-<?\r
-/*\r
- auth.inc\r
- part of m0n0wall (http://m0n0.ch/wall)\r
-\r
- Copyright (C) 2006 Paul Taylor <paultaylor@winn-dixie.com>.\r
- All rights reserved. \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-// Once here, the user has authenticated with the web server. \r
-// Now, we give them access only to the appropriate pages for their group.\r
-if (!($_SERVER['REMOTE_USER'] === $config['system']['username'])) {\r
- $allowed[] = '';\r
- if (isset($config['system']['groups'][$config['system']['users'][$_SERVER['REMOTE_USER']]['group']]['pages'])) {\r
- $allowed = &$config['system']['groups'][$config['system']['users'][$_SERVER['REMOTE_USER']]['group']]['pages'];\r
- } \r
-\r
- // If the user is attempting to hit the default page, set it to specifically look for /index.php.\r
- // Without this, any user would have access to the index page.\r
- if ($_SERVER['PHP_SELF'] == '/') \r
- $_SERVER['PHP_SELF'] = '/index.php';\r
- \r
- // Strip the leading / from the currently requested PHP page\r
- if (!in_array(basename($_SERVER['PHP_SELF']),$allowed)) {\r
- // The currently logged in user is not allowed to access the page\r
- // they are attempting to go to. Redirect them to an allowed page.\r
-\r
- if (in_array("index.php",$allowed)) {\r
- header("Location: /index.php"); \r
- exit;\r
- }\r
- else {\r
- header("HTTP/1.0 401 Unauthorized");\r
- header("Status: 401 Unauthorized");\r
-\r
- echo "<html><head><title>401 Unauthorized</title></head><body><h3>401 Unauthorized</h3>Authorization required.</body></html>";\r
- exit;\r
- }\r
- }\r
-}\r
-\r
-\r
-\r
+<?
+/*
+ auth.inc
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2006 Paul Taylor <paultaylor@winn-dixie.com>.
+ All rights reserved.
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+// Once here, the user has authenticated with the web server.
+// Now, we give them access only to the appropriate pages for their group.
+if (!($_SERVER['REMOTE_USER'] === $config['system']['username'])) {
+ $allowed[] = '';
+ if (isset($config['system']['groups'][$config['system']['users'][$_SERVER['REMOTE_USER']]['group']]['pages'])) {
+ $allowed = &$config['system']['groups'][$config['system']['users'][$_SERVER['REMOTE_USER']]['group']]['pages'];
+ }
+
+ // If the user is attempting to hit the default page, set it to specifically look for /index.php.
+ // Without this, any user would have access to the index page.
+ if ($_SERVER['PHP_SELF'] == '/')
+ $_SERVER['PHP_SELF'] = '/index.php';
+
+ // Strip the leading / from the currently requested PHP page
+ if (!in_array(basename($_SERVER['PHP_SELF']),$allowed)) {
+ // The currently logged in user is not allowed to access the page
+ // they are attempting to go to. Redirect them to an allowed page.
+
+ if (in_array("index.php",$allowed)) {
+ header("Location: /index.php");
+ exit;
+ }
+ else {
+ header("HTTP/1.0 401 Unauthorized");
+ header("Status: 401 Unauthorized");
+
+ echo "<html><head><title>401 Unauthorized</title></head><body><h3>401 Unauthorized</h3>Authorization required.</body></html>";
+ exit;
+ }
+ }
+}
+
+
+
?>
\ No newline at end of file
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "IPsec");\r
-\r
-require("guiconfig.inc");\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('SAD' => 'diag_ipsec_sad.php',\r
- 'SPD' => 'diag_ipsec_spd.php');\r
- dynamic_tab_menu($tabs);\r
-?>\r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
-<?php\r
-\r
-/* delete any SA? */\r
-if ($_GET['act'] == "del") {\r
- $fd = @popen("/usr/sbin/setkey -c > /dev/null 2>&1", "w");\r
- if ($fd) {\r
- fwrite($fd, "delete {$_GET['src']} {$_GET['dst']} {$_GET['proto']} {$_GET['spi']} ;\n");\r
- pclose($fd);\r
- sleep(1);\r
- }\r
-}\r
-\r
-/* query SAD */\r
-$fd = @popen("/usr/sbin/setkey -D", "r");\r
-$sad = array();\r
-if ($fd) {\r
- while (!feof($fd)) {\r
- $line = chop(fgets($fd));\r
- if (!$line)\r
- continue;\r
- if ($line == "No SAD entries.")\r
- break;\r
- if ($line[0] != "\t") {\r
- if (is_array($cursa))\r
- $sad[] = $cursa;\r
- $cursa = array();\r
- list($cursa['src'],$cursa['dst']) = explode(" ", $line);\r
- $i = 0;\r
- } else {\r
- $linea = explode(" ", trim($line));\r
- if ($i == 1) {\r
- $cursa['proto'] = $linea[0];\r
- $cursa['spi'] = substr($linea[2], strpos($linea[2], "x")+1, -1);\r
- } else if ($i == 2) {\r
- $cursa['ealgo'] = $linea[1];\r
- } else if ($i == 3) {\r
- $cursa['aalgo'] = $linea[1];\r
- }\r
- }\r
- $i++;\r
- }\r
- if (is_array($cursa) && count($cursa))\r
- $sad[] = $cursa;\r
- pclose($fd);\r
-}\r
-if (count($sad)):\r
-?>\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td nowrap class="listhdrr">Source</td>\r
- <td nowrap class="listhdrr">Destination</a></td>\r
- <td nowrap class="listhdrr">Protocol</td>\r
- <td nowrap class="listhdrr">SPI</td>\r
- <td nowrap class="listhdrr">Enc. alg.</td>\r
- <td nowrap class="listhdr">Auth. alg.</td>\r
- <td nowrap class="list"></td>\r
- </tr>\r
-<?php\r
-foreach ($sad as $sa): ?>\r
- <tr>\r
- <td class="listlr"><?=htmlspecialchars($sa['src']);?></td>\r
- <td class="listr"><?=htmlspecialchars($sa['dst']);?></td>\r
- <td class="listr"><?=htmlspecialchars(strtoupper($sa['proto']));?></td>\r
- <td class="listr"><?=htmlspecialchars($sa['spi']);?></td>\r
- <td class="listr"><?=htmlspecialchars($sa['ealgo']);?></td>\r
- <td class="listr"><?=htmlspecialchars($sa['aalgo']);?></td>\r
- <td class="list" nowrap>\r
- <?php\r
- $args = "src=" . rawurlencode($sa['src']);\r
- $args .= "&dst=" . rawurlencode($sa['dst']);\r
- $args .= "&proto=" . rawurlencode($sa['proto']);\r
- $args .= "&spi=" . rawurlencode("0x" . $sa['spi']);\r
- ?>\r
- <a href="diag_ipsec_sad.php?act=del&<?=$args;?>" onclick="return confirm('Do you really want to delete this security association?')"><img src="x.gif" title="delete SA" width="17" height="17" border="0"></a>\r
- </td>\r
- \r
- </tr>\r
-<?php endforeach; ?>\r
-</table>\r
-<?php else: ?>\r
-<p><strong>No IPsec security associations.</strong></p>\r
-<?php endif; ?>\r
-</td></tr></table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "IPsec");
+
+require("guiconfig.inc");
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('SAD' => 'diag_ipsec_sad.php',
+ 'SPD' => 'diag_ipsec_spd.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+<?php
+
+/* delete any SA? */
+if ($_GET['act'] == "del") {
+ $fd = @popen("/usr/sbin/setkey -c > /dev/null 2>&1", "w");
+ if ($fd) {
+ fwrite($fd, "delete {$_GET['src']} {$_GET['dst']} {$_GET['proto']} {$_GET['spi']} ;\n");
+ pclose($fd);
+ sleep(1);
+ }
+}
+
+/* query SAD */
+$fd = @popen("/usr/sbin/setkey -D", "r");
+$sad = array();
+if ($fd) {
+ while (!feof($fd)) {
+ $line = chop(fgets($fd));
+ if (!$line)
+ continue;
+ if ($line == "No SAD entries.")
+ break;
+ if ($line[0] != "\t") {
+ if (is_array($cursa))
+ $sad[] = $cursa;
+ $cursa = array();
+ list($cursa['src'],$cursa['dst']) = explode(" ", $line);
+ $i = 0;
+ } else {
+ $linea = explode(" ", trim($line));
+ if ($i == 1) {
+ $cursa['proto'] = $linea[0];
+ $cursa['spi'] = substr($linea[2], strpos($linea[2], "x")+1, -1);
+ } else if ($i == 2) {
+ $cursa['ealgo'] = $linea[1];
+ } else if ($i == 3) {
+ $cursa['aalgo'] = $linea[1];
+ }
+ }
+ $i++;
+ }
+ if (is_array($cursa) && count($cursa))
+ $sad[] = $cursa;
+ pclose($fd);
+}
+if (count($sad)):
+?>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td nowrap class="listhdrr">Source</td>
+ <td nowrap class="listhdrr">Destination</a></td>
+ <td nowrap class="listhdrr">Protocol</td>
+ <td nowrap class="listhdrr">SPI</td>
+ <td nowrap class="listhdrr">Enc. alg.</td>
+ <td nowrap class="listhdr">Auth. alg.</td>
+ <td nowrap class="list"></td>
+ </tr>
+<?php
+foreach ($sad as $sa): ?>
+ <tr>
+ <td class="listlr"><?=htmlspecialchars($sa['src']);?></td>
+ <td class="listr"><?=htmlspecialchars($sa['dst']);?></td>
+ <td class="listr"><?=htmlspecialchars(strtoupper($sa['proto']));?></td>
+ <td class="listr"><?=htmlspecialchars($sa['spi']);?></td>
+ <td class="listr"><?=htmlspecialchars($sa['ealgo']);?></td>
+ <td class="listr"><?=htmlspecialchars($sa['aalgo']);?></td>
+ <td class="list" nowrap>
+ <?php
+ $args = "src=" . rawurlencode($sa['src']);
+ $args .= "&dst=" . rawurlencode($sa['dst']);
+ $args .= "&proto=" . rawurlencode($sa['proto']);
+ $args .= "&spi=" . rawurlencode("0x" . $sa['spi']);
+ ?>
+ <a href="diag_ipsec_sad.php?act=del&<?=$args;?>" onclick="return confirm('Do you really want to delete this security association?')"><img src="x.gif" title="delete SA" width="17" height="17" border="0"></a>
+ </td>
+
+ </tr>
+<?php endforeach; ?>
+</table>
+<?php else: ?>
+<p><strong>No IPsec security associations.</strong></p>
+<?php endif; ?>
+</td></tr></table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "IPsec");\r
-\r
-require("guiconfig.inc");\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('SAD' => 'diag_ipsec_sad.php',\r
- 'SPD' => 'diag_ipsec_spd.php');\r
- dynamic_tab_menu($tabs);\r
-?>\r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
-<?php\r
-\r
-/* delete any SP? */\r
-if ($_GET['act'] == "del") {\r
- $fd = @popen("/usr/sbin/setkey -c > /dev/null 2>&1", "w");\r
- if ($fd) {\r
- fwrite($fd, "spddelete {$_GET['src']} {$_GET['dst']} any -P {$_GET['dir']} ;\n");\r
- pclose($fd);\r
- sleep(1);\r
- }\r
-}\r
-\r
-/* query SAD */\r
-$fd = @popen("/usr/sbin/setkey -DP", "r");\r
-$spd = array();\r
-if ($fd) {\r
- while (!feof($fd)) {\r
- $line = chop(fgets($fd));\r
- if (!$line)\r
- continue;\r
- if ($line == "No SPD entries.")\r
- break;\r
- if ($line[0] != "\t") {\r
- if (is_array($cursp))\r
- $spd[] = $cursp;\r
- $cursp = array();\r
- $linea = explode(" ", $line);\r
- $cursp['src'] = substr($linea[0], 0, strpos($linea[0], "["));\r
