig['radiusip'] = $config['captiveportal']['radiusip'];\r
+$pconfig['radiusip2'] = $config['captiveportal']['radiusip2'];\r
+$pconfig['radiusport'] = $config['captiveportal']['radiusport'];\r
+$pconfig['radiusport2'] = $config['captiveportal']['radiusport2'];\r
+$pconfig['radiusacctport'] = $config['captiveportal']['radiusacctport'];\r
+$pconfig['radiuskey'] = $config['captiveportal']['radiuskey'];\r
+$pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2'];\r
+$pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor'];\r
+$pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']);\r
+\r
+if ($_POST) {\r
+\r
+       unset($input_errors);\r
+       $pconfig = $_POST;\r
+\r
+       /* input validation */\r
+       if ($_POST['enable']) {\r
+               $reqdfields = explode(" ", "cinterface");\r
+               $reqdfieldsn = explode(",", "Interface");\r
+               \r
+               do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
+               \r
+               /* make sure no interfaces are bridged */\r
+               for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {\r
+                       $coptif = &$config['interfaces']['opt' . $i];\r
+                       if (isset($coptif['enable']) && $coptif['bridge']) {\r
+                               $input_errors[] = "The captive portal cannot be used when one or more interfaces are bridged.";\r
+                               break;\r
+                       }\r
+               }\r
+               \r
+               if ($_POST['httpslogin_enable']) {\r
+                       if (!$_POST['cert'] || !$_POST['key']) {\r
+                               $input_errors[] = "Certificate and key must be specified for HTTPS login.";\r
+                       } else {\r
+                               if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))\r
+                                       $input_errors[] = "This certificate does not appear to be valid.";\r
+                               if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['key'], "END RSA PRIVATE KEY"))\r
+                                       $input_errors[] = "This key does not appear to be valid.";\r
+                       }\r
+                       \r
+                       if (!$_POST['httpsname'] || !is_domain($_POST['httpsname'])) {\r
+                               $input_errors[] = "The HTTPS server name must be specified for HTTPS login.";\r
+                       }\r
+               }\r
+       }\r
+       \r
+       if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1))) {\r
+               $input_errors[] = "The timeout must be at least 1 minute.";\r
+       }\r
+       if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) || ($_POST['idletimeout'] < 1))) {\r
+               $input_errors[] = "The idle timeout must be at least 1 minute.";\r
+       }\r
+       if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {\r
+               $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip']."]";\r
+       }\r
+       if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) {\r
+               $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip2']."]";\r
+       }\r
+       if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {\r
+               $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport']."]";\r
+       }\r
+       if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) {\r
+               $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport2']."]";\r
+       }\r
+       if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {\r
+               $input_errors[] = "A valid port number must be specified. [".$_POST['radiusacctport']."]";\r
+       }\r
+       if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) || ($_POST['maxproc'] < 4) || ($_POST['maxproc'] > 100))) {\r
+               $input_errors[] = "The total maximum number of concurrent connections must be between 4 and 100.";\r
+       }\r
+       $mymaxproc = $_POST['maxproc'] ? $_POST['maxproc'] : 16;\r
+       if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) || ($_POST['maxprocperip'] > $mymaxproc))) {\r
+               $input_errors[] = "The maximum number of concurrent connections per client IP address may not be larger than the global maximum.";\r
+       }\r
+\r
+       if (!$input_errors) {\r
+               $config['captiveportal']['interface'] = $_POST['cinterface'];\r
+               $config['captiveportal']['maxproc'] = $_POST['maxproc'];\r
+               $config['captiveportal']['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false;\r
+               $config['captiveportal']['timeout'] = $_POST['timeout'];\r
+               $config['captiveportal']['idletimeout'] = $_POST['idletimeout'];\r
+               $config['captiveportal']['enable'] = $_POST['enable'] ? true : false;\r
+               $config['captiveportal']['auth_method'] = $_POST['auth_method'];\r
+               $config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false;\r
+               $config['captiveportal']['reauthenticate'] = $_POST['reauthenticate'] ? true : false;\r
+               $config['captiveportal']['radmac_enable'] = $_POST['radmac_enable'] ? true : false;\r
+               $config['captiveportal']['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false;\r
+               $config['captiveportal']['reauthenticateacct'] = $_POST['reauthenticateacct'];\r
+               $config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;\r
+               $config['captiveportal']['httpsname'] = $_POST['httpsname'];\r
+               $config['captiveportal']['certificate'] = base64_encode($_POST['cert']);\r
+               $config['captiveportal']['private-key'] = base64_encode($_POST['key']);\r
+               $config['captiveportal']['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;\r
+               $config['captiveportal']['nomacfilter'] = $_POST['nomacfilter'] ? true : false;\r
+               $config['captiveportal']['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false;\r
+               $config['captiveportal']['redirurl'] = $_POST['redirurl'];\r
+               $config['captiveportal']['radiusip'] = $_POST['radiusip'];\r
+               $config['captiveportal']['radiusip2'] = $_POST['radiusip2'];\r
+               $config['captiveportal']['radiusport'] = $_POST['radiusport'];\r
+               $config['captiveportal']['radiusport2'] = $_POST['radiusport2'];\r
+               $config['captiveportal']['radiusacctport'] = $_POST['radiusacctport'];\r
+               $config['captiveportal']['radiuskey'] = $_POST['radiuskey'];\r
+               $config['captiveportal']['radiuskey2'] = $_POST['radiuskey2'];\r
+               $config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false;\r
+               $config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false;\r
+               \r
+               /* file upload? */\r
+               if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))\r
+                       $config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));\r
+               if (is_uploaded_file($_FILES['errfile']['tmp_name']))\r
+                       $config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));\r
+                       \r
+               write_config();\r
+               \r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval = captiveportal_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<script language="JavaScript">\r
+<!--\r
+function enable_change(enable_change) {\r
+       var endis, radius_endis;\r
+       endis = !(document.iform.enable.checked || enable_change);\r
+       radius_endis = !((!endis && document.iform.auth_method[2].checked) || enable_change);\r
+       \r
+       document.iform.cinterface.disabled = endis;\r
+       document.iform.maxproc.disabled = endis;\r
+       document.iform.maxprocperip.disabled = endis;\r
+       document.iform.idletimeout.disabled = endis;\r
+       document.iform.timeout.disabled = endis;\r
+       document.iform.redirurl.disabled = endis;\r
+       document.iform.radiusip.disabled = radius_endis;\r
+       document.iform.radiusip2.disabled = radius_endis;\r
+       document.iform.radiusport.disabled = radius_endis;\r
+       document.iform.radiusport2.disabled = radius_endis;\r
+       document.iform.radiuskey.disabled = radius_endis;\r
+       document.iform.radiuskey2.disabled = radius_endis;\r
+       document.iform.radacct_enable.disabled = radius_endis;\r
+       document.iform.reauthenticate.disabled = radius_endis;\r
+       document.iform.auth_method[0].disabled = endis;\r
+       document.iform.auth_method[1].disabled = endis;\r
+       document.iform.auth_method[2].disabled = endis;\r
+       document.iform.radmac_enable.disabled = radius_endis;\r
+       document.iform.httpslogin_enable.disabled = endis;\r
+       document.iform.httpsname.disabled = endis;\r
+       document.iform.cert.disabled = endis;\r
+       document.iform.key.disabled = endis;\r
+       document.iform.logoutwin_enable.disabled = endis;\r
+       document.iform.nomacfilter.disabled = endis;\r
+       document.iform.noconcurrentlogins.disabled = endis;\r
+       document.iform.radiusvendor.disabled = radius_endis;\r
+       document.iform.radiussession_timeout.disabled = radius_endis;\r
+       document.iform.htmlfile.disabled = endis;\r
+       document.iform.errfile.disabled = endis;\r
+       \r
+       document.iform.radiusacctport.disabled = (radius_endis || !document.iform.radacct_enable.checked) && !enable_change;\r
+       \r
+       document.iform.radmac_secret.disabled = (radius_endis || !document.iform.radmac_enable.checked) && !enable_change;\r
+       \r
+       var reauthenticate_dis = (radius_endis || !document.iform.reauthenticate.checked) && !enable_change;\r
+       document.iform.reauthenticateacct[0].disabled = reauthenticate_dis;\r
+       document.iform.reauthenticateacct[1].disabled = reauthenticate_dis;\r
+       document.iform.reauthenticateacct[2].disabled = reauthenticate_dis;\r
+}\r
+//-->\r
+</script>\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
+                         'Pass-through MAC' => 'services_captiveportal_mac.php',\r
+                         'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
+                         'Users' => 'services_captiveportal_users.php',\r
+                         'File Manager' => 'services_captiveportal_filemanager.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr>\r
+  <td class="tabcont">\r
+  <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+       <tr> \r
+         <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+         <td width="78%" class="vtable">\r
+               <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">\r
+               <strong>Enable captive portal </strong></td>\r
+       </tr>\r
+       <tr> \r
+         <td width="22%" valign="top" class="vncellreq">Interface</td>\r
+         <td width="78%" class="vtable">\r
+               <select name="cinterface" class="formfld" id="cinterface">\r
+                 <?php $interfaces = array('lan' => 'LAN');\r
+                 for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {\r
+                       if (isset($config['interfaces']['opt' . $i]['enable']))\r
+                               $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];\r
+                 }\r
+                 foreach ($interfaces as $iface => $ifacename): ?>\r
+                 <option value="<?=$iface;?>" <?php if ($iface == $pconfig['cinterface']) echo "selected"; ?>> \r
+                 <?=htmlspecialchars($ifacename);?>\r
+                 </option>\r
+                 <?php endforeach; ?>\r
+               </select> <br>\r
+               <span class="vexpl">Choose which interface to run the captive portal on.</span></td>\r
+       </tr>\r
+       <tr>\r
+         <td valign="top" class="vncell">Maximum concurrent connections</td>\r
+         <td class="vtable">\r
+               <table cellpadding="0" cellspacing="0">\r
+                 <tr>\r
+           <td><input name="maxprocperip" type="text" class="formfld" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> per client IP address (0 = no limit)</td>\r
+                 </tr>\r
+                 <tr>\r
+           <td><input name="maxproc" type="text" class="formfld" id="maxproc" size="5" value="<?=htmlspecialchars($pconfig['maxproc']);?>"> total</td>\r
+                 </tr>\r
+               </table>\r
+This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in\r
+to the captive portal, but rather how many users can load the portal page or authenticate at the same time!\r
+Default is 4 connections per client IP address, with a total maximum of 16 connections.</td>\r
+       </tr>\r
+       <tr>\r
+         <td valign="top" class="vncell">Idle timeout</td>\r
+         <td class="vtable">\r
+               <input name="idletimeout" type="text" class="formfld" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">\r
+minutes<br>\r
+Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout.</td>\r
+       </tr>\r
+       <tr> \r
+         <td width="22%" valign="top" class="vncell">Hard timeout</td>\r
+         <td width="78%" class="vtable"> \r
+               <input name="timeout" type="text" class="formfld" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>"> \r
+               minutes<br>\r
+         Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set).</td>\r
+       </tr>\r
+       <tr> \r
+         <td width="22%" valign="top" class="vncell">Logout popup window</td>\r
+         <td width="78%" class="vtable"> \r
+               <input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>\r
+               <strong>Enable logout popup window</strong><br>\r
+         If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs.</td>\r
+       </tr>\r
+       <tr>\r
+         <td valign="top" class="vncell">Redirection URL</td>\r
+         <td class="vtable">\r
+               <input name="redirurl" type="text" class="formfld" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">\r
+               <br>\r
+If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried\r
+to access after they've authenticated.</td>\r
+       </tr>\r
+       <tr>\r
+      <td valign="top" class="vncell">Concurrent user logins</td>\r
+      <td class="vtable">\r
+       <input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked"; ?>>\r
+       <strong>Disable concurrent logins</strong><br>\r
+       If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected.</td>\r
+       </tr>\r
+       <tr>\r
+      <td valign="top" class="vncell">MAC filtering </td>\r
+      <td class="vtable">\r
+        <input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked"; ?>>\r
+        <strong>Disable MAC filtering</strong><br>\r
+    If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in.\r
+    This is required when the MAC address of the client cannot be determined (usually because there are routers between m0n0wall and the clients).</td>\r
+         </tr>\r
+       <tr> \r
+         <td width="22%" valign="top" class="vncell">Authentication</td>\r
+         <td width="78%" class="vtable"> \r
+               <table cellpadding="0" cellspacing="0">\r
+               <tr>\r
+                 <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onClick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked"; ?>>\r
+  No authentication</td>  \r
+                 </tr>\r
+               <tr>\r
+                 <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked"; ?>>\r
+  Local <a href="services_captiveportal_users.php">user manager</a></td>  \r
+                 </tr>\r
+               <tr>\r
+                 <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?>>\r
+  RADIUS authentication</td>  \r
+                 </tr><tr>\r
+                 <td>&nbsp;</td>\r
+                 <td>&nbsp;</td>\r
+                 </tr>\r
+               </table>\r
+               <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+               <tr> \r
+               <td colspan="2" valign="top" class="optsect_t2">Primary RADIUS server</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell" valign="top">IP address</td>\r
+                               <td class="vtable"><input name="radiusip" type="text" class="formfld" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"><br>\r
+                               Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against.</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell" valign="top">Port</td>\r
+                               <td class="vtable"><input name="radiusport" type="text" class="formfld" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"><br>\r
+                                Leave this field blank to use the default port (1812).</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell" valign="top">Shared secret&nbsp;&nbsp;</td>\r
+                               <td class="vtable"><input name="radiuskey" type="text" class="formfld" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"><br>\r
+                               Leave this field blank to not use a RADIUS shared secret (not recommended).</td>\r
+                       </tr>\r
+                       <tr> \r
+                         <td colspan="2" class="list" height="12"></td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td colspan="2" valign="top" class="optsect_t2">Secondary RADIUS server</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell" valign="top">IP address</td>\r
+                               <td class="vtable"><input name="radiusip2" type="text" class="formfld" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>"><br>\r
+                               If you have a second RADIUS server, you can activate it by entering its IP address here.</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell" valign="top">Port</td>\r
+                               <td class="vtable"><input name="radiusport2" type="text" class="formfld" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>"></td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell" valign="top">Shared secret&nbsp;&nbsp;</td>\r
+                               <td class="vtable"><input name="radiuskey2" type="text" class="formfld" id="radiuskey2" size="16" value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td>\r
+                       </tr>\r
+                       <tr> \r
+                         <td colspan="2" class="list" height="12"></td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td colspan="2" valign="top" class="optsect_t2">Accounting</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell">&nbsp;</td>\r
+                               <td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked"; ?>>\r
+                               <strong>send RADIUS accounting packets</strong><br>\r
+                               If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server.</td>\r
+                       </tr>\r
+                       <tr>\r
+                         <td class="vncell" valign="top">Accounting port</td>\r
+                         <td class="vtable"><input name="radiusacctport" type="text" class="formfld" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"><br>\r
+                         Leave blank to use the default port (1813).</td>\r
+                         </tr>\r
+                       <tr>\r
+                         <td colspan="2" class="list" height="12"></td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td colspan="2" valign="top" class="optsect_t2">Reauthentication</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell">&nbsp;</td>\r
+                               <td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onClick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked"; ?>>\r
+                         <strong>Reauthenticate connected users every minute</strong><br>\r
+                         If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is\r
+                         logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately.</td>\r
+                       </tr>\r
+                       <tr>\r
+                         <td class="vncell" valign="top">Accounting updates</td>\r
+                         <td class="vtable">\r
+                         <input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked"; ?>> no accounting updates<br>\r
+                         <input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked"; ?>> stop/start accounting<br>\r
+                         <input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked"; ?>> interim update\r
+                         </td>\r
+                       </tr>\r
+                       <tr>\r
+                         <td colspan="2" class="list" height="12"></td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td colspan="2" valign="top" class="optsect_t2">RADIUS MAC authentication</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell">&nbsp;</td>\r
+                               <td class="vtable">\r
+                               <input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onClick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked"; ?>><strong>Enable RADIUS MAC authentication</strong><br>\r
+                               If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password\r
+                               entered below to the RADIUS server.</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell">Shared secret</td>\r
+                               <td class="vtable"><input name="radmac_secret" type="text" class="formfld" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>"></td>\r
+                       </tr>\r
+                       <tr>\r
+                         <td colspan="2" class="list" height="12"></td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td colspan="2" valign="top" class="optsect_t2">RADIUS options</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell" valign="top">Session-Timeout</td>\r
+                               <td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong>Use RADIUS Session-Timeout attributes</strong><br>\r
+                               When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute.</td>\r
+                       </tr>\r
+                       <tr>\r
+                               <td class="vncell" valign="top">Type</td>\r
+                               <td class="vtable"><select name="radiusvendor" id="radiusvendor">\r
+                               <option>default</option>\r
+                               <?php \r
+                               $radiusvendors = array("cisco");\r
+                               foreach ($radiusvendors as $radiusvendor){\r
+                                       if ($pconfig['radiusvendor'] == $radiusvendor)\r
+                                               echo "<option selected value=\"$radiusvendor\">$radiusvendor</option>\n";\r
+                                       else\r
+                                               echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n";\r
+                               }\r
+                               ?></select><br>\r
+                               If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and\r
+                               the Called-Station-Id to the client's MAC address. Default behaviour is Calling-Station-Id = client's MAC address and Called-Station-Id = m0n0wall's WAN IP address.</td>\r
+                       </tr>\r
+               </table>\r
+       </tr>\r
+       <tr>\r
+      <td valign="top" class="vncell">HTTPS login</td>\r
+      <td class="vtable">\r
+        <input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>>\r
+        <strong>Enable HTTPS login</strong><br>\r
+    If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below.</td>\r
+         </tr>\r
+       <tr>\r
+      <td valign="top" class="vncell">HTTPS server name </td>\r
+      <td class="vtable">\r
+        <input name="httpsname" type="text" class="formfld" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>\r
+    This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS. </td>\r
+         </tr>\r
+       <tr>\r
+      <td valign="top" class="vncell">HTTPS certificate</td>\r
+      <td class="vtable">\r
+        <textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>\r
+        <br>\r
+    Paste a signed certificate in X.509 PEM format here.</td>\r
+         </tr>\r
+       <tr>\r
+      <td valign="top" class="vncell">HTTPS private key</td>\r
+      <td class="vtable">\r
+        <textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>\r
+        <br>\r
+    Paste an RSA private key in PEM format here.</td>\r
+         </tr>\r
+       <tr> \r
+         <td width="22%" valign="top" class="vncellreq">Portal page contents</td>\r
+         <td width="78%" class="vtable">    \r
+               <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld" id="htmlfile"><br>\r
+               <?php if ($config['captiveportal']['page']['htmltext']): ?>\r
+               <a href="?act=viewhtml" target="_blank">View current page</a>                      \r
+                 <br>\r
+                 <br>\r
+               <?php endif; ?>\r
+                 Upload an HTML file for the portal page here (leave blank to keep the current one). Make sure to include a form (POST to &quot;$PORTAL_ACTION$&quot;)\r
+with a submit button (name=&quot;accept&quot;) and a hidden field with name=&quot;redirurl&quot; and value=&quot;$PORTAL_REDIRURL$&quot;.\r
+Include the &quot;auth_user&quot; and &quot;auth_pass&quot; input fields if authentication is enabled, otherwise it will always fail.\r
+Example code for the form:<br>\r
+                 <br>\r
+                 <tt>&lt;form method=&quot;post&quot; action=&quot;$PORTAL_ACTION$&quot;&gt;<br>\r
+                 &nbsp;&nbsp;&nbsp;&lt;input name=&quot;auth_user&quot; type=&quot;text&quot;&gt;<br>\r
+                 &nbsp;&nbsp;&nbsp;&lt;input name=&quot;auth_pass&quot; type=&quot;password&quot;&gt;<br>\r
+                 &nbsp;&nbsp;&nbsp;&lt;input name=&quot;redirurl&quot; type=&quot;hidden&quot; value=&quot;$PORTAL_REDIRURL$&quot;&gt;<br>\r
+&nbsp;&nbsp;&nbsp;&lt;input name=&quot;accept&quot; type=&quot;submit&quot; value=&quot;Continue&quot;&gt;<br>\r
+                 &lt;/form&gt;</tt></td>\r
+       </tr>\r
+       <tr>\r
+         <td width="22%" valign="top" class="vncell">Authentication<br>\r
+               error page<br>\r
+               contents</td>\r
+         <td class="vtable">\r
+               <input name="errfile" type="file" class="formfld" id="errfile"><br>\r
+               <?php if ($config['captiveportal']['page']['errtext']): ?>\r
+               <a href="?act=viewerrhtml" target="_blank">View current page</a>                      \r
+                 <br>\r
+                 <br>\r
+               <?php endif; ?>\r
+The contents of the HTML file that you upload here are displayed when an authentication error occurs.\r
+You may include &quot;$PORTAL_MESSAGE$&quot;, which will be replaced by the error or reply messages from the RADIUS server, if any.</td>\r
+       </tr>\r
+       <tr> \r
+         <td width="22%" valign="top">&nbsp;</td>\r
+         <td width="78%"> \r
+               <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)"> \r
+         </td>\r
+       </tr>\r
+       <tr> \r
+         <td width="22%" valign="top">&nbsp;</td>\r
+         <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>\r
+               </strong></span>Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work. </span></td>\r
+       </tr>\r
+  </table>\r
+  </td>\r
+  </tr>\r
+  </table>\r
+</form>\r
+<script language="JavaScript">\r
+<!--\r
+enable_change(false);\r
+//-->\r
+</script>\r
+<?php include("fend.inc"); ?>\r
index 0c0ac27df8f44984721a75af9d9d56bb57c063e9..f6a8f7e26c711c395a969a2c208cd4791dbd1279 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-
-       Copyright (C) 2005-2006 Jonathan De Graeve (jonathan.de.graeve@imelda.be)
-       and Paul Taylor (paultaylor@winn-dixie.com).
