if (isset($config['captiveportal']['httpslogin']))
$htmltext = str_replace("\$PORTAL_ACTION\$", "https://{$config['captiveportal']['httpsname']}:8001/", $htmltext);
else
- $htmltext = str_replace("\$PORTAL_ACTION\$", "", $htmltext);
+ $htmltext = str_replace("\$PORTAL_ACTION\$", "http://{$config['interfaces'][$config['captiveportal']['interface']]['ipaddr']}:8000/", $htmltext);
if (preg_match("/redirurl=(.*)/", $orig_request, $matches))
$redirurl = urldecode($matches[1]);
<body>
<h2>m0n0wall captive portal</h2>
<p>This is the default captive portal page. Please upload your own custom HTML file on the <em>Services: Captive portal</em> screen in the m0n0wall webGUI.</p>
-<form method="post" action="">
+<form method="post" action="\$PORTAL_ACTION\$">
<input name="accept" type="submit" value="Continue">
+ <input name="redirurl" type="hidden" value="\$PORTAL_REDIRURL\$">
</form>
</body>
</html>
$tcpidletimeout = $config['filter']['tcpidletimeout'];
mwexec("/sbin/sysctl net.inet.ipf.fr_tcpidletimeout={$tcpidletimeout}");
mwexec("/sbin/sysctl net.inet.ipf.fr_tcphalfclosed=480");
+ mwexec("/sbin/sysctl net.inet.ipf.fr_udpacktimeout=240"); /* SIP... */
/* generate ipnat rules */
$ipnatrules = filter_nat_rules_generate();
unset($sa);
if ($route['interface'] == "lan") {
+ $ip = $lanip;
$sa = $lansa;
$sn = $lansn;
$if = $lanif;
} else if (strstr($route['interface'], "opt")) {
$oc = $optcfg[$route['interface']];
if ($oc['ip']) {
+ $ip = $oc['ip'];
$sa = $oc['sa'];
$sn = $oc['sn'];
$if = $oc['if'];
if ($sa) {
$ipfrules .= <<<EOD
+skip 2 in on {$if} from any to {$ip}
pass in quick on {$if} from {$sa}/{$sn} to {$route['network']}
pass in quick on {$if} from {$route['network']} to {$sa}/{$sn}
pass out quick on {$if} from {$sa}/{$sn} to {$route['network']}
/* wait for processes to die */
sleep(2);
- /* remove dhclient.conf, if it exists */
- if (file_exists("{$g['varetc_path']}/dhclient.conf")) {
- unlink("{$g['varetc_path']}/dhclient.conf");
- }
- /* remove mpd.conf, if it exists */
- if (file_exists("{$g['varetc_path']}/mpd.conf")) {
- unlink("{$g['varetc_path']}/mpd.conf");
- }
- /* remove mpd.links, if it exists */
- if (file_exists("{$g['varetc_path']}/mpd.links")) {
- unlink("{$g['varetc_path']}/mpd.links");
- }
- /* remove wanip, if it exists */
- if (file_exists("{$g['vardb_path']}/wanip")) {
- unlink("{$g['vardb_path']}/wanip");
- }
+ unlink_if_exists("{$g['varetc_path']}/dhclient.conf");
+ unlink_if_exists("{$g['varetc_path']}/mpd.conf");
+ unlink_if_exists("{$g['varetc_path']}/mpd.links");
+ unlink_if_exists("{$g['vardb_path']}/wanip");
+ unlink_if_exists("{$g['varetc_path']}/nameservers.conf");
}
/* remove all addresses first */
break;
default:
- mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " .
- escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet']));
+ if (isset($wancfg['ispointtopoint']) && $wancfg['pointtopoint']) {
+ mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " .
+ escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet']) .
+ " " . escapeshellarg($wancfg['pointtopoint']) . " up");
+ } else {
+ mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " .
+ escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet']));
+ }
/* install default route */
mwexec("/sbin/route delete default");
/* restart ez-ipupdate */
services_dyndns_configure();
+ /* force DNS update */
+ services_dnsupdate_process();
+
/* restart dnsmasq */
services_dnsmasq_configure();
}
return 0;
}
+function interfaces_wan_dhcp_down() {
+ mwexec("/sbin/dhclient -r");\r
+ sleep(3);
+}
+
+function interfaces_wan_dhcp_up() {
+ interfaces_wan_dhcp_configure();\r
+ sleep(3);
+}
+
function interfaces_wan_pppoe_configure() {
global $config, $g;
set link mtu 1492
set ipcp yes vjcomp
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
+
+EOD;
+
+ if (isset($config['system']['dnsallowoverride'])) {
+ $mpdconf .= <<<EOD
set ipcp enable req-pri-dns
set ipcp enable req-sec-dns
+
+EOD;
+ }
+
+ $mpdconf .= <<<EOD
open iface
EOD;
return 0;
}
+function interfaces_wan_pppoe_down() {
+ global $g;
+ sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR2");\r
+ sleep(3);
+}
+
+function interfaces_wan_pppoe_up() {
+ global $g;
+ sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR1");\r
+ sleep(3);
+}
+
function interfaces_wan_pptp_configure() {
global $config, $g;
if (isset($pptpcfg['ondemand'])) {
$mpdconf .= <<<EOD
- set iface addrs {$pptpcfg['local']} {$pptpcfg['remote']}
+ set iface addrs 10.0.0.1 10.0.0.2
EOD;
}
set link accept chap
set ipcp no vjcomp
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
+
+EOD;
+
+ if (isset($config['system']['dnsallowoverride'])) {
+ $mpdconf .= <<<EOD
set ipcp enable req-pri-dns
set ipcp enable req-sec-dns
+
+EOD;
+ }
+
+ $mpdconf .= <<<EOD
open
EOD;
return 0;
}
+function interfaces_wan_pptp_down() {
+ global $g;
+ sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR2");\r
+ sleep(3);
+}
+
+function interfaces_wan_pptp_up() {
+ global $g;
+ sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR1");\r
+ sleep(3);
+}
+
function interfaces_wan_bigpond_configure($curwanip) {
global $config, $g;
/* kill any running choparp */
killbyname("choparp");
- if (is_array($config['proxyarp']) && count($config['proxyarp']) &&
- (is_ipaddr($config['interfaces']['wan']['ipaddr']) ||
- ($config['interfaces']['wan']['ipaddr'] == "dhcp") ||
- ($config['interfaces']['wan']['ipaddr'] == "bigpond"))) {
-
- $args = $config['interfaces']['wan']['if'] . " auto";
-
+ if (is_array($config['proxyarp']) && count($config['proxyarp'])) {
+
+ $paa = array();
+
+ /* group by interface */
foreach ($config['proxyarp']['proxyarpnet'] as $paent) {
- if (isset($paent['network']))
- $args .= " " . escapeshellarg($paent['network']);
- else if (isset($paent['range']))
- $args .= " " . escapeshellarg($paent['range']['from'] . "-" .
- $paent['range']['to']);
+ if ($paent['interface'])
+ $if = $paent['interface'];
+ else
+ $if = "wan";
+
+ if (!is_array($paa[$if]))
+ $paa[$if] = array();
+
+ $paa[$if][] = $paent;
+ }
+
+ foreach ($paa as $paif => $paents) {
+ if ($paif == "wan" && !(is_ipaddr($config['interfaces']['wan']['ipaddr']) ||
+ ($config['interfaces']['wan']['ipaddr'] == "dhcp") ||
+ ($config['interfaces']['wan']['ipaddr'] == "bigpond")))
+ continue;
+
+ $args = $config['interfaces'][$paif]['if'] . " auto";
+
+ foreach ($paents as $paent) {
+ if (isset($paent['network']))
+ $args .= " " . escapeshellarg($paent['network']);
+ else if (isset($paent['range']))
+ $args .= " " . escapeshellarg($paent['range']['from'] . "-" .
+ $paent['range']['to']);
+ }
+
+ mwexec_bg("/usr/local/sbin/choparp " . $args);
}
+ }
+}
+
+function services_dnsupdate_process() {
+ global $config, $g;
+
+ /* Dynamic DNS updating active? */
+ if (isset($config['dnsupdate']['enable'])) {
- mwexec_bg("/usr/local/sbin/choparp " . $args);
+ $wanip = get_current_wan_address();
+ if ($wanip) {
+
+ $keyname = $config['dnsupdate']['keyname'];
+ /* trailing dot */
+ if (substr($keyname, -1) != ".")
+ $keyname .= ".";
+
+ $hostname = $config['dnsupdate']['host'];
+ /* trailing dot */
+ if (substr($hostname, -1) != ".")