- $cursp['dst'] = substr($linea[1], 0, strpos($linea[1], "["));\r
- $i = 0;\r
- } else if (is_array($cursp)) {\r
- $linea = explode(" ", trim($line));\r
- if ($i == 1) {\r
- if ($linea[1] == "none") /* don't show default anti-lockout rule */\r
- unset($cursp);\r
- else\r
- $cursp['dir'] = $linea[0];\r
- } else if ($i == 2) {\r
- $upperspec = explode("/", $linea[0]);\r
- $cursp['proto'] = $upperspec[0];\r
- list($cursp['ep_src'], $cursp['ep_dst']) = explode("-", $upperspec[2]);\r
- }\r
- }\r
- $i++;\r
- }\r
- if (is_array($cursp) && count($cursp))\r
- $spd[] = $cursp;\r
- pclose($fd);\r
-}\r
-if (count($spd)):\r
-?>\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td nowrap class="listhdrr">Source</td>\r
- <td nowrap class="listhdrr">Destination</a></td>\r
- <td nowrap class="listhdrr">Direction</td>\r
- <td nowrap class="listhdrr">Protocol</td>\r
- <td nowrap class="listhdrr">Tunnel endpoints</td>\r
- <td nowrap class="list"></td>\r
- </tr>\r
-<?php\r
-foreach ($spd as $sp): ?>\r
- <tr>\r
- <td class="listlr" valign="top"><?=htmlspecialchars($sp['src']);?></td>\r
- <td class="listr" valign="top"><?=htmlspecialchars($sp['dst']);?></td>\r
- <td class="listr" valign="top"><img src="<?=$sp['dir'];?>.gif" width="11" height="11" style="margin-top: 2px"></td>\r
- <td class="listr" valign="top"><?=htmlspecialchars(strtoupper($sp['proto']));?></td>\r
- <td class="listr" valign="top"><?=htmlspecialchars($sp['ep_src']);?> - <br>\r
- <?=htmlspecialchars($sp['ep_dst']);?></td>\r
- <td class="list" nowrap>\r
- <?php\r
- $args = "src=" . rawurlencode($sp['src']);\r
- $args .= "&dst=" . rawurlencode($sp['dst']);\r
- $args .= "&dir=" . rawurlencode($sp['dir']);\r
- ?>\r
- <a href="diag_ipsec_spd.php?act=del&<?=$args;?>" onclick="return confirm('Do you really want to delete this security policy?')"><img src="x.gif" title="delete SP" width="17" height="17" border="0"></a>\r
- </td>\r
- \r
- </tr>\r
-<?php endforeach; ?>\r
-</table>\r
-<br>\r
-<table border="0" cellspacing="0" cellpadding="0">\r
- <tr> \r
- <td width="16"><img src="in.gif" width="11" height="11"></td>\r
- <td>incoming (as seen by firewall)</td>\r
- </tr>\r
- <tr> \r
- <td colspan="5" height="4"></td>\r
- </tr>\r
- <tr> \r
- <td><img src="out.gif" width="11" height="11"></td>\r
- <td>outgoing (as seen by firewall)</td>\r
- </tr>\r
-</table>\r
-<?php else: ?>\r
-<p><strong>No IPsec security policies.</strong></p>\r
-<?php endif; ?>\r
-</td></tr></table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "IPsec");
+
+require("guiconfig.inc");
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('SAD' => 'diag_ipsec_sad.php',
+ 'SPD' => 'diag_ipsec_spd.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+<?php
+
+/* delete any SP? */
+if ($_GET['act'] == "del") {
+ $fd = @popen("/usr/sbin/setkey -c > /dev/null 2>&1", "w");
+ if ($fd) {
+ fwrite($fd, "spddelete {$_GET['src']} {$_GET['dst']} any -P {$_GET['dir']} ;\n");
+ pclose($fd);
+ sleep(1);
+ }
+}
+
+/* query SAD */
+$fd = @popen("/usr/sbin/setkey -DP", "r");
+$spd = array();
+if ($fd) {
+ while (!feof($fd)) {
+ $line = chop(fgets($fd));
+ if (!$line)
+ continue;
+ if ($line == "No SPD entries.")
+ break;
+ if ($line[0] != "\t") {
+ if (is_array($cursp))
+ $spd[] = $cursp;
+ $cursp = array();
+ $linea = explode(" ", $line);
+ $cursp['src'] = substr($linea[0], 0, strpos($linea[0], "["));
+ $cursp['dst'] = substr($linea[1], 0, strpos($linea[1], "["));
+ $i = 0;
+ } else if (is_array($cursp)) {
+ $linea = explode(" ", trim($line));
+ if ($i == 1) {
+ if ($linea[1] == "none") /* don't show default anti-lockout rule */
+ unset($cursp);
+ else
+ $cursp['dir'] = $linea[0];
+ } else if ($i == 2) {
+ $upperspec = explode("/", $linea[0]);
+ $cursp['proto'] = $upperspec[0];
+ list($cursp['ep_src'], $cursp['ep_dst']) = explode("-", $upperspec[2]);
+ }
+ }
+ $i++;
+ }
+ if (is_array($cursp) && count($cursp))
+ $spd[] = $cursp;
+ pclose($fd);
+}
+if (count($spd)):
+?>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td nowrap class="listhdrr">Source</td>
+ <td nowrap class="listhdrr">Destination</a></td>
+ <td nowrap class="listhdrr">Direction</td>
+ <td nowrap class="listhdrr">Protocol</td>
+ <td nowrap class="listhdrr">Tunnel endpoints</td>
+ <td nowrap class="list"></td>
+ </tr>
+<?php
+foreach ($spd as $sp): ?>
+ <tr>
+ <td class="listlr" valign="top"><?=htmlspecialchars($sp['src']);?></td>
+ <td class="listr" valign="top"><?=htmlspecialchars($sp['dst']);?></td>
+ <td class="listr" valign="top"><img src="<?=$sp['dir'];?>.gif" width="11" height="11" style="margin-top: 2px"></td>
+ <td class="listr" valign="top"><?=htmlspecialchars(strtoupper($sp['proto']));?></td>
+ <td class="listr" valign="top"><?=htmlspecialchars($sp['ep_src']);?> - <br>
+ <?=htmlspecialchars($sp['ep_dst']);?></td>
+ <td class="list" nowrap>
+ <?php
+ $args = "src=" . rawurlencode($sp['src']);
+ $args .= "&dst=" . rawurlencode($sp['dst']);
+ $args .= "&dir=" . rawurlencode($sp['dir']);
+ ?>
+ <a href="diag_ipsec_spd.php?act=del&<?=$args;?>" onclick="return confirm('Do you really want to delete this security policy?')"><img src="x.gif" title="delete SP" width="17" height="17" border="0"></a>
+ </td>
+
+ </tr>
+<?php endforeach; ?>
+</table>
+<br>
+<table border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td width="16"><img src="in.gif" width="11" height="11"></td>
+ <td>incoming (as seen by firewall)</td>
+ </tr>
+ <tr>
+ <td colspan="5" height="4"></td>
+ </tr>
+ <tr>
+ <td><img src="out.gif" width="11" height="11"></td>
+ <td>outgoing (as seen by firewall)</td>
+ </tr>
+</table>
+<?php else: ?>
+<p><strong>No IPsec security policies.</strong></p>
+<?php endif; ?>
+</td></tr></table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "Logs");\r
-require("guiconfig.inc");\r
-\r
-$nentries = $config['syslog']['nentries'];\r
-if (!$nentries)\r
- $nentries = 50;\r
-\r
-if ($_POST['clear']) {\r
- exec("/usr/sbin/clog -i -s 262144 /var/log/system.log");\r
- /* redirect to avoid reposting form data on refresh */\r
- header("Location: diag_logs.php");\r
- exit;\r
-}\r
-\r
-function dump_clog($logfile, $tail, $withorig = true) {\r
- global $g, $config;\r
-\r
- $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
-\r
- exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
- \r
- foreach ($logarr as $logent) {\r
- $logent = preg_split("/\s+/", $logent, 6);\r
- echo "<tr valign=\"top\">\n";\r
- \r
- if ($withorig) {\r
- echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
- echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";\r
- } else {\r
- echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";\r
- }\r
- echo "</tr>\n";\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('System' => 'diag_logs.php',\r
- 'Firewall' => 'diag_logs_filter.php',\r
- 'DHCP' => 'diag_logs_dhcp.php',\r
- 'Captive portal' => 'diag_logs_portal.php',\r
- 'PPTP VPN' => 'diag_logs_vpn.php',\r
- 'Settings' => 'diag_logs_settings.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellspacing="0" cellpadding="0">\r
- <tr> \r
- <td colspan="2" class="listtopic"> \r
- Last <?=$nentries;?> system log entries</td>\r
- </tr>\r
- <?php dump_clog("/var/log/system.log", $nentries); ?>\r
- </table>\r
- <br><form action="diag_logs.php" method="post">\r
-<input name="clear" type="submit" class="formbtn" value="Clear log">\r
-</form>\r
- </td>\r
- </tr>\r
-</table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "Logs");
+require("guiconfig.inc");
+
+$nentries = $config['syslog']['nentries'];
+if (!$nentries)
+ $nentries = 50;
+
+if ($_POST['clear']) {
+ exec("/usr/sbin/clog -i -s 262144 /var/log/system.log");
+ /* redirect to avoid reposting form data on refresh */
+ header("Location: diag_logs.php");
+ exit;
+}
+
+function dump_clog($logfile, $tail, $withorig = true) {
+ global $g, $config;
+
+ $sor = isset($config['syslog']['reverse']) ? "-r" : "";
+
+ exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
+
+ foreach ($logarr as $logent) {
+ $logent = preg_split("/\s+/", $logent, 6);
+ echo "<tr valign=\"top\">\n";
+
+ if ($withorig) {
+ echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
+ echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
+ } else {
+ echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
+ }
+ echo "</tr>\n";
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('System' => 'diag_logs.php',
+ 'Firewall' => 'diag_logs_filter.php',
+ 'DHCP' => 'diag_logs_dhcp.php',
+ 'Captive portal' => 'diag_logs_portal.php',
+ 'PPTP VPN' => 'diag_logs_vpn.php',
+ 'Settings' => 'diag_logs_settings.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td colspan="2" class="listtopic">
+ Last <?=$nentries;?> system log entries</td>
+ </tr>
+ <?php dump_clog("/var/log/system.log", $nentries); ?>
+ </table>
+ <br><form action="diag_logs.php" method="post">
+<input name="clear" type="submit" class="formbtn" value="Clear log">
+</form>
+ </td>
+ </tr>
+</table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "Logs");\r
-require("guiconfig.inc");\r
-\r
-$nentries = $config['syslog']['nentries'];\r
-if (!$nentries)\r
- $nentries = 50;\r
-\r
-if ($_POST['clear']) {\r
- exec("/usr/sbin/clog -i -s 32768 /var/log/dhcpd.log");\r
- /* redirect to avoid reposting form data on refresh */\r
- header("Location: diag_logs_dhcp.php");\r
- exit;\r
-}\r
-\r
-function dump_clog($logfile, $tail, $withorig = true) {\r
- global $g, $config;\r
-\r
- $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
-\r
- exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
- \r
- foreach ($logarr as $logent) {\r
- $logent = preg_split("/\s+/", $logent, 6);\r
- echo "<tr valign=\"top\">\n";\r
- \r
- if ($withorig) {\r
- echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
- echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";\r
- } else {\r
- echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";\r
- }\r
- echo "</tr>\n";\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('System' => 'diag_logs.php',\r
- 'Firewall' => 'diag_logs_filter.php',\r
- 'DHCP' => 'diag_logs_dhcp.php',\r
- 'Captive portal' => 'diag_logs_portal.php',\r
- 'PPTP VPN' => 'diag_logs_vpn.php',\r
- 'Settings' => 'diag_logs_settings.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellspacing="0" cellpadding="0">\r
- <tr> \r
- <td colspan="2" class="listtopic"> \r
- Last <?=$nentries;?> DHCP service log entries</td>\r
- </tr>\r
- <?php dump_clog("/var/log/dhcpd.log", $nentries); ?>\r
- </table>\r
- <br><form action="diag_logs_dhcp.php" method="post">\r
-<input name="clear" type="submit" class="formbtn" value="Clear log">\r
-</form>\r
- </td>\r
- </tr>\r
-</table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "Logs");
+require("guiconfig.inc");
+
+$nentries = $config['syslog']['nentries'];
+if (!$nentries)
+ $nentries = 50;
+
+if ($_POST['clear']) {
+ exec("/usr/sbin/clog -i -s 32768 /var/log/dhcpd.log");
+ /* redirect to avoid reposting form data on refresh */
+ header("Location: diag_logs_dhcp.php");
+ exit;
+}
+
+function dump_clog($logfile, $tail, $withorig = true) {
+ global $g, $config;
+
+ $sor = isset($config['syslog']['reverse']) ? "-r" : "";
+
+ exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
+
+ foreach ($logarr as $logent) {
+ $logent = preg_split("/\s+/", $logent, 6);
+ echo "<tr valign=\"top\">\n";
+
+ if ($withorig) {
+ echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
+ echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
+ } else {
+ echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
+ }
+ echo "</tr>\n";
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('System' => 'diag_logs.php',
+ 'Firewall' => 'diag_logs_filter.php',
+ 'DHCP' => 'diag_logs_dhcp.php',
+ 'Captive portal' => 'diag_logs_portal.php',
+ 'PPTP VPN' => 'diag_logs_vpn.php',
+ 'Settings' => 'diag_logs_settings.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td colspan="2" class="listtopic">
+ Last <?=$nentries;?> DHCP service log entries</td>
+ </tr>
+ <?php dump_clog("/var/log/dhcpd.log", $nentries); ?>
+ </table>
+ <br><form action="diag_logs_dhcp.php" method="post">
+<input name="clear" type="submit" class="formbtn" value="Clear log">
+</form>
+ </td>
+ </tr>
+</table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "Logs");\r
-require("guiconfig.inc");\r
-\r
-$protocols = explode(" ", "TCP UDP TCP/UDP ICMP ESP AH GRE IPv6 IGMP any");\r
-\r
-$nentries = $config['syslog']['nentries'];\r
-$resolve = isset($config['syslog']['resolve']);\r
-\r
-if (!$nentries)\r
- $nentries = 50;\r
-\r
-if ($_POST['clear']) {\r
- exec("/usr/sbin/clog -i -s 262144 /var/log/filter.log");\r
- /* redirect to avoid reposting form data on refresh */\r
- header("Location: diag_logs_filter.php");\r
- exit;\r
-}\r
-\r
-\r
-if (isset($_GET['act']) && preg_match("/^[pb]+$/", $_GET['act'])) {\r
- $action = $_GET['act'];\r
- $ifstring .= "&act=$action";\r
- $srcstring .= "&act=$action";\r
- $dststring .= "&act=$action";\r
- $prstring .= "&act=$action";\r
-}\r
-\r
-if (isset($_GET['if']) && ($_GET['if'] != "")) {\r
- $iface = $_GET['if'];\r
- $actstring .= "&if=$iface";\r
- $srcstring .= "&if=$iface";\r
- $dststring .= "&if=$iface";\r
- $prstring .= "&if=$iface";\r
-}\r
-\r
-if (isset($_GET['pr']) && in_array($_GET['pr'], $protocols)) {\r
- $proto = $_GET['pr'];\r
- $actstring .= "&pr=$proto";\r
- $ifstring .= "&pr=$proto";\r
- $srcstring .= "&pr=$proto";\r
- $dststring .= "&pr=$proto";\r
-}\r
-\r
-if (isset($_GET['sp']) && (is_numeric($_GET['sp']))) {\r
- $srcport = $_GET['sp'];\r
- $actstring .= "&sp=$srcport";\r
- $ifstring .= "&sp=$srcport";\r
- $dststring .= "&sp=$srcport";\r
- $prstring .= "&sp=$srcport";\r
-}\r
-\r
-if (isset($_GET['dp']) && (is_numeric($_GET['dp']))) {\r
- $dstport = $_GET['dp'];\r
- $actstring .= "&dp=$dstport";\r
- $ifstring .= "&dp=$dstport";\r
- $srcstring .= "&dp=$dstport";\r
- $prstring .= "&dp=$dstport";\r
-}\r
-\r
-\r
-function dump_clog($logfile, $tail, $withorig = true) {\r
- global $g, $config;\r
-\r
- $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
-\r
- exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
- \r
- foreach ($logarr as $logent) {\r
- $logent = preg_split("/\s+/", $logent, 6);\r
- echo "<tr valign=\"top\">\n";\r
- \r
- if ($withorig) {\r
- echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
- echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";\r
- } else {\r
- echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";\r
- }\r
- echo "</tr>\n";\r
- }\r
-}\r
-\r
-function conv_clog($logfile, $tail) {\r
- global $g, $config, $iface, $action, $proto, $srcport, $dstport;\r
- \r
- /* make interface/port table */\r
- $iftable = array();\r
- $iftable[$config['interfaces']['lan']['if']] = "LAN";\r
- $iftable[get_real_wan_interface()] = "WAN";\r
- for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)\r
- $iftable[$config['interfaces']['opt' . $i]['if']] = $config['interfaces']['opt' . $i]['descr'];\r
-\r
- $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
-\r
- exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
- \r
- $filterlog = array();\r
-\r
- foreach ($logarr as $logent) {\r
- $logent = preg_split("/\s+/", $logent, 6);\r
- $ipfa = explode(" ", $logent[5]);\r
- \r
- $flent = array();\r
- $i = 0;\r
- $flent['time'] = $ipfa[$i];\r
- $i++;\r
- if (substr($ipfa[$i], -1) == "x") {\r
- $flent['count'] = substr($ipfa[$i], 0, -1);\r
- $i++;\r
- }\r
- \r
- if ($iftable[$ipfa[$i]])\r
- $flent['interface'] = $iftable[$ipfa[$i]];\r
- else if (strpos($ipfa[$i], "ng") !== false)\r
- $flent['interface'] = "PPTP";\r
- else\r
- $flent['interface'] = $ipfa[$i];\r
- \r
- if (isset($iface)) {\r
- if ($iface != $flent['interface'])\r
- continue;\r
- }\r
- \r
- $i += 2;\r
- if (!isset($action) || strstr($action, $ipfa[$i]))\r
- $flent['act'] = $ipfa[$i];\r
- else\r
- continue; \r
- $i++;\r
- list($flent['src'], $flent['srcport']) = format_ipf_ip($ipfa[$i],$srcport);\r
- if (!isset($flent['src']))\r
- continue;\r
- $i += 2;\r
- list($flent['dst'], $flent['dstport']) = format_ipf_ip($ipfa[$i],$dstport);\r
- if (!isset($flent['dst']))\r
- continue;\r
- $i += 2;\r
- $protocol = strtoupper($ipfa[$i]);\r
- if (!isset($proto) || ($proto == $protocol))\r
- $flent['proto'] = $protocol;\r
- else\r
- continue;\r
- if ($protocol == "ICMP") {\r
- $i += 5;\r
- $flent['dst'] = $flent['dst'] . ", type " . $ipfa[$i];\r
- }\r
- $filterlog[] = $flent;\r
- }\r
- \r
- return $filterlog;\r
-}\r
-\r
-function format_ipf_ip($ipfip,$uport) {\r
- global $resolve;\r
-\r
- list($ip,$port) = explode(",", $ipfip);\r
- if ($resolve) {\r
- if (!$port)\r
- return array(gethostbyaddr($ip), "");\r
- if ($uport == "" || ($uport == $port))\r
- return array(gethostbyaddr($ip) . ", port " . $port, $port);\r
- return;\r
- }\r
-\r
- if (!$port)\r
- return array($ip, "");\r
- if ($uport == "" || ($uport == $port))\r
- return array($ip . ", port " . $port, $port);\r
- return;\r
-}\r
-?>\r
-\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('System' => 'diag_logs.php',\r
- 'Firewall' => 'diag_logs_filter.php',\r
- 'DHCP' => 'diag_logs_dhcp.php',\r
- 'Captive portal' => 'diag_logs_portal.php',\r
- 'PPTP VPN' => 'diag_logs_vpn.php',\r
- 'Settings' => 'diag_logs_settings.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr>\r
- <td class="tabcont">\r
-<?php if (!isset($config['syslog']['rawfilter'])):\r
- $filterlog = conv_clog("/var/log/filter.log", $nentries);\r
-?>\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>\r
- <td colspan="6" class="listtopic"> \r
- Last <?=$nentries;?> firewall log entries</td>\r
- </tr>\r
- <tr>\r
- <td width="10%" class="listhdrr"><a href="?<?=substr($actstring, 1);?>" style="color:black" title="reset action and reload firewall logs page">Act</a></td>\r
- <td width="20%" class="listhdrr">Time</td>\r
- <td width="10%" class="listhdrr"><a href="?<?=substr($ifstring, 1);?>" style="color:black" title="reset interface and reload firewall logs page">If</a></td>\r
- <td width="20%" class="listhdrr"><a href="?<?=substr($srcstring, 1);?>" style="color:black" title="reset source port entry and reload firewall logs page">Source</a></td>\r
- <td width="20%" class="listhdrr"><a href="?<?=substr($dststring, 1);?>" style="color:black" title="reset destination port entry and reload firewall logs page">Destination</a></td>\r
- <td width="10%" class="listhdrr"><a href="?<?=substr($prstring, 1);?>" style="color:black" title="reset protocol entry and reload firewall logs page">Proto</a></td>\r
- </tr>\r
- <?php\r
- $actstring .= '">';\r
- $ifstring .= '" style="color:black" title="click to select interface">';\r
- $srcstring .= '" style="color:black" title="click to select source port">';\r
- $dststring .= '" style="color:black" title="click to select destination port">';\r
- $prstring .= '" style="color:black" title="click to select protocol">';\r
- ?>\r
- <?php foreach ($filterlog as $filterent): ?>\r
- <tr>\r
- <td class="listlr" nowrap>\r
- <?php if (strstr(strtolower($filterent['act']), "p"))\r
- $img = "pass.gif";\r
- else \r
- $img = "block.gif";\r
- ?>\r
- <a href="?act=<?=$filterent['act'];?><?=$actstring;?><img src="<?=$img;?>" width="11" height="11" align="absmiddle" border="0" title="click to select action"></a>\r
- <?php if ($filterent['count']) echo $filterent['count'];?></td>\r
- <td class="listr" nowrap><?=htmlspecialchars($filterent['time']);?></td>\r
- <td class="listr" nowrap>\r
- <a href="?if=<?=$filterent['interface'];?><?=$ifstring;?><?=htmlspecialchars($filterent['interface']);?></a></td>\r