-       All rights reserved.
-
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Services", "Captive portal");
-
-require_once("guiconfig.inc");
-
-if (!is_array($config['captiveportal']['element']))
-       $config['captiveportal']['element'] = array();
-
-cpelements_sort();
-$a_element = &$config['captiveportal']['element'];
-
-// Calculate total size of all files
-$total_size = 0;
-foreach ($a_element as $element) {
-       $total_size += $element['size'];
-}
-
-if ($_POST) {
-    unset($input_errors);
-    
-    if (is_uploaded_file($_FILES['new']['tmp_name'])) {
-       
-       $name = $_FILES['new']['name'];
-       $size = filesize($_FILES['new']['tmp_name']);
-       
-       // is there already a file with that name?
-       foreach ($a_element as $element) {
-                       if ($element['name'] == $name) {
-                               $input_errors[] = "A file with the name '$name' already exists.";
-                               break;
-                       }
-               }
-               
-               // check total file size
-               if (($total_size + $size) > $g['captiveportal_element_sizelimit']) {
-                       $input_errors[] = "The total size of all files uploaded may not exceed " .
-                               format_bytes($g['captiveportal_element_sizelimit']) . ".";
-               }
-               
-               if (!$input_errors) {
-                       $element = array();
-                       $element['name'] = $name;
-                       $element['size'] = $size;
-                       $element['content'] = base64_encode(file_get_contents($_FILES['new']['tmp_name']));
-                       
-                       $a_element[] = $element;
-                       
-                       write_config();
-                       captiveportal_write_elements();
-                       header("Location: services_captiveportal_filemanager.php");
-                       exit;
-               }
-    }
-} else {
-       if (($_GET['act'] == "del") && $a_element[$_GET['id']]) {
-               unset($a_element[$_GET['id']]);
-               write_config();
-               captiveportal_write_elements();
-               header("Location: services_captiveportal_filemanager.php");
-               exit;
-       }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<form action="services_captiveportal_filemanager.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-        <li class="tabinact"><a href="services_captiveportal.php">Captive portal</a></li>
-        <li class="tabinact"><a href="services_captiveportal_mac.php">Pass-through MAC</a></li>
-        <li class="tabinact"><a href="services_captiveportal_ip.php">Allowed IP addresses</a></li>
-        <li class="tabinact"><a href="services_captiveportal_users.php">Users</a></li>
-        <li class="tabact">File manager</li>
-        </ul>
-  </td></tr>
-  <tr>
-    <td class="tabcont">
-       <table width="80%" border="0" cellpadding="0" cellspacing="0">
-      <tr>
-        <td width="70%" class="listhdrr">Name</td>
-        <td width="20%" class="listhdr">Size</td>
-        <td width="10%" class="list"></td>
-      </tr>
-  <?php $i = 0; foreach ($a_element as $element): ?>
-         <tr>
-               <td class="listlr"><?=htmlspecialchars($element['name']);?></td>
-               <td class="listr" align="right"><?=format_bytes($element['size']);?></td>
-               <td valign="middle" nowrap class="list">
-               <a href="services_captiveportal_filemanager.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this file?')"><img src="x.gif" title="delete file" width="17" height="17" border="0"></a>
-               </td>
-         </tr>
-  <?php $i++; endforeach; ?>
-  
-  <?php if (count($a_element) > 0): ?>
-         <tr>
-               <td class="listlr" style="background-color: #eee"><strong>TOTAL</strong></td>
-               <td class="listr" style="background-color: #eee" align="right"><strong><?=format_bytes($total_size);?></strong></td>
-               <td valign="middle" nowrap class="list"></td>
-         </tr>
-  <?php endif; ?>
-  
-  <?php if ($_GET['act'] == 'add'): ?>
-         <tr>
-               <td class="listlr" colspan="2"><input type="file" name="new" class="formfld" size="40" id="new"> 
-               <input name="Submit" type="submit" class="formbtn" value="Upload"></td>
-               <td valign="middle" nowrap class="list">
-               <a href="services_captiveportal_filemanager.php"><img src="x.gif" title="cancel" width="17" height="17" border="0"></a>
-               </td>
-         </tr>
-  <?php else: ?>
-         <tr>
-               <td class="list" colspan="2"></td>
-               <td class="list"> <a href="services_captiveportal_filemanager.php?act=add"><img src="plus.gif" title="add file" width="17" height="17" border="0"></a></td>
-         </tr>
-  <?php endif; ?>
-       </table>
-       <span class="vexpl"><span class="red"><strong>
-       Note:<br>
-       </strong></span>
-       Any files that you upload here will be made available in the root directory
-       of the captive portal HTTP(S) server. You may reference them directly from
-       your portal page HTML code using relative paths. Example: you've uploaded
-       an image with the name 'test.jpg' using the file manager. Then you can
-       include it in your portal page like this:<br><br>
-       <tt>&lt;img src=&quot;test.jpg&quot; width=... height=...&gt;</tt>
-       <br><br>
-       The total size limit for all files is <?=format_bytes($g['captiveportal_element_sizelimit']);?>.</span>
-</td>
-</tr>
-</table>
-</form>
-<?php include("fend.inc"); ?>  
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+\r
+       Copyright (C) 2005-2006 Jonathan De Graeve (jonathan.de.graeve@imelda.be)\r
+       and Paul Taylor (paultaylor@winn-dixie.com).\r
+       All rights reserved.\r
+\r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Services", "Captive portal", "File Manager");\r
+\r
+require_once("guiconfig.inc");\r
+\r
+if (!is_array($config['captiveportal']['element']))\r
+       $config['captiveportal']['element'] = array();\r
+\r
+cpelements_sort();\r
+$a_element = &$config['captiveportal']['element'];\r
+\r
+// Calculate total size of all files\r
+$total_size = 0;\r
+foreach ($a_element as $element) {\r
+       $total_size += $element['size'];\r
+}\r
+\r
+if ($_POST) {\r
+    unset($input_errors);\r
+    \r
+    if (is_uploaded_file($_FILES['new']['tmp_name'])) {\r
+       \r
+       $name = $_FILES['new']['name'];\r
+       $size = filesize($_FILES['new']['tmp_name']);\r
+       \r
+       // is there already a file with that name?\r
+       foreach ($a_element as $element) {\r
+                       if ($element['name'] == $name) {\r
+                               $input_errors[] = "A file with the name '$name' already exists.";\r
+                               break;\r
+                       }\r
+               }\r
+               \r
+               // check total file size\r
+               if (($total_size + $size) > $g['captiveportal_element_sizelimit']) {\r
+                       $input_errors[] = "The total size of all files uploaded may not exceed " .\r
+                               format_bytes($g['captiveportal_element_sizelimit']) . ".";\r
+               }\r
+               \r
+               if (!$input_errors) {\r
+                       $element = array();\r
+                       $element['name'] = $name;\r
+                       $element['size'] = $size;\r
+                       $element['content'] = base64_encode(file_get_contents($_FILES['new']['tmp_name']));\r
+                       \r
+                       $a_element[] = $element;\r
+                       \r
+                       write_config();\r
+                       captiveportal_write_elements();\r
+                       header("Location: services_captiveportal_filemanager.php");\r
+                       exit;\r
+               }\r
+    }\r
+} else {\r
+       if (($_GET['act'] == "del") && $a_element[$_GET['id']]) {\r
+               unset($a_element[$_GET['id']]);\r
+               write_config();\r
+               captiveportal_write_elements();\r
+               header("Location: services_captiveportal_filemanager.php");\r
+               exit;\r
+       }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="services_captiveportal_filemanager.php" method="post" enctype="multipart/form-data" name="iform" id="iform">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
+                         'Pass-through MAC' => 'services_captiveportal_mac.php',\r
+                         'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
+                         'Users' => 'services_captiveportal_users.php',\r
+                         'File Manager' => 'services_captiveportal_filemanager.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+        </ul>\r
+  </td></tr>\r
+  <tr>\r
+    <td class="tabcont">\r
+       <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
+      <tr>\r
+        <td width="70%" class="listhdrr">Name</td>\r
+        <td width="20%" class="listhdr">Size</td>\r
+        <td width="10%" class="list"></td>\r
+      </tr>\r
+  <?php $i = 0; foreach ($a_element as $element): ?>\r
+         <tr>\r
+               <td class="listlr"><?=htmlspecialchars($element['name']);?></td>\r
+               <td class="listr" align="right"><?=format_bytes($element['size']);?></td>\r
+               <td valign="middle" nowrap class="list">\r
+               <a href="services_captiveportal_filemanager.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this file?')"><img src="x.gif" title="delete file" width="17" height="17" border="0"></a>\r
+               </td>\r
+         </tr>\r
+  <?php $i++; endforeach; ?>\r
+  \r
+  <?php if (count($a_element) > 0): ?>\r
+         <tr>\r
+               <td class="listlr" style="background-color: #eee"><strong>TOTAL</strong></td>\r
+               <td class="listr" style="background-color: #eee" align="right"><strong><?=format_bytes($total_size);?></strong></td>\r
+               <td valign="middle" nowrap class="list"></td>\r
+         </tr>\r
+  <?php endif; ?>\r
+  \r
+  <?php if ($_GET['act'] == 'add'): ?>\r
+         <tr>\r
+               <td class="listlr" colspan="2"><input type="file" name="new" class="formfld" size="40" id="new"> \r
+               <input name="Submit" type="submit" class="formbtn" value="Upload"></td>\r
+               <td valign="middle" nowrap class="list">\r
+               <a href="services_captiveportal_filemanager.php"><img src="x.gif" title="cancel" width="17" height="17" border="0"></a>\r
+               </td>\r
+         </tr>\r
+  <?php else: ?>\r
+         <tr>\r
+               <td class="list" colspan="2"></td>\r
+               <td class="list"> <a href="services_captiveportal_filemanager.php?act=add"><img src="plus.gif" title="add file" width="17" height="17" border="0"></a></td>\r
+         </tr>\r
+  <?php endif; ?>\r
+       </table>\r
+       <span class="vexpl"><span class="red"><strong>\r
+       Note:<br>\r
+       </strong></span>\r
+       Any files that you upload here will be made available in the root directory\r
+       of the captive portal HTTP(S) server. You may reference them directly from\r
+       your portal page HTML code using relative paths. Example: you've uploaded\r
+       an image with the name 'test.jpg' using the file manager. Then you can\r
+       include it in your portal page like this:<br><br>\r
+       <tt>&lt;img src=&quot;test.jpg&quot; width=... height=...&gt;</tt>\r
+       <br><br>\r
+       The total size limit for all files is <?=format_bytes($g['captiveportal_element_sizelimit']);?>.</span>\r
+</td>\r
+</tr>\r
+</table>\r
+</form>\r
+<?php include("fend.inc"); ?>  \r
index 2859029b4aa549314855573e073ae1830b11eafd..ad7a5709022b11bf5268671493c352845aa72633 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Services", "Captive portal");
-require("guiconfig.inc");
-
-if (!is_array($config['captiveportal']['allowedip']))
-       $config['captiveportal']['allowedip'] = array();
-
-allowedips_sort();
-$a_allowedips = &$config['captiveportal']['allowedip'] ;
-
-if ($_POST) {
-
-       $pconfig = $_POST;
-
-       if ($_POST['apply']) {
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       $retval = captiveportal_allowedip_configure();
-               }
-               $savemsg = get_std_save_message($retval);
-               if ($retval == 0) {
-                       if (file_exists($d_allowedipsdirty_path)) {
-                               config_lock();
-                               unlink($d_allowedipsdirty_path);
-                               config_unlock();
-                       }
-               }
-       }
-}
-
-if ($_GET['act'] == "del") {
-       if ($a_allowedips[$_GET['id']]) {
-               unset($a_allowedips[$_GET['id']]);
-               write_config();
-               touch($d_allowedipsdirty_path);
-               header("Location: services_captiveportal_ip.php");
-               exit;
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="services_captiveportal_ip.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_allowedipsdirty_path)): ?><p>
-<?php print_info_box_np("The captive portal IP address configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-       <li class="tabinact1"><a href="services_captiveportal.php">Captive portal</a></li>
-       <li class="tabinact"><a href="services_captiveportal_mac.php">Pass-through MAC</a></li>
-       <li class="tabact">Allowed IP addresses</li>
-       <li class="tabinact"><a href="services_captiveportal_users.php">Users</a></li>
-       <li class="tabinact"><a href="services_captiveportal_filemanager.php">File manager</a></li>
-  </ul>
-  </td></tr>
-  <tr>
-  <td class="tabcont">
-  <table width="100%" border="0" cellpadding="0" cellspacing="0">
-       <tr>
-         <td width="30%" class="listhdrr">IP address</td>
-         <td width="60%" class="listhdr">Description</td>
-         <td width="10%" class="list"></td>
-       </tr>
-  <?php $i = 0; foreach ($a_allowedips as $ip): ?>
-       <tr>
-         <td class="listlr">
-               <?php if($ip['dir'] == "to") 
-                       echo "any <img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\">";
-               ?>      
-               <?=strtolower($ip['ip']);?>
-               <?php if($ip['dir'] == "from") 
-                       echo "<img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any";
-               ?>      
-         </td>
-         <td class="listbg">
-               <?=htmlspecialchars($ip['descr']);?>&nbsp;
-         </td>
-         <td valign="middle" nowrap class="list"> <a href="services_captiveportal_ip_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit address" width="17" height="17" border="0"></a>
-                &nbsp;<a href="services_captiveportal_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this address?')"><img src="x.gif" title="delete address" width="17" height="17" border="0"></a></td>
-       </tr>
-  <?php $i++; endforeach; ?>
-       <tr> 
-         <td class="list" colspan="2">&nbsp;</td>
-         <td class="list"> <a href="services_captiveportal_ip_edit.php"><img src="plus.gif" title="add address" width="17" height="17" border="0"></a></td>
-       </tr>
-       <tr>
-       <td colspan="2" class="list"><p class="vexpl"><span class="red"><strong>
-         Note:<br>
-         </strong></span>
-         Adding allowed IP addresses will allow IP access to/from these addresses through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example. By specifying <em>from</em> addresses, it may be used to always allow pass-through access from a client behind the captive portal.</p>
-         <table border="0" cellspacing="0" cellpadding="0">
-               <tr>
-                 <td><span class="vexpl">any <img src="in.gif" width="11" height="11" align="absmiddle"> x.x.x.x </span></td>
-                 <td><span class="vexpl">All connections <strong>to</strong> the IP address are allowed</span></td>
-               </tr>
-               <tr>
-                 <td colspan="5" height="4"></td>
-               </tr>
-               <tr>
-                 <td>x.x.x.x <span class="vexpl"><img src="in.gif" width="11" height="11" align="absmiddle"></span> any&nbsp;&nbsp;&nbsp; </td>
-                 <td><span class="vexpl">All connections <strong>from</strong> the IP address are allowed </span></td>
-               </tr>
-         </table></td>
-       <td class="list">&nbsp;</td>
-       </tr>
-  </table>
-  </td>
-  </tr>
-  </table>
-</form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Services", "Captive portal", "Allowed IP Addresses");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['captiveportal']['allowedip']))\r
+       $config['captiveportal']['allowedip'] = array();\r
+\r
+allowedips_sort();\r
+$a_allowedips = &$config['captiveportal']['allowedip'] ;\r
+\r
+if ($_POST) {\r
+\r
+       $pconfig = $_POST;\r
+\r
+       if ($_POST['apply']) {\r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       $retval = captiveportal_allowedip_configure();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+               if ($retval == 0) {\r
+                       if (file_exists($d_allowedipsdirty_path)) {\r
+                               config_lock();\r
+                               unlink($d_allowedipsdirty_path);\r
+                               config_unlock();\r
+                       }\r
+               }\r
+       }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_allowedips[$_GET['id']]) {\r
+               unset($a_allowedips[$_GET['id']]);\r
+               write_config();\r
+               touch($d_allowedipsdirty_path);\r
+               header("Location: services_captiveportal_ip.php");\r
+               exit;\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="services_captiveportal_ip.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_allowedipsdirty_path)): ?><p>\r
+<?php print_info_box_np("The captive portal IP address configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
+                         'Pass-through MAC' => 'services_captiveportal_mac.php',\r
+                         'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
+                         'Users' => 'services_captiveportal_users.php',\r
+                         'File Manager' => 'services_captiveportal_filemanager.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr>\r
+  <td class="tabcont">\r
+  <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+       <tr>\r
+         <td width="30%" class="listhdrr">IP address</td>\r
+         <td width="60%" class="listhdr">Description</td>\r
+         <td width="10%" class="list"></td>\r
+       </tr>\r
+  <?php $i = 0; foreach ($a_allowedips as $ip): ?>\r
+       <tr>\r
+         <td class="listlr">\r
+               <?php if($ip['dir'] == "to") \r
+                       echo "any <img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\">";\r
+               ?>      \r
+               <?=strtolower($ip['ip']);?>\r
+               <?php if($ip['dir'] == "from") \r
+                       echo "<img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any";\r
+               ?>      \r
+         </td>\r
+         <td class="listbg">\r
+               <?=htmlspecialchars($ip['descr']);?>&nbsp;\r
+         </td>\r
+         <td valign="middle" nowrap class="list"> <a href="services_captiveportal_ip_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit address" width="17" height="17" border="0"></a>\r
+                &nbsp;<a href="services_captiveportal_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this address?')"><img src="x.gif" title="delete address" width="17" height="17" border="0"></a></td>\r
+       </tr>\r
+  <?php $i++; endforeach; ?>\r
+       <tr> \r
+         <td class="list" colspan="2">&nbsp;</td>\r
+         <td class="list"> <a href="services_captiveportal_ip_edit.php"><img src="plus.gif" title="add address" width="17" height="17" border="0"></a></td>\r
+       </tr>\r
+       <tr>\r
+       <td colspan="2" class="list"><p class="vexpl"><span class="red"><strong>\r
+         Note:<br>\r
+         </strong></span>\r
+         Adding allowed IP addresses will allow IP access to/from these addresses through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example. By specifying <em>from</em> addresses, it may be used to always allow pass-through access from a client behind the captive portal.</p>\r
+         <table border="0" cellspacing="0" cellpadding="0">\r
+               <tr>\r
+                 <td><span class="vexpl">any <img src="in.gif" width="11" height="11" align="absmiddle"> x.x.x.x </span></td>\r
+                 <td><span class="vexpl">All connections <strong>to</strong> the IP address are allowed</span></td>\r
+               </tr>\r
+               <tr>\r
+                 <td colspan="5" height="4"></td>\r
+               </tr>\r
+               <tr>\r
+                 <td>x.x.x.x <span class="vexpl"><img src="in.gif" width="11" height="11" align="absmiddle"></span> any&nbsp;&nbsp;&nbsp; </td>\r
+                 <td><span class="vexpl">All connections <strong>from</strong> the IP address are allowed </span></td>\r
+               </tr>\r
+         </table></td>\r
+       <td class="list">&nbsp;</td>\r
+       </tr>\r
+  </table>\r
+  </td>\r
+  </tr>\r
+  </table>\r
+</form>\r
+<?php include("fend.inc"); ?>\r
index 530321560897830aeea7cebd6960a5758f66f539..fe82ab20387fa0ee657eb09fe7658ade58256151 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("Services", "Captive portal");
-require("guiconfig.inc");
-
-if (!is_array($config['captiveportal']['passthrumac']))
-       $config['captiveportal']['passthrumac'] = array();
-
-passthrumacs_sort();
-$a_passthrumacs = &$config['captiveportal']['passthrumac'] ;
-
-if ($_POST) {
-
-       $pconfig = $_POST;
-
-       if ($_POST['apply']) {
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       $retval = captiveportal_passthrumac_configure();
-               }
-               $savemsg = get_std_save_message($retval);
-               if ($retval == 0) {
-                       if (file_exists($d_passthrumacsdirty_path)) {
-                               config_lock();