+ $hostname .= ".";
+
+ /* write private key file
+ this is dumb - public and private keys are the same for HMAC-MD5,
+ but nsupdate insists on having both */
+ $fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.private", "w");
+ $privkey .= <<<EOD
+Private-key-format: v1.2\r
+Algorithm: 157 (HMAC)
+Key: {$config['dnsupdate']['keydata']}
+
+EOD;
+ fwrite($fd, $privkey);
+ fclose($fd);
+
+ /* write public key file */
+ if ($config['dnsupdate']['keytype'] == "zone") {
+ $flags = 257;
+ $proto = 3;
+ } else if ($config['dnsupdate']['keytype'] == "host") {
+ $flags = 513;
+ $proto = 3;
+ } else if ($config['dnsupdate']['keytype'] == "user") {
+ $flags = 0;
+ $proto = 2;
+ }
+
+ $fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.key", "w");
+ fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$config['dnsupdate']['keydata']}\n");
+ fclose($fd);
+
+ /* generate update instructions */
+ $upinst = "update delete {$config['dnsupdate']['host']} A\n";
+ $upinst .= "update add {$config['dnsupdate']['host']} {$config['dnsupdate']['ttl']} A {$wanip}\n";
+ $upinst .= "\n"; /* mind that trailing newline! */
+
+ $fd = fopen("{$g['varetc_path']}/nsupdatecmds", "w");
+ fwrite($fd, $upinst);
+ fclose($fd);
+
+ /* invoke nsupdate */
+ $cmd = "/usr/sbin/nsupdate -k {$g['varetc_path']}:{$keyname}";
+ if (isset($config['dnsupdate']['usetcp']))
+ $cmd .= " -v";
+ $cmd .= " {$g['varetc_path']}/nsupdatecmds";
+
+ mwexec_bg($cmd);
+ }
}
+
+ return 0;
}
?>
if (isset($syslogcfg['system'])) {
$syslogconf .= <<<EOD
-*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local7.none @{$syslogcfg['remoteserver']}
+*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
security.* @{$syslogcfg['remoteserver']}
auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
*.emerg @{$syslogcfg['remoteserver']}
}
}
-function system_do_extensions() {
+function system_do_extensions($early = false) {
global $config, $g;
if (!is_dir("{$g['etc_path']}/inc/ext"))
while (($extd = readdir($dh)) !== false) {
if (($extd === ".") || ($extd === ".."))
continue;
- $rcfile = "{$g['etc_path']}/inc/ext/" . $extd . "/rc";
+ $rcfile = "{$g['etc_path']}/inc/ext/" . $extd . "/" . ($early ? "rc.early" : "rc");
if (file_exists($rcfile))
passthru($rcfile);
}
/* convert configuration, if necessary */
convert_config();
+ /* execute the rc.early scripts of extensions */
+ system_do_extensions(1);
+
/* run any early shell commands specified in config.xml */
system_do_shell_commands(1);
/* start dyndns service */
services_dyndns_configure();
+ /* static IP address? -> attempt DNS update */
+ if (is_ipaddr($config['interfaces']['wan']['ipaddr']))
+ services_dnsupdate_process();
+
/* start DHCP service */
services_dhcpd_configure();
if ($config['interfaces']['wan']['ipaddr'] == "bigpond")
interfaces_wan_bigpond_configure($curwanip);
+ /* perform RFC 2136 DNS update */
+ services_dnsupdate_process();
+
/* write current WAN IP to file */
$fd = @fopen("{$g['vardb_path']}/wanip", "w");
if ($fd) {
<form action="diag_backup.php" method="post" enctype="multipart/form-data">
<?php if ($input_errors) print_input_errors($input_errors); ?>
<?php if ($savemsg) print_info_box($savemsg); ?>
- <table width="100%" border="0" cellspacing="0" cellpadding="0">
+ <table width="100%" border="0" cellspacing="0" cellpadding="6">
<tr>
<td colspan="2" class="listtopic">Backup configuration</td>
</tr>
<tr>
- <td width="22%" valign="baseline"> </td>
- <td width="78%" class="listn">
+ <td width="22%" valign="baseline" class="vncell"> </td>
+ <td width="78%" class="vtable">
<p> Click this button to download the system configuration
in XML format.<br>
<br>
- <input name="Submit" type="submit" class="formbtn" id="download" value="Download configuration">
- <br>
- <br>
- </p></td>
+ <input name="Submit" type="submit" class="formbtn" id="download" value="Download configuration"></td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list" height="12"></td>
</tr>
<tr>
<td colspan="2" class="listtopic">Restore configuration</td>
</tr>
<tr>
- <td width="22%" valign="baseline"> </td>
- <td width="78%" class="listn">
- <p> Open a m0n0wall configuration XML file and click the button
+ <td width="22%" valign="baseline" class="vncell"> </td>
+ <td width="78%" class="vtable">
+ Open a m0n0wall configuration XML file and click the button
below to restore the configuration.<br>
<br>
<strong><span class="red">Note:</span></strong><br>
<br>
<br>
<input name="Submit" type="submit" class="formbtn" id="restore" value="Restore configuration">
- </p>
- </td>
+ </td>
</tr>
</table>
</form>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
-<title><?=gentitle("Diagnostics: System logs");?></title>
+<title><?=gentitle("Diagnostics: Logs");?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="gui.css" rel="stylesheet" type="text/css">
</head>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>
-<p class="pgtitle">Diagnostics: System logs</p>
+<p class="pgtitle">Diagnostics: Logs</p>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<ul id="tabnav">
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
-<title><?=gentitle("Diagnostics: System logs");?></title>
+<title><?=gentitle("Diagnostics: Logs");?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="gui.css" rel="stylesheet" type="text/css">
</head>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>
-<p class="pgtitle">Diagnostics: System logs</p>
+<p class="pgtitle">Diagnostics: Logs</p>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<ul id="tabnav">
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
-<title><?=gentitle("Diagnostics: System logs");?></title>
+<title><?=gentitle("Diagnostics: Logs");?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="gui.css" rel="stylesheet" type="text/css">
</head>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>
-<p class="pgtitle">Diagnostics: System logs</p>
+<p class="pgtitle">Diagnostics: Logs</p>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<ul id="tabnav">
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
-<title><?=gentitle("Diagnostics: System logs");?></title>
+<title><?=gentitle("Diagnostics: Logs");?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="gui.css" rel="stylesheet" type="text/css">
<script language="JavaScript">
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>
-<p class="pgtitle">Diagnostics: System logs</p>
+<p class="pgtitle">Diagnostics: Logs</p>
<form action="diag_logs_settings.php" method="post" name="iform" id="iform">
<?php if ($input_errors) print_input_errors($input_errors); ?>
<?php if ($savemsg) print_info_box($savemsg); ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
-<title><?=gentitle("Diagnostics: System logs");?></title>
+<title><?=gentitle("Diagnostics: Logs");?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="gui.css" rel="stylesheet" type="text/css">
</head>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>
-<p class="pgtitle">Diagnostics: System logs</p>
+<p class="pgtitle">Diagnostics: Logs</p>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<ul id="tabnav">
<td class="tabcont">
<table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>
<td colspan="4" class="listtopic">
- Last <?=$nentries;?> firewall log entries</td>
+ Last <?=$nentries;?> PPTP VPN log entries</td>
</tr>
<tr>
<td class="listhdrr">Time</td>
<a href="javascript:showhide('diag','tri_diag')"><img src="/tri_c.gif" id="tri_diag" width="14" height="10" border="0"></a><strong><a href="javascript:showhide('diag','tri_diag')" class="navlnk">Diagnostics</a></strong><br>
<span id="diag" style="display: none">
<?php endif; ?>
- <a href="/diag_logs.php" class="navlnk">System
- logs</a><br>
+ <a href="/diag_logs.php" class="navlnk">Logs</a><br>
<a href="/diag_dhcp_leases.php" class="navlnk">DHCP leases</a><br>
<a href="/diag_ipsec_sad.php" class="navlnk">IPsec</a><br>
<a href="/diag_ping.php" class="navlnk">Ping</a><br>
- <a href="/diag_resetstate.php" class="navlnk">Reset
- state</a><br>
+ <a href="/diag_resetstate.php" class="navlnk">Reset state</a><br>
<a href="/diag_backup.php" class="navlnk">Backup/Restore</a><br>
<a href="/diag_defaults.php" class="navlnk">Factory
defaults </a><br>
filter_rules_sort();
$a_filter = &$config['filter']['rule'];
+$if = $_GET['if'];
+if ($_POST['if'])
+ $if = $_POST['if'];
+