- <td class="listr" nowrap>\r
- <a href="?sp=<?=htmlspecialchars($filterent['srcport']);?><?=$srcstring;?><?=htmlspecialchars($filterent['src']);?></a></td>\r
- <td class="listr" nowrap>\r
- <a href="?dp=<?=htmlspecialchars($filterent['dstport']);?><?=$dststring;?><?=htmlspecialchars($filterent['dst']);?></a></td>\r
- <td class="listr" nowrap>\r
- <a href="?pr=<?=htmlspecialchars($filterent['proto']);?><?=$prstring;?><?=htmlspecialchars($filterent['proto']);?></a></td>\r
- </tr><?php endforeach; ?>\r
- </table>\r
- <br><table width="100%" border="0" cellspacing="0" cellpadding="0">\r
- <tr> \r
- <td width="100%"><strong><span class="red">Note:</span></strong><br>\r
- There are many possibilities to filter this log.\r
- Just click on the accept (<img src="pass.gif">) or\r
- deny symbol (<img src="block.gif">) to filter for\r
- accepted or denied IP packets. Do the same for the desired\r
- interface, source/destination port or protocol. To deselect\r
- a selected filter entry, click on the column description above.\r
- To reset all filter entries and reload the firewall logs page,\r
- click on the "Firewall" tab below "Diagnostics: Logs".\r
- </td>\r
- </tr>\r
- </table>\r
-<?php else: ?>\r
- <table width="100%" border="0" cellspacing="0" cellpadding="0">\r
- <tr> \r
- <td colspan="2" class="listtopic"> \r
- Last <?=$nentries;?> firewall log entries</td>\r
- </tr>\r
- <?php dump_clog("/var/log/filter.log", $nentries, false); ?>\r
- </table>\r
-<?php endif; ?>\r
- <br><form action="diag_logs_filter.php" method="post">\r
-<input name="clear" type="submit" class="formbtn" value="Clear log">\r
-</form>\r
- </td>\r
- </tr>\r
-</table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "Logs");
+require("guiconfig.inc");
+
+$protocols = explode(" ", "TCP UDP TCP/UDP ICMP ESP AH GRE IPv6 IGMP any");
+
+$nentries = $config['syslog']['nentries'];
+$resolve = isset($config['syslog']['resolve']);
+
+if (!$nentries)
+ $nentries = 50;
+
+if ($_POST['clear']) {
+ exec("/usr/sbin/clog -i -s 262144 /var/log/filter.log");
+ /* redirect to avoid reposting form data on refresh */
+ header("Location: diag_logs_filter.php");
+ exit;
+}
+
+
+if (isset($_GET['act']) && preg_match("/^[pb]+$/", $_GET['act'])) {
+ $action = $_GET['act'];
+ $ifstring .= "&act=$action";
+ $srcstring .= "&act=$action";
+ $dststring .= "&act=$action";
+ $prstring .= "&act=$action";
+}
+
+if (isset($_GET['if']) && ($_GET['if'] != "")) {
+ $iface = $_GET['if'];
+ $actstring .= "&if=$iface";
+ $srcstring .= "&if=$iface";
+ $dststring .= "&if=$iface";
+ $prstring .= "&if=$iface";
+}
+
+if (isset($_GET['pr']) && in_array($_GET['pr'], $protocols)) {
+ $proto = $_GET['pr'];
+ $actstring .= "&pr=$proto";
+ $ifstring .= "&pr=$proto";
+ $srcstring .= "&pr=$proto";
+ $dststring .= "&pr=$proto";
+}
+
+if (isset($_GET['sp']) && (is_numeric($_GET['sp']))) {
+ $srcport = $_GET['sp'];
+ $actstring .= "&sp=$srcport";
+ $ifstring .= "&sp=$srcport";
+ $dststring .= "&sp=$srcport";
+ $prstring .= "&sp=$srcport";
+}
+
+if (isset($_GET['dp']) && (is_numeric($_GET['dp']))) {
+ $dstport = $_GET['dp'];
+ $actstring .= "&dp=$dstport";
+ $ifstring .= "&dp=$dstport";
+ $srcstring .= "&dp=$dstport";
+ $prstring .= "&dp=$dstport";
+}
+
+
+function dump_clog($logfile, $tail, $withorig = true) {
+ global $g, $config;
+
+ $sor = isset($config['syslog']['reverse']) ? "-r" : "";
+
+ exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
+
+ foreach ($logarr as $logent) {
+ $logent = preg_split("/\s+/", $logent, 6);
+ echo "<tr valign=\"top\">\n";
+
+ if ($withorig) {
+ echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
+ echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
+ } else {
+ echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
+ }
+ echo "</tr>\n";
+ }
+}
+
+function conv_clog($logfile, $tail) {
+ global $g, $config, $iface, $action, $proto, $srcport, $dstport;
+
+ /* make interface/port table */
+ $iftable = array();
+ $iftable[$config['interfaces']['lan']['if']] = "LAN";
+ $iftable[get_real_wan_interface()] = "WAN";
+ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)
+ $iftable[$config['interfaces']['opt' . $i]['if']] = $config['interfaces']['opt' . $i]['descr'];
+
+ $sor = isset($config['syslog']['reverse']) ? "-r" : "";
+
+ exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
+
+ $filterlog = array();
+
+ foreach ($logarr as $logent) {
+ $logent = preg_split("/\s+/", $logent, 6);
+ $ipfa = explode(" ", $logent[5]);
+
+ $flent = array();
+ $i = 0;
+ $flent['time'] = $ipfa[$i];
+ $i++;
+ if (substr($ipfa[$i], -1) == "x") {
+ $flent['count'] = substr($ipfa[$i], 0, -1);
+ $i++;
+ }
+
+ if ($iftable[$ipfa[$i]])
+ $flent['interface'] = $iftable[$ipfa[$i]];
+ else if (strpos($ipfa[$i], "ng") !== false)
+ $flent['interface'] = "PPTP";
+ else
+ $flent['interface'] = $ipfa[$i];
+
+ if (isset($iface)) {
+ if ($iface != $flent['interface'])
+ continue;
+ }
+
+ $i += 2;
+ if (!isset($action) || strstr($action, $ipfa[$i]))
+ $flent['act'] = $ipfa[$i];
+ else
+ continue;
+ $i++;
+ list($flent['src'], $flent['srcport']) = format_ipf_ip($ipfa[$i],$srcport);
+ if (!isset($flent['src']))
+ continue;
+ $i += 2;
+ list($flent['dst'], $flent['dstport']) = format_ipf_ip($ipfa[$i],$dstport);
+ if (!isset($flent['dst']))
+ continue;
+ $i += 2;
+ $protocol = strtoupper($ipfa[$i]);
+ if (!isset($proto) || ($proto == $protocol))
+ $flent['proto'] = $protocol;
+ else
+ continue;
+ if ($protocol == "ICMP") {
+ $i += 5;
+ $flent['dst'] = $flent['dst'] . ", type " . $ipfa[$i];
+ }
+ $filterlog[] = $flent;
+ }
+
+ return $filterlog;
+}
+
+function format_ipf_ip($ipfip,$uport) {
+ global $resolve;
+
+ list($ip,$port) = explode(",", $ipfip);
+ if ($resolve) {
+ if (!$port)
+ return array(gethostbyaddr($ip), "");
+ if ($uport == "" || ($uport == $port))
+ return array(gethostbyaddr($ip) . ", port " . $port, $port);
+ return;
+ }
+
+ if (!$port)
+ return array($ip, "");
+ if ($uport == "" || ($uport == $port))
+ return array($ip . ", port " . $port, $port);
+ return;
+}
+?>
+
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('System' => 'diag_logs.php',
+ 'Firewall' => 'diag_logs_filter.php',
+ 'DHCP' => 'diag_logs_dhcp.php',
+ 'Captive portal' => 'diag_logs_portal.php',
+ 'PPTP VPN' => 'diag_logs_vpn.php',
+ 'Settings' => 'diag_logs_settings.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+<?php if (!isset($config['syslog']['rawfilter'])):
+ $filterlog = conv_clog("/var/log/filter.log", $nentries);
+?>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>
+ <td colspan="6" class="listtopic">
+ Last <?=$nentries;?> firewall log entries</td>
+ </tr>
+ <tr>
+ <td width="10%" class="listhdrr"><a href="?<?=substr($actstring, 1);?>" style="color:black" title="reset action and reload firewall logs page">Act</a></td>
+ <td width="20%" class="listhdrr">Time</td>
+ <td width="10%" class="listhdrr"><a href="?<?=substr($ifstring, 1);?>" style="color:black" title="reset interface and reload firewall logs page">If</a></td>
+ <td width="20%" class="listhdrr"><a href="?<?=substr($srcstring, 1);?>" style="color:black" title="reset source port entry and reload firewall logs page">Source</a></td>
+ <td width="20%" class="listhdrr"><a href="?<?=substr($dststring, 1);?>" style="color:black" title="reset destination port entry and reload firewall logs page">Destination</a></td>
+ <td width="10%" class="listhdrr"><a href="?<?=substr($prstring, 1);?>" style="color:black" title="reset protocol entry and reload firewall logs page">Proto</a></td>
+ </tr>
+ <?php
+ $actstring .= '">';
+ $ifstring .= '" style="color:black" title="click to select interface">';
+ $srcstring .= '" style="color:black" title="click to select source port">';
+ $dststring .= '" style="color:black" title="click to select destination port">';
+ $prstring .= '" style="color:black" title="click to select protocol">';
+ ?>
+ <?php foreach ($filterlog as $filterent): ?>
+ <tr>
+ <td class="listlr" nowrap>
+ <?php if (strstr(strtolower($filterent['act']), "p"))
+ $img = "pass.gif";
+ else
+ $img = "block.gif";
+ ?>
+ <a href="?act=<?=$filterent['act'];?><?=$actstring;?><img src="<?=$img;?>" width="11" height="11" align="absmiddle" border="0" title="click to select action"></a>
+ <?php if ($filterent['count']) echo $filterent['count'];?></td>
+ <td class="listr" nowrap><?=htmlspecialchars($filterent['time']);?></td>
+ <td class="listr" nowrap>
+ <a href="?if=<?=$filterent['interface'];?><?=$ifstring;?><?=htmlspecialchars($filterent['interface']);?></a></td>
+ <td class="listr" nowrap>
+ <a href="?sp=<?=htmlspecialchars($filterent['srcport']);?><?=$srcstring;?><?=htmlspecialchars($filterent['src']);?></a></td>
+ <td class="listr" nowrap>
+ <a href="?dp=<?=htmlspecialchars($filterent['dstport']);?><?=$dststring;?><?=htmlspecialchars($filterent['dst']);?></a></td>
+ <td class="listr" nowrap>
+ <a href="?pr=<?=htmlspecialchars($filterent['proto']);?><?=$prstring;?><?=htmlspecialchars($filterent['proto']);?></a></td>
+ </tr><?php endforeach; ?>
+ </table>
+ <br><table width="100%" border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td width="100%"><strong><span class="red">Note:</span></strong><br>
+ There are many possibilities to filter this log.
+ Just click on the accept (<img src="pass.gif">) or
+ deny symbol (<img src="block.gif">) to filter for
+ accepted or denied IP packets. Do the same for the desired
+ interface, source/destination port or protocol. To deselect
+ a selected filter entry, click on the column description above.
+ To reset all filter entries and reload the firewall logs page,
+ click on the "Firewall" tab below "Diagnostics: Logs".