-                               unlink($d_passthrumacsdirty_path);
-                               config_unlock();
-                       }
-               }
-       }
-}
-
-if ($_GET['act'] == "del") {
-       if ($a_passthrumacs[$_GET['id']]) {
-               unset($a_passthrumacs[$_GET['id']]);
-               write_config();
-               touch($d_passthrumacsdirty_path);
-               header("Location: services_captiveportal_mac.php");
-               exit;
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="services_captiveportal_mac.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_passthrumacsdirty_path)): ?><p>
-<?php print_info_box_np("The captive portal MAC address configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-       <li class="tabinact1"><a href="services_captiveportal.php">Captive portal</a></li>
-       <li class="tabact">Pass-through MAC</li>
-       <li class="tabinact"><a href="services_captiveportal_ip.php">Allowed IP addresses</a></li>
-       <li class="tabinact"><a href="services_captiveportal_users.php">Users</a></li>
-       <li class="tabinact"><a href="services_captiveportal_filemanager.php">File manager</a></li>
-  </ul>
-  </td></tr>
-  <tr>
-  <td class="tabcont">
-  <table width="100%" border="0" cellpadding="0" cellspacing="0">
-       <tr>
-         <td width="30%" class="listhdrr">MAC address</td>
-         <td width="60%" class="listhdr">Description</td>
-         <td width="10%" class="list"></td>
-       </tr>
-  <?php $i = 0; foreach ($a_passthrumacs as $mac): ?>
-       <tr>
-         <td class="listlr">
-               <?=strtolower($mac['mac']);?>
-         </td>
-         <td class="listbg">
-               <?=htmlspecialchars($mac['descr']);?>&nbsp;
-         </td>
-         <td valign="middle" nowrap class="list"> <a href="services_captiveportal_mac_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit host" width="17" height="17" border="0"></a>
-                &nbsp;<a href="services_captiveportal_mac.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this host?')"><img src="x.gif" title="delete host" width="17" height="17" border="0"></a></td>
-       </tr>
-  <?php $i++; endforeach; ?>
-       <tr> 
-         <td class="list" colspan="2">&nbsp;</td>
-         <td class="list"> <a href="services_captiveportal_mac_edit.php"><img src="plus.gif" title="add host" width="17" height="17" border="0"></a></td>
-       </tr>
-       <tr>
-       <td colspan="2" class="list"><span class="vexpl"><span class="red"><strong>
-       Note:<br>
-       </strong></span>
-       Adding MAC addresses as pass-through MACs  allows them access through the captive portal automatically without being taken to the portal page. The pass-through MACs can change their IP addresses on the fly and upon the next access, the pass-through tables are changed accordingly. Pass-through MACs will however still be disconnected after the captive portal timeout period.</span></td>
-       <td class="list">&nbsp;</td>
-       </tr>
-  </table>
-  </td>
-  </tr>
-  </table>
-</form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("Services", "Captive portal", "Pass-through MAC");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['captiveportal']['passthrumac']))\r
+       $config['captiveportal']['passthrumac'] = array();\r
+\r
+passthrumacs_sort();\r
+$a_passthrumacs = &$config['captiveportal']['passthrumac'] ;\r
+\r
+if ($_POST) {\r
+\r
+       $pconfig = $_POST;\r
+\r
+       if ($_POST['apply']) {\r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       $retval = captiveportal_passthrumac_configure();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+               if ($retval == 0) {\r
+                       if (file_exists($d_passthrumacsdirty_path)) {\r
+                               config_lock();\r
+                               unlink($d_passthrumacsdirty_path);\r
+                               config_unlock();\r
+                       }\r
+               }\r
+       }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_passthrumacs[$_GET['id']]) {\r
+               unset($a_passthrumacs[$_GET['id']]);\r
+               write_config();\r
+               touch($d_passthrumacsdirty_path);\r
+               header("Location: services_captiveportal_mac.php");\r
+               exit;\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="services_captiveportal_mac.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_passthrumacsdirty_path)): ?><p>\r
+<?php print_info_box_np("The captive portal MAC address configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
+                         'Pass-through MAC' => 'services_captiveportal_mac.php',\r
+                         'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
+                         'Users' => 'services_captiveportal_users.php',\r
+                         'File Manager' => 'services_captiveportal_filemanager.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr>\r
+  <td class="tabcont">\r
+  <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+       <tr>\r
+         <td width="30%" class="listhdrr">MAC address</td>\r
+         <td width="60%" class="listhdr">Description</td>\r
+         <td width="10%" class="list"></td>\r
+       </tr>\r
+  <?php $i = 0; foreach ($a_passthrumacs as $mac): ?>\r
+       <tr>\r
+         <td class="listlr">\r
+               <?=strtolower($mac['mac']);?>\r
+         </td>\r
+         <td class="listbg">\r
+               <?=htmlspecialchars($mac['descr']);?>&nbsp;\r
+         </td>\r
+         <td valign="middle" nowrap class="list"> <a href="services_captiveportal_mac_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit host" width="17" height="17" border="0"></a>\r
+                &nbsp;<a href="services_captiveportal_mac.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this host?')"><img src="x.gif" title="delete host" width="17" height="17" border="0"></a></td>\r
+       </tr>\r
+  <?php $i++; endforeach; ?>\r
+       <tr> \r
+         <td class="list" colspan="2">&nbsp;</td>\r
+         <td class="list"> <a href="services_captiveportal_mac_edit.php"><img src="plus.gif" title="add host" width="17" height="17" border="0"></a></td>\r
+       </tr>\r
+       <tr>\r
+       <td colspan="2" class="list"><span class="vexpl"><span class="red"><strong>\r
+       Note:<br>\r
+       </strong></span>\r
+       Adding MAC addresses as pass-through MACs  allows them access through the captive portal automatically without being taken to the portal page. The pass-through MACs can change their IP addresses on the fly and upon the next access, the pass-through tables are changed accordingly. Pass-through MACs will however still be disconnected after the captive portal timeout period.</span></td>\r
+       <td class="list">&nbsp;</td>\r
+       </tr>\r
+  </table>\r
+  </td>\r
+  </tr>\r
+  </table>\r
+</form>\r
+<?php include("fend.inc"); ?>\r
index ce422ce18cde36f2a5e8337e74fe6d559c581513..de4db34ec44f070af5cb9dad74d176d3d4e2c8d6 100644 (file)
-#!/usr/local/bin/php
-<?php 
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       Copyright (C) 2005 Pascal Suter <d-monodev@psuter.ch>.
-       All rights reserved. 
-       (files was created by Pascal based on the source code of services_captiveportal.php from Manuel)
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-$pgtitle = array("Services", "Captive portal");
-require("guiconfig.inc");
-
-if (!is_array($config['captiveportal']['user'])) {
-       $config['captiveportal']['user'] = array();
-}
-captiveportal_users_sort();
-$a_user = &$config['captiveportal']['user'];
-
-if ($_GET['act'] == "del") {
-       if ($a_user[$_GET['id']]) {
-               unset($a_user[$_GET['id']]);
-               write_config();
-               header("Location: services_captiveportal_users.php");
-               exit;
-       }
-}
-
-//erase expired accounts
-$changed = false;
-for ($i = 0; $i < count($a_user); $i++) {
-       if ($a_user[$i]['expirationdate'] && (strtotime("-1 day") > strtotime($a_user[$i]['expirationdate']))) {
-               unset($a_user[$i]);
-               $changed = true;
-       }
-}
-if ($changed) {
-       write_config();
-       header("Location: services_captiveportal_users.php");
-       exit;
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td>
-  <ul id="tabnav">
-       <li class="tabinact1"><a href="services_captiveportal.php">Captive portal</a></li>
-       <li class="tabinact"><a href="services_captiveportal_mac.php">Pass-through MAC</a></li>
-       <li class="tabinact"><a href="services_captiveportal_ip.php">Allowed IP addresses</a></li>
-       <li class="tabact">Users</li>
-       <li class="tabinact"><a href="services_captiveportal_filemanager.php">File manager</a></li>
-  </ul>
-  </td></tr>
-  <tr>
-  <td class="tabcont">
-     <table width="100%" border="0" cellpadding="0" cellspacing="0">
-                <tr>
-                  <td width="35%" class="listhdrr">Username</td>
-                  <td width="20%" class="listhdrr">Full name</td>
-                  <td width="35%" class="listhdr">Expires</td>
-                  <td width="10%" class="list"></td>
-               </tr>
-       <?php $i = 0; foreach($a_user as $userent): ?>
-               <tr>
-                  <td class="listlr">
-                    <?=htmlspecialchars($userent['name']); ?>&nbsp;
-                  </td>
-                  <td class="listr">
-                    <?=htmlspecialchars($userent['fullname']);?>&nbsp;
-                  </td>
-                  <td class="listbg">
-                    <?=$userent['expirationdate']; ?>&nbsp;
-                  </td>
-                  <td valign="middle" nowrap class="list"> <a href="services_captiveportal_users_edit.php?id=<?=$i; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>
-                     &nbsp;<a href="services_captiveportal_users.php?act=del&id=<?=$i; ?>" onclick="return confirm('Do you really want to delete this user?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>
-               </tr>
-       <?php $i++; endforeach; ?>
-               <tr> 
-                         <td class="list" colspan="3"></td>
-                         <td class="list"> <a href="services_captiveportal_users_edit.php"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>
-               </tr>
- </table>     
-</td>
-</tr>
-</table>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       Copyright (C) 2005 Pascal Suter <d-monodev@psuter.ch>.\r
+       All rights reserved. \r
+       (files was created by Pascal based on the source code of services_captiveportal.php from Manuel)\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+$pgtitle = array("Services", "Captive portal", "Users");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['captiveportal']['user'])) {\r
+       $config['captiveportal']['user'] = array();\r
+}\r
+captiveportal_users_sort();\r
+$a_user = &$config['captiveportal']['user'];\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_user[$_GET['id']]) {\r
+               unset($a_user[$_GET['id']]);\r
+               write_config();\r
+               header("Location: services_captiveportal_users.php");\r
+               exit;\r
+       }\r
+}\r
+\r
+//erase expired accounts\r
+$changed = false;\r
+for ($i = 0; $i < count($a_user); $i++) {\r
+       if ($a_user[$i]['expirationdate'] && (strtotime("-1 day") > strtotime($a_user[$i]['expirationdate']))) {\r
+               unset($a_user[$i]);\r
+               $changed = true;\r
+       }\r
+}\r
+if ($changed) {\r
+       write_config();\r
+       header("Location: services_captiveportal_users.php");\r
+       exit;\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td>\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
+                         'Pass-through MAC' => 'services_captiveportal_mac.php',\r
+                         'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
+                         'Users' => 'services_captiveportal_users.php',\r
+                         'File Manager' => 'services_captiveportal_filemanager.php');\r
+       dynamic_tab_menu($tabs);\r
+?> \r
+  </ul>\r
+  </td></tr>\r
+  <tr>\r
+  <td class="tabcont">\r
+     <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr>\r
+                  <td width="35%" class="listhdrr">Username</td>\r
+                  <td width="20%" class="listhdrr">Full name</td>\r
+                  <td width="35%" class="listhdr">Expires</td>\r
+                  <td width="10%" class="list"></td>\r
+               </tr>\r
+       <?php $i = 0; foreach($a_user as $userent): ?>\r
+               <tr>\r
+                  <td class="listlr">\r
+                    <?=htmlspecialchars($userent['name']); ?>&nbsp;\r
+                  </td>\r
+                  <td class="listr">\r
+                    <?=htmlspecialchars($userent['fullname']);?>&nbsp;\r
+                  </td>\r
+                  <td class="listbg">\r
+                    <?=$userent['expirationdate']; ?>&nbsp;\r
+                  </td>\r
+                  <td valign="middle" nowrap class="list"> <a href="services_captiveportal_users_edit.php?id=<?=$i; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>\r
+                     &nbsp;<a href="services_captiveportal_users.php?act=del&id=<?=$i; ?>" onclick="return confirm('Do you really want to delete this user?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>\r
+               </tr>\r
+       <?php $i++; endforeach; ?>\r
+               <tr> \r
+                         <td class="list" colspan="3"></td>\r
+                         <td class="list"> <a href="services_captiveportal_users_edit.php"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>\r
+               </tr>\r
+ </table>     \r
+</td>\r
+</tr>\r
+</table>\r
+<?php include("fend.inc"); ?>\r
diff --git a/webgui/system_groupmanager.php b/webgui/system_groupmanager.php
new file mode 100644 (file)
index 0000000..be5c075
--- /dev/null
@@ -0,0 +1,316 @@
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id: system_groupmanager.php \r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+\r
+       Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.\r
+       All rights reserved. \r
+\r
+       Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+require("guiconfig.inc");\r
+\r
+$pgtitle = array("System", "Group manager");\r
+\r
+// Returns an array of pages with their descriptions\r
+function getAdminPageList() {\r
+       global $g;\r
+       \r
+    $tmp = Array();\r
+\r
+    if ($dir = opendir($g['www_path'])) {\r
+               while($file = readdir($dir)) {\r
+               // Make sure the file exists\r
+               if($file != "." && $file != ".." && $file[0] != '.') {\r
+                       // Is this a .php file?\r
+                       if (fnmatch('*.php',$file)) {\r
+                               // Read the description out of the file\r
+                               $contents = file_get_contents($file);\r
+                               // Looking for a line like:\r
+                               // $pgtitle = array("System", "Group manager");\r
+                               $offset = strpos($contents,'$pgtitle');\r
+                               $titlepos = strpos($contents,'(',$offset);\r
+                               $titleendpos = strpos($contents,')',$titlepos);\r
+                               if (($offset > 0) && ($titlepos > 0) && ($titleendpos > 0)) {\r
+                                       // Title found, extract it\r
+                                       $title = str_replace(',',':',str_replace(array('"'),'',substr($contents,++$titlepos,($titleendpos - $titlepos))));\r
+                                       $tmp[$file] = trim($title);\r
+                               }\r
+                               else {\r
+                                       $tmp[$file] = '';\r
+                               }\r
+                       \r
+                       }\r
+               }\r
+               }\r
+\r
+        closedir($dir);\r
+        \r
+        // Sets Interfaces:Optional page that didn't read in properly with the above method,\r
+        // and pages that don't have descriptions.\r
+        $tmp['interfaces_opt.php'] = "Interfaces: Optional";\r
+        $tmp['graph.php'] = "Diagnostics: Interface Traffic";\r
+        $tmp['graph_cpu.php'] = "Diagnostics: CPU Utilization";\r
+        $tmp['exec.php'] = "Hidden: Exec";\r
+        $tmp['exec_raw.php'] = "Hidden: Exec Raw";\r
+        $tmp['status.php'] = "Hidden: Detailed Status";\r
+        $tmp['uploadconfig.php'] = "Hidden: Upload Configuration";\r
+        $tmp['index.php'] = "*Landing Page after Login";\r
+        $tmp['system_usermanager.php'] = "*User Password";\r
+        $tmp['diag_logs_settings.php'] = "Diagnostics: Logs: Settings";\r
+        $tmp['diag_logs_vpn.php'] = "Diagnostics: Logs: PPTP VPN";\r
+        $tmp['diag_logs_filter.php'] = "Diagnostics: Logs: Firewall";\r
+        $tmp['diag_logs_portal.php'] = "Diagnostics: Logs: Captive Portal";\r
+        $tmp['diag_logs_dhcp.php'] = "Diagnostics: Logs: DHCP";\r
+        $tmp['diag_logs.php'] = "Diagnostics: Logs: System";\r
+        \r
+\r
+        asort($tmp);\r
+        return $tmp;\r
+    }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+\r
+<?php \r
+// Get a list of all admin pages & Descriptions\r
+$pages = getAdminPageList();\r
+\r
+if ($_GET['act']=="new" || $_GET['act']=="edit") {\r
+       if (isset($_GET['groupname'])) {\r
+               $group=$config['system']['groups'][$_GET['groupname']];\r
+       }\r
+}      \r
+\r
+if (($_GET['act']=='delete') && (isset($_GET['groupname']))) {\r
+\r
+       // See if there are any users who are members of this group. \r
+       $ok_to_delete = true;\r
+       if (is_array($config['system']['users'])) {\r
+               foreach ($config['system']['users'] as $key => $user) {\r
+                       if ($user['group'] == $_GET['groupname']) {\r
+                               $ok_to_delete = false;\r
+                               $input_errors[] = "users still exist who are members of this group!";\r
+                               break;\r
+                       }\r
+               }\r
+       }\r
+       \r
+       if ($ok_to_delete) {\r
+               unset($config['system']['groups'][$_GET['groupname']]);\r
+               write_config();\r
+               $retval = system_password_configure();\r
+               $savemsg = get_std_save_message($retval);\r
+               $savemsg="Group ".$_GET['groupname']." successfully deleted<br>";               \r
+       }\r
+}\r
+\r
+if(isset($_POST['save'])) {\r
+       //value-checking\r
+       if($_POST['groupname']==""){\r
+               $input_errors[] = "group name must not be empty!";\r
+       }\r
+       if($_POST['old_groupname'] != $_POST['groupname']) {\r
+               // Either a new group, or one with a group name change\r
+               if (isset($config['system']['groups'][$_POST['groupname']])) {\r
+                       $input_errors[] = "group name can not match an existing group!";\r
+               }\r
+       }\r
+       \r
+       //check groupname: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: groupname can\r
+       //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a groupname, config.xml\r
+       //could not be parsed anymore!\r
+       if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['groupname'])){\r
+               $input_errors[] = "groupname contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed";\r
+       }\r
+       if(!empty($input_errors)){\r
+               //there are illegal inputs --> print out error message and show formula again \r
+               //and fill in all recently entered values except passwords\r
+               $_GET['act']="new";\r
+               $_POST['old_groupname']=($_POST['old_groupname'] ? $_POST['old_groupname'] : $_POST['groupname']);\r
+               $_GET['groupname']=$_POST['old_groupname'];\r
+\r
+               $group['description']=$_POST['description'];\r
+\r
+               foreach ($pages as $fname => $title) {\r
+                       $id = str_replace('.php','',$fname);\r
+                       if ($_POST[$id] == 'yes') {\r
+                               $group['pages'][] = $fname;\r
+                       }                       \r
+               }\r
+               \r
+       } else {\r
+               //all values are okay --> saving changes\r
+               $_POST['groupname']=trim($_POST['groupname']);\r
+               if($_POST['old_groupname']!="" && $_POST['old_groupname']!=$_POST['groupname']){\r
+                       //change the groupname (which is used as array-index)\r
+                       $config['system']['groups'][$_POST['groupname']]=$config['system']['groups'][$_POST['old_groupname']];\r
+                       unset($config['system']['groups'][$_POST['old_groupname']]);\r
+\r
+                       // Group name was changed.  Update all users that are members of this group to point to the new groupname.\r
+                       foreach ($config['system']['users'] as $key => $user) {\r
+                               if ($user['group'] == $_POST['old_groupname']) \r
+                                       $config['system']['users'][$key]['group'] = $_POST['groupname'];                                \r
+                       }\r
+               }\r
+               $config['system']['groups'][$_POST['groupname']]['description']=trim($_POST['description']);\r
+               // Clear pages info and read pages from POST\r
+               if (isset($config['system']['groups'][$_POST['groupname']]['pages']))\r
+                       unset($config['system']['groups'][$_POST['groupname']]['pages']);\r
+               foreach ($pages as $fname => $title) {\r
+                       $id = str_replace('.php','',$fname);\r
+                       if ($_POST[$id] == 'yes') {\r
+                               $config['system']['groups'][$_POST['groupname']]['pages'][] = $fname;\r
+                       }\r
+               }\r
+               write_config();\r
+               $retval = system_password_configure();\r
+               $savemsg = get_std_save_message($retval);\r
+               $savemsg="Group ".$_POST['groupname']." successfully saved<br>";\r
+       }\r
+}\r
+\r
+?>\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+       <?php \r