+$iflist = array("lan" => "LAN", "wan" => "WAN");
+
+if ($config['pptpd']['mode'] == "server")
+ $iflist['pptp'] = "PPTP VPN";
+
+for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
+ $iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
+}
+
+if (!$if || !isset($iflist[$if]))
+ $if = "lan";
+
if ($_POST) {
$pconfig = $_POST;
}
}
-if ($_GET['act'] == "del") {
- if ($a_filter[$_GET['id']]) {
- unset($a_filter[$_GET['id']]);
+if (isset($_POST['del_x'])) {
+ /* delete selected rules */
+ if (is_array($_POST['rule']) && count($_POST['rule'])) {
+ foreach ($_POST['rule'] as $rulei) {
+ unset($a_filter[$rulei]);
+ }
write_config();
touch($d_filterconfdirty_path);
- header("Location: firewall_rules.php");
+ header("Location: firewall_rules.php?if={$if}");
exit;
}
-} else if ($_GET['act'] == "down") {
- if ($a_filter[$_GET['id']] && $a_filter[$_GET['id']+1]) {
- $tmp = $a_filter[$_GET['id']+1];
- $a_filter[$_GET['id']+1] = $a_filter[$_GET['id']];
- $a_filter[$_GET['id']] = $tmp;
+} else if ($_GET['act'] == "toggle") {
+ if ($a_filter[$_GET['id']]) {
+ $a_filter[$_GET['id']]['disabled'] = !isset($a_filter[$_GET['id']]['disabled']);
write_config();
touch($d_filterconfdirty_path);
- header("Location: firewall_rules.php");
+ header("Location: firewall_rules.php?if={$if}");
exit;
}
-} else if ($_GET['act'] == "up") {
- if (($_GET['id'] > 0) && $a_filter[$_GET['id']]) {
- $tmp = $a_filter[$_GET['id']-1];
- $a_filter[$_GET['id']-1] = $a_filter[$_GET['id']];
- $a_filter[$_GET['id']] = $tmp;
- write_config();
- touch($d_filterconfdirty_path);
- header("Location: firewall_rules.php");
- exit;
+} else {
+ /* yuck - IE won't send value attributes for image buttons, while Mozilla does -
+ so we use .x/.y to fine move button clicks instead... */
+ unset($movebtn);
+ foreach ($_POST as $pn => $pd) {
+ if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
+ $movebtn = $matches[1];
+ break;
+ }
}
-} else if ($_GET['act'] == "toggle") {
- if ($a_filter[$_GET['id']]) {
- $a_filter[$_GET['id']]['disabled'] = !isset($a_filter[$_GET['id']]['disabled']);
+ /* move selected rules before this rule */
+ if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
+ $a_filter_new = array();
+
+ /* copy all rules < $movebtn and not selected */
+ for ($i = 0; $i < $movebtn; $i++) {
+ if (!in_array($i, $_POST['rule']))
+ $a_filter_new[] = $a_filter[$i];
+ }
+
+ /* copy all selected rules */
+ for ($i = 0; $i < count($a_filter); $i++) {
+ if ($i == $movebtn)
+ continue;
+ if (in_array($i, $_POST['rule']))
+ $a_filter_new[] = $a_filter[$i];
+ }
+
+ /* copy $movebtn rule */
+ if ($movebtn < count($a_filter))
+ $a_filter_new[] = $a_filter[$movebtn];
+
+ /* copy all rules > $movebtn and not selected */
+ for ($i = $movebtn+1; $i < count($a_filter); $i++) {
+ if (!in_array($i, $_POST['rule']))
+ $a_filter_new[] = $a_filter[$i];
+ }
+
+ $a_filter = $a_filter_new;
write_config();
touch($d_filterconfdirty_path);
- header("Location: firewall_rules.php");
+ header("Location: firewall_rules.php?if={$if}");
exit;
}
}
<?php print_info_box_np("The firewall rule configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td>
+ <ul id="tabnav">
+<?php foreach ($iflist as $ifent => $ifname):
+ if ($ifent == $if): ?>
+ <li class="tabact"><?=htmlspecialchars($ifname);?></li>
+<?php else: ?>
+ <li class="tabinact"><a href="firewall_rules.php?if=<?=$ifent;?>"><?=htmlspecialchars($ifname);?></a></li>
+<?php endif; ?>
+<?php endforeach; ?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <?php $lastif = ""; for ($i = 0; isset($a_filter[$i]); $i++):
- $filterent = $a_filter[$i];
- if ($filterent['interface'] != $lastif):
- if ($i):
- ?>
- <tr>
- <td colspan="8" class="list" height="12"></td>
- </tr>
- <?php endif; ?>
- <tr>
- <td colspan="7" class="listtopic"><?php
- $iflabels = array('lan' => 'LAN interface', 'wan' => 'WAN interface', 'pptp' => 'PPTP clients');
- for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)
- $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'] . " interface";
- echo htmlspecialchars($iflabels[$filterent['interface']]); ?></td>
- <td class="list"></td>
- </tr>
<tr>
<td width="5%" class="list"> </td>
<td width="10%" class="listhdrr">Proto</td>
<td width="25%" class="listhdr">Description</td>
<td width="10%" class="list"></td>
</tr>
- <?php $lastif = $filterent['interface']; endif; ?>
+ <?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++):
+ $filterent = $a_filter[$i];
+ if ($filterent['interface'] != $if)
+ continue;
+ ?>
<tr valign="top">
<td class="listt">
<?php if ($filterent['type'] == "block")
$textss = $textse = "";
}
?>
- <a href="?act=toggle&id=<?=$i;?>"><img src="<?=$iconfn;?>.gif" width="11" height="11" border="0" title="click to toggle enabled/disabled status"></a>
+ <a href="?
if=<?=$if;?>&act=toggle&id=<?=$i;?>"><img src="<?=$iconfn;?>.gif" width="11" height="11" border="0" title="click to toggle enabled/disabled status"></a>
<?php if (isset($filterent['log'])):
$iconfn = "log_s";
if (isset($filterent['disabled']))
<?=$textss;?><?=htmlspecialchars($filterent['descr']);?> <?=$textse;?>
</td>
<td valign="middle" nowrap class="list">
- <a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a>
- <?php if (($i > 0) && ($a_filter[$i-1]['interface'] == $filterent['interface'])): ?>
- <a href="firewall_rules.php?act=up&id=<?=$i;?>"><img src="up.gif" title="move up" width="17" height="17" border="0"></a>
- <?php else: ?>
- <img src="up_d.gif" width="17" height="17" border="0">
- <?php endif; ?><br>
- <a href="firewall_rules.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a>
- <?php if ($a_filter[$i+1]['interface'] == $filterent['interface']): ?>
- <a href="firewall_rules.php?act=down&id=<?=$i;?>"><img src="down.gif" title="move down" width="17" height="17" border="0"></a>
- <?php else: ?>
- <img src="down_d.gif" width="17" height="17" border="0">
- <?php endif; ?>
- <a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a>
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
+ <td align="center" valign="middle"><input type="checkbox" name="rule[]" value="<?=$i;?>" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
+ </tr>
+ <tr>
+ <td><input name="move_<?=$i;?>" type="image" src="left.gif" width="17" height="17" title="move selected rules before this rule"></td>
+ <td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
</td>
</tr>
- <?php endfor; ?>
+ <?php $nrules++; endfor; ?>
+ <?php if ($nrules == 0): ?>
+ <td class="listt"></td>
+ <td class="listlr" colspan="6" align="center" valign="middle">
+ <span class="gray">
+ No rules are currently defined for this interface.<br>
+ All incoming connections on this interface will be blocked until you add pass rules.<br><br>
+ Click the <a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="plus.gif" title="add new rule" border="0" width="17" height="17" align="absmiddle"></a> button to add a new rule.</span>
+ </td>
+ <?php endif; ?>
<tr>
<td class="list" colspan="7"></td>
- <td class="list"> <a href="firewall_rules_edit.php"><img src="plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
+ <td class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td>
+ <?php if ($nrules == 0): ?><img src="left_d.gif" width="17" height="17" title="move selected rules to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="left.gif" width="17" height="17" title="move selected rules to end"><?php endif; ?></td>
+ <td><a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
+ </tr>
+ <tr>
+ <td><?php if ($nrules == 0): ?><img src="x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?><input name="del" type="image" src="x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?></td>
+ <td></td>
+ </tr>
+ </table>
+ </td>
</tr>
</table>
<table border="0" cellspacing="0" cellpadding="0">
<td>log (disabled)</td>
</tr>
</table>
- <p>
- <strong><span class="red">Hint:<br>
- </span></strong>rules are evaluated on a first-match basis (i.e.
- the action of the first rule to match a packet will be executed).
- This means that if you use block rules, you'll have to pay attention
- to the rule order. Everything that isn't explicitly passed is blocked
- by default.</p>
- </form>
+ </td>
+ </tr>
+</table>
+ <p>
+ <strong><span class="red">Hint:<br>
+ </span></strong>rules are evaluated on a first-match basis (i.e.
+ the action of the first rule to match a packet will be executed).