+ </td>
+ </tr>
+ </table>
+<?php else: ?>
+ <table width="100%" border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td colspan="2" class="listtopic">
+ Last <?=$nentries;?> firewall log entries</td>
+ </tr>
+ <?php dump_clog("/var/log/filter.log", $nentries, false); ?>
+ </table>
+<?php endif; ?>
+ <br><form action="diag_logs_filter.php" method="post">
+<input name="clear" type="submit" class="formbtn" value="Clear log">
+</form>
+ </td>
+ </tr>
+</table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "Logs");\r
-require("guiconfig.inc");\r
-\r
-$nentries = $config['syslog']['nentries'];\r
-if (!$nentries)\r
- $nentries = 50;\r
-\r
-if ($_POST['clear']) {\r
- exec("/usr/sbin/clog -i -s 32768 /var/log/portalauth.log");\r
- /* redirect to avoid reposting form data on refresh */\r
- header("Location: diag_logs_portal.php");\r
- exit;\r
-}\r
-\r
-function dump_clog($logfile, $tail) {\r
- global $g, $config;\r
-\r
- $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
-\r
- exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
- \r
- foreach ($logarr as $logent) {\r
- $logent = preg_split("/\s+/", $logent, 6);\r
- echo "<tr valign=\"top\">\n";\r
- echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
- echo "<td class=\"listr\">" . htmlspecialchars($logent[5]) . "</td>\n";\r
- echo "</tr>\n";\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('System' => 'diag_logs.php',\r
- 'Firewall' => 'diag_logs_filter.php',\r
- 'DHCP' => 'diag_logs_dhcp.php',\r
- 'Captive portal' => 'diag_logs_portal.php',\r
- 'PPTP VPN' => 'diag_logs_vpn.php',\r
- 'Settings' => 'diag_logs_settings.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellspacing="0" cellpadding="0">\r
- <tr> \r
- <td colspan="2" class="listtopic"> \r
- Last <?=$nentries;?> captive portal log entries</td>\r
- </tr>\r
- <?php dump_clog("/var/log/portalauth.log", $nentries); ?>\r
- </table>\r
- <br><form action="diag_logs_portal.php" method="post">\r
-<input name="clear" type="submit" class="formbtn" value="Clear log">\r
-</form>\r
- </td>\r
- </tr>\r
-</table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "Logs");
+require("guiconfig.inc");
+
+$nentries = $config['syslog']['nentries'];
+if (!$nentries)
+ $nentries = 50;
+
+if ($_POST['clear']) {
+ exec("/usr/sbin/clog -i -s 32768 /var/log/portalauth.log");
+ /* redirect to avoid reposting form data on refresh */
+ header("Location: diag_logs_portal.php");
+ exit;
+}
+
+function dump_clog($logfile, $tail) {
+ global $g, $config;
+
+ $sor = isset($config['syslog']['reverse']) ? "-r" : "";
+
+ exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
+
+ foreach ($logarr as $logent) {
+ $logent = preg_split("/\s+/", $logent, 6);
+ echo "<tr valign=\"top\">\n";
+ echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
+ echo "<td class=\"listr\">" . htmlspecialchars($logent[5]) . "</td>\n";
+ echo "</tr>\n";
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('System' => 'diag_logs.php',
+ 'Firewall' => 'diag_logs_filter.php',
+ 'DHCP' => 'diag_logs_dhcp.php',
+ 'Captive portal' => 'diag_logs_portal.php',
+ 'PPTP VPN' => 'diag_logs_vpn.php',
+ 'Settings' => 'diag_logs_settings.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td colspan="2" class="listtopic">
+ Last <?=$nentries;?> captive portal log entries</td>
+ </tr>
+ <?php dump_clog("/var/log/portalauth.log", $nentries); ?>
+ </table>
+ <br><form action="diag_logs_portal.php" method="post">
+<input name="clear" type="submit" class="formbtn" value="Clear log">
+</form>
+ </td>
+ </tr>
+</table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "Logs");\r
-require("guiconfig.inc");\r
-\r
-$pconfig['reverse'] = isset($config['syslog']['reverse']);\r
-$pconfig['nentries'] = $config['syslog']['nentries'];\r
-$pconfig['remoteserver'] = $config['syslog']['remoteserver'];\r
-$pconfig['filter'] = isset($config['syslog']['filter']);\r
-$pconfig['dhcp'] = isset($config['syslog']['dhcp']);\r
-$pconfig['portalauth'] = isset($config['syslog']['portalauth']);\r
-$pconfig['vpn'] = isset($config['syslog']['vpn']);\r
-$pconfig['system'] = isset($config['syslog']['system']);\r
-$pconfig['enable'] = isset($config['syslog']['enable']);\r
-$pconfig['logdefaultblock'] = !isset($config['syslog']['nologdefaultblock']);\r
-$pconfig['rawfilter'] = isset($config['syslog']['rawfilter']);\r
-$pconfig['resolve'] = isset($config['syslog']['resolve']);\r
-\r
-if (!$pconfig['nentries'])\r
- $pconfig['nentries'] = 50;\r
-\r
-if ($_POST) {\r
-\r
- unset($input_errors);\r
- $pconfig = $_POST;\r
-\r
- /* input validation */\r
- if ($_POST['enable'] && !is_ipaddr($_POST['remoteserver'])) {\r
- $input_errors[] = "A valid IP address must be specified.";\r
- }\r
- if (($_POST['nentries'] < 5) || ($_POST['nentries'] > 1000)) {\r
- $input_errors[] = "Number of log entries to show must be between 5 and 1000.";\r
- }\r
-\r
- if (!$input_errors) {\r
- $config['syslog']['reverse'] = $_POST['reverse'] ? true : false;\r
- $config['syslog']['nentries'] = (int)$_POST['nentries'];\r
- $config['syslog']['remoteserver'] = $_POST['remoteserver'];\r
- $config['syslog']['filter'] = $_POST['filter'] ? true : false;\r
- $config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false;\r
- $config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false;\r
- $config['syslog']['vpn'] = $_POST['vpn'] ? true : false;\r
- $config['syslog']['system'] = $_POST['system'] ? true : false;\r
- $config['syslog']['enable'] = $_POST['enable'] ? true : false;\r
- $oldnologdefaultblock = isset($config['syslog']['nologdefaultblock']);\r
- $config['syslog']['nologdefaultblock'] = $_POST['logdefaultblock'] ? false : true;\r
- $config['syslog']['rawfilter'] = $_POST['rawfilter'] ? true : false;\r
- $config['syslog']['resolve'] = $_POST['resolve'] ? true : false;\r
- \r
- write_config();\r
- \r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval = system_syslogd_start();\r
- if ($oldnologdefaultblock !== isset($config['syslog']['nologdefaultblock']))\r
- $retval |= filter_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval); \r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<script language="JavaScript">\r
-<!--\r
-function enable_change(enable_over) {\r
- if (document.iform.enable.checked || enable_over) {\r
- document.iform.remoteserver.disabled = 0;\r
- document.iform.filter.disabled = 0;\r
- document.iform.dhcp.disabled = 0;\r
- document.iform.portalauth.disabled = 0;\r
- document.iform.vpn.disabled = 0;\r
- document.iform.system.disabled = 0;\r
- } else {\r
- document.iform.remoteserver.disabled = 1;\r
- document.iform.filter.disabled = 1;\r
- document.iform.dhcp.disabled = 1;\r
- document.iform.portalauth.disabled = 1;\r
- document.iform.vpn.disabled = 1;\r
- document.iform.system.disabled = 1;\r
- }\r
-}\r
-// -->\r
-</script>\r
-<form action="diag_logs_settings.php" method="post" name="iform" id="iform">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('System' => 'diag_logs.php',\r
- 'Firewall' => 'diag_logs_filter.php',\r
- 'DHCP' => 'diag_logs_dhcp.php',\r
- 'Captive portal' => 'diag_logs_portal.php',\r
- 'PPTP VPN' => 'diag_logs_vpn.php',\r
- 'Settings' => 'diag_logs_settings.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable"> <input name="reverse" type="checkbox" id="reverse" value="yes" <?php if ($pconfig['reverse']) echo "checked"; ?>>\r
- <strong>Show log entries in reverse order (newest entries \r
- on top)</strong></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable">Number of log entries to \r
- show: \r
- <input name="nentries" id="nentries" type="text" class="formfld" size="4" value="<?=htmlspecialchars($pconfig['nentries']);?>"></td>\r
- </tr>\r
- <tr> \r
- <td valign="top" class="vtable"> </td>\r
- <td class="vtable"> <input name="logdefaultblock" type="checkbox" id="logdefaultblock" value="yes" <?php if ($pconfig['logdefaultblock']) echo "checked"; ?>>\r
- <strong>Log packets blocked by the default rule</strong><br>\r
- Hint: packets that are blocked by the \r
- implicit default block rule will not be logged anymore \r
- if you uncheck this option. Per-rule logging options are not affected.</td>\r
- </tr>\r
- <tr> \r
- <td valign="top" class="vtable"> </td>\r
- <td class="vtable"> <input name="rawfilter" type="checkbox" id="rawfilter" value="yes" <?php if ($pconfig['rawfilter']) echo "checked"; ?>>\r
- <strong>Show raw filter logs</strong><br>\r
- Hint: If this is checked, filter logs are shown as generated by the packet filter, without any formatting. This will reveal more detailed information. </td>\r
- </tr>\r
- <tr> \r
- <td valign="top" class="vtable"> </td>\r
- <td class="vtable"> <input name="resolve" type="checkbox" id="resolve" value="yes" <?php if ($pconfig['resolve']) echo "checked"; ?>>\r
- <strong>Resolve IP addresses to hostnames</strong><br>\r
- Hint: If this is checked, IP addresses in firewall logs are resolved to real hostnames where possible.<br>\r
- Warning: This can cause a huge delay in loading the firewall log page!</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable"> <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">\r
- <strong>Enable syslog'ing to remote syslog server</strong></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Remote syslog \r
- server</td>\r
- <td width="78%" class="vtable"> <input name="remoteserver" id="remoteserver" type="text" class="formfld" size="20" value="<?=htmlspecialchars($pconfig['remoteserver']);?>"> \r
- <br>\r
- IP address of remote syslog server<br> <br>\r
- <input name="system" id="system" type="checkbox" value="yes" onclick="enable_change(false)" <?php if ($pconfig['system']) echo "checked"; ?>>\r
- system events <br>\r
- <input name="filter" id="filter" type="checkbox" value="yes" <?php if ($pconfig['filter']) echo "checked"; ?>>\r
- firewall events<br>\r
- <input name="dhcp" id="dhcp" type="checkbox" value="yes" <?php if ($pconfig['dhcp']) echo "checked"; ?>>\r
- DHCP service events<br>\r
- <input name="portalauth" id="portalauth" type="checkbox" value="yes" <?php if ($pconfig['portalauth']) echo "checked"; ?>>\r
- Captive portal<br> \r
- <input name="vpn" id="vpn" type="checkbox" value="yes" <?php if ($pconfig['vpn']) echo "checked"; ?>>\r
- PPTP VPN events</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> \r
- </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"><strong><span class="red">Note:</span></strong><br>\r
- syslog sends UDP datagrams to port 514 on the specified \r
- remote syslog server. Be sure to set syslogd on the \r
- remote server to accept syslog messages from m0n0wall. \r
- </td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
-</table>\r
-</form>\r
-<script language="JavaScript">\r
-<!--\r
-enable_change(false);\r
-//-->\r
-</script>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "Logs");
+require("guiconfig.inc");
+
+$pconfig['reverse'] = isset($config['syslog']['reverse']);
+$pconfig['nentries'] = $config['syslog']['nentries'];