+       $tabs = array('Users' => 'system_usermanager.php',\r
+                         'Groups' => 'system_groupmanager.php');\r
+               dynamic_tab_menu($tabs);\r
+    ?>     \r
+  </ul>\r
+  </td></tr>    \r
+<tr>\r
+  <td class="tabcont">\r
+<?php\r
+if($_GET['act']=="new" || $_GET['act']=="edit"){\r
+       if($_GET['act']=="edit" && isset($_GET['groupname'])){\r
+               $group=$config['system']['groups'][$_GET['groupname']];\r
+       }\r
+?>\r
+<form action="system_groupmanager.php" method="post" name="iform" id="iform">\r
+          <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+            <tr> \r
+              <td width="22%" valign="top" class="vncellreq">Group name</td>\r
+              <td width="78%" class="vtable"> \r
+                <input name="groupname" type="text" class="formfld" id="groupname" size="20" value="<?=$_GET['groupname'];?>"> \r
+                </td>\r
+            </tr>\r
+            <tr> \r
+              <td width="22%" valign="top" class="vncell">Description</td>\r
+              <td width="78%" class="vtable"> \r
+                <input name="description" type="text" class="formfld" id="description" size="20" value="<?=htmlspecialchars($group['description']);?>">\r
+                <br>\r
+                Group description, for your own information only</td>\r
+            </tr>\r
+            <tr>\r
+                               <td colspan="4"><br>&nbsp;Select that pages that this group may access.  Members of this group will be able to perform all actions that<br>&nbsp; are possible from each individual web page.  Ensure you set access levels appropriately.<br><br>\r
+                               <span class="vexpl"><span class="red"><strong>&nbsp;Note: </strong></span>Pages \r
+          marked with an * are strongly recommended for every group.</span>\r
+                               </td>\r
+                               </tr>\r
+            <tr>\r
+              <td colspan="2">\r
+              <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+              <tr>\r
+                <td class="listhdrr">&nbsp;</td>\r
+                <td class="listhdrr">Page Description</td>\r
+                <td class="listhdr">Filename</td>\r
+              </tr>\r
+              <?php \r
+              foreach ($pages as $fname => $title) {\r
+               $id = str_replace('.php','',$fname);\r
+               ?>\r
+               <tr><td class="listlr">\r
+               <input name="<?=$id?>" type="checkbox" id="<?=$id?>" value="yes" <?php if (in_array($fname,$group['pages'])) echo "checked"; ?>></td>\r
+               <td class="listr"><?=$title?></td>\r
+               <td class="listr"><?=$fname?></td>\r
+               </tr>\r
+               <?\r
+              } ?>\r
+              </table>\r
+              </td>\r
+            </tr>\r
+            <tr> \r
+              <td width="22%" valign="top">&nbsp;</td>\r
+              <td width="78%"> \r
+                <input name="save" type="submit" class="formbtn" value="Save"> \r
+                <input name="old_groupname" type="hidden" value="<?=$_GET['groupname'];?>">\r
+              </td>\r
+            </tr>\r
+          </table>\r
+ </form>\r
+<?php\r
+} else {\r
+?>\r
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+    <tr>\r
+       <td width="35%" class="listhdrr">Group name</td>\r
+       <td width="20%" class="listhdrr">Description</td>\r
+       <td width="20%" class="listhdrr">Pages Accessible</td>                  \r
+       <td width="10%" class="list"></td>\r
+       </tr>\r
+<?php\r
+       if(is_array($config['system']['groups'])){\r
+               foreach($config['system']['groups'] as $groupname => $group){\r
+?>\r
+               <tr>\r
+           <td class="listlr">\r
+              <?=$groupname; ?>&nbsp;\r
+           </td>\r
+           <td class="listr">\r
+              <?=htmlspecialchars($group['description']);?>&nbsp;\r
+           </td>\r
+              <td class="listr">\r
+              <?=count($group['pages']);?>\r
+              </td>\r
+           <td valign="middle" nowrap class="list"> <a href="system_groupmanager.php?act=edit&groupname=<?=$groupname; ?>"><img src="e.gif" title="edit group" width="17" height="17" border="0"></a>\r
+              &nbsp;<a href="system_groupmanager.php?act=delete&groupname=<?=$groupname; ?>" onclick="return confirm('Do you really want to delete this Group?')"><img src="x.gif" title="delete group" width="17" height="17" border="0"></a></td>\r
+               </tr>\r
+<?php\r
+               }\r
+       } ?>\r
+           <tr> \r
+                       <td class="list" colspan="3"></td>\r
+                       <td class="list"> <a href="system_groupmanager.php?act=new"><img src="plus.gif" title="add group" width="17" height="17" border="0"></a></td>\r
+               </tr>\r
+               <tr>\r
+                       <td colspan="3">\r
+                     Additional webGui admin groups can be added here.  Each group can be restricted to specific portions of the webGUI.  Individually select the desired web pages each group may access.  For example, a troubleshooting group could be created which has access only to selected Status and Diagnostics pages.\r
+                       </td>\r
+               </tr>\r
+ </table>\r
+<?php } ?>\r
+     \r
+  </td>\r
+  </tr>\r
+  </table>\r
+<?php include("fend.inc"); ?>
\ No newline at end of file
diff --git a/webgui/system_usermanager.php b/webgui/system_usermanager.php
new file mode 100644 (file)
index 0000000..6e0b581
--- /dev/null
@@ -0,0 +1,325 @@
+#!/usr/local/bin/php\r
+<?php \r
+/*\r
+       $Id: system_usermanager.php\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+\r
+       Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.\r
+       All rights reserved. \r
+\r
+       Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+require("guiconfig.inc");\r
+\r
+// The page title for non-admins\r
+$pgtitle = array("System", "User password");\r
+if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {\r
+       $pgtitle = array("System", "User manager");\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<?php \r
+if ($_SERVER['REMOTE_USER'] === $config['system']['username']) { \r
+       \r
+       if ($_GET['act']=="new" || $_GET['act']=="edit") {\r
+               if (isset($_GET['username'])) {\r
+                       $user=$config['system']['users'][$_GET['username']];\r
+               }\r
+       }       \r
+       \r
+       if (($_GET['act']=='delete') && (isset($_GET['username']))) {\r
+               unset($config['system']['users'][$_GET['username']]);\r
+               write_config();\r
+               $retval = system_password_configure();\r
+               $savemsg = get_std_save_message($retval);\r
+               $savemsg="User ".$_GET['username']." successfully deleted<br>";         \r
+       }\r
+       \r
+       if(isset($_POST['save'])) {\r
+               //value-checking\r
+               if(trim($_POST['password1'])!="********" && \r
+                  trim($_POST['password1'])!="" && \r
+                  trim($_POST['password1'])!=trim($_POST['password2'])){\r
+                       //passwords are to be changed but don't match\r
+                       $input_errors[]="passwords don't match";\r
+               }\r
+               if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") && \r
+                  (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){\r
+                       //assume password should be left as is if a password is set already.\r
+                       if(!empty($config['system']['users'][$_POST['old_username']]['password'])){\r
+                               $_POST['password1']="********";\r
+                               $_POST['password2']="********";\r
+                       } else {\r
+                               $input_errors[]="password must not be empty";\r
+                       }\r
+               } else {\r
+                       if(trim($_POST['password1'])!=trim($_POST['password2'])){\r
+                               //passwords are to be changed or set but don't match\r
+                               $input_errors[]="passwords don't match";\r
+                       } else {\r
+                               //check password for invalid characters\r
+                               if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){\r
+                                       $input_errors[] = "password contains illegal characters, only  letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed";\r
+                                       //test pw: AZaz_-.@~()&*+§?!$£°%;:\r
+                               }\r
+                       }\r
+               }\r
+               if($_POST['username']==""){\r
+                       $input_errors[] = "username must not be empty!";\r
+               }\r
+               if($_POST['username']==$config['system']['username']) {\r
+                       $input_errors[] = "username can not match the administrator username!";\r
+               }\r
+               if($_POST['old_username'] != $_POST['username']) {\r
+                       // Either a new user, or one with a username change\r
+                       if (isset($config['system']['users'][$_POST['username']])) {\r
+                               $input_errors[] = "username can not match an existing user!";\r
+                       }\r
+               }\r
+               if(!isset($config['system']['groups'][$_POST['group']])) {\r
+                       $input_errors[] = "group does not exist, please define the group before assigning users.";\r
+               }\r
+               \r
+               //check username: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: username can\r
+               //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a username, config.xml\r
+               //could not be parsed anymore!\r
+               if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['username'])){\r
+                       $input_errors[] = "username contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed";\r
+               }\r
+               if(!empty($input_errors)){\r
+                       //there are illegal inputs --> print out error message and show formula again \r
+                       //and fill in all recently entered values except passwords\r
+                       $_GET['act']="new";\r
+                       $_POST['old_username']=($_POST['old_username'] ? $_POST['old_username'] : $_POST['username']);\r
+                       $_GET['username']=$_POST['old_username'];\r
+\r
+                       $user['fullname']=$_POST['fullname'];\r
+\r
+               } else {\r
+                       //all values are okay --> saving changes\r
+                       $_POST['username']=trim($_POST['username']);\r
+                       if($_POST['old_username']!="" && $_POST['old_username']!=$_POST['username']){\r
+                               //change the username (which is used as array-index)\r
+                               $config['system']['users'][$_POST['username']]=$config['system']['users'][$_POST['old_username']];\r
+                               unset($config['system']['users'][$_POST['old_username']]);\r
+                       }\r
+                       $config['system']['users'][$_POST['username']]['fullname']=trim($_POST['fullname']);\r
+                       if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){\r
+                               $config['system']['users'][$_POST['username']]['password']=crypt(trim($_POST['password1']));\r
+                       }\r
+                       $config['system']['users'][$_POST['username']]['group']=trim($_POST['group']);\r
+                       // Remove config information from old way of handling sub-admin users.\r
+                       if (isset($config['system']['users'][$_POST['username']]['pages'])) \r
+                         unset($config['system']['users'][$_POST['username']]['pages']);\r
+                       write_config();\r
+                       $retval = system_password_configure();\r
+                       $savemsg = get_std_save_message($retval);\r
+                       $savemsg="User ".$_POST['username']." successfully saved<br>";\r
+               }\r
+       }\r
+\r
+?>\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+       <?php \r
+       $tabs = array('Users' => 'system_usermanager.php',\r
+                         'Groups' => 'system_groupmanager.php');\r
+               dynamic_tab_menu($tabs);\r
+    ?>     \r
+  </ul>\r
+  </td></tr>    \r
+<tr>\r
+  <td class="tabcont">\r
+<?php\r
+if($_GET['act']=="new" || $_GET['act']=="edit"){\r
+       if($_GET['act']=="edit" && isset($_GET['username'])){\r
+               $user=$config['system']['users'][$_GET['username']];\r
+       }\r
+?>\r
+       <form action="system_usermanager.php" method="post" name="iform" id="iform">\r
+              <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Username</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <input name="username" type="text" class="formfld" id="username" size="20" value="<?=$_GET['username'];?>"> \r
+                    </td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Password</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <input name="password1" type="password" class="formfld" id="password1" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>"> <br>\r
+                                       <input name="password2" type="password" class="formfld" id="password2" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>">\r
+&nbsp;(confirmation)                                   </td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncell">Full name</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <input name="fullname" type="text" class="formfld" id="fullname" size="20" value="<?=htmlspecialchars($user['fullname']);?>">\r
+                    <br>\r
+                    User's full name, for your own information only</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncell">Group Name</td>\r
+                  <td width="78%" class="vtable">\r
+                                 <select name="group" class="formfld" id="group">\r
+                      <?php foreach ($config['system']['groups'] as $gname => $group): ?>\r
+                       \r
+                      <option value="<?=$gname;?>" <?php if ($gname == $user['group']) echo "selected"; ?>>\r
+                      <?=htmlspecialchars($gname);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select>                   \r
+                    <br>\r
+                    The admin group to which this user is assigned.</td>\r
+                </tr>                \r
+                <tr> \r
+                  <td width="22%" valign="top">&nbsp;</td>\r
+                  <td width="78%"> \r
+                    <input name="save" type="submit" class="formbtn" value="Save"> \r
+                    <input name="old_username" type="hidden" value="<?=$_GET['username'];?>">\r
+                  </td>\r
+                </tr>\r
+              </table>\r
+     </form>\r
+<?php\r
+} else {\r
+?>\r
+     <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+        <tr>\r
+           <td width="35%" class="listhdrr">Username</td>\r
+           <td width="20%" class="listhdrr">Full name</td>\r
+           <td width="20%" class="listhdrr">Group</td>                  \r
+           <td width="10%" class="list"></td>\r
+               </tr>\r
+<?php\r
+       if(is_array($config['system']['users'])){\r
+               foreach($config['system']['users'] as $username => $user){\r
+?>\r
+               <tr>\r
+           <td class="listlr">\r
+              <?=$username; ?>&nbsp;\r
+           </td>\r
+           <td class="listr">\r
+              <?=htmlspecialchars($user['fullname']);?>&nbsp;\r
+           </td>\r
+              <td class="listr">\r
+              <?=$user['group'];?>\r
+              </td>\r
+           <td valign="middle" nowrap class="list"> <a href="system_usermanager.php?act=edit&username=<?=$username; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>\r
+              &nbsp;<a href="system_usermanager.php?act=delete&username=<?=$username; ?>" onclick="return confirm('Do you really want to delete this User?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>\r
+               </tr>\r
+<?php\r
+               }\r
+       } ?>\r
+           <tr> \r
+                       <td class="list" colspan="3"></td>\r
+                       <td class="list"> <a href="system_usermanager.php?act=new"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>\r
+               </tr>\r
+               <tr>\r
+                       <td colspan="3">\r
+                     Additional webGui users can be added here.  User permissions are determined by the admin group they are a member of.\r
+                       </td>\r
+               </tr>\r
+ </table>\r
+<?php } ?>\r
+     \r
+  </td>\r
+  </tr>\r
+  </table>\r
+<?php \r
+} else { // end of admin user code, start of normal user code\r
+       if(isset($_POST['save'])) {\r
+               //value-checking\r
+               if(trim($_POST['password1'])!="********" && \r
+                  trim($_POST['password1'])!="" && \r
+                  trim($_POST['password1'])!=trim($_POST['password2'])){\r
+                       //passwords are to be changed but don't match\r
+                       $input_errors[]="passwords don't match";\r
+               }\r
+               if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") && \r
+                  (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){\r
+                       //assume password should be left as is if a password is set already.\r
+                       if(!empty($config['system']['users'][$_POST['old_username']]['password'])){\r
+                               $_POST['password1']="********";\r
+                               $_POST['password2']="********";\r
+                       } else {\r
+                               $input_errors[]="password must not be empty";\r
+                       }\r
+               } else {\r
+                       if(trim($_POST['password1'])!=trim($_POST['password2'])){\r
+                               //passwords are to be changed or set but don't match\r
+                               $input_errors[]="passwords don't match";\r
+                       } else {\r
+                               //check password for invalid characters\r
+                               if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){\r
+                                       $input_errors[] = "password contains illegal characters, only  letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed";\r
+                                       //test pw: AZaz_-.@~()&*+§?!$£°%;:\r
+                               }\r
+                       }\r
+               }\r
+               if (!$input_errors) {\r
+                       //all values are okay --> saving changes\r
+                       if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){\r
+                               $config['system']['users'][$_SERVER['REMOTE_USER']]['password']=crypt(trim($_POST['password1']));\r
+                       }\r
+                       write_config();\r
+                       $retval = system_password_configure();\r
+                       $savemsg = get_std_save_message($retval);\r
+                       $savemsg = "Password successfully changed<br>";\r
+               }               \r
+       }\r
+\r
+       \r
+?>\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+      <form action="system_usermanager.php" method="post" name="iform" id="iform">\r
+         <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+            <tr> \r
+              <td colspan="2" valign="top" class="listtopic"><?=$_SERVER['REMOTE_USER']?>'s Password</td>\r
+            </tr>\r
+                   <tr> \r
+                     <td width="22%" valign="top" class="vncell">Password</td>\r
+                     <td width="78%" class="vtable"> <input name="password1" type="password" class="formfld" id="password1" size="20"> \r
+                       <br> <input name="password2" type="password" class="formfld" id="password2" size="20"> \r
+                       &nbsp;(confirmation) <br> <span class="vexpl">Select a new password</span></td>\r
+                   </tr>\r
+            <tr> \r
+              <td width="22%" valign="top">&nbsp;</td>\r
+              <td width="78%"> \r
+                <input name="save" type="submit" class="formbtn" value="Save"> \r
+              </td>\r
+            </tr>                  \r
+         </table>\r
+      </form>              \r
+\r
+<?php \r
+} // end of normal user code ?>\r
+<?php include("fend.inc"); ?>\r
index fc26a4c44382d79ea265f7ae86e5a7343bcc409c..65739bc59c99eea31fcebbf853cf65a231ff9693 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("VPN", "IPsec");
-require("guiconfig.inc");
-
-if (!is_array($config['ipsec']['tunnel'])) {
-       $config['ipsec']['tunnel'] = array();
-}
-$a_ipsec = &$config['ipsec']['tunnel'];
-$wancfg = &$config['interfaces']['wan'];
-
-$pconfig['enable'] = isset($config['ipsec']['enable']);
-
-if ($_POST) {
-
-       if ($_POST['apply']) {
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path))
-                       $retval = vpn_ipsec_configure();
-               $savemsg = get_std_save_message($retval);
-               if ($retval == 0) {
-                       if (file_exists($d_ipsecconfdirty_path))
-                               unlink($d_ipsecconfdirty_path);
-               }
-       } else if ($_POST['submit']) {
-               $pconfig = $_POST;
-               
-               $config['ipsec']['enable'] = $_POST['enable'] ? true : false;
-               
-               write_config();
-       
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval = vpn_ipsec_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);
-               if ($retval == 0) {
-                       if (file_exists($d_ipsecconfdirty_path))
-                               unlink($d_ipsecconfdirty_path);
-               }
-       }
-}
-
-if ($_GET['act'] == "del") {
-       if ($a_ipsec[$_GET['id']]) {