+ This means that if you use block rules, you'll have to pay attention
+ to the rule order. Everything that isn't explicitly passed is blocked
+ by default.</p>
+<input type="hidden" name="if" value="<?=$if;?>">
+</form>
<?php include("fend.inc"); ?>
</body>
</html>
} else {
/* defaults */
+ if ($_GET['if'])
+ $pconfig['interface'] = $_GET['if'];
$pconfig['type'] = "pass";
$pconfig['src'] = "any";
$pconfig['dst'] = "any";
write_config();
touch($d_filterconfdirty_path);
- header("Location: firewall_rules.php");
+ header("Location: firewall_rules.php?if=" . $_POST['interface']);
exit;
}
}
</select> <input name="srcendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcendport']) echo $pconfig['srcendport']; ?>"></td>
</tr>
</table>
- <br> <span class="vexpl">Specify the port or port range for
- the source of the packet for this rule.<br>
+ <br>
+ <span class="vexpl">Specify the port or port range for
+ the source of the packet for this rule. This is usually not equal to the destination port range (and is often "any"). <br>
Hint: you can leave the <em>'to'</em> field empty if you only
want to filter a single port</span></td>
<tr>
font-size: 13px;
font-weight: bold;
}
+.formbtns {
+ font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
+ font-size: 10px;
+ font-weight: bold;
+}
.vvcell {
background-color: #FFFFC6;
}
border-right: 1px solid #999999;
border-bottom: 1px solid #999999;
font-size: 11px;
- padding-right: 16px;
+ padding-right: 6px;
padding-left: 6px;
padding-top: 4px;
padding-bottom: 4px;
border-bottom: 1px solid #999999;
border-left: 1px solid #999999;
font-size: 11px;
- padding-right: 16px;
+ padding-right: 6px;
padding-left: 6px;
padding-top: 4px;
padding-bottom: 4px;
.listt {
font-size: 11px;
padding-top: 5px;
- padding-left: 4px;
}
.listhdrrns {
background-color: #BBBBBB;
padding-top: 5px;
padding-bottom: 5px;
}
+.optsect_t {
+ border-right: 1px solid #999999;
+ background-color: #435370;
+ padding-right: 6px;
+ padding-left: 6px;
+ padding-top: 2px;
+ padding-bottom: 2px;
+}
+.optsect_s {
+ font-size: 11px;
+ color: #FFFFFF;
+ font-weight: bold;
+}
ul#tabnav {
font-size: 11px;
font-weight: bold;
<script language="JavaScript">
<!--
function enable_change(enable_over) {
- if ((document.iform.bridge.selectedIndex == 0) || enable_over) {
- document.iform.ipaddr.disabled = 0;
- document.iform.subnet.disabled = 0;
- } else {
- document.iform.ipaddr.disabled = 1;
- document.iform.subnet.disabled = 1;
- }
+ var endis;
+ endis = !((document.iform.bridge.selectedIndex == 0) || enable_over);
+ document.iform.ipaddr.disabled = endis;
+ document.iform.subnet.disabled = endis;
}
function gen_bits(ipaddr) {
if (ipaddr.search(/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/) != -1) {
<td colspan="2" valign="top" height="16"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="vnsepcell">IP configuration</td>
+ <td colspan="2" valign="top" class="listtopic">IP configuration</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq">Bridge with</td>
$pconfig['ipaddr'] = $wancfg['ipaddr'];
$pconfig['subnet'] = $wancfg['subnet'];
$pconfig['gateway'] = $wancfg['gateway'];
+ $pconfig['pointtopoint'] = $wancfg['pointtopoint'];
}
$pconfig['blockpriv'] = isset($wancfg['blockpriv']);
if (($_POST['gateway'] && !is_ipaddr($_POST['gateway']))) {
$input_errors[] = "A valid gateway must be specified.";
}
+ if (($_POST['pointtopoint'] && !is_ipaddr($_POST['pointtopoint']))) {
+ $input_errors[] = "A valid point-to-point IP address must be specified.";
+ }
if (($_POST['provider'] && !is_domain($_POST['provider']))) {
$input_errors[] = "The service name contains invalid characters.";
}
- if ($_POST['pppoe_idletimeout'] && !is_numericint($_POST['pppoe_idletimeout'])) {
+ if (($_POST['pppoe_idletimeout'] != "") && !is_numericint($_POST['pppoe_idletimeout'])) {
$input_errors[] = "The idle timeout value must be an integer.";
}
if (($_POST['pptp_local'] && !is_ipaddr($_POST['pptp_local']))) {
if (($_POST['pptp_remote'] && !is_ipaddr($_POST['pptp_remote']))) {
$input_errors[] = "A valid PPTP remote IP address must be specified.";
}
- if ($_POST['pptp_idletimeout'] && !is_numericint($_POST['pptp_idletimeout'])) {
+ if (($_POST['pptp_idletimeout'] != "") && !is_numericint($_POST['pptp_idletimeout'])) {
$input_errors[] = "The idle timeout value must be an integer.";
}
if (($_POST['bigpond_authserver'] && !is_domain($_POST['bigpond_authserver']))) {
unset($wancfg['ipaddr']);
unset($wancfg['subnet']);
unset($wancfg['gateway']);
+ unset($wancfg['pointtopoint']);
unset($wancfg['dhcphostname']);
unset($config['pppoe']['username']);
unset($config['pppoe']['password']);
$wancfg['ipaddr'] = $_POST['ipaddr'];
$wancfg['subnet'] = $_POST['subnet'];
$wancfg['gateway'] = $_POST['gateway'];
+ if (isset($wancfg['ispointtopoint']))
+ $wancfg['pointtopoint'] = $_POST['pointtopoint'];
} else if ($_POST['type'] == "DHCP") {
$wancfg['ipaddr'] = "dhcp";
$wancfg['dhcphostname'] = $_POST['dhcphostname'];
<td colspan="2" valign="top" height="4"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="vnsepcell">General configuration</td>
+ <td colspan="2" valign="top" class="listtopic">General configuration</td>
</tr>
<tr>
<td valign="top" class="vncell">MAC address</td>
<td colspan="2" valign="top" height="16"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="vnsepcell">Static IP configuration</td>
+ <td colspan="2" valign="top" class="listtopic">Static IP configuration</td>
</tr>
<tr>
<td width="100" valign="top" class="vncellreq">IP address</td>
<td class="vtable"> <input name="ipaddr" type="text" class="formfld" id="ipaddr" size="20" value="<?=htmlspecialchars($pconfig['ipaddr']);?>">
/
<select name="subnet" class="formfld" id="subnet">
- <?php for ($i = 31; $i > 0; $i--): ?>
+ <?php
+ if (isset($wancfg['ispointtopoint']))
+ $snmax = 32;
+ else
+ $snmax = 31;
+ for ($i = $snmax; $i > 0; $i--): ?>
<option value="<?=$i;?>" <?php if ($i == $pconfig['subnet']) echo "selected"; ?>>
<?=$i;?>
</option>
<?php endfor; ?>
</select></td>
- </tr>
+ </tr><?php if (isset($wancfg['ispointtopoint'])): ?>
+ <tr>
+ <td valign="top" class="vncellreq">Point-to-point IP address </td>
+ <td class="vtable">
+ <input name="pointtopoint" type="text" class="formfld" id="pointtopoint" size="20" value="<?=htmlspecialchars($pconfig['pointtopoint']);?>">
+ </td>
+ </tr><?php endif; ?>
<tr>
<td valign="top" class="vncellreq">Gateway</td>
<td class="vtable"> <input name="gateway" type="text" class="formfld" id="gateway" size="20" value="<?=htmlspecialchars($pconfig['gateway']);?>">
<td colspan="2" valign="top" height="16"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="vnsepcell">DHCP client configuration</td>
+ <td colspan="2" valign="top" class="listtopic">DHCP client configuration</td>
</tr>
<tr>
<td valign="top" class="vncell">Hostname</td>
<td colspan="2" valign="top" height="16"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="vnsepcell">PPPoE configuration</td>
+ <td colspan="2" valign="top" class="listtopic">PPPoE configuration</td>
</tr>
<tr>
<td valign="top" class="vncellreq">Username</td>
<td colspan="2" valign="top" height="16"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="vnsepcell">PPTP configuration</td>
+ <td colspan="2" valign="top" class="listtopic">PPTP configuration</td>
</tr>
<tr>
<td valign="top" class="vncellreq">Username</td>
<td colspan="2" valign="top" height="16"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="vnsepcell">BigPond Cable configuration</td>
+ <td colspan="2" valign="top" class="listtopic">BigPond Cable configuration</td>
</tr>
<tr>
<td valign="top" class="vncellreq">Username</td>
<td colspan="2" valign="top" height="16"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="vnsepcell">Wireless configuration</td>
+ <td colspan="2" valign="top" class="listtopic">Wireless configuration</td>
</tr>
<tr>
<td valign="top" class="vncellreq">Mode</td>
<em><font color="#666666">DHCP lease list page</font></em><br>
<br>
Peter Allgeyer (<a href="mailto:allgeyer@web.de">allgeyer@web.de</a>)<br>
- <em><font color="#666666">"reject" type filter rules; dial-on-demand</font></em><br>
+ <em><font color="#666666">"reject" type filter rules; dial-on-demand; WAN connect/disconnect</font></em><br>
<br>
Thierry Lechat (<a href="mailto:dev@lechat.org">dev@lechat.org</a>)<br>
<em><font color="#666666">SVG-based traffic grapher</font></em><br>
}
function enable_change(enable_change) {
- if (document.iform.enable.checked || enable_change) {
- document.iform.cinterface.disabled = 0;
- document.iform.idletimeout.disabled = 0;