+$pconfig['remoteserver'] = $config['syslog']['remoteserver'];
+$pconfig['filter'] = isset($config['syslog']['filter']);
+$pconfig['dhcp'] = isset($config['syslog']['dhcp']);
+$pconfig['portalauth'] = isset($config['syslog']['portalauth']);
+$pconfig['vpn'] = isset($config['syslog']['vpn']);
+$pconfig['system'] = isset($config['syslog']['system']);
+$pconfig['enable'] = isset($config['syslog']['enable']);
+$pconfig['logdefaultblock'] = !isset($config['syslog']['nologdefaultblock']);
+$pconfig['rawfilter'] = isset($config['syslog']['rawfilter']);
+$pconfig['resolve'] = isset($config['syslog']['resolve']);
+
+if (!$pconfig['nentries'])
+ $pconfig['nentries'] = 50;
+
+if ($_POST) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ if ($_POST['enable'] && !is_ipaddr($_POST['remoteserver'])) {
+ $input_errors[] = "A valid IP address must be specified.";
+ }
+ if (($_POST['nentries'] < 5) || ($_POST['nentries'] > 1000)) {
+ $input_errors[] = "Number of log entries to show must be between 5 and 1000.";
+ }
+
+ if (!$input_errors) {
+ $config['syslog']['reverse'] = $_POST['reverse'] ? true : false;
+ $config['syslog']['nentries'] = (int)$_POST['nentries'];
+ $config['syslog']['remoteserver'] = $_POST['remoteserver'];
+ $config['syslog']['filter'] = $_POST['filter'] ? true : false;
+ $config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false;
+ $config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false;
+ $config['syslog']['vpn'] = $_POST['vpn'] ? true : false;
+ $config['syslog']['system'] = $_POST['system'] ? true : false;
+ $config['syslog']['enable'] = $_POST['enable'] ? true : false;
+ $oldnologdefaultblock = isset($config['syslog']['nologdefaultblock']);
+ $config['syslog']['nologdefaultblock'] = $_POST['logdefaultblock'] ? false : true;
+ $config['syslog']['rawfilter'] = $_POST['rawfilter'] ? true : false;
+ $config['syslog']['resolve'] = $_POST['resolve'] ? true : false;
+
+ write_config();
+
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval = system_syslogd_start();
+ if ($oldnologdefaultblock !== isset($config['syslog']['nologdefaultblock']))
+ $retval |= filter_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<script language="JavaScript">
+<!--
+function enable_change(enable_over) {
+ if (document.iform.enable.checked || enable_over) {
+ document.iform.remoteserver.disabled = 0;
+ document.iform.filter.disabled = 0;
+ document.iform.dhcp.disabled = 0;
+ document.iform.portalauth.disabled = 0;
+ document.iform.vpn.disabled = 0;
+ document.iform.system.disabled = 0;
+ } else {
+ document.iform.remoteserver.disabled = 1;
+ document.iform.filter.disabled = 1;
+ document.iform.dhcp.disabled = 1;
+ document.iform.portalauth.disabled = 1;
+ document.iform.vpn.disabled = 1;
+ document.iform.system.disabled = 1;
+ }
+}
+// -->
+</script>
+<form action="diag_logs_settings.php" method="post" name="iform" id="iform">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('System' => 'diag_logs.php',
+ 'Firewall' => 'diag_logs_filter.php',
+ 'DHCP' => 'diag_logs_dhcp.php',
+ 'Captive portal' => 'diag_logs_portal.php',
+ 'PPTP VPN' => 'diag_logs_vpn.php',
+ 'Settings' => 'diag_logs_settings.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable"> <input name="reverse" type="checkbox" id="reverse" value="yes" <?php if ($pconfig['reverse']) echo "checked"; ?>>
+ <strong>Show log entries in reverse order (newest entries
+ on top)</strong></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable">Number of log entries to
+ show:
+ <input name="nentries" id="nentries" type="text" class="formfld" size="4" value="<?=htmlspecialchars($pconfig['nentries']);?>"></td>
+ </tr>
+ <tr>
+ <td valign="top" class="vtable"> </td>
+ <td class="vtable"> <input name="logdefaultblock" type="checkbox" id="logdefaultblock" value="yes" <?php if ($pconfig['logdefaultblock']) echo "checked"; ?>>
+ <strong>Log packets blocked by the default rule</strong><br>
+ Hint: packets that are blocked by the
+ implicit default block rule will not be logged anymore
+ if you uncheck this option. Per-rule logging options are not affected.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vtable"> </td>
+ <td class="vtable"> <input name="rawfilter" type="checkbox" id="rawfilter" value="yes" <?php if ($pconfig['rawfilter']) echo "checked"; ?>>
+ <strong>Show raw filter logs</strong><br>
+ Hint: If this is checked, filter logs are shown as generated by the packet filter, without any formatting. This will reveal more detailed information. </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vtable"> </td>
+ <td class="vtable"> <input name="resolve" type="checkbox" id="resolve" value="yes" <?php if ($pconfig['resolve']) echo "checked"; ?>>
+ <strong>Resolve IP addresses to hostnames</strong><br>
+ Hint: If this is checked, IP addresses in firewall logs are resolved to real hostnames where possible.<br>
+ Warning: This can cause a huge delay in loading the firewall log page!</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable"> <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
+ <strong>Enable syslog'ing to remote syslog server</strong></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Remote syslog
+ server</td>
+ <td width="78%" class="vtable"> <input name="remoteserver" id="remoteserver" type="text" class="formfld" size="20" value="<?=htmlspecialchars($pconfig['remoteserver']);?>">
+ <br>
+ IP address of remote syslog server<br> <br>
+ <input name="system" id="system" type="checkbox" value="yes" onclick="enable_change(false)" <?php if ($pconfig['system']) echo "checked"; ?>>
+ system events <br>
+ <input name="filter" id="filter" type="checkbox" value="yes" <?php if ($pconfig['filter']) echo "checked"; ?>>
+ firewall events<br>
+ <input name="dhcp" id="dhcp" type="checkbox" value="yes" <?php if ($pconfig['dhcp']) echo "checked"; ?>>
+ DHCP service events<br>
+ <input name="portalauth" id="portalauth" type="checkbox" value="yes" <?php if ($pconfig['portalauth']) echo "checked"; ?>>
+ Captive portal<br>
+ <input name="vpn" id="vpn" type="checkbox" value="yes" <?php if ($pconfig['vpn']) echo "checked"; ?>>
+ PPTP VPN events</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)">
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%"><strong><span class="red">Note:</span></strong><br>
+ syslog sends UDP datagrams to port 514 on the specified
+ remote syslog server. Be sure to set syslogd on the
+ remote server to accept syslog messages from m0n0wall.
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+</table>
+</form>
+<script language="JavaScript">
+<!--
+enable_change(false);
+//-->
+</script>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "Logs");\r
-require("guiconfig.inc");\r
-\r
-$nentries = $config['syslog']['nentries'];\r
-if (!$nentries)\r
- $nentries = 50;\r
-\r
-if ($_POST['clear']) {\r
- exec("/usr/sbin/clog -i -s 65536 /var/log/vpn.log");\r
- /* redirect to avoid reposting form data on refresh */\r
- header("Location: diag_logs_vpn.php");\r
- exit;\r
-}\r
-\r
-function dump_clog($logfile, $tail) {\r
- global $g, $config;\r
-\r
- $sor = isset($config['syslog']['reverse']) ? "-r" : "";\r
-\r
- exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);\r
- \r
- foreach ($logarr as $logent) {\r
- $logent = preg_split("/\s+/", $logent, 6);\r
- $llent = explode(",", $logent[5]);\r
- \r
- echo "<tr>\n";\r
- echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";\r
- \r
- if ($llent[0] == "login")\r
- echo "<td class=\"listr\"><img src=\"in.gif\" width=\"11\" height=\"11\" title=\"login\"></td>\n";\r
- else\r
- echo "<td class=\"listr\"><img src=\"out.gif\" width=\"11\" height=\"11\" title=\"logout\"></td>\n";\r
- \r
- echo "<td class=\"listr\">" . htmlspecialchars($llent[3]) . "</td>\n";\r
- echo "<td class=\"listr\">" . htmlspecialchars($llent[2]) . " </td>\n";\r
- echo "</tr>\n";\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('System' => 'diag_logs.php',\r
- 'Firewall' => 'diag_logs_filter.php',\r
- 'DHCP' => 'diag_logs_dhcp.php',\r
- 'Captive portal' => 'diag_logs_portal.php',\r
- 'PPTP VPN' => 'diag_logs_vpn.php',\r
- 'Settings' => 'diag_logs_settings.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr>\r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>\r
- <td colspan="4" class="listtopic"> \r
- Last <?=$nentries;?> PPTP VPN log entries</td>\r
- </tr>\r
- <tr>\r
- <td class="listhdrr">Time</td>\r
- <td class="listhdrr">Action</td>\r
- <td class="listhdrr">User</td>\r
- <td class="listhdrr">IP address</td>\r
- </tr>\r
- <?php dump_clog("/var/log/vpn.log", $nentries); ?>\r
- </table>\r
- <br><form action="diag_logs_vpn.php" method="post">\r
-<input name="clear" type="submit" class="formbtn" value="Clear log">\r
-</form>\r
- </td>\r
- </tr>\r
-</table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "Logs");
+require("guiconfig.inc");
+
+$nentries = $config['syslog']['nentries'];
+if (!$nentries)
+ $nentries = 50;
+
+if ($_POST['clear']) {
+ exec("/usr/sbin/clog -i -s 65536 /var/log/vpn.log");
+ /* redirect to avoid reposting form data on refresh */
+ header("Location: diag_logs_vpn.php");
+ exit;
+}
+
+function dump_clog($logfile, $tail) {
+ global $g, $config;
+
+ $sor = isset($config['syslog']['reverse']) ? "-r" : "";
+
+ exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
+
+ foreach ($logarr as $logent) {
+ $logent = preg_split("/\s+/", $logent, 6);
+ $llent = explode(",", $logent[5]);
+
+ echo "<tr>\n";
+ echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
+
+ if ($llent[0] == "login")
+ echo "<td class=\"listr\"><img src=\"in.gif\" width=\"11\" height=\"11\" title=\"login\"></td>\n";
+ else
+ echo "<td class=\"listr\"><img src=\"out.gif\" width=\"11\" height=\"11\" title=\"logout\"></td>\n";
+
+ echo "<td class=\"listr\">" . htmlspecialchars($llent[3]) . "</td>\n";
+ echo "<td class=\"listr\">" . htmlspecialchars($llent[2]) . " </td>\n";
+ echo "</tr>\n";
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('System' => 'diag_logs.php',
+ 'Firewall' => 'diag_logs_filter.php',
+ 'DHCP' => 'diag_logs_dhcp.php',
+ 'Captive portal' => 'diag_logs_portal.php',
+ 'PPTP VPN' => 'diag_logs_vpn.php',
+ 'Settings' => 'diag_logs_settings.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0"><tr>
+ <td colspan="4" class="listtopic">
+ Last <?=$nentries;?> PPTP VPN log entries</td>
+ </tr>
+ <tr>
+ <td class="listhdrr">Time</td>
+ <td class="listhdrr">Action</td>
+ <td class="listhdrr">User</td>
+ <td class="listhdrr">IP address</td>
+ </tr>
+ <?php dump_clog("/var/log/vpn.log", $nentries); ?>
+ </table>
+ <br><form action="diag_logs_vpn.php" method="post">
+<input name="clear" type="submit" class="formbtn" value="Clear log">
+</form>
+ </td>
+ </tr>
+</table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
-\r
- Copyright (C) 2003-2006 Bob Zoller (bob@kludgebox.com) and Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
-\r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