-               unset($a_ipsec[$_GET['id']]);
-               write_config();
-               touch($d_ipsecconfdirty_path);
-               header("Location: vpn_ipsec.php");
-               exit;
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="vpn_ipsec.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>
-<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabact">Tunnels</li>
-    <li class="tabinact"><a href="vpn_ipsec_mobile.php">Mobile clients</a></li>
-    <li class="tabinact"><a href="vpn_ipsec_keys.php">Pre-shared keys</a></li>
-    <li class="tabinact"><a href="vpn_ipsec_ca.php">CAs</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-                       <table width="100%" border="0" cellpadding="6" cellspacing="0">
-                <tr> 
-                  <td class="vtable">
-                      <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked";?>>
-                      <strong>Enable IPsec</strong></td>
-                </tr>
-                <tr> 
-                  <td> <input name="submit" type="submit" class="formbtn" value="Save"> 
-                  </td>
-                </tr>
-              </table>
-              &nbsp;<br>
-              <table width="100%" border="0" cellpadding="0" cellspacing="0">
-                <tr>
-                  <td nowrap class="listhdrr">Local net<br>
-                    Remote net</td>
-                  <td class="listhdrr">Interface<br>Remote gw</td>
-                  <td class="listhdrr">P1 mode</td>
-                  <td class="listhdrr">P1 Enc. Algo</td>
-                  <td class="listhdrr">P1 Hash Algo</td>
-                  <td class="listhdr">Description</td>
-                  <td class="list"></td>
-                               </tr>
-                <?php $i = 0; foreach ($a_ipsec as $ipsecent):
-                                       if (isset($ipsecent['disabled'])) {
-                                               $spans = "<span class=\"gray\">";
-                                               $spane = "</span>";
-                                       } else {
-                                               $spans = $spane = "";
-                                       }
-                               ?>
-                <tr valign="top">
-                  <td nowrap class="listlr"><?=$spans;?> 
-                    <?php      if ($ipsecent['local-subnet']['network'])
-                                                               echo strtoupper($ipsecent['local-subnet']['network']);
-                                                       else
-                                                               echo $ipsecent['local-subnet']['address'];
-                                       ?>
-                    <br>
-                    <?=$ipsecent['remote-subnet'];?>
-                  <?=$spane;?></td>
-                  <td class="listr"><?=$spans;?>
-                                 <?php if ($ipsecent['interface']) {
-                                                       $iflabels = array('lan' => 'LAN', 'wan' => 'WAN');
-                                                         for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)
-                                                               $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];
-                                                         $if = htmlspecialchars($iflabels[$ipsecent['interface']]);
-                                               } else
-                                                       $if = "WAN";
-                                               
-                                               echo $if . "<br>" . $ipsecent['remote-gateway'];
-                                       ?>
-                  <?=$spane;?></td>
-                  <td class="listr"><?=$spans;?>
-                                   <?=$ipsecent['p1']['mode'];?>
-                  <?=$spane;?></td>
-                  <td class="listr"><?=$spans;?>
-                                   <?=$p1_ealgos[$ipsecent['p1']['encryption-algorithm']];?>
-                  <?=$spane;?></td>
-                  <td class="listr"><?=$spans;?>
-                                   <?=$p1_halgos[$ipsecent['p1']['hash-algorithm']];?>
-                  <?=$spane;?></td>
-                  <td class="listbg"><?=$spans;?>
-                    <?=htmlspecialchars($ipsecent['descr']);?>&nbsp;
-                  <?=$spane;?></td>
-                  <td valign="middle" nowrap class="list"> <a href="vpn_ipsec_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit tunnel" width="17" height="17" border="0"></a> 
-                    &nbsp;<a href="vpn_ipsec.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this tunnel?')"><img src="x.gif" title="delete tunnel" width="17" height="17" border="0"></a></td>
-                               </tr>
-                         <?php $i++; endforeach; ?>
-                <tr> 
-                  <td class="list" colspan="6"></td>
-                  <td class="list"> <a href="vpn_ipsec_edit.php"><img src="plus.gif" title="add tunnel" width="17" height="17" border="0"></a></td>
-                               </tr>
-              </table>
-                       </td>
-       </tr>
-</table>
-</form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("VPN", "IPsec", "Tunnels");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['ipsec']['tunnel'])) {\r
+       $config['ipsec']['tunnel'] = array();\r
+}\r
+$a_ipsec = &$config['ipsec']['tunnel'];\r
+$wancfg = &$config['interfaces']['wan'];\r
+\r
+$pconfig['enable'] = isset($config['ipsec']['enable']);\r
+\r
+if ($_POST) {\r
+\r
+       if ($_POST['apply']) {\r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path))\r
+                       $retval = vpn_ipsec_configure();\r
+               $savemsg = get_std_save_message($retval);\r
+               if ($retval == 0) {\r
+                       if (file_exists($d_ipsecconfdirty_path))\r
+                               unlink($d_ipsecconfdirty_path);\r
+               }\r
+       } else if ($_POST['submit']) {\r
+               $pconfig = $_POST;\r
+               \r
+               $config['ipsec']['enable'] = $_POST['enable'] ? true : false;\r
+               \r
+               write_config();\r
+       \r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval = vpn_ipsec_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+               if ($retval == 0) {\r
+                       if (file_exists($d_ipsecconfdirty_path))\r
+                               unlink($d_ipsecconfdirty_path);\r
+               }\r
+       }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_ipsec[$_GET['id']]) {\r
+               unset($a_ipsec[$_GET['id']]);\r
+               write_config();\r
+               touch($d_ipsecconfdirty_path);\r
+               header("Location: vpn_ipsec.php");\r
+               exit;\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="vpn_ipsec.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Tunnels' => 'vpn_ipsec.php',\r
+                         'Mobile clients' => 'vpn_ipsec_mobile.php',\r
+                         'Pre-shared keys' => 'vpn_ipsec_keys.php',\r
+                         'CAs' => 'vpn_ipsec_ca.php');\r
+       dynamic_tab_menu($tabs);\r
+?>       \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+                       <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                <tr> \r
+                  <td class="vtable">\r
+                      <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked";?>>\r
+                      <strong>Enable IPsec</strong></td>\r
+                </tr>\r
+                <tr> \r
+                  <td> <input name="submit" type="submit" class="formbtn" value="Save"> \r
+                  </td>\r
+                </tr>\r
+              </table>\r
+              &nbsp;<br>\r
+              <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr>\r
+                  <td nowrap class="listhdrr">Local net<br>\r
+                    Remote net</td>\r
+                  <td class="listhdrr">Interface<br>Remote gw</td>\r
+                  <td class="listhdrr">P1 mode</td>\r
+                  <td class="listhdrr">P1 Enc. Algo</td>\r
+                  <td class="listhdrr">P1 Hash Algo</td>\r
+                  <td class="listhdr">Description</td>\r
+                  <td class="list"></td>\r
+                               </tr>\r
+                <?php $i = 0; foreach ($a_ipsec as $ipsecent):\r
+                                       if (isset($ipsecent['disabled'])) {\r
+                                               $spans = "<span class=\"gray\">";\r
+                                               $spane = "</span>";\r
+                                       } else {\r
+                                               $spans = $spane = "";\r
+                                       }\r
+                               ?>\r
+                <tr valign="top">\r
+                  <td nowrap class="listlr"><?=$spans;?> \r
+                    <?php      if ($ipsecent['local-subnet']['network'])\r
+                                                               echo strtoupper($ipsecent['local-subnet']['network']);\r
+                                                       else\r
+                                                               echo $ipsecent['local-subnet']['address'];\r
+                                       ?>\r
+                    <br>\r
+                    <?=$ipsecent['remote-subnet'];?>\r
+                  <?=$spane;?></td>\r
+                  <td class="listr"><?=$spans;?>\r
+                                 <?php if ($ipsecent['interface']) {\r
+                                                       $iflabels = array('lan' => 'LAN', 'wan' => 'WAN');\r
+                                                         for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)\r
+                                                               $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];\r
+                                                         $if = htmlspecialchars($iflabels[$ipsecent['interface']]);\r
+                                               } else\r
+                                                       $if = "WAN";\r
+                                               \r
+                                               echo $if . "<br>" . $ipsecent['remote-gateway'];\r
+                                       ?>\r
+                  <?=$spane;?></td>\r
+                  <td class="listr"><?=$spans;?>\r
+                                   <?=$ipsecent['p1']['mode'];?>\r
+                  <?=$spane;?></td>\r
+                  <td class="listr"><?=$spans;?>\r
+                                   <?=$p1_ealgos[$ipsecent['p1']['encryption-algorithm']];?>\r
+                  <?=$spane;?></td>\r
+                  <td class="listr"><?=$spans;?>\r
+                                   <?=$p1_halgos[$ipsecent['p1']['hash-algorithm']];?>\r
+                  <?=$spane;?></td>\r
+                  <td class="listbg"><?=$spans;?>\r
+                    <?=htmlspecialchars($ipsecent['descr']);?>&nbsp;\r
+                  <?=$spane;?></td>\r
+                  <td valign="middle" nowrap class="list"> <a href="vpn_ipsec_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit tunnel" width="17" height="17" border="0"></a> \r
+                    &nbsp;<a href="vpn_ipsec.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this tunnel?')"><img src="x.gif" title="delete tunnel" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+                         <?php $i++; endforeach; ?>\r
+                <tr> \r
+                  <td class="list" colspan="6"></td>\r
+                  <td class="list"> <a href="vpn_ipsec_edit.php"><img src="plus.gif" title="add tunnel" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+              </table>\r
+                       </td>\r
+       </tr>\r
+</table>\r
+</form>\r
+<?php include("fend.inc"); ?>\r
index 829978d2ea8af9310f5919b2774b8a33f1a8244e..01fded338b9c287437eb5e8f13907f30978ec448 100644 (file)
@@ -1,93 +1,96 @@
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("VPN", "IPsec");
-require("guiconfig.inc");
-
-if (!is_array($config['ipsec']['cacert'])) {
-       $config['ipsec']['cacert'] = array();
-}
-ipsec_ca_sort();
-$a_secret = &$config['ipsec']['cacert'];
-
-if ($_GET['act'] == "del") {
-       if ($a_secret[$_GET['id']]) {
-               unset($a_secret[$_GET['id']]);
-               write_config();
-               touch($d_ipsecconfdirty_path);
-               header("Location: vpn_ipsec_ca.php");
-               exit;
-       }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<form action="vpn_ipsec.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>
-<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td>
-  <ul id="tabnav">
-    <li class="tabinact"><a href="vpn_ipsec.php">Tunnels</a></li>
-    <li class="tabinact"><a href="vpn_ipsec_mobile.php">Mobile clients</a></li>
-    <li class="tabinact"><a href="vpn_ipsec_keys.php">Pre-shared keys</a></li>
-    <li class="tabact">CAs</li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="80%" border="0" cellpadding="0" cellspacing="0">
-                <tr> 
-                  <td class="listhdrr">Identifier</td>
-                  <td class="list"></td>
-                               </tr>
-                         <?php $i = 0; foreach ($a_secret as $secretent): ?>
-                <tr> 
-                  <td class="listlr">
-                    <?=htmlspecialchars($secretent['ident']);?>
-                  </td>
-                  <td class="list" nowrap> <a href="vpn_ipsec_ca_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit certificate" width="17" height="17" border="0"></a>
-                     &nbsp;<a href="vpn_ipsec_ca.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this certificate?')"><img src="x.gif" title="delete certificate" width="17" height="17" border="0"></a></td>
-                               </tr>
-                         <?php $i++; endforeach; ?>
-                <tr> 
-                  <td class="list"></td>
-                  <td class="list"> <a href="vpn_ipsec_ca_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td>
-                               </tr>
-              </table>
-                        </td>
-                       </tr>
-               </table>
-</form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("VPN", "IPsec", "CAs");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['ipsec']['cacert'])) {\r
+       $config['ipsec']['cacert'] = array();\r
+}\r
+ipsec_ca_sort();\r
+$a_secret = &$config['ipsec']['cacert'];\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_secret[$_GET['id']]) {\r
+               unset($a_secret[$_GET['id']]);\r
+               write_config();\r
+               touch($d_ipsecconfdirty_path);\r
+               header("Location: vpn_ipsec_ca.php");\r
+               exit;\r
+       }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="vpn_ipsec.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td>\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Tunnels' => 'vpn_ipsec.php',\r
+                         'Mobile clients' => 'vpn_ipsec_mobile.php',\r
+                         'Pre-shared keys' => 'vpn_ipsec_keys.php',\r
+                         'CAs' => 'vpn_ipsec_ca.php');\r
+       dynamic_tab_menu($tabs);\r
+?>       \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr> \r
+                  <td class="listhdrr">Identifier</td>\r
+                  <td class="list"></td>\r
+                               </tr>\r
+                         <?php $i = 0; foreach ($a_secret as $secretent): ?>\r
+                <tr> \r
+                  <td class="listlr">\r
+                    <?=htmlspecialchars($secretent['ident']);?>\r
+                  </td>\r
+                  <td class="list" nowrap> <a href="vpn_ipsec_ca_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit certificate" width="17" height="17" border="0"></a>\r
+                     &nbsp;<a href="vpn_ipsec_ca.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this certificate?')"><img src="x.gif" title="delete certificate" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+                         <?php $i++; endforeach; ?>\r
+                <tr> \r
+                  <td class="list"></td>\r
+                  <td class="list"> <a href="vpn_ipsec_ca_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+              </table>\r
+                        </td>\r
+                       </tr>\r
+               </table>\r
+</form>\r
+<?php include("fend.inc"); ?>\r
index 77e3f65b635f09f07d83a76f944059d79f0914e5..eaae0ae48bb2261c8ac77904d95ae29fad03c7d5 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("VPN", "IPsec");
-require("guiconfig.inc");
-
-if (!is_array($config['ipsec']['mobilekey'])) {
-       $config['ipsec']['mobilekey'] = array();
-}
-ipsec_mobilekey_sort();
-$a_secret = &$config['ipsec']['mobilekey'];
-
-if ($_GET['act'] == "del") {
-       if ($a_secret[$_GET['id']]) {
-               unset($a_secret[$_GET['id']]);
-               write_config();
-               touch($d_ipsecconfdirty_path);
-               header("Location: vpn_ipsec_keys.php");
-               exit;
-       }
-}
-
-?>
-<?php include("fbegin.inc"); ?>
-<form action="vpn_ipsec.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>
-<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="vpn_ipsec.php">Tunnels</a></li>
-    <li class="tabinact"><a href="vpn_ipsec_mobile.php">Mobile clients</a></li>
-    <li class="tabact">Pre-shared keys</li>
-    <li class="tabinact"><a href="vpn_ipsec_ca.php">CAs</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="80%" border="0" cellpadding="0" cellspacing="0">
-                <tr> 
-                  <td class="listhdrr">Identifier</td>
-                  <td class="listhdr">Pre-shared key</td>
-                  <td class="list"></td>
-                               </tr>
-                         <?php $i = 0; foreach ($a_secret as $secretent): ?>
-                <tr> 
-                  <td class="listlr">
-                    <?=htmlspecialchars($secretent['ident']);?>
-                  </td>
-                  <td class="listr">
-                    <?=htmlspecialchars($secretent['pre-shared-key']);?>
-                  </td>
-                  <td class="list" nowrap> <a href="vpn_ipsec_keys_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit key" width="17" height="17" border="0"></a>
-                     &nbsp;<a href="vpn_ipsec_keys.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pre-shared key?')"><img src="x.gif" title="delete key" width="17" height="17" border="0"></a></td>
-                               </tr>
-                         <?php $i++; endforeach; ?>
-                <tr> 
-                  <td class="list" colspan="2"></td>
-                  <td class="list"> <a href="vpn_ipsec_keys_edit.php"><img src="plus.gif" title="add key" width="17" height="17" border="0"></a></td>
-                               </tr>
-              </table>
-                        </td>
-                       </tr>
-               </table>
-</form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("VPN", "IPsec", "Pre-shared keys");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['ipsec']['mobilekey'])) {\r
+       $config['ipsec']['mobilekey'] = array();\r
+}\r
+ipsec_mobilekey_sort();\r
+$a_secret = &$config['ipsec']['mobilekey'];\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_secret[$_GET['id']]) {\r
+               unset($a_secret[$_GET['id']]);\r
+               write_config();\r
+               touch($d_ipsecconfdirty_path);\r
+               header("Location: vpn_ipsec_keys.php");\r
+               exit;\r
+       }\r
+}\r
+\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="vpn_ipsec.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Tunnels' => 'vpn_ipsec.php',\r
+                         'Mobile clients' => 'vpn_ipsec_mobile.php',\r
+                         'Pre-shared keys' => 'vpn_ipsec_keys.php',\r
+                         'CAs' => 'vpn_ipsec_ca.php');\r
+       dynamic_tab_menu($tabs);\r
+?>       \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr> \r
+                  <td class="listhdrr">Identifier</td>\r
+                  <td class="listhdr">Pre-shared key</td>\r
+                  <td class="list"></td>\r
+                               </tr>\r
+                         <?php $i = 0; foreach ($a_secret as $secretent): ?>\r
+                <tr> \r
+                  <td class="listlr">\r
+                    <?=htmlspecialchars($secretent['ident']);?>\r
+                  </td>\r
+                  <td class="listr">\r
+                    <?=htmlspecialchars($secretent['pre-shared-key']);?>\r
+                  </td>\r
+                  <td class="list" nowrap> <a href="vpn_ipsec_keys_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit key" width="17" height="17" border="0"></a>\r
+                     &nbsp;<a href="vpn_ipsec_keys.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pre-shared key?')"><img src="x.gif" title="delete key" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+                         <?php $i++; endforeach; ?>\r
+                <tr> \r
+                  <td class="list" colspan="2"></td>\r
+                  <td class="list"> <a href="vpn_ipsec_keys_edit.php"><img src="plus.gif" title="add key" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+              </table>\r
+                        </td>\r
+                       </tr>\r
+               </table>\r
+</form>\r
+<?php include("fend.inc"); ?>\r
index 90358ea232fb4c4811017038534c5ba7cefcb8d6..173e9690c2c67df4f98c4e67322b008572483cca 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("VPN", "IPsec");
-require("guiconfig.inc");
-
-if (!is_array($config['ipsec']['mobileclients'])) {
-       $config['ipsec']['mobileclients'] = array();
-}
-$a_ipsec = &$config['ipsec']['mobileclients'];
-
-if (count($a_ipsec) == 0) {
-       /* defaults */
-       $pconfig['p1mode'] = "aggressive";
-       $pconfig['p1myidentt'] = "myaddress";
-       $pconfig['p1ealgo'] = "3des";
-       $pconfig['p1halgo'] = "sha1";
-       $pconfig['p1dhgroup'] = "2";