- document.iform.timeout.disabled = 0;
- document.iform.redirurl.disabled = 0;
- document.iform.radiusip.disabled = 0;
- document.iform.radiusport.disabled = 0;
- document.iform.radiuskey.disabled = 0;
- document.iform.radacct_enable.disabled = 0;
- document.iform.httpslogin_enable.disabled = 0;
- document.iform.httpsname.disabled = 0;
- document.iform.cert.disabled = 0;
- document.iform.key.disabled = 0;
- document.iform.logoutwin_enable.disabled = 0;
- document.iform.nomacfilter.disabled = 0;
- document.iform.htmlfile.disabled = 0;
- document.iform.errfile.disabled = 0;
- } else {
- document.iform.cinterface.disabled = 1;
- document.iform.idletimeout.disabled = 1;
- document.iform.timeout.disabled = 1;
- document.iform.redirurl.disabled = 1;
- document.iform.radiusip.disabled = 1;
- document.iform.radiusport.disabled = 1;
- document.iform.radiuskey.disabled = 1;
- document.iform.radacct_enable.disabled = 1;
- document.iform.httpslogin_enable.disabled = 1;
- document.iform.httpsname.disabled = 1;
- document.iform.cert.disabled = 1;
- document.iform.key.disabled = 1;
- document.iform.logoutwin_enable.disabled = 1;
- document.iform.nomacfilter.disabled = 1;
- document.iform.htmlfile.disabled = 1;
- document.iform.errfile.disabled = 1;
- }
+ var endis;
+ endis = !(document.iform.enable.checked || enable_change);
+
+ document.iform.cinterface.disabled = endis;
+ document.iform.idletimeout.disabled = endis;
+ document.iform.timeout.disabled = endis;
+ document.iform.redirurl.disabled = endis;
+ document.iform.radiusip.disabled = endis;
+ document.iform.radiusport.disabled = endis;
+ document.iform.radiuskey.disabled = endis;
+ document.iform.radacct_enable.disabled = endis;
+ document.iform.httpslogin_enable.disabled = endis;
+ document.iform.httpsname.disabled = endis;
+ document.iform.cert.disabled = endis;
+ document.iform.key.disabled = endis;
+ document.iform.logoutwin_enable.disabled = endis;
+ document.iform.nomacfilter.disabled = endis;
+ document.iform.htmlfile.disabled = endis;
+ document.iform.errfile.disabled = endis;
+
if (enable_change && document.iform.radacct_enable.checked) {
document.iform.logoutwin_enable.checked = 1;
}
<br>
<?php endif; ?>
Upload an HTML file for the portal page here (leave blank to keep the current one). Make sure to include a form (POST to "$PORTAL_ACTION$")
-with a submit button (name="accept"). Include the "auth_user" and "auth_pass" input elements if RADIUS authentication is enabled. If RADIUS is enabled and no "auth_user" is present, authentication will always fail. If RADIUS is not enabled, you can omit both these input elements.
-When using HTTPS login, a hidden field with name="redirurl" and value="$PORTAL_REDIRURL$" has to be included as well. Example code for the form:<br>
+with a submit button (name="accept") and a hidden field with name="redirurl" and value="$PORTAL_REDIRURL$". Include the "auth_user" and "auth_pass" input elements if RADIUS authentication is enabled. If RADIUS is enabled and no "auth_user" is present, authentication will always fail. If RADIUS is not enabled, you can omit both of these input elements. Example code for the form:<br>
<br>
<tt><form method="post" action="$PORTAL_ACTION$"><br>
<input name="auth_user" type="text"><br>
<script language="JavaScript">
<!--
function enable_change(enable_over) {
- if (document.iform.enable.checked || enable_over) {
- document.iform.range_from.disabled = 0;
- document.iform.range_to.disabled = 0;
- document.iform.wins1.disabled = 0;
- document.iform.wins2.disabled = 0;
- document.iform.deftime.disabled = 0;
- document.iform.maxtime.disabled = 0;
- } else {
- document.iform.range_from.disabled = 1;
- document.iform.range_to.disabled = 1;
- document.iform.wins1.disabled = 1;
- document.iform.wins2.disabled = 1;
- document.iform.deftime.disabled = 1;
- document.iform.maxtime.disabled = 1;
- }
+ var endis;
+ endis = !(document.iform.enable.checked || enable_over);
+
+ document.iform.range_from.disabled = endis;
+ document.iform.range_to.disabled = endis;
+ document.iform.wins1.disabled = endis;
+ document.iform.wins2.disabled = endis;
+ document.iform.deftime.disabled = endis;
+ document.iform.maxtime.disabled = endis;
}
//-->
</script>
</ul>
</td></tr>
<tr>
- <td class="tabcont">
+ <td class="tabcont">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
<td width="22%" valign="top" class="vtable"> </td>
require("guiconfig.inc");
+if (!is_array($config['dnsupdate'])) {
+ $config['dnsupdate'] = array();
+}
+
$pconfig['username'] = $config['dyndns']['username'];
$pconfig['password'] = $config['dyndns']['password'];
$pconfig['host'] = $config['dyndns']['host'];
$pconfig['enable'] = isset($config['dyndns']['enable']);
$pconfig['wildcard'] = isset($config['dyndns']['wildcard']);
+$pconfig['dnsupdate_enable'] = isset($config['dnsupdate']['enable']);
+$pconfig['dnsupdate_host'] = $config['dnsupdate']['host'];
+$pconfig['dnsupdate_ttl'] = $config['dnsupdate']['ttl'];
+if (!$pconfig['dnsupdate_ttl'])
+ $pconfig['dnsupdate_ttl'] = 60;
+$pconfig['dnsupdate_keydata'] = $config['dnsupdate']['keydata'];
+$pconfig['dnsupdate_keyname'] = $config['dnsupdate']['keyname'];
+$pconfig['dnsupdate_keytype'] = $config['dnsupdate']['keytype'];
+if (!$pconfig['dnsupdate_keytype'])
+ $pconfig['dnsupdate_keytype'] = "zone";
+$pconfig['dnsupdate_usetcp'] = isset($config['dnsupdate']['usetcp']);
+
if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
/* input validation */
+ $reqdfields = array();
+ $reqdfieldsn = array();
if ($_POST['enable']) {
- $reqdfields = explode(" ", "host username password type");
- $reqdfieldsn = explode(",", "Hostname,Username,Password,Service type");
-
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ $reqdfields = array_merge($reqdfields, explode(" ", "host username password type"));
+ $reqdfieldsn = array_merge($reqdfieldsn, explode(",", "Hostname,Username,Password,Service type"));
}
+ if ($_POST['dnsupdate_enable']) {
+ $reqdfields = array_merge($reqdfields, explode(" ", "dnsupdate_host dnsupdate_ttl dnsupdate_keyname dnsupdate_keydata"));
+ $reqdfieldsn = array_merge($reqdfieldsn, explode(",", "Hostname,TTL,Key name,Key"));
+ }
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
if (($_POST['host'] && !is_domain($_POST['host']))) {
$input_errors[] = "The host name contains invalid characters.";
if (($_POST['username'] && !is_dyndns_username($_POST['username']))) {
$input_errors[] = "The username contains invalid characters.";
}
+
+ if (($_POST['dnsupdate_host'] && !is_domain($_POST['dnsupdate_host']))) {
+ $input_errors[] = "The DNS update host name contains invalid characters.";
+ }
+ if (($_POST['dnsupdate_ttl'] && !is_numericint($_POST['dnsupdate_ttl']))) {
+ $input_errors[] = "The DNS update TTL must be an integer.";
+ }
+ if (($_POST['dnsupdate_keyname'] && !is_domain($_POST['dnsupdate_keyname']))) {
+ $input_errors[] = "The DNS update key name contains invalid characters.";
+ }
if (!$input_errors) {
$config['dyndns']['type'] = $_POST['type'];
$config['dyndns']['mx'] = $_POST['mx'];
$config['dyndns']['wildcard'] = $_POST['wildcard'] ? true : false;
$config['dyndns']['enable'] = $_POST['enable'] ? true : false;
+
+ $config['dnsupdate']['enable'] = $_POST['dnsupdate_enable'] ? true : false;
+ $config['dnsupdate']['host'] = $_POST['dnsupdate_host'];
+ $config['dnsupdate']['ttl'] = $_POST['dnsupdate_ttl'];
+ $config['dnsupdate']['keyname'] = $_POST['dnsupdate_keyname'];
+ $config['dnsupdate']['keytype'] = $_POST['dnsupdate_keytype'];
+ $config['dnsupdate']['keydata'] = $_POST['dnsupdate_keydata'];
+ $config['dnsupdate']['usetcp'] = $_POST['dnsupdate_usetcp'] ? true : false;
write_config();
config_lock();
services_dyndns_reset();
$retval = services_dyndns_configure();
+ $retval |= services_dnsupdate_process();
config_unlock();
}
$savemsg = get_std_save_message($retval);
<script language="JavaScript">
<!--
function enable_change(enable_change) {
- if (document.iform.enable.checked || enable_change) {
- document.iform.host.disabled = 0;
- document.iform.mx.disabled = 0;
- document.iform.type.disabled = 0;
- document.iform.wildcard.disabled = 0;
- document.iform.username.disabled = 0;
- document.iform.password.disabled = 0;
- } else {
- document.iform.host.disabled = 1;
- document.iform.mx.disabled = 1;
- document.iform.type.disabled = 1;
- document.iform.wildcard.disabled = 1;
- document.iform.username.disabled = 1;
- document.iform.password.disabled = 1;
- }
+ var endis;
+
+ endis = !(document.iform.enable.checked || enable_change);
+ document.iform.host.disabled = endis;