-\r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
-\r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
-\r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "Ping");\r
-require("guiconfig.inc");\r
-\r
-define('MAX_COUNT', 10);\r
-define('DEFAULT_COUNT', 3);\r
-\r
-if ($_POST) {\r
- unset($input_errors);\r
- unset($do_ping);\r
-\r
- /* input validation */\r
- $reqdfields = explode(" ", "host count");\r
- $reqdfieldsn = explode(",", "Host,Count");\r
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
-\r
- if (($_POST['count'] < 1) || ($_POST['count'] > MAX_COUNT)) {\r
- $input_errors[] = "Count must be between 1 and {MAX_COUNT}";\r
- }\r
-\r
- if (!$input_errors) {\r
- $do_ping = true;\r
- $host = $_POST['host'];\r
- $interface = $_POST['interface'];\r
- $count = $_POST['count'];\r
- }\r
-}\r
-if (!isset($do_ping)) {\r
- $do_ping = false;\r
- $host = '';\r
- $count = DEFAULT_COUNT;\r
-}\r
-\r
-function get_interface_addr($ifdescr) {\r
- \r
- global $config, $g;\r
- \r
- /* find out interface name */\r
- if ($ifdescr == "wan")\r
- $if = get_real_wan_interface();\r
- else\r
- $if = $config['interfaces'][$ifdescr]['if'];\r
- \r
- /* try to determine IP address and netmask with ifconfig */\r
- unset($ifconfiginfo);\r
- exec("/sbin/ifconfig " . $if, $ifconfiginfo);\r
- \r
- foreach ($ifconfiginfo as $ici) {\r
- if (preg_match("/inet (\S+)/", $ici, $matches)) {\r
- return $matches[1];\r
- }\r
- }\r
- \r
- return false;\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Ping' => 'diag_ping.php',\r
- 'Traceroute' => 'diag_traceroute.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
- <form action="diag_ping.php" method="post" name="iform" id="iform">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr>\r
- <td width="22%" valign="top" class="vncellreq">Host</td>\r
- <td width="78%" class="vtable"> \r
- <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>"></td>\r
- </tr>\r
- <tr>\r
- <td width="22%" valign="top" class="vncellreq">Interface</td>\r
- <td width="78%" class="vtable">\r
- <select name="interface" class="formfld">\r
- <?php $interfaces = array('wan' => 'WAN', 'lan' => 'LAN');\r
- for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {\r
- if (isset($config['interfaces']['opt' . $i]['enable']) &&\r
- !$config['interfaces']['opt' . $i]['bridge'])\r
- $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];\r
- }\r
- foreach ($interfaces as $iface => $ifacename): ?>\r
- <option value="<?=$iface;?>" <?php if ($iface == $interface) echo "selected"; ?>> \r
- <?=htmlspecialchars($ifacename);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select>\r
- </td>\r
- </tr>\r
- <tr>\r
- <td width="22%" valign="top" class="vncellreq">Count</td>\r
- <td width="78%" class="vtable">\r
- <select name="count" class="formfld" id="count">\r
- <?php for ($i = 1; $i <= MAX_COUNT; $i++): ?>\r
- <option value="<?=$i;?>" <?php if ($i == $count) echo "selected"; ?>><?=$i;?></option>\r
- <?php endfor; ?>\r
- </select></td>\r
- </tr>\r
- <tr>\r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="Submit" type="submit" class="formbtn" value="Ping">\r
- </td>\r
- </tr>\r
- <tr>\r
- <td valign="top" colspan="2">\r
- <? if ($do_ping) {\r
- echo("<strong>Ping output:</strong><br>");\r
- echo('<pre>');\r
- ob_end_flush();\r
- $ifaddr = get_interface_addr($interface);\r
- if ($ifaddr)\r
- system("/sbin/ping -S$ifaddr -c$count " . escapeshellarg($host));\r
- else\r
- system("/sbin/ping -c$count " . escapeshellarg($host));\r
- echo('</pre>');\r
- }\r
- ?>\r
- </td>\r
- </tr>\r
- </table>\r
-</form>\r
-</td></tr></table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Bob Zoller (bob@kludgebox.com) and Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "Ping");
+require("guiconfig.inc");
+
+define('MAX_COUNT', 10);
+define('DEFAULT_COUNT', 3);
+
+if ($_POST) {
+ unset($input_errors);
+ unset($do_ping);
+
+ /* input validation */
+ $reqdfields = explode(" ", "host count");
+ $reqdfieldsn = explode(",", "Host,Count");
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (($_POST['count'] < 1) || ($_POST['count'] > MAX_COUNT)) {
+ $input_errors[] = "Count must be between 1 and {MAX_COUNT}";
+ }
+
+ if (!$input_errors) {
+ $do_ping = true;
+ $host = $_POST['host'];
+ $interface = $_POST['interface'];
+ $count = $_POST['count'];
+ }
+}
+if (!isset($do_ping)) {
+ $do_ping = false;
+ $host = '';
+ $count = DEFAULT_COUNT;
+}
+
+function get_interface_addr($ifdescr) {
+
+ global $config, $g;
+
+ /* find out interface name */
+ if ($ifdescr == "wan")
+ $if = get_real_wan_interface();
+ else
+ $if = $config['interfaces'][$ifdescr]['if'];
+
+ /* try to determine IP address and netmask with ifconfig */
+ unset($ifconfiginfo);
+ exec("/sbin/ifconfig " . $if, $ifconfiginfo);
+
+ foreach ($ifconfiginfo as $ici) {
+ if (preg_match("/inet (\S+)/", $ici, $matches)) {
+ return $matches[1];
+ }
+ }
+
+ return false;
+}
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Ping' => 'diag_ping.php',
+ 'Traceroute' => 'diag_traceroute.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+ <form action="diag_ping.php" method="post" name="iform" id="iform">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Host</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>"></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Interface</td>
+ <td width="78%" class="vtable">
+ <select name="interface" class="formfld">
+ <?php $interfaces = array('wan' => 'WAN', 'lan' => 'LAN');
+ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
+ if (isset($config['interfaces']['opt' . $i]['enable']) &&
+ !$config['interfaces']['opt' . $i]['bridge'])
+ $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
+ }
+ foreach ($interfaces as $iface => $ifacename): ?>
+ <option value="<?=$iface;?>" <?php if ($iface == $interface) echo "selected"; ?>>
+ <?=htmlspecialchars($ifacename);?>
+ </option>
+ <?php endforeach; ?>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Count</td>
+ <td width="78%" class="vtable">
+ <select name="count" class="formfld" id="count">
+ <?php for ($i = 1; $i <= MAX_COUNT; $i++): ?>
+ <option value="<?=$i;?>" <?php if ($i == $count) echo "selected"; ?>><?=$i;?></option>
+ <?php endfor; ?>
+ </select></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="Submit" type="submit" class="formbtn" value="Ping">
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" colspan="2">
+ <? if ($do_ping) {
+ echo("<strong>Ping output:</strong><br>");
+ echo('<pre>');
+ ob_end_flush();
+ $ifaddr = get_interface_addr($interface);
+ if ($ifaddr)
+ system("/sbin/ping -S$ifaddr -c$count " . escapeshellarg($host));
+ else
+ system("/sbin/ping -c$count " . escapeshellarg($host));
+ echo('</pre>');
+ }
+ ?>
+ </td>
+ </tr>
+ </table>
+</form>
+</td></tr></table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
-\r
- Copyright (C) 2005-2006 Paul Taylor (paultaylor@winndixie.com) and Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
-\r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
-\r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
-\r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
-\r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Diagnostics", "Traceroute");\r
-require("guiconfig.inc");\r
-\r
-\r
-define('MAX_TTL', 64);\r
-define('DEFAULT_TTL', 18);\r
-\r
-if ($_POST) {\r
- unset($input_errors);\r
- unset($do_traceroute);\r
-\r
- /* input validation */\r
- $reqdfields = explode(" ", "host ttl");\r
- $reqdfieldsn = explode(",", "Host,ttl");\r
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
-\r
- if (($_POST['ttl'] < 1) || ($_POST['ttl'] > MAX_TTL)) {\r
- $input_errors[] = "Maximum number of hops must be between 1 and {MAX_TTL}";\r
- }\r
-\r
- if (!$input_errors) {\r
- $do_traceroute = true;\r
- $host = $_POST['host'];\r
- $ttl = $_POST['ttl'];\r
- $resolve = $_POST['resolve'];\r
- }\r
-}\r
-if (!isset($do_traceroute)) {\r
- $do_traceroute = false;\r
- $host = '';\r
- $ttl = DEFAULT_TTL;\r
- $resolve = false;\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Ping' => 'diag_ping.php',\r
- 'Traceroute' => 'diag_traceroute.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
- <form action="diag_traceroute.php" method="post" name="iform" id="iform">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr>\r
- <td width="22%" valign="top" class="vncellreq">Host</td>\r
- <td width="78%" class="vtable"> \r
- <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>"></td>\r
- </tr>\r
- <tr>\r
- <td width="22%" valign="top" class="vncellreq">Maximum number of hops</td>\r
- <td width="78%" class="vtable">\r
- <select name="ttl" class="formfld" id="ttl">\r
- <?php for ($i = 1; $i <= MAX_TTL; $i++): ?>\r
- <option value="<?=$i;?>" <?php if ($i == $ttl) echo "selected"; ?>><?=$i;?></option>\r
- <?php endfor; ?>\r
- </select></td>\r
- </tr>\r
- <tr> \r
- <td valign="top" class="vtable"> </td>\r
- <td class="vtable"> <input name="resolve" type="checkbox" id="resolve" value="yes" <?php if ($resolve) echo "checked"; ?>>\r
- <strong>Resolve IP addresses to hostnames</strong><br>\r
- </td>\r
- </tr>\r
- <tr>\r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="Submit" type="submit" class="formbtn" value="Traceroute">\r
- </td>\r
- </tr>\r
- <tr>\r
- <td valign="top" colspan="2">\r
- <p><span class="vexpl"><span class="red"><strong>Note: </strong></span> Traceroute may take a while to complete. You may hit the Stop button on your browser at any time to see the progress of failed traceroutes.<p>\r
- <? if ($do_traceroute) {\r
- echo("<br><strong>Traceroute output:</strong><br>");\r
- echo('<pre>');\r
- ob_end_flush();\r
- system("/usr/sbin/traceroute " . ($resolve ? "" : "-n ") . "-w 2 -m " . escapeshellarg($ttl) . " " . escapeshellarg($host));\r
- echo('</pre>');\r
- }\r
- ?>\r
- </td>\r
- </tr>\r
- </table>\r
-</form>\r
-</td></tr></table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2005-2006 Paul Taylor (paultaylor@winndixie.com) and Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Diagnostics", "Traceroute");
+require("guiconfig.inc");
+
+
+define('MAX_TTL', 64);
+define('DEFAULT_TTL', 18);
+
+if ($_POST) {
+ unset($input_errors);
+ unset($do_traceroute);
+
+ /* input validation */
+ $reqdfields = explode(" ", "host ttl");
+ $reqdfieldsn = explode(",", "Host,ttl");
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (($_POST['ttl'] < 1) || ($_POST['ttl'] > MAX_TTL)) {
+ $input_errors[] = "Maximum number of hops must be between 1 and {MAX_TTL}";
+ }
+
+ if (!$input_errors) {
+ $do_traceroute = true;
+ $host = $_POST['host'];
+ $ttl = $_POST['ttl'];
+ $resolve = $_POST['resolve'];
+ }
+}
+if (!isset($do_traceroute)) {
+ $do_traceroute = false;
+ $host = '';
+ $ttl = DEFAULT_TTL;
+ $resolve = false;
+}
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Ping' => 'diag_ping.php',