-       $pconfig['p1authentication_method'] = "pre_shared_key";
-       $pconfig['p2proto'] = "esp";
-       $pconfig['p2ealgos'] = explode(",", "3des,blowfish,cast128,rijndael");
-       $pconfig['p2halgos'] = explode(",", "hmac_sha1,hmac_md5");
-       $pconfig['p2pfsgroup'] = "0";
-} else {
-       $pconfig['enable'] = isset($a_ipsec['enable']);
-       $pconfig['p1mode'] = $a_ipsec['p1']['mode'];
-               
-       if (isset($a_ipsec['p1']['myident']['myaddress']))
-               $pconfig['p1myidentt'] = 'myaddress';
-       else if (isset($a_ipsec['p1']['myident']['address'])) {
-               $pconfig['p1myidentt'] = 'address';
-               $pconfig['p1myident'] = $a_ipsec['p1']['myident']['address'];
-       } else if (isset($a_ipsec['p1']['myident']['fqdn'])) {
-               $pconfig['p1myidentt'] = 'fqdn';
-               $pconfig['p1myident'] = $a_ipsec['p1']['myident']['fqdn'];
-       } else if (isset($a_ipsec['p1']['myident']['ufqdn'])) {
-               $pconfig['p1myidentt'] = 'user_fqdn';
-               $pconfig['p1myident'] = $a_ipsec['p1']['myident']['ufqdn'];
-       }
-       
-       $pconfig['p1ealgo'] = $a_ipsec['p1']['encryption-algorithm'];
-       $pconfig['p1halgo'] = $a_ipsec['p1']['hash-algorithm'];
-       $pconfig['p1dhgroup'] = $a_ipsec['p1']['dhgroup'];
-       $pconfig['p1lifetime'] = $a_ipsec['p1']['lifetime'];
-       $pconfig['p1authentication_method'] = $a_ipsec['p1']['authentication_method'];
-       $pconfig['p1cert'] = base64_decode($a_ipsec['p1']['cert']);
-       $pconfig['p1privatekey'] = base64_decode($a_ipsec['p1']['private-key']);
-       $pconfig['p2proto'] = $a_ipsec['p2']['protocol'];
-       $pconfig['p2ealgos'] = $a_ipsec['p2']['encryption-algorithm-option'];
-       $pconfig['p2halgos'] = $a_ipsec['p2']['hash-algorithm-option'];
-       $pconfig['p2pfsgroup'] = $a_ipsec['p2']['pfsgroup'];
-       $pconfig['p2lifetime'] = $a_ipsec['p2']['lifetime'];
-}
-
-if ($_POST) {
-       unset($input_errors);
-       $pconfig = $_POST;
-
-       /* input validation */
-       $reqdfields = explode(" ", "p2ealgos p2halgos");
-       $reqdfieldsn = explode(",", "P2 Encryption Algorithms,P2 Hash Algorithms");
-       
-       do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-       
-       if ($_POST['p1authentication_method']== "rsasig") {
-               if (!strstr($_POST['p1cert'], "BEGIN CERTIFICATE") || !strstr($_POST['p1cert'], "END CERTIFICATE"))
-                       $input_errors[] = "This certificate does not appear to be valid.";
-               if (!strstr($_POST['p1privatekey'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['p1privatekey'], "END RSA PRIVATE KEY"))
-                       $input_errors[] = "This key does not appear to be valid.";      
-       }
-       
-       if (($_POST['p1lifetime'] && !is_numeric($_POST['p1lifetime']))) {
-               $input_errors[] = "The P1 lifetime must be an integer.";
-       }
-       if (($_POST['p2lifetime'] && !is_numeric($_POST['p2lifetime']))) {
-               $input_errors[] = "The P2 lifetime must be an integer.";
-       }
-       if ((($_POST['p1myidentt'] == "address") && !is_ipaddr($_POST['p1myident']))) {
-               $input_errors[] = "A valid IP address for 'My identifier' must be specified.";
-       }
-       if ((($_POST['p1myidentt'] == "fqdn") && !is_domain($_POST['p1myident']))) {
-               $input_errors[] = "A valid domain name for 'My identifier' must be specified.";
-       }
-       if ($_POST['p1myidentt'] == "user_fqdn") {
-               $ufqdn = explode("@",$_POST['p1myident']);
-               if (!is_domain($ufqdn[1])) 
-                       $input_errors[] = "A valid User FQDN in the form of user@my.domain.com for 'My identifier' must be specified.";
-       }
-       
-       if ($_POST['p1myidentt'] == "myaddress")
-               $_POST['p1myident'] = "";
-
-       if (!$input_errors) {
-               $ipsecent = array();
-               $ipsecent['enable'] = $_POST['enable'] ? true : false;
-               $ipsecent['p1']['mode'] = $_POST['p1mode'];
-               
-               $ipsecent['p1']['myident'] = array();
-               switch ($_POST['p1myidentt']) {
-                       case 'myaddress':
-                               $ipsecent['p1']['myident']['myaddress'] = true;
-                               break;
-                       case 'address':
-                               $ipsecent['p1']['myident']['address'] = $_POST['p1myident'];
-                               break;
-                       case 'fqdn':
-                               $ipsecent['p1']['myident']['fqdn'] = $_POST['p1myident'];
-                               break;
-                       case 'user_fqdn':
-                               $ipsecent['p1']['myident']['ufqdn'] = $_POST['p1myident'];
-                               break;
-               }
-               
-               $ipsecent['p1']['encryption-algorithm'] = $_POST['p1ealgo'];
-               $ipsecent['p1']['hash-algorithm'] = $_POST['p1halgo'];
-               $ipsecent['p1']['dhgroup'] = $_POST['p1dhgroup'];
-               $ipsecent['p1']['lifetime'] = $_POST['p1lifetime'];
-               $ipsecent['p1']['private-key'] = base64_encode($_POST['p1privatekey']);
-               $ipsecent['p1']['cert'] = base64_encode($_POST['p1cert']);
-               $ipsecent['p1']['authentication_method'] = $_POST['p1authentication_method'];
-               $ipsecent['p2']['protocol'] = $_POST['p2proto'];
-               $ipsecent['p2']['encryption-algorithm-option'] = $_POST['p2ealgos'];
-               $ipsecent['p2']['hash-algorithm-option'] = $_POST['p2halgos'];
-               $ipsecent['p2']['pfsgroup'] = $_POST['p2pfsgroup'];
-               $ipsecent['p2']['lifetime'] = $_POST['p2lifetime'];
-               
-               $a_ipsec = $ipsecent;
-               
-               write_config();
-               touch($d_ipsecconfdirty_path);
-               
-               header("Location: vpn_ipsec_mobile.php");
-               exit;
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<script language="JavaScript">
-<!--
-function methodsel_change() {
-       switch (document.iform.p1authentication_method.selectedIndex) {
-               case 1: /* rsa */
-                       document.iform.p1privatekey.disabled = 0;
-                       document.iform.p1cert.disabled = 0;
-                       break;
-               default: /* pre-shared */
-                       document.iform.p1privatekey.disabled = 1;
-                       document.iform.p1cert.disabled = 1;
-                       break;
-       }
-}
-//-->
-</script>
-<form action="vpn_ipsec.php" method="post">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>
-<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-</form>
-<form action="vpn_ipsec_mobile.php" method="post" name="iform" id="iform">
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="vpn_ipsec.php">Tunnels</a></li>
-    <li class="tabact">Mobile clients</li>
-    <li class="tabinact"><a href="vpn_ipsec_keys.php">Pre-shared keys</a></li>
-    <li class="tabinact"><a href="vpn_ipsec_ca.php">CAs</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="100%" border="0" cellpadding="6" cellspacing="0">
-                         <tr> 
-                        <td width="22%" valign="top">&nbsp;</td>
-                        <td width="78%"> 
-                    <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?>>
-                    <strong>Allow mobile clients</strong></td>
-                </tr>
-                <tr> 
-                  <td colspan="2" valign="top" class="listtopic">Phase 1 proposal 
-                    (Authentication)</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Negotiation mode</td>
-                        <td width="78%" class="vtable">
-                                       <select name="p1mode" class="formfld">
-                      <?php $modes = explode(" ", "main aggressive"); foreach ($modes as $mode): ?>
-                      <option value="<?=$mode;?>" <?php if ($mode == $pconfig['p1mode']) echo "selected"; ?>> 
-                      <?=htmlspecialchars($mode);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select> <br> <span class="vexpl">Aggressive is faster, but 
-                    less secure.</span></td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">My identifier</td>
-                        <td width="78%" class="vtable">
-                                       <select name="p1myidentt" class="formfld">
-                      <?php foreach ($my_identifier_list as $mode => $modename): ?>
-                      <option value="<?=$mode;?>" <?php if ($mode == $pconfig['p1myidentt']) echo "selected"; ?>> 
-                      <?=htmlspecialchars($modename);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select> <input name="p1myident" type="text" class="formfld" id="p1myident" size="30" value="<?=$pconfig['p1myident'];?>"> 
-                  </td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Encryption algorithm</td>
-                        <td width="78%" class="vtable">
-                                       <select name="p1ealgo" class="formfld">
-                      <?php foreach ($p1_ealgos as $algo => $algoname): ?>
-                      <option value="<?=$algo;?>" <?php if ($algo == $pconfig['p1ealgo']) echo "selected"; ?>> 
-                      <?=htmlspecialchars($algoname);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select> <br> <span class="vexpl">Must match the setting 
-                    chosen on the remote side. </span></td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Hash algorithm</td>
-                        <td width="78%" class="vtable">
-                                       <select name="p1halgo" class="formfld">
-                      <?php foreach ($p1_halgos as $algo => $algoname): ?>
-                      <option value="<?=$algo;?>" <?php if ($algo == $pconfig['p1halgo']) echo "selected"; ?>> 
-                      <?=htmlspecialchars($algoname);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select> <br> <span class="vexpl">Must match the setting 
-                    chosen on the remote side. </span></td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">DH key group</td>
-                        <td width="78%" class="vtable">
-                                       <select name="p1dhgroup" class="formfld">
-                      <?php $keygroups = explode(" ", "1 2 5"); foreach ($keygroups as $keygroup): ?>
-                      <option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['p1dhgroup']) echo "selected"; ?>> 
-                      <?=htmlspecialchars($keygroup);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select> <br> <span class="vexpl"><em>1 = 768 bit, 2 = 1024 
-                    bit, 5 = 1536 bit</em><br>
-                    Must match the setting chosen on the remote side. </span></td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncell">Lifetime</td>
-                        <td width="78%" class="vtable"> 
-                    <input name="p1lifetime" type="text" class="formfld" id="p1lifetime" size="20" value="<?=$pconfig['p1lifetime'];?>">
-                    seconds</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Authentication method</td>
-                  <td width="78%" class="vtable">
-                                       <select name="p1authentication_method" class="formfld" onChange="methodsel_change()">
-                      <?php foreach ($p1_authentication_methods as $method => $methodname): ?>
-                      <option value="<?=$method;?>" <?php if ($method == $pconfig['p1authentication_method']) echo "selected"; ?>> 
-                      <?=htmlspecialchars($methodname);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select> <br> <span class="vexpl">Must match the setting 
-                    chosen on the remote side. </span></td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Certificate</td>
-                  <td width="78%" class="vtable"> 
-                    <textarea name="p1cert" cols="65" rows="7" id="p1cert" class="formpre"><?=htmlspecialchars($pconfig['p1cert']);?></textarea>
-                    <br> 
-                    Paste a certificate in X.509 PEM format here.</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Key</td>
-                  <td width="78%" class="vtable"> 
-                    <textarea name="p1privatekey" cols="65" rows="7" id="p1privatekey" class="formpre"><?=htmlspecialchars($pconfig['p1privatekey']);?></textarea>
-                    <br> 
-                    Paste an RSA private key in PEM format here.</td>
-                </tr>
-                <tr> 
-                  <td colspan="2" class="list" height="12"></td>
-                </tr>
-                <tr> 
-                  <td colspan="2" valign="top" class="listtopic">Phase 2 proposal 
-                    (SA/Key Exchange)</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Protocol</td>
-                        <td width="78%" class="vtable">
-                                       <select name="p2proto" class="formfld">
-                      <?php foreach ($p2_protos as $proto => $protoname): ?>
-                      <option value="<?=$proto;?>" <?php if ($proto == $pconfig['p2proto']) echo "selected"; ?>> 
-                      <?=htmlspecialchars($protoname);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select> <br> <span class="vexpl">ESP is encryption, AH is 
-                    authentication only </span></td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Encryption algorithms</td>
-                        <td width="78%" class="vtable"> 
-                          <?php foreach ($p2_ealgos as $algo => $algoname): ?>
-                    <input type="checkbox" name="p2ealgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['p2ealgos'])) echo "checked"; ?>> 
-                    <?=htmlspecialchars($algoname);?>
-                    <br> 
-                    <?php endforeach; ?>
-                    <br>
-                    Hint: use 3DES for best compatibility or if you have a hardware 
-                    crypto accelerator card. Blowfish is usually the fastest in 
-                    software encryption. </td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Hash algorithms</td>
-                        <td width="78%" class="vtable"> 
-                          <?php foreach ($p2_halgos as $algo => $algoname): ?>
-                    <input type="checkbox" name="p2halgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['p2halgos'])) echo "checked"; ?>> 
-                    <?=htmlspecialchars($algoname);?>
-                    <br> 
-                    <?php endforeach; ?>
-                  </td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">PFS key group</td>
-                        <td width="78%" class="vtable">
-                                       <select name="p2pfsgroup" class="formfld">
-                      <?php foreach ($p2_pfskeygroups as $keygroup => $keygroupname): ?>
-                      <option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['p2pfsgroup']) echo "selected"; ?>> 
-                      <?=htmlspecialchars($keygroupname);?>
-                      </option>
-                      <?php endforeach; ?>
-                    </select> <br> <span class="vexpl"><em>1 = 768 bit, 2 = 1024 
-                    bit, 5 = 1536 bit</em></span></td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncell">Lifetime</td>
-                        <td width="78%" class="vtable"> 
-                    <input name="p2lifetime" type="text" class="formfld" id="p2lifetime" size="20" value="<?=$pconfig['p2lifetime'];?>">
-                    seconds</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top">&nbsp;</td>
-                  <td width="78%"> 
-                    <input name="Submit" type="submit" class="formbtn" value="Save">
-                  </td>
-                </tr>
-              </table>
-                        </td>
-                       </tr>
-               </table>
-</form>
-<script language="JavaScript">
-<!--
-methodsel_change();
-//-->
-</script>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("VPN", "IPsec", "Mobile clients");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['ipsec']['mobileclients'])) {\r
+       $config['ipsec']['mobileclients'] = array();\r
+}\r
+$a_ipsec = &$config['ipsec']['mobileclients'];\r
+\r
+if (count($a_ipsec) == 0) {\r
+       /* defaults */\r
+       $pconfig['p1mode'] = "aggressive";\r
+       $pconfig['p1myidentt'] = "myaddress";\r
+       $pconfig['p1ealgo'] = "3des";\r
+       $pconfig['p1halgo'] = "sha1";\r
+       $pconfig['p1dhgroup'] = "2";\r
+       $pconfig['p1authentication_method'] = "pre_shared_key";\r
+       $pconfig['p2proto'] = "esp";\r
+       $pconfig['p2ealgos'] = explode(",", "3des,blowfish,cast128,rijndael");\r
+       $pconfig['p2halgos'] = explode(",", "hmac_sha1,hmac_md5");\r
+       $pconfig['p2pfsgroup'] = "0";\r
+} else {\r
+       $pconfig['enable'] = isset($a_ipsec['enable']);\r
+       $pconfig['p1mode'] = $a_ipsec['p1']['mode'];\r
+               \r
+       if (isset($a_ipsec['p1']['myident']['myaddress']))\r
+               $pconfig['p1myidentt'] = 'myaddress';\r
+       else if (isset($a_ipsec['p1']['myident']['address'])) {\r
+               $pconfig['p1myidentt'] = 'address';\r
+               $pconfig['p1myident'] = $a_ipsec['p1']['myident']['address'];\r
+       } else if (isset($a_ipsec['p1']['myident']['fqdn'])) {\r
+               $pconfig['p1myidentt'] = 'fqdn';\r
+               $pconfig['p1myident'] = $a_ipsec['p1']['myident']['fqdn'];\r
+       } else if (isset($a_ipsec['p1']['myident']['ufqdn'])) {\r
+               $pconfig['p1myidentt'] = 'user_fqdn';\r
+               $pconfig['p1myident'] = $a_ipsec['p1']['myident']['ufqdn'];\r
+       }\r
+       \r
+       $pconfig['p1ealgo'] = $a_ipsec['p1']['encryption-algorithm'];\r
+       $pconfig['p1halgo'] = $a_ipsec['p1']['hash-algorithm'];\r
+       $pconfig['p1dhgroup'] = $a_ipsec['p1']['dhgroup'];\r
+       $pconfig['p1lifetime'] = $a_ipsec['p1']['lifetime'];\r
+       $pconfig['p1authentication_method'] = $a_ipsec['p1']['authentication_method'];\r
+       $pconfig['p1cert'] = base64_decode($a_ipsec['p1']['cert']);\r
+       $pconfig['p1privatekey'] = base64_decode($a_ipsec['p1']['private-key']);\r
+       $pconfig['p2proto'] = $a_ipsec['p2']['protocol'];\r
+       $pconfig['p2ealgos'] = $a_ipsec['p2']['encryption-algorithm-option'];\r
+       $pconfig['p2halgos'] = $a_ipsec['p2']['hash-algorithm-option'];\r
+       $pconfig['p2pfsgroup'] = $a_ipsec['p2']['pfsgroup'];\r
+       $pconfig['p2lifetime'] = $a_ipsec['p2']['lifetime'];\r
+}\r
+\r
+if ($_POST) {\r
+       unset($input_errors);\r
+       $pconfig = $_POST;\r
+\r
+       /* input validation */\r
+       $reqdfields = explode(" ", "p2ealgos p2halgos");\r
+       $reqdfieldsn = explode(",", "P2 Encryption Algorithms,P2 Hash Algorithms");\r
+       \r
+       do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
+       \r
+       if ($_POST['p1authentication_method']== "rsasig") {\r
+               if (!strstr($_POST['p1cert'], "BEGIN CERTIFICATE") || !strstr($_POST['p1cert'], "END CERTIFICATE"))\r
+                       $input_errors[] = "This certificate does not appear to be valid.";\r
+               if (!strstr($_POST['p1privatekey'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['p1privatekey'], "END RSA PRIVATE KEY"))\r
+                       $input_errors[] = "This key does not appear to be valid.";      \r
+       }\r
+       \r
+       if (($_POST['p1lifetime'] && !is_numeric($_POST['p1lifetime']))) {\r
+               $input_errors[] = "The P1 lifetime must be an integer.";\r
+       }\r
+       if (($_POST['p2lifetime'] && !is_numeric($_POST['p2lifetime']))) {\r
+               $input_errors[] = "The P2 lifetime must be an integer.";\r
+       }\r
+       if ((($_POST['p1myidentt'] == "address") && !is_ipaddr($_POST['p1myident']))) {\r
+               $input_errors[] = "A valid IP address for 'My identifier' must be specified.";\r
+       }\r
+       if ((($_POST['p1myidentt'] == "fqdn") && !is_domain($_POST['p1myident']))) {\r
+               $input_errors[] = "A valid domain name for 'My identifier' must be specified.";\r
+       }\r
+       if ($_POST['p1myidentt'] == "user_fqdn") {\r
+               $ufqdn = explode("@",$_POST['p1myident']);\r
+               if (!is_domain($ufqdn[1])) \r
+                       $input_errors[] = "A valid User FQDN in the form of user@my.domain.com for 'My identifier' must be specified.";\r
+       }\r
+       \r
+       if ($_POST['p1myidentt'] == "myaddress")\r
+               $_POST['p1myident'] = "";\r
+\r
+       if (!$input_errors) {\r
+               $ipsecent = array();\r
+               $ipsecent['enable'] = $_POST['enable'] ? true : false;\r
+               $ipsecent['p1']['mode'] = $_POST['p1mode'];\r
+               \r
+               $ipsecent['p1']['myident'] = array();\r
+               switch ($_POST['p1myidentt']) {\r
+                       case 'myaddress':\r
+                               $ipsecent['p1']['myident']['myaddress'] = true;\r
+                               break;\r
+                       case 'address':\r
+                               $ipsecent['p1']['myident']['address'] = $_POST['p1myident'];\r
+                               break;\r
+                       case 'fqdn':\r
+                               $ipsecent['p1']['myident']['fqdn'] = $_POST['p1myident'];\r
+                               break;\r
+                       case 'user_fqdn':\r
+                               $ipsecent['p1']['myident']['ufqdn'] = $_POST['p1myident'];\r
+                               break;\r
+               }\r
+               \r
+               $ipsecent['p1']['encryption-algorithm'] = $_POST['p1ealgo'];\r
+               $ipsecent['p1']['hash-algorithm'] = $_POST['p1halgo'];\r
+               $ipsecent['p1']['dhgroup'] = $_POST['p1dhgroup'];\r
+               $ipsecent['p1']['lifetime'] = $_POST['p1lifetime'];\r
+               $ipsecent['p1']['private-key'] = base64_encode($_POST['p1privatekey']);\r
+               $ipsecent['p1']['cert'] = base64_encode($_POST['p1cert']);\r