+ document.iform.mx.disabled = endis;
+ document.iform.type.disabled = endis;
+ document.iform.wildcard.disabled = endis;
+ document.iform.username.disabled = endis;
+ document.iform.password.disabled = endis;
+
+ endis = !(document.iform.dnsupdate_enable.checked || enable_change);
+ document.iform.dnsupdate_host.disabled = endis;
+ document.iform.dnsupdate_ttl.disabled = endis;
+ document.iform.dnsupdate_keyname.disabled = endis;
+ document.iform.dnsupdate_keytype[0].disabled = endis;
+ document.iform.dnsupdate_keytype[1].disabled = endis;
+ document.iform.dnsupdate_keytype[2].disabled = endis;
+ document.iform.dnsupdate_keydata.disabled = endis;
+ document.iform.dnsupdate_usetcp.disabled = endis;
}
//-->
</script>
<form action="services_dyndns.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
- <td width="22%" valign="top" class="vtable"> </td>
- <td width="78%" class="vtable">
-<input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
- <strong>Enable Dynamic DNS client</strong></td>
- </tr>
+ <td colspan="2" valign="top" class="optsect_t">
+ <table border="0" cellspacing="0" cellpadding="0" width="100%">
+ <tr><td class="optsect_s"><strong>Dynamic DNS client</strong></td>
+ <td align="right" class="optsect_s"><input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)"> <strong>Enable</strong></td></tr>
+ </table></td>
+ </tr>
<tr>
<td width="22%" valign="top" class="vncellreq">Service type</td>
<td width="78%" class="vtable">
<input name="password" type="password" class="formfld" id="password" size="20" value="<?=htmlspecialchars($pconfig['password']);?>">
</td>
</tr>
+ <tr>
+ <td colspan="2" class="list" height="12"></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="optsect_t">
+ <table border="0" cellspacing="0" cellpadding="0" width="100%">
+ <tr><td class="optsect_s"><strong>RFC 2163 Dynamic DNS updates</strong></td>
+ <td align="right" class="optsect_s"><input name="dnsupdate_enable" type="checkbox" value="yes" <?php if ($pconfig['dnsupdate_enable']) echo "checked"; ?> onClick="enable_change(false)"> <strong>Enable</strong></td></tr>
+ </table></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Hostname</td>
+ <td width="78%" class="vtable">
+ <input name="dnsupdate_host" type="text" class="formfld" id="dnsupdate_host" size="30" value="<?=htmlspecialchars($pconfig['dnsupdate_host']);?>">
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq">TTL</td>
+ <td class="vtable">
+ <input name="dnsupdate_ttl" type="text" class="formfld" id="dnsupdate_ttl" size="6" value="<?=htmlspecialchars($pconfig['dnsupdate_ttl']);?>">
+ seconds</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq">Key name</td>
+ <td class="vtable">
+ <input name="dnsupdate_keyname" type="text" class="formfld" id="dnsupdate_keyname" size="30" value="<?=htmlspecialchars($pconfig['dnsupdate_keyname']);?>">
+ <br>
+ This must match the setting on the DNS server.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq">Key type </td>
+ <td class="vtable">
+ <input name="dnsupdate_keytype" type="radio" value="zone" <?php if ($pconfig['dnsupdate_keytype'] == "zone") echo "checked"; ?>> Zone
+ <input name="dnsupdate_keytype" type="radio" value="host" <?php if ($pconfig['dnsupdate_keytype'] == "host") echo "checked"; ?>> Host
+ <input name="dnsupdate_keytype" type="radio" value="user" <?php if ($pconfig['dnsupdate_keytype'] == "user") echo "checked"; ?>> User
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq">Key</td>
+ <td class="vtable">
+ <input name="dnsupdate_keydata" type="text" class="formfld" id="dnsupdate_keydata" size="70" value="<?=htmlspecialchars($pconfig['dnsupdate_keydata']);?>">
+ <br>
+ Paste an HMAC-MD5 key here.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Protocol</td>
+ <td width="78%" class="vtable">
+ <input name="dnsupdate_usetcp" type="checkbox" id="dnsupdate_usetcp" value="yes" <?php if ($pconfig['dnsupdate_usetcp']) echo "checked"; ?>>
+ <strong>Use TCP instead of UDP</strong></td>
+ </tr>
<tr>
<td width="22%" valign="top"> </td>
<td width="78%">
<td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>
</strong></span>You must configure a DNS server in <a href="system.php">System:
General setup</a> or allow the DNS server list to be overridden
- by DHCP/PPP on WAN for the DynDNS client to work.</span></td>
+ by DHCP/PPP on WAN for dynamic DNS updates to work.</span></td>
</tr>
</table>
</form>
<?php endif; ?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
- <td width="40%" class="listhdrr">Network</td>
- <td width="50%" class="listhdr">Description</td>
+ <td width="20%" class="listhdrr">Interface</td>
+ <td width="30%" class="listhdrr">Network</td>
+ <td width="40%" class="listhdr">Description</td>
<td width="10%" class="list"></td>
</tr>
<?php $i = 0; foreach ($a_proxyarp as $arpent): ?>
<tr>
- <td class="listlr">
+ <td class="listlr">
+ <?php
+ if ($arpent['interface']) {
+ $iflabels = array('lan' => 'LAN', 'wan' => 'WAN');
+ for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)
+ $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];
+ echo htmlspecialchars($iflabels[$arpent['interface']]);
+ } else {
+ echo "WAN";
+ }
+ ?>
+ </td>
+ <td class="listr">
<?php if (isset($arpent['network'])) {
list($sa,$sn) = explode("/", $arpent['network']);
if ($sn == 32)
</tr>
<?php $i++; endforeach; ?>
<tr>
- <td class="list" colspan="2"></td>
+ <td class="list" colspan="3"></td>
<td class="list"> <a href="services_proxyarp_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td>
</tr>
</table>
</form>
<p class="vexpl"><span class="red"><strong>Note:<br>
</strong></span>Proxy ARP can be used if you need m0n0wall to send ARP
- replies on the WAN interface for other IP addresses than its own WAN
- IP address (e.g. for 1:1, advanced outbound or server NAT). It is not
- necessary if you have a subnet routed to you or if you use PPPoE/PPTP, and it only works if
- the WAN interface is configured with a static IP address or DHCP.</p>
-<?php include("fend.inc"); ?>
+ replies on an interface for other IP addresses than its own (e.g. for 1:1, advanced outbound or server NAT). It is not
+ necessary on the WAN interface if you have a subnet routed to you or if you use PPPoE/PPTP, and it only works on the WAN interface if it's configured with a static IP address or DHCP.</p>
+ <?php include("fend.inc"); ?>
</body>
</html>
$id = $_POST['id'];
if (isset($id) && $a_proxyarp[$id]) {
+ if ($a_proxyarp[$id]['interface'])
+ $pconfig['interface'] = $a_proxyarp[$id]['interface'];
+ else
+ $pconfig['interface'] = "wan";
if (isset($a_proxyarp[$id]['network']))
list($pconfig['subnet'], $pconfig['subnet_bits']) = explode("/", $a_proxyarp[$id]['network']);
else if (isset($a_proxyarp[$id]['range'])) {
}
$pconfig['descr'] = $a_proxyarp[$id]['descr'];
} else {
+ $pconfig['interface'] = "wan";
$pconfig['subnet_bits'] = 32;
}
if (!$input_errors) {
$arpent = array();
+ $arpent['interface'] = $_POST['interface'];
if ($_POST['type'] == "range") {
$arpent['range']['from'] = $_POST['range_from'];
$arpent['range']['to'] = $_POST['range_to'];
<?php if ($input_errors) print_input_errors($input_errors); ?>
<form action="services_proxyarp_edit.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Interface</td>
+ <td width="78%" class="vtable">
+ <select name="interface" class="formfld">
+ <?php $interfaces = array('wan' => 'WAN', 'lan' => 'LAN');
+ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
+ $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
+ }
+ foreach ($interfaces as $iface => $ifacename): ?>
+ <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>>
+ <?=htmlspecialchars($ifacename);?>
+ </option>
+ <?php endforeach; ?>
+ </select> </td>
+ </tr>
<tr>
<td valign="top" class="vncellreq">Network</td>
<td class="vtable">
<script language="JavaScript">
<!--
function enable_change(enable_change) {
- if (document.iform.enable.checked || enable_change) {
- document.iform.syslocation.disabled = 0;
- document.iform.syscontact.disabled = 0;
- document.iform.rocommunity.disabled = 0;
- } else {
- document.iform.syslocation.disabled = 1;
- document.iform.syscontact.disabled = 1;
- document.iform.rocommunity.disabled = 1;
- }
+ var endis;
+ endis = !(document.iform.enable.checked || enable_change);
+ document.iform.syslocation.disabled = endis;
+ document.iform.syscontact.disabled = endis;
+ document.iform.rocommunity.disabled = endis;
}
//-->
</script>
* (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)
*/
+require("guiconfig.inc");
+
/* Execute a command, with a title, and generate an HTML table
* showing the results.