+               $ipsecent['p1']['authentication_method'] = $_POST['p1authentication_method'];\r
+               $ipsecent['p2']['protocol'] = $_POST['p2proto'];\r
+               $ipsecent['p2']['encryption-algorithm-option'] = $_POST['p2ealgos'];\r
+               $ipsecent['p2']['hash-algorithm-option'] = $_POST['p2halgos'];\r
+               $ipsecent['p2']['pfsgroup'] = $_POST['p2pfsgroup'];\r
+               $ipsecent['p2']['lifetime'] = $_POST['p2lifetime'];\r
+               \r
+               $a_ipsec = $ipsecent;\r
+               \r
+               write_config();\r
+               touch($d_ipsecconfdirty_path);\r
+               \r
+               header("Location: vpn_ipsec_mobile.php");\r
+               exit;\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<script language="JavaScript">\r
+<!--\r
+function methodsel_change() {\r
+       switch (document.iform.p1authentication_method.selectedIndex) {\r
+               case 1: /* rsa */\r
+                       document.iform.p1privatekey.disabled = 0;\r
+                       document.iform.p1cert.disabled = 0;\r
+                       break;\r
+               default: /* pre-shared */\r
+                       document.iform.p1privatekey.disabled = 1;\r
+                       document.iform.p1cert.disabled = 1;\r
+                       break;\r
+       }\r
+}\r
+//-->\r
+</script>\r
+<form action="vpn_ipsec.php" method="post">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>\r
+<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+</form>\r
+<form action="vpn_ipsec_mobile.php" method="post" name="iform" id="iform">\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Tunnels' => 'vpn_ipsec.php',\r
+                         'Mobile clients' => 'vpn_ipsec_mobile.php',\r
+                         'Pre-shared keys' => 'vpn_ipsec_keys.php',\r
+                         'CAs' => 'vpn_ipsec_ca.php');\r
+       dynamic_tab_menu($tabs);\r
+?>       \r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                         <tr> \r
+                        <td width="22%" valign="top">&nbsp;</td>\r
+                        <td width="78%"> \r
+                    <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?>>\r
+                    <strong>Allow mobile clients</strong></td>\r
+                </tr>\r
+                <tr> \r
+                  <td colspan="2" valign="top" class="listtopic">Phase 1 proposal \r
+                    (Authentication)</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Negotiation mode</td>\r
+                        <td width="78%" class="vtable">\r
+                                       <select name="p1mode" class="formfld">\r
+                      <?php $modes = explode(" ", "main aggressive"); foreach ($modes as $mode): ?>\r
+                      <option value="<?=$mode;?>" <?php if ($mode == $pconfig['p1mode']) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($mode);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select> <br> <span class="vexpl">Aggressive is faster, but \r
+                    less secure.</span></td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">My identifier</td>\r
+                        <td width="78%" class="vtable">\r
+                                       <select name="p1myidentt" class="formfld">\r
+                      <?php foreach ($my_identifier_list as $mode => $modename): ?>\r
+                      <option value="<?=$mode;?>" <?php if ($mode == $pconfig['p1myidentt']) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($modename);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select> <input name="p1myident" type="text" class="formfld" id="p1myident" size="30" value="<?=$pconfig['p1myident'];?>"> \r
+                  </td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Encryption algorithm</td>\r
+                        <td width="78%" class="vtable">\r
+                                       <select name="p1ealgo" class="formfld">\r
+                      <?php foreach ($p1_ealgos as $algo => $algoname): ?>\r
+                      <option value="<?=$algo;?>" <?php if ($algo == $pconfig['p1ealgo']) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($algoname);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select> <br> <span class="vexpl">Must match the setting \r
+                    chosen on the remote side. </span></td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Hash algorithm</td>\r
+                        <td width="78%" class="vtable">\r
+                                       <select name="p1halgo" class="formfld">\r
+                      <?php foreach ($p1_halgos as $algo => $algoname): ?>\r
+                      <option value="<?=$algo;?>" <?php if ($algo == $pconfig['p1halgo']) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($algoname);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select> <br> <span class="vexpl">Must match the setting \r
+                    chosen on the remote side. </span></td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">DH key group</td>\r
+                        <td width="78%" class="vtable">\r
+                                       <select name="p1dhgroup" class="formfld">\r
+                      <?php $keygroups = explode(" ", "1 2 5"); foreach ($keygroups as $keygroup): ?>\r
+                      <option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['p1dhgroup']) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($keygroup);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select> <br> <span class="vexpl"><em>1 = 768 bit, 2 = 1024 \r
+                    bit, 5 = 1536 bit</em><br>\r
+                    Must match the setting chosen on the remote side. </span></td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncell">Lifetime</td>\r
+                        <td width="78%" class="vtable"> \r
+                    <input name="p1lifetime" type="text" class="formfld" id="p1lifetime" size="20" value="<?=$pconfig['p1lifetime'];?>">\r
+                    seconds</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Authentication method</td>\r
+                  <td width="78%" class="vtable">\r
+                                       <select name="p1authentication_method" class="formfld" onChange="methodsel_change()">\r
+                      <?php foreach ($p1_authentication_methods as $method => $methodname): ?>\r
+                      <option value="<?=$method;?>" <?php if ($method == $pconfig['p1authentication_method']) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($methodname);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select> <br> <span class="vexpl">Must match the setting \r
+                    chosen on the remote side. </span></td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Certificate</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <textarea name="p1cert" cols="65" rows="7" id="p1cert" class="formpre"><?=htmlspecialchars($pconfig['p1cert']);?></textarea>\r
+                    <br> \r
+                    Paste a certificate in X.509 PEM format here.</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Key</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <textarea name="p1privatekey" cols="65" rows="7" id="p1privatekey" class="formpre"><?=htmlspecialchars($pconfig['p1privatekey']);?></textarea>\r
+                    <br> \r
+                    Paste an RSA private key in PEM format here.</td>\r
+                </tr>\r
+                <tr> \r
+                  <td colspan="2" class="list" height="12"></td>\r
+                </tr>\r
+                <tr> \r
+                  <td colspan="2" valign="top" class="listtopic">Phase 2 proposal \r
+                    (SA/Key Exchange)</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Protocol</td>\r
+                        <td width="78%" class="vtable">\r
+                                       <select name="p2proto" class="formfld">\r
+                      <?php foreach ($p2_protos as $proto => $protoname): ?>\r
+                      <option value="<?=$proto;?>" <?php if ($proto == $pconfig['p2proto']) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($protoname);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select> <br> <span class="vexpl">ESP is encryption, AH is \r
+                    authentication only </span></td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Encryption algorithms</td>\r
+                        <td width="78%" class="vtable"> \r
+                          <?php foreach ($p2_ealgos as $algo => $algoname): ?>\r
+                    <input type="checkbox" name="p2ealgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['p2ealgos'])) echo "checked"; ?>> \r
+                    <?=htmlspecialchars($algoname);?>\r
+                    <br> \r
+                    <?php endforeach; ?>\r
+                    <br>\r
+                    Hint: use 3DES for best compatibility or if you have a hardware \r
+                    crypto accelerator card. Blowfish is usually the fastest in \r
+                    software encryption. </td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Hash algorithms</td>\r
+                        <td width="78%" class="vtable"> \r
+                          <?php foreach ($p2_halgos as $algo => $algoname): ?>\r
+                    <input type="checkbox" name="p2halgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['p2halgos'])) echo "checked"; ?>> \r
+                    <?=htmlspecialchars($algoname);?>\r
+                    <br> \r
+                    <?php endforeach; ?>\r
+                  </td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">PFS key group</td>\r
+                        <td width="78%" class="vtable">\r
+                                       <select name="p2pfsgroup" class="formfld">\r
+                      <?php foreach ($p2_pfskeygroups as $keygroup => $keygroupname): ?>\r
+                      <option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['p2pfsgroup']) echo "selected"; ?>> \r
+                      <?=htmlspecialchars($keygroupname);?>\r
+                      </option>\r
+                      <?php endforeach; ?>\r
+                    </select> <br> <span class="vexpl"><em>1 = 768 bit, 2 = 1024 \r
+                    bit, 5 = 1536 bit</em></span></td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncell">Lifetime</td>\r
+                        <td width="78%" class="vtable"> \r
+                    <input name="p2lifetime" type="text" class="formfld" id="p2lifetime" size="20" value="<?=$pconfig['p2lifetime'];?>">\r
+                    seconds</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top">&nbsp;</td>\r
+                  <td width="78%"> \r
+                    <input name="Submit" type="submit" class="formbtn" value="Save">\r
+                  </td>\r
+                </tr>\r
+              </table>\r
+                        </td>\r
+                       </tr>\r
+               </table>\r
+</form>\r
+<script language="JavaScript">\r
+<!--\r
+methodsel_change();\r
+//-->\r
+</script>\r
+<?php include("fend.inc"); ?>\r
index a8ac37ff220e9a6f508c8a58c447c5044441cdfa..024b21c183c613223129e690daaead80389bd87f 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("VPN", "PPTP");
-require("guiconfig.inc");
-
-if (!is_array($config['pptpd']['radius'])) {
-       $config['pptpd']['radius'] = array();
-}
-$pptpcfg = &$config['pptpd'];
-
-$pconfig['remoteip'] = $pptpcfg['remoteip'];
-$pconfig['localip'] = $pptpcfg['localip'];
-$pconfig['redir'] = $pptpcfg['redir'];
-$pconfig['mode'] = $pptpcfg['mode'];
-$pconfig['req128'] = isset($pptpcfg['req128']);
-$pconfig['radiusenable'] = isset($pptpcfg['radius']['enable']);
-$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);
-$pconfig['radiusserver'] = $pptpcfg['radius']['server'];
-$pconfig['radiussecret'] = $pptpcfg['radius']['secret'];
-
-if ($_POST) {
-
-       unset($input_errors);
-       $pconfig = $_POST;
-
-       /* input validation */
-       if ($_POST['mode'] == "server") {
-               $reqdfields = explode(" ", "localip remoteip");
-               $reqdfieldsn = explode(",", "Server address,Remote start address");
-               
-               if ($_POST['radiusenable']) {
-                       $reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));
-                       $reqdfieldsn = array_merge($reqdfieldsn, 
-                               explode(",", "RADIUS server address,RADIUS shared secret"));
-               }
-               
-               do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-               
-               if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {
-                       $input_errors[] = "A valid server address must be specified.";
-               }
-               if (($_POST['subnet'] && !is_ipaddr($_POST['remoteip']))) {
-                       $input_errors[] = "A valid remote start address must be specified.";
-               }
-               if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {
-                       $input_errors[] = "A valid RADIUS server address must be specified.";
-               }
-               
-               if (!$input_errors) {   
-                       $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $g['pptp_subnet']);
-                       $subnet_start = ip2long($_POST['remoteip']);
-                       $subnet_end = ip2long($_POST['remoteip']) + $g['n_pptp_units'] - 1;
-                                               
-                       if ((ip2long($_POST['localip']) >= $subnet_start) && 
-                           (ip2long($_POST['localip']) <= $subnet_end)) {
-                               $input_errors[] = "The specified server address lies in the remote subnet.";    
-                       }
-                       if ($_POST['localip'] == $config['interfaces']['lan']['ipaddr']) {
-                               $input_errors[] = "The specified server address is equal to the LAN interface address.";        
-                       }
-               }
-       } else if ($_POST['mode'] == "redir") {
-               $reqdfields = explode(" ", "redir");
-               $reqdfieldsn = explode(",", "PPTP redirection target address");
-               
-               do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-               
-               if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {
-                       $input_errors[] = "A valid target address must be specified.";
-               }
-       }
-
-       if (!$input_errors) {
-               $pptpcfg['remoteip'] = $_POST['remoteip'];
-               $pptpcfg['redir'] = $_POST['redir'];
-               $pptpcfg['localip'] = $_POST['localip'];
-               $pptpcfg['mode'] = $_POST['mode'];
-               $pptpcfg['req128'] = $_POST['req128'] ? true : false;
-               $pptpcfg['radius']['enable'] = $_POST['radiusenable'] ? true : false;
-               $pptpcfg['radius']['accounting'] = $_POST['radacct_enable'] ? true : false;
-               $pptpcfg['radius']['server'] = $_POST['radiusserver'];
-               $pptpcfg['radius']['secret'] = $_POST['radiussecret'];
-                       
-               write_config();
-               
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval = vpn_pptpd_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<script language="JavaScript">
-<!--
-function get_radio_value(obj)
-{
-       for (i = 0; i < obj.length; i++) {
-               if (obj[i].checked)
-                       return obj[i].value;
-       }
-       return null;
-}
-
-function enable_change(enable_over) {
-       if ((get_radio_value(document.iform.mode) == "server") || enable_over) {
-               document.iform.remoteip.disabled = 0;
-               document.iform.localip.disabled = 0;
-               document.iform.req128.disabled = 0;
-               document.iform.radiusenable.disabled = 0;
-               
-               if (document.iform.radiusenable.checked || enable_over) {
-                       document.iform.radacct_enable.disabled = 0;
-                       document.iform.radiusserver.disabled = 0;
-                       document.iform.radiussecret.disabled = 0;
-               } else {
-                       document.iform.radacct_enable.disabled = 1;
-                       document.iform.radiusserver.disabled = 1;
-                       document.iform.radiussecret.disabled = 1;
-               }
-       } else {
-               document.iform.remoteip.disabled = 1;
-               document.iform.localip.disabled = 1;
-               document.iform.req128.disabled = 1;
-               document.iform.radiusenable.disabled = 1;
-               document.iform.radacct_enable.disabled = 1;
-               document.iform.radiusserver.disabled = 1;
-               document.iform.radiussecret.disabled = 1;
-       }
-       if ((get_radio_value(document.iform.mode) == "redir") || enable_over) {
-               document.iform.redir.disabled = 0;
-       } else {
-               document.iform.redir.disabled = 1;
-       }
-}
-//-->
-</script>
-<form action="vpn_pptp.php" method="post" name="iform" id="iform">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabact">Configuration</li>
-    <li class="tabinact"><a href="vpn_pptp_users.php">Users</a></li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td class="tabcont">
-              <table width="100%" border="0" cellpadding="6" cellspacing="0">
-                <tr> 
-                  <td width="22%" valign="top" class="vtable">&nbsp;</td>
-                  <td width="78%" class="vtable"> 
-                    <input name="mode" type="radio" onclick="enable_change(false)" value="off"
-                                       <?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked";?>>
-                    Off</td>
-                <tr> 
-                  <td width="22%" valign="top" class="vtable">&nbsp;</td>
-                  <td width="78%" class="vtable">
-<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked"; ?>>
-                    Redirect incoming PPTP connections to:</td>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">PPTP redirection</td>
-                  <td width="78%" class="vtable"> 
-                    <?=$mandfldhtml;?><input name="redir" type="text" class="formfld" id="redir" size="20" value="<?=htmlspecialchars($pconfig['redir']);?>"> 
-                    <br>
-                    Enter the IP address of a host which will accept incoming 
-                    PPTP connections.</td>
-                <tr> 
-                  <td width="22%" valign="top" class="vtable">&nbsp;</td>
-                  <td width="78%" class="vtable">
-<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>>
-                    Enable PPTP server</td>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Max. concurrent 
-                    connections</td>
-                  <td width="78%" class="vtable"> 
-                    <?=$g['n_pptp_units'];?>
-                  </td>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Server address</td>
-                  <td width="78%" class="vtable"> 
-                    <?=$mandfldhtml;?><input name="localip" type="text" class="formfld" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>"> 
-                    <br>
-                    Enter the IP address the PPTP server should use on its side 
-                    for all clients.</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncellreq">Remote address 
-                    range</td>
-                  <td width="78%" class="vtable"> 
-                    <?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>">
-                    / 
-                    <?=$g['pptp_subnet'];?>
-                    <br>
-                    Specify the starting address for the client IP address subnet.<br>
-                    The PPTP server will assign 
-                    <?=$g['n_pptp_units'];?>
-                    addresses, starting at the address entered above, to clients.</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncell">RADIUS</td>
-                  <td width="78%" class="vtable"> 
-                      <input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked"; ?>>
-                      <strong>Use a RADIUS server for authentication<br>
-                      </strong>When set, all users will be authenticated using 
-                      the RADIUS server specified below. The local user database 
-                      will not be used.<br>
-                      <br>
-                      <input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>>
-                      <strong>Enable RADIUS accounting <br>
-                      </strong>Sends accounting packets to the RADIUS server.</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncell">RADIUS server </td>
-                  <td width="78%" class="vtable">
-                      <input name="radiusserver" type="text" class="formfld" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>">
-                      <br>
-                      Enter the IP address of the RADIUS server.</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top" class="vncell">RADIUS shared secret</td>
-                  <td width="78%" valign="top" class="vtable">
-                      <input name="radiussecret" type="password" class="formfld" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>">
-                      <br>
-                      Enter the shared secret that will be used to authenticate 
-                      to the RADIUS server.</td>
-                </tr>
-                <tr> 
-                  <td height="16" colspan="2" valign="top"></td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="middle">&nbsp;</td>
-                  <td width="78%" class="vtable"> 
-                    <input name="req128" type="checkbox" id="req128" value="yes" <?php if ($pconfig['req128']) echo "checked"; ?>> 
-                    <strong>Require 128-bit encryption</strong><br>
-                    When set, 128-bit encryption will be accepted. Otherwise, 
-                    40-bit and 56-bit encryption will be accepted, too. Note that 
-                    encryption will always be forced on PPTP connections (i.e. 