*/
-function doCmdT($title, $command) {
+
+function doCmdT($title, $command, $isstr) {
echo "<p>\n";
echo "<a name=\"" . $title . "\">\n";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n";
echo "<tr><td class=\"listtopic\">" . $title . "</td></tr>\n";
echo "<tr><td class=\"listlr\"><pre>"; /* no newline after pre */
- if ($command == "dumpconfigxml") {
- $fd = @fopen("/conf/config.xml", "r");
- if ($fd) {
- while (!feof($fd)) {
- $line = fgets($fd);
- /* remove password tag contents */
- $line = preg_replace("/<password>.*?<\\/password>/", "<password>xxxxx</password>", $line);
- $line = preg_replace("/<pre-shared-key>.*?<\\/pre-shared-key>/", "<pre-shared-key>xxxxx</pre-shared-key>", $line);
- $line = str_replace("\t", " ", $line);
- echo htmlspecialchars($line,ENT_NOQUOTES);
- }
- }
- fclose($fd);
+ if ($isstr) {
+ echo htmlspecialchars($command);
} else {
- exec ($command . " 2>&1", $execOutput, $execStatus);
- for ($i = 0; isset($execOutput[$i]); $i++) {
- if ($i > 0) {
- echo "\n";
+ if ($command == "dumpconfigxml") {
+ $fd = @fopen("/conf/config.xml", "r");
+ if ($fd) {
+ while (!feof($fd)) {
+ $line = fgets($fd);
+ /* remove password tag contents */
+ $line = preg_replace("/<password>.*?<\\/password>/", "<password>xxxxx</password>", $line);
+ $line = preg_replace("/<pre-shared-key>.*?<\\/pre-shared-key>/", "<pre-shared-key>xxxxx</pre-shared-key>", $line);
+ $line = str_replace("\t", " ", $line);
+ echo htmlspecialchars($line,ENT_NOQUOTES);
+ }
+ }
+ fclose($fd);
+ } else {
+ exec ($command . " 2>&1", $execOutput, $execStatus);
+ for ($i = 0; isset($execOutput[$i]); $i++) {
+ if ($i > 0) {
+ echo "\n";
+ }
+ echo htmlspecialchars($execOutput[$i],ENT_NOQUOTES);
}
- echo htmlspecialchars($execOutput[$i],ENT_NOQUOTES);
}
}
echo "</pre></tr>\n";
function defCmdT($title, $command) {
global $commands;
$title = htmlspecialchars($title,ENT_NOQUOTES);
- $commands[] = array($title, $command);
+ $commands[] = array($title, $command, false);
}
/* Define a command, with a title which is the same as the command,
defCmdT($command,$command);
}
+/* Define a string, with a title, to be shown later. */
+function defStrT($title, $str) {
+ global $commands;
+ $title = htmlspecialchars($title,ENT_NOQUOTES);
+ $commands[] = array($title, $str, true);
+}
+
/* List all of the commands as an index. */
function listCmds() {
global $commands;
function execCmds() {
global $commands;
for ($i = 0; isset($commands[$i]); $i++ ) {
- doCmdT($commands[$i][0], $commands[$i][1]);
+ doCmdT($commands[$i][0], $commands[$i][1], $commands[$i][2]);
}
}
defCmdT("ipfstat -v", "/sbin/ipfstat -v");
defCmdT("ipfstat -nio", "/sbin/ipfstat -nio");
+defStrT("unparsed ipnat rules", filter_nat_rules_generate());
+defStrT("unparsed ipfilter rules", filter_rules_generate());
+defStrT("unparsed ipfw rules", shaper_rules_generate());
+
defCmdT("resolv.conf","cat /etc/resolv.conf");
defCmdT("Processes","ps xauww");
require("guiconfig.inc");
+$wancfg = &$config['interfaces']['wan'];
+
+if ($_POST) {
+ if ($_POST['submit'] == "Disconnect" || $_POST['submit'] == "Release") {
+ if ($wancfg['ipaddr'] == "dhcp")
+ interfaces_wan_dhcp_down();
+ else if ($wancfg['ipaddr'] == "pppoe")
+ interfaces_wan_pppoe_down();
+ else if ($wancfg['ipaddr'] == "pptp")
+ interfaces_wan_pptp_down();
+ } else if ($_POST['submit'] == "Connect" || $_POST['submit'] == "Renew") {
+ if ($wancfg['ipaddr'] == "dhcp")
+ interfaces_wan_dhcp_up();
+ else if ($wancfg['ipaddr'] == "pppoe")
+ interfaces_wan_pppoe_up();
+ else if ($wancfg['ipaddr'] == "pptp")
+ interfaces_wan_pptp_up();
+ } else {
+ header("Location: index.php");
+ exit;
+ }
+}
+
function get_interface_info($ifdescr) {
global $config, $g;
$ifinfo = array();
/* find out interface name */
+ $ifinfo['hwif'] = $config['interfaces'][$ifdescr]['if'];
if ($ifdescr == "wan")
$ifinfo['if'] = get_real_wan_interface();
else
- $ifinfo['if'] = $config['interfaces'][$ifdescr]['if'];
+ $ifinfo['if'] = $ifinfo['hwif'];
/* run netstat to determine link info */
unset($linkinfo);
- exec("/usr/bin/netstat -I " . $ifinfo['if'] . " -nWb -f link", $linkinfo);
+ exec("/usr/bin/netstat -I " . $ifinfo['hwif'] . " -nWb -f link", $linkinfo);
$linkinfo = preg_split("/\s+/", $linkinfo[1]);
if (preg_match("/\*$/", $linkinfo[0])) {
$ifinfo['status'] = "down";
$ifinfo['status'] = "up";
}
- if (($ifinfo['if'] != $g['pppoe_interface']) && (!strstr($ifinfo['if'],'tun'))) {
+ if (!strstr($ifinfo['if'],'tun')) {
$ifinfo['macaddr'] = $linkinfo[3];
$ifinfo['inpkts'] = $linkinfo[4];
$ifinfo['inerrs'] = $linkinfo[5];
$ifinfo['outbytes'] = $linkinfo[8];
}
- if ($ifinfo['status'] == "up") {
- /* run netstat to determine inet info */
- unset($inetinfo);
- exec("/usr/bin/netstat -I " . $ifinfo['if'] . " -nWb -f inet", $inetinfo);
- $inetinfo = preg_split("/\s+/", $inetinfo[1]);
-
- $ifinfo['ipaddr'] = $inetinfo[3];
-
- if ($ifdescr == "wan") {
- /* run netstat to determine the default gateway */
- unset($netstatrninfo);
- exec("/usr/bin/netstat -rnf inet", $netstatrninfo);
-
- foreach ($netstatrninfo as $nsr) {
- if (preg_match("/^default\s*(\S+)/", $nsr, $matches)) {
- $ifinfo['gateway'] = $matches[1];
- }
+ /* DHCP? -> see if dhclient is up */
+ if (($ifdescr == "wan") && ($config['interfaces']['wan']['ipaddr'] == "dhcp")) {
+ /* see if dhclient is up */
+ if ($ifinfo['status'] == "up" && file_exists("{$g['varrun_path']}/dhclient.pid"))
+ $ifinfo['dhcplink'] = "up";
+ else
+ $ifinfo['dhcplink'] = "down";
+ }
+
+ /* PPPoE interface? -> get status from virtual interface */
+ if (($ifdescr == "wan") && ($config['interfaces']['wan']['ipaddr'] == "pppoe")) {
+ unset($linkinfo);
+ exec("/usr/bin/netstat -I " . $ifinfo['if'] . " -nWb -f link", $linkinfo);
+ $linkinfo = preg_split("/\s+/", $linkinfo[1]);
+ if (preg_match("/\*$/", $linkinfo[0])) {
+ $ifinfo['pppoelink'] = "down";
+ } else {
+ /* get PPPoE link status for dial on demand */
+ unset($ifconfiginfo);
+ exec("/sbin/ifconfig " . $ifinfo['if'], $ifconfiginfo);
+
+ $ifinfo['pppoelink'] = "up";
+
+ foreach ($ifconfiginfo as $ici) {
+ if (strpos($ici, 'LINK0') !== false)
+ $ifinfo['pppoelink'] = "down";
}
}
-
- /* try to determine netmask and media with ifconfig */
+ }
+
+ /* PPTP interface? -> get status from virtual interface */
+ if (($ifdescr == "wan") && ($config['interfaces']['wan']['ipaddr'] == "pptp")) {
+ unset($linkinfo);
+ exec("/usr/bin/netstat -I " . $ifinfo['if'] . " -nWb -f link", $linkinfo);
+ $linkinfo = preg_split("/\s+/", $linkinfo[1]);