-                    unencrypted connections will not be accepted).</td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top">&nbsp;</td>
-                  <td width="78%"> 
-                    <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> 
-                  </td>
-                </tr>
-                <tr> 
-                  <td width="22%" valign="top">&nbsp;</td>
-                  <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>
-                    </strong></span>don't forget to add a firewall rule to permit 
-                    traffic from PPTP clients!</span></td>
-                </tr>
-              </table>
-                       </td>
-       </tr>
-</table>
-</form>
-<script language="JavaScript">
-<!--
-enable_change(false);
-//-->
-</script>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("VPN", "PPTP", "Configuration");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['pptpd']['radius'])) {\r
+       $config['pptpd']['radius'] = array();\r
+}\r
+$pptpcfg = &$config['pptpd'];\r
+\r
+$pconfig['remoteip'] = $pptpcfg['remoteip'];\r
+$pconfig['localip'] = $pptpcfg['localip'];\r
+$pconfig['redir'] = $pptpcfg['redir'];\r
+$pconfig['mode'] = $pptpcfg['mode'];\r
+$pconfig['req128'] = isset($pptpcfg['req128']);\r
+$pconfig['radiusenable'] = isset($pptpcfg['radius']['enable']);\r
+$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);\r
+$pconfig['radiusserver'] = $pptpcfg['radius']['server'];\r
+$pconfig['radiussecret'] = $pptpcfg['radius']['secret'];\r
+\r
+if ($_POST) {\r
+\r
+       unset($input_errors);\r
+       $pconfig = $_POST;\r
+\r
+       /* input validation */\r
+       if ($_POST['mode'] == "server") {\r
+               $reqdfields = explode(" ", "localip remoteip");\r
+               $reqdfieldsn = explode(",", "Server address,Remote start address");\r
+               \r
+               if ($_POST['radiusenable']) {\r
+                       $reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));\r
+                       $reqdfieldsn = array_merge($reqdfieldsn, \r
+                               explode(",", "RADIUS server address,RADIUS shared secret"));\r
+               }\r
+               \r
+               do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
+               \r
+               if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {\r
+                       $input_errors[] = "A valid server address must be specified.";\r
+               }\r
+               if (($_POST['subnet'] && !is_ipaddr($_POST['remoteip']))) {\r
+                       $input_errors[] = "A valid remote start address must be specified.";\r
+               }\r
+               if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {\r
+                       $input_errors[] = "A valid RADIUS server address must be specified.";\r
+               }\r
+               \r
+               if (!$input_errors) {   \r
+                       $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $g['pptp_subnet']);\r
+                       $subnet_start = ip2long($_POST['remoteip']);\r
+                       $subnet_end = ip2long($_POST['remoteip']) + $g['n_pptp_units'] - 1;\r
+                                               \r
+                       if ((ip2long($_POST['localip']) >= $subnet_start) && \r
+                           (ip2long($_POST['localip']) <= $subnet_end)) {\r
+                               $input_errors[] = "The specified server address lies in the remote subnet.";    \r
+                       }\r
+                       if ($_POST['localip'] == $config['interfaces']['lan']['ipaddr']) {\r
+                               $input_errors[] = "The specified server address is equal to the LAN interface address.";        \r
+                       }\r
+               }\r
+       } else if ($_POST['mode'] == "redir") {\r
+               $reqdfields = explode(" ", "redir");\r
+               $reqdfieldsn = explode(",", "PPTP redirection target address");\r
+               \r
+               do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
+               \r
+               if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {\r
+                       $input_errors[] = "A valid target address must be specified.";\r
+               }\r
+       }\r
+\r
+       if (!$input_errors) {\r
+               $pptpcfg['remoteip'] = $_POST['remoteip'];\r
+               $pptpcfg['redir'] = $_POST['redir'];\r
+               $pptpcfg['localip'] = $_POST['localip'];\r
+               $pptpcfg['mode'] = $_POST['mode'];\r
+               $pptpcfg['req128'] = $_POST['req128'] ? true : false;\r
+               $pptpcfg['radius']['enable'] = $_POST['radiusenable'] ? true : false;\r
+               $pptpcfg['radius']['accounting'] = $_POST['radacct_enable'] ? true : false;\r
+               $pptpcfg['radius']['server'] = $_POST['radiusserver'];\r
+               $pptpcfg['radius']['secret'] = $_POST['radiussecret'];\r
+                       \r
+               write_config();\r
+               \r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval = vpn_pptpd_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<script language="JavaScript">\r
+<!--\r
+function get_radio_value(obj)\r
+{\r
+       for (i = 0; i < obj.length; i++) {\r
+               if (obj[i].checked)\r
+                       return obj[i].value;\r
+       }\r
+       return null;\r
+}\r
+\r
+function enable_change(enable_over) {\r
+       if ((get_radio_value(document.iform.mode) == "server") || enable_over) {\r
+               document.iform.remoteip.disabled = 0;\r
+               document.iform.localip.disabled = 0;\r
+               document.iform.req128.disabled = 0;\r
+               document.iform.radiusenable.disabled = 0;\r
+               \r
+               if (document.iform.radiusenable.checked || enable_over) {\r
+                       document.iform.radacct_enable.disabled = 0;\r
+                       document.iform.radiusserver.disabled = 0;\r
+                       document.iform.radiussecret.disabled = 0;\r
+               } else {\r
+                       document.iform.radacct_enable.disabled = 1;\r
+                       document.iform.radiusserver.disabled = 1;\r
+                       document.iform.radiussecret.disabled = 1;\r
+               }\r
+       } else {\r
+               document.iform.remoteip.disabled = 1;\r
+               document.iform.localip.disabled = 1;\r
+               document.iform.req128.disabled = 1;\r
+               document.iform.radiusenable.disabled = 1;\r
+               document.iform.radacct_enable.disabled = 1;\r
+               document.iform.radiusserver.disabled = 1;\r
+               document.iform.radiussecret.disabled = 1;\r
+       }\r
+       if ((get_radio_value(document.iform.mode) == "redir") || enable_over) {\r
+               document.iform.redir.disabled = 0;\r
+       } else {\r
+               document.iform.redir.disabled = 1;\r
+       }\r
+}\r
+//-->\r
+</script>\r
+<form action="vpn_pptp.php" method="post" name="iform" id="iform">\r
+<?php if ($input_errors) print_input_errors($input_errors); ?>\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Configuration' => 'vpn_pptp.php',\r
+                         'Users' => 'vpn_pptp_users.php');\r
+       dynamic_tab_menu($tabs);\r
+?>\r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td class="tabcont">\r
+              <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <input name="mode" type="radio" onclick="enable_change(false)" value="off"\r
+                                       <?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked";?>>\r
+                    Off</td>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+                  <td width="78%" class="vtable">\r
+<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked"; ?>>\r
+                    Redirect incoming PPTP connections to:</td>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">PPTP redirection</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <?=$mandfldhtml;?><input name="redir" type="text" class="formfld" id="redir" size="20" value="<?=htmlspecialchars($pconfig['redir']);?>"> \r
+                    <br>\r
+                    Enter the IP address of a host which will accept incoming \r
+                    PPTP connections.</td>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vtable">&nbsp;</td>\r
+                  <td width="78%" class="vtable">\r
+<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>>\r
+                    Enable PPTP server</td>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Max. concurrent \r
+                    connections</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <?=$g['n_pptp_units'];?>\r
+                  </td>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Server address</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <?=$mandfldhtml;?><input name="localip" type="text" class="formfld" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>"> \r
+                    <br>\r
+                    Enter the IP address the PPTP server should use on its side \r
+                    for all clients.</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncellreq">Remote address \r
+                    range</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>">\r
+                    / \r
+                    <?=$g['pptp_subnet'];?>\r
+                    <br>\r
+                    Specify the starting address for the client IP address subnet.<br>\r
+                    The PPTP server will assign \r
+                    <?=$g['n_pptp_units'];?>\r
+                    addresses, starting at the address entered above, to clients.</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncell">RADIUS</td>\r
+                  <td width="78%" class="vtable"> \r
+                      <input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked"; ?>>\r
+                      <strong>Use a RADIUS server for authentication<br>\r
+                      </strong>When set, all users will be authenticated using \r
+                      the RADIUS server specified below. The local user database \r
+                      will not be used.<br>\r
+                      <br>\r
+                      <input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>>\r
+                      <strong>Enable RADIUS accounting <br>\r
+                      </strong>Sends accounting packets to the RADIUS server.</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncell">RADIUS server </td>\r
+                  <td width="78%" class="vtable">\r
+                      <input name="radiusserver" type="text" class="formfld" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>">\r
+                      <br>\r
+                      Enter the IP address of the RADIUS server.</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top" class="vncell">RADIUS shared secret</td>\r
+                  <td width="78%" valign="top" class="vtable">\r
+                      <input name="radiussecret" type="password" class="formfld" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>">\r
+                      <br>\r
+                      Enter the shared secret that will be used to authenticate \r
+                      to the RADIUS server.</td>\r
+                </tr>\r
+                <tr> \r
+                  <td height="16" colspan="2" valign="top"></td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="middle">&nbsp;</td>\r
+                  <td width="78%" class="vtable"> \r
+                    <input name="req128" type="checkbox" id="req128" value="yes" <?php if ($pconfig['req128']) echo "checked"; ?>> \r
+                    <strong>Require 128-bit encryption</strong><br>\r
+                    When set, 128-bit encryption will be accepted. Otherwise, \r
+                    40-bit and 56-bit encryption will be accepted, too. Note that \r
+                    encryption will always be forced on PPTP connections (i.e. \r
+                    unencrypted connections will not be accepted).</td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top">&nbsp;</td>\r
+                  <td width="78%"> \r
+                    <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> \r
+                  </td>\r
+                </tr>\r
+                <tr> \r
+                  <td width="22%" valign="top">&nbsp;</td>\r
+                  <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>\r
+                    </strong></span>don't forget to add a firewall rule to permit \r
+                    traffic from PPTP clients!</span></td>\r
+                </tr>\r
+              </table>\r
+                       </td>\r
+       </tr>\r
+</table>\r
+</form>\r
+<script language="JavaScript">\r
+<!--\r
+enable_change(false);\r
+//-->\r
+</script>\r
+<?php include("fend.inc"); ?>\r
index acc29412c9b5cdeafb9c047368a6a10d0f19ab1e..187ed6804cc91b892f88857c602808f96273b6cd 100644 (file)
-#!/usr/local/bin/php
-<?php
-/*
-       $Id$
-       part of m0n0wall (http://m0n0.ch/wall)
-       
-       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
-       All rights reserved.
-       
-       Redistribution and use in source and binary forms, with or without
-       modification, are permitted provided that the following conditions are met:
-       
-       1. Redistributions of source code must retain the above copyright notice,
-          this list of conditions and the following disclaimer.
-       
-       2. Redistributions in binary form must reproduce the above copyright
-          notice, this list of conditions and the following disclaimer in the
-          documentation and/or other materials provided with the distribution.
-       
-       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-       POSSIBILITY OF SUCH DAMAGE.
-*/
-
-$pgtitle = array("VPN", "PPTP");
-require("guiconfig.inc");
-
-if (!is_array($config['pptpd']['user'])) {
-       $config['pptpd']['user'] = array();
-}
-pptpd_users_sort();
-$a_secret = &$config['pptpd']['user'];
-
-if ($_POST) {
-
-       $pconfig = $_POST;
-
-       if ($_POST['apply']) {
-               $retval = 0;
-               if (!file_exists($d_sysrebootreqd_path)) {
-                       config_lock();
-                       $retval = vpn_pptpd_configure();
-                       config_unlock();
-               }
-               $savemsg = get_std_save_message($retval);
-               if ($retval == 0) {
-                       if (file_exists($d_pptpuserdirty_path))
-                               unlink($d_pptpuserdirty_path);
-               }
-       }
-}
-
-if ($_GET['act'] == "del") {
-       if ($a_secret[$_GET['id']]) {
-               unset($a_secret[$_GET['id']]);
-               write_config();
-               touch($d_pptpuserdirty_path);
-               header("Location: vpn_pptp_users.php");
-               exit;
-       }
-}
-?>
-<?php include("fbegin.inc"); ?>
-<form action="vpn_pptp_users.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (isset($config['pptpd']['radius']['enable']))
-       print_info_box("Warning: RADIUS is enabled. The local user database will not be used."); ?>
-<?php if (file_exists($d_pptpuserdirty_path)): ?><p>
-<?php print_info_box_np("The PPTP user list has been modified.<br>You must apply the changes in order for them to take effect.<br><b>Warning: this will terminate all current PPTP sessions!</b>");?><br>
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
-<?php endif; ?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-  <ul id="tabnav">
-    <li class="tabinact1"><a href="vpn_pptp.php">Configuration</a></li>
-    <li class="tabact">Users</li>
-  </ul>
-  </td></tr>
-  <tr> 
-    <td colspan="3" class="tabcont">
-              <table width="80%" border="0" cellpadding="0" cellspacing="0">
-                <tr> 
-                  <td class="listhdrr">Username</td>
-                  <td class="listhdr">IP address</td>
-                  <td class="list"></td>
-                               </tr>
-                         <?php $i = 0; foreach ($a_secret as $secretent): ?>
-                <tr> 
-                  <td class="listlr">
-                    <?=htmlspecialchars($secretent['name']);?>
-                  </td>
-                  <td class="listr">
-                    <?=htmlspecialchars($secretent['ip']);?>&nbsp;
-                  </td>
-                  <td class="list" nowrap> <a href="vpn_pptp_users_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>
-                     &nbsp;<a href="vpn_pptp_users.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this user?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>
-                               </tr>
-                         <?php $i++; endforeach; ?>
-                <tr> 
-                  <td class="list" colspan="2"></td>
-                  <td class="list"> <a href="vpn_pptp_users_edit.php"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>
-                               </tr>
-              </table>
-                       </td>
-       </tr>
-</table>
-</form>
-<?php include("fend.inc"); ?>
+#!/usr/local/bin/php\r
+<?php\r
+/*\r
+       $Id$\r
+       part of m0n0wall (http://m0n0.ch/wall)\r
+       \r
+       Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
+       All rights reserved.\r
+       \r
+       Redistribution and use in source and binary forms, with or without\r
+       modification, are permitted provided that the following conditions are met:\r
+       \r
+       1. Redistributions of source code must retain the above copyright notice,\r
+          this list of conditions and the following disclaimer.\r
+       \r
+       2. Redistributions in binary form must reproduce the above copyright\r
+          notice, this list of conditions and the following disclaimer in the\r
+          documentation and/or other materials provided with the distribution.\r
+       \r
+       THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
+       INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
+       AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
+       AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
+       OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
+       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
+       INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
+       CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+       ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
+       POSSIBILITY OF SUCH DAMAGE.\r
+*/\r
+\r
+$pgtitle = array("VPN", "PPTP", "Users");\r
+require("guiconfig.inc");\r
+\r
+if (!is_array($config['pptpd']['user'])) {\r
+       $config['pptpd']['user'] = array();\r
+}\r
+pptpd_users_sort();\r
+$a_secret = &$config['pptpd']['user'];\r
+\r
+if ($_POST) {\r
+\r
+       $pconfig = $_POST;\r
+\r
+       if ($_POST['apply']) {\r
+               $retval = 0;\r
+               if (!file_exists($d_sysrebootreqd_path)) {\r
+                       config_lock();\r
+                       $retval = vpn_pptpd_configure();\r
+                       config_unlock();\r
+               }\r
+               $savemsg = get_std_save_message($retval);\r
+               if ($retval == 0) {\r
+                       if (file_exists($d_pptpuserdirty_path))\r
+                               unlink($d_pptpuserdirty_path);\r
+               }\r
+       }\r
+}\r
+\r
+if ($_GET['act'] == "del") {\r
+       if ($a_secret[$_GET['id']]) {\r
+               unset($a_secret[$_GET['id']]);\r
+               write_config();\r
+               touch($d_pptpuserdirty_path);\r
+               header("Location: vpn_pptp_users.php");\r
+               exit;\r
+       }\r
+}\r
+?>\r
+<?php include("fbegin.inc"); ?>\r
+<form action="vpn_pptp_users.php" method="post">\r
+<?php if ($savemsg) print_info_box($savemsg); ?>\r
+<?php if (isset($config['pptpd']['radius']['enable']))\r
+       print_info_box("Warning: RADIUS is enabled. The local user database will not be used."); ?>\r
+<?php if (file_exists($d_pptpuserdirty_path)): ?><p>\r
+<?php print_info_box_np("The PPTP user list has been modified.<br>You must apply the changes in order for them to take effect.<br><b>Warning: this will terminate all current PPTP sessions!</b>");?><br>\r
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
+<?php endif; ?>\r
+<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
+  <tr><td class="tabnavtbl">\r
+  <ul id="tabnav">\r
+<?php \r
+       $tabs = array('Configuration' => 'vpn_pptp.php',\r
+                         'Users' => 'vpn_pptp_users.php');\r
+       dynamic_tab_menu($tabs);\r
+?>\r
+  </ul>\r
+  </td></tr>\r
+  <tr> \r
+    <td colspan="3" class="tabcont">\r
+              <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
+                <tr> \r
+                  <td class="listhdrr">Username</td>\r
+                  <td class="listhdr">IP address</td>\r
+                  <td class="list"></td>\r
+                               </tr>\r
+                         <?php $i = 0; foreach ($a_secret as $secretent): ?>\r
+                <tr> \r
+                  <td class="listlr">\r
+                    <?=htmlspecialchars($secretent['name']);?>\r
+                  </td>\r
+                  <td class="listr">\r
+                    <?=htmlspecialchars($secretent['ip']);?>&nbsp;\r
+                  </td>\r
+                  <td class="list" nowrap> <a href="vpn_pptp_users_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>\r
+                     &nbsp;<a href="vpn_pptp_users.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this user?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+                         <?php $i++; endforeach; ?>\r
+                <tr> \r
+                  <td class="list" colspan="2"></td>\r
+                  <td class="list"> <a href="vpn_pptp_users_edit.php"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>\r
+                               </tr>\r
+              </table>\r
+                       </td>\r
+       </tr>\r
+</table>\r
+</form>\r
+<?php include("fend.inc"); ?>\r