+ if (preg_match("/\*$/", $linkinfo[0])) {
+ $ifinfo['pptplink'] = "down";
+ } else {
+ /* get PPTP link status for dial on demand */
+ unset($ifconfiginfo);
+ exec("/sbin/ifconfig " . $ifinfo['if'], $ifconfiginfo);
+
+ $ifinfo['pptplink'] = "up";
+
+ foreach ($ifconfiginfo as $ici) {
+ if (strpos($ici, 'LINK0') !== false)
+ $ifinfo['pptplink'] = "down";
+ }
+ }
+ }
+
+ if ($ifinfo['status'] == "up") {
+ /* try to determine media with ifconfig */
unset($ifconfiginfo);
- exec("/sbin/ifconfig " . $ifinfo['if'], $ifconfiginfo);
+ exec("/sbin/ifconfig " . $ifinfo['hwif'], $ifconfiginfo);
foreach ($ifconfiginfo as $ici) {
- if (preg_match("/netmask (\S+)/", $ici, $matches) && !$ifinfo['subnet']) {
- if (preg_match("/^0x/", $matches[1])) {
- $ifinfo['subnet'] = long2ip(hexdec($matches[1]));
- }
- }
if (!isset($config['interfaces'][$ifdescr]['wireless'])) {
/* don't list media/speed for wireless cards, as it always
displays 2 Mbps even though clients can connect at 11 Mbps */
}
}
- /* PPPoE only: get media from underlying ethernet interface */
- if (($ifdescr == "wan") && ($config['interfaces']['wan']['ipaddr'] == "pppoe")) {
+ if ($ifinfo['pppoelink'] != "down" && $ifinfo['pptplink'] != "down") {
+ /* try to determine IP address and netmask with ifconfig */
unset($ifconfiginfo);
- exec("/sbin/ifconfig " . $config['interfaces']['wan']['if'], $ifconfiginfo);
+ exec("/sbin/ifconfig " . $ifinfo['if'], $ifconfiginfo);
foreach ($ifconfiginfo as $ici) {
- if (preg_match("/media: .*? \((.*?)\)/", $ici, $matches)) {
- $ifinfo['media'] = $matches[1];
- } else if (preg_match("/ether (.*)/", $ici, $matches)) {
- $ifinfo['macaddr'] = $matches[1];
+ if (preg_match("/inet (\S+)/", $ici, $matches)) {
+ $ifinfo['ipaddr'] = $matches[1];
+ }
+ if (preg_match("/netmask (\S+)/", $ici, $matches)) {
+ if (preg_match("/^0x/", $matches[1]))
+ $ifinfo['subnet'] = long2ip(hexdec($matches[1]));
}
}
-
- /* get pppoe link status for dial on demand */
- unset($ifconfiginfo);
- exec("/sbin/ifconfig " . $ifinfo['if'], $ifconfiginfo);
-
- $ifinfo['pppoelink'] = "up";
-
- foreach ($ifconfiginfo as $ici) {
- if (strpos($ici, 'LINK0') !== false)
- $ifinfo['pppoelink'] = "down";
- }
- }
-
- /* get ppptp link status for dial on demand */
- if (($ifdescr == "wan") && ($config['interfaces']['wan']['ipaddr'] == "pptp")) {
- unset($ifconfiginfo);
- exec("/sbin/ifconfig " . $ifinfo['if'], $ifconfiginfo);
-
- $ifinfo['pptplink'] = "up";
-
- foreach ($ifconfiginfo as $ici) {
- if (strpos($ici, 'LINK0') !== false)
- $ifinfo['pptplink'] = "down";
+ if ($ifdescr == "wan") {
+ /* run netstat to determine the default gateway */
+ unset($netstatrninfo);
+ exec("/usr/bin/netstat -rnf inet", $netstatrninfo);
+
+ foreach ($netstatrninfo as $nsr) {
+ if (preg_match("/^default\s*(\S+)/", $nsr, $matches)) {
+ $ifinfo['gateway'] = $matches[1];
+ }
+ }
}
}
}
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>
- <p class="pgtitle">Status: Interfaces</p>
+<p class="pgtitle">Status: Interfaces</p>
+<form action="" method="post">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<?php $i = 0; $ifdescrs = array('wan' => 'WAN', 'lan' => 'LAN');
<td width="78%" class="listr">
<?=htmlspecialchars($ifinfo['status']);?>
</td>
- </tr><?php if ($ifinfo['pppoelink']): ?>
+ </tr><?php if ($ifinfo['dhcplink']): ?>
+ <tr>
+ <td width="22%" class="listhdrr">DHCP</td>
+ <td width="78%" class="listr">
+ <?=htmlspecialchars($ifinfo['dhcplink']);?>
+ <?php if ($ifinfo['dhcplink'] == "up"): ?>
+ <input type="submit" name="submit" value="Release" class="formbtns">
+ <?php else: ?>
+ <input type="submit" name="submit" value="Renew" class="formbtns">
+ <?php endif; ?>
+ </td>
+ </tr><?php endif; if ($ifinfo['pppoelink']): ?>
<tr>
<td width="22%" class="listhdrr">PPPoE</td>
<td width="78%" class="listr">
- <?=htmlspecialchars($ifinfo['pppoelink']);?>
+ <?=htmlspecialchars($ifinfo['pppoelink']);?>
+ <?php if ($ifinfo['pppoelink'] == "up"): ?>
+ <input type="submit" name="submit" value="Disconnect" class="formbtns">
+ <?php else: ?>
+ <input type="submit" name="submit" value="Connect" class="formbtns">
+ <?php endif; ?>
</td>
</tr><?php endif; if ($ifinfo['pptplink']): ?>
<tr>
<td width="22%" class="listhdrr">PPTP</td>
<td width="78%" class="listr">
- <?=htmlspecialchars($ifinfo['pptplink']);?>
+ <?=htmlspecialchars($ifinfo['pptplink']);?>
+ <?php if ($ifinfo['pptplink'] == "up"): ?>
+ <input type="submit" name="submit" value="Disconnect" class="formbtns">
+ <?php else: ?>
+ <input type="submit" name="submit" value="Connect" class="formbtns">
+ <?php endif; ?>
</td>
</tr><?php endif; if ($ifinfo['macaddr']): ?>
<tr>
<?=htmlspecialchars($ifinfo['macaddr']);?>
</td>
</tr><?php endif; if ($ifinfo['status'] != "down"): ?>
+ <?php if ($ifinfo['dhcplink'] != "down" && $ifinfo['pppoelink'] != "down" && $ifinfo['pptplink'] != "down"): ?>
<?php if ($ifinfo['ipaddr']): ?>
<tr>
<td width="22%" class="listhdrr">IP address</td>
<td width="78%" class="listr">
<?=htmlspecialchars($ifinfo['gateway']);?>
</td>
- </tr><?php endif; ?><?php if ($ifinfo['media']): ?>
+ </tr><?php endif; if ($ifdescr == "wan" && file_exists("{$g['varetc_path']}/nameservers.conf")): ?>
+ <td width="22%" class="listhdrr">ISP DNS servers</td>
+ <td width="78%" class="listr"><?php echo nl2br(file_get_contents("{$g['varetc_path']}/nameservers.conf")); ?></td>
+ <?php endif; endif; if ($ifinfo['media']): ?>
<tr>
<td width="22%" class="listhdrr">Media</td>
<td width="78%" class="listr">
<?php endif; ?>
<?php $i++; endforeach; ?>
</table>
+</form>
+<p><strong class="red">Note:<br>
+</strong>Using dial-on-demand will bring the connection up again if any packet
+triggers it. To substantiate this point: disconnecting manually
+will <strong>not</strong> prevent dial-on-demand from making connections
+to the outside! Don't use dial-on-demand if you want to make sure that the line is kept disconnected.
<?php include("fend.inc"); ?>
</body>
</html>
if ($_POST['dns2'])
$config['system']['dnsserver'][] = $_POST['dns2'];
+ $olddnsallowoverride = $config['system']['dnsallowoverride'];
$config['system']['dnsallowoverride'] = $_POST['dnsallowoverride'] ? true : false;
if ($_POST['password']) {
$retval |= services_dnsmasq_configure();
$retval |= system_timezone_configure();
$retval |= system_ntp_configure();
+
+ if ($olddnsallowoverride != $config['system']['dnsallowoverride'])
+ $retval |= interfaces_wan_configure();
+
config_unlock();
}
projects / m0n0chwall.git / commitdiff