+ 'Traceroute' => 'diag_traceroute.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+ <form action="diag_traceroute.php" method="post" name="iform" id="iform">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Host</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>"></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Maximum number of hops</td>
+ <td width="78%" class="vtable">
+ <select name="ttl" class="formfld" id="ttl">
+ <?php for ($i = 1; $i <= MAX_TTL; $i++): ?>
+ <option value="<?=$i;?>" <?php if ($i == $ttl) echo "selected"; ?>><?=$i;?></option>
+ <?php endfor; ?>
+ </select></td>
+ </tr>
+ <tr>
+ <td valign="top" class="vtable"> </td>
+ <td class="vtable"> <input name="resolve" type="checkbox" id="resolve" value="yes" <?php if ($resolve) echo "checked"; ?>>
+ <strong>Resolve IP addresses to hostnames</strong><br>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="Submit" type="submit" class="formbtn" value="Traceroute">
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" colspan="2">
+ <p><span class="vexpl"><span class="red"><strong>Note: </strong></span> Traceroute may take a while to complete. You may hit the Stop button on your browser at any time to see the progress of failed traceroutes.<p>
+ <? if ($do_traceroute) {
+ echo("<br><strong>Traceroute output:</strong><br>");
+ echo('<pre>');
+ ob_end_flush();
+ system("/usr/sbin/traceroute " . ($resolve ? "" : "-n ") . "-w 2 -m " . escapeshellarg($ttl) . " " . escapeshellarg($host));
+ echo('</pre>');
+ }
+ ?>
+ </td>
+ </tr>
+ </table>
+</form>
+</td></tr></table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 technologEase (http://www.technologEase.com) and Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-require("guiconfig.inc");\r
-\r
-if (($_POST['submit'] == "Download") && file_exists($_POST['dlPath'])) {\r
- session_cache_limiter('public');\r
- $fd = fopen($_POST['dlPath'], "rb");\r
- header("Content-Type: application/octet-stream");\r
- header("Content-Length: " . filesize($_POST['dlPath']));\r
- header("Content-Disposition: attachment; filename=\"" . \r
- trim(htmlentities(basename($_POST['dlPath']))) . "\"");\r
- \r
- fpassthru($fd);\r
- exit;\r
-} else if (($_POST['submit'] == "Upload") && is_uploaded_file($_FILES['ulfile']['tmp_name'])) {\r
- move_uploaded_file($_FILES['ulfile']['tmp_name'], "/tmp/" . $_FILES['ulfile']['name']);\r
- $ulmsg = "Uploaded file to /tmp/" . htmlentities($_FILES['ulfile']['name']);\r
- unset($_POST['txtCommand']);\r
-}\r
-?>\r
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">\r
-<html>\r
-<head>\r
-<?php\r
-\r
-/*\r
- Exec+ v1.02-000 - Copyright 2001-2003, All rights reserved\r
- Created by technologEase (http://www.technologEase.com).\r
- \r
- (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)\r
-*/\r
-\r
-// Function: is Blank\r
-// Returns true or false depending on blankness of argument.\r
-\r
-function isBlank( $arg ) { return ereg( "^\s*$", $arg ); }\r
-\r
-\r
-// Function: Puts\r
-// Put string, Ruby-style.\r
-\r
-function puts( $arg ) { echo "$arg\n"; }\r
-\r
-\r
-// "Constants".\r
-\r
-$Version = '';\r
-$ScriptName = $HTTP_SERVER_VARS['SCRIPT_NAME'];\r
-$Title = 'm0n0wall: execute command';\r
-\r
-// Get year.\r
-\r
-$arrDT = localtime();\r
-$intYear = $arrDT[5] + 1900;\r
-\r
-?>\r
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">\r
-<title><?=$Title ?></title>\r
-<script language="javascript">\r
-<!--\r
-\r
- // Create recall buffer array (of encoded strings).\r
-\r
-<?php\r
-\r
-if (isBlank( $_POST['txtRecallBuffer'] )) {\r
- puts( " var arrRecallBuffer = new Array;" );\r
-} else {\r
- puts( " var arrRecallBuffer = new Array(" );\r
- $arrBuffer = explode( "&", $_POST['txtRecallBuffer'] );\r
- for ($i=0; $i < (count( $arrBuffer ) - 1); $i++) puts( " '" . $arrBuffer[$i] . "'," );\r
- puts( " '" . $arrBuffer[count( $arrBuffer ) - 1] . "'" );\r
- puts( " );" );\r
-}\r
-\r
-?>\r
-\r
- // Set pointer to end of recall buffer.\r
- var intRecallPtr = arrRecallBuffer.length;\r
-\r
- // Functions to extend String class.\r
- function str_encode() { return escape( this ) }\r
- function str_decode() { return unescape( this ) }\r
- \r
- // Extend string class to include encode() and decode() functions.\r
- String.prototype.encode = str_encode\r
- String.prototype.decode = str_decode\r
-\r
- // Function: is Blank\r
- // Returns boolean true or false if argument is blank.\r
- function isBlank( strArg ) { return strArg.match( /^\s*$/ ) }\r
-\r
- // Function: frmExecPlus onSubmit (event handler)\r
- // Builds the recall buffer from the command string on submit.\r
- function frmExecPlus_onSubmit( form ) {\r
-\r
- if (!isBlank(form.txtCommand.value)) {\r
- // If this command is repeat of last command, then do not store command.\r
- if (form.txtCommand.value.encode() == arrRecallBuffer[arrRecallBuffer.length-1]) { return true }\r
- \r
- // Stuff encoded command string into the recall buffer.\r
- if (isBlank(form.txtRecallBuffer.value))\r
- form.txtRecallBuffer.value = form.txtCommand.value.encode();\r
- else\r
- form.txtRecallBuffer.value += '&' + form.txtCommand.value.encode();\r
- }\r
-\r
- return true;\r
- }\r
-\r
- // Function: btnRecall onClick (event handler)\r
- // Recalls command buffer going either up or down.\r
- function btnRecall_onClick( form, n ) {\r
-\r
- // If nothing in recall buffer, then error.\r
- if (!arrRecallBuffer.length) {\r
- alert( 'Nothing to recall!' );\r
- form.txtCommand.focus();\r
- return;\r
- }\r
-\r
- // Increment recall buffer pointer in positive or negative direction\r
- // according to <n>.\r
- intRecallPtr += n;\r
-\r
- // Make sure the buffer stays circular.\r
- if (intRecallPtr < 0) { intRecallPtr = arrRecallBuffer.length - 1 }\r
- if (intRecallPtr > (arrRecallBuffer.length - 1)) { intRecallPtr = 0 }\r
-\r
- // Recall the command.\r
- form.txtCommand.value = arrRecallBuffer[intRecallPtr].decode();\r
- }\r
-\r
- // Function: Reset onClick (event handler)\r
- // Resets form on reset button click event.\r
- function Reset_onClick( form ) {\r
-\r
- // Reset recall buffer pointer.\r
- intRecallPtr = arrRecallBuffer.length;\r
-\r
- // Clear form (could have spaces in it) and return focus ready for cmd.\r
- form.txtCommand.value = '';\r
- form.txtCommand.focus();\r
-\r
- return true;\r
- }\r
-\r
- // hansmi, 2005-01-13\r
- function txtCommand_onKey(e) {\r
- if(!e) var e = window.event; // IE-Fix\r
- var code = (e.keyCode?e.keyCode:(e.which?e.which:0));\r
- if(!code) return;\r
- var f = document.getElementsByName('frmExecPlus')[0];\r
- if(!f) return;\r
- switch(code) {\r
- case 38: // up\r
- btnRecall_onClick(f, -1);\r
- break;\r
- case 40: // down\r
- btnRecall_onClick(f, 1);\r
- break;\r
- }\r
- }\r
-//-->\r
-</script>\r
-<link href="gui.css" rel="stylesheet" type="text/css">\r
-<style>\r
-<!--\r
-\r
-input {\r
- font-family: courier new, courier;\r
- font-weight: normal;\r
- font-size: 9pt;\r
-}\r
-\r
-pre {\r
- border: 2px solid #435370;\r
- background: #F0F0F0;\r
- padding: 1em;\r
- font-family: courier new, courier;\r
- white-space: pre;\r
- line-height: 10pt;\r
- font-size: 10pt;\r
-}\r
-\r
-.label {\r
- font-family: tahoma, verdana, arial, helvetica;\r
- font-size: 11px;\r
- font-weight: bold;\r
-}\r
-\r
-.button {\r
- font-family: tahoma, verdana, arial, helvetica;\r
- font-weight: bold;\r
- font-size: 11px;\r
-}\r
-\r
--->\r
-</style>\r
-</head>\r
-<body<?php\r
-if(!isBlank($_POST['txtCommand'])) {\r
- echo ' onload="document.forms[\'frmExecPlus\'].txtCommand.focus();"';\r
-}\r
-?>>\r
-<p><span class="pgtitle"><?=$Title ?></span>\r
-<?php if (isBlank($_POST['txtCommand'])): ?>\r
-<p class="red"><strong>Note: this function is unsupported. Use it\r
-on your own risk!</strong></p>\r
-<?php endif; ?>\r
-<?php if ($ulmsg) echo "<p><strong>" . $ulmsg . "</strong></p>\n"; ?>\r
-<?php\r
-\r
-if (!isBlank($_POST['txtCommand'])) {\r
- puts("<pre>");\r
- puts("\$ " . htmlspecialchars($_POST['txtCommand']));\r
- putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");\r
- putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " ")); /* PHP scripts */\r
- $ph = popen($_POST['txtCommand'], "r" );\r
- while ($line = fgets($ph)) echo htmlspecialchars($line);\r
- pclose($ph);\r
- puts("</pre>");\r
-}\r
-\r
-?>\r
-\r
-<form action="<?=$ScriptName ?>" method="POST" enctype="multipart/form-data" name="frmExecPlus" onSubmit="return frmExecPlus_onSubmit( this );">\r
- <table>\r
- <tr>\r
- <td class="label" align="right">Command:</td>\r
- <td class="type"><input name="txtCommand" type="text" size="80" value="" onkeypress="txtCommand_onKey(event);"></td>\r
- </tr>\r
- <tr>\r
- <td valign="top"> </td>\r
- <td valign="top" class="label">\r
- <input type="hidden" name="txtRecallBuffer" value="<?=$_POST['txtRecallBuffer'] ?>">\r
- <input type="button" class="button" name="btnRecallPrev" value="<" onClick="btnRecall_onClick( this.form, -1 );">\r
- <input type="submit" class="button" value="Execute">\r
- <input type="button" class="button" name="btnRecallNext" value=">" onClick="btnRecall_onClick( this.form, 1 );">\r
- <input type="button" class="button" value="Clear" onClick="return Reset_onClick( this.form );">\r
- </td>\r
- </tr>\r
- <tr>\r
- <td height="8"></td>\r
- <td></td>\r
- </tr>\r
- <tr>\r
- <td align="right">Download:</td>\r
- <td>\r
- <input name="dlPath" type="text" id="dlPath" size="50">\r
- <input name="submit" type="submit" class="button" id="download" value="Download">\r
- </td>\r
- </tr>\r
- <tr>\r
- <td align="right">Upload:</td>\r
- <td valign="top" class="label">\r
-<input name="ulfile" type="file" class="button" id="ulfile">\r
- <input name="submit" type="submit" class="button" id="upload" value="Upload"></td>\r
- </tr>\r
- </table>\r
-</form>\r
-</body>\r
-</html>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 technologEase (http://www.technologEase.com) and Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+require("guiconfig.inc");
+
+if (($_POST['submit'] == "Download") && file_exists($_POST['dlPath'])) {
+ session_cache_limiter('public');
+ $fd = fopen($_POST['dlPath'], "rb");
+ header("Content-Type: application/octet-stream");
+ header("Content-Length: " . filesize($_POST['dlPath']));
+ header("Content-Disposition: attachment; filename=\"" .
+ trim(htmlentities(basename($_POST['dlPath']))) . "\"");
+
+ fpassthru($fd);
+ exit;
+} else if (($_POST['submit'] == "Upload") && is_uploaded_file($_FILES['ulfile']['tmp_name'])) {
+ move_uploaded_file($_FILES['ulfile']['tmp_name'], "/tmp/" . $_FILES['ulfile']['name']);
+ $ulmsg = "Uploaded file to /tmp/" . htmlentities($_FILES['ulfile']['name']);
+ unset($_POST['txtCommand']);
+}
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<?php
+
+/*
+ Exec+ v1.02-000 - Copyright 2001-2003, All rights reserved
+ Created by technologEase (http://www.technologEase.com).
+
+ (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)
+*/
+
+// Function: is Blank
+// Returns true or false depending on blankness of argument.
+
+function isBlank( $arg ) { return ereg( "^\s*$", $arg ); }
+
+
+// Function: Puts
+// Put string, Ruby-style.
+
+function puts( $arg ) { echo "$arg\n"; }
+
+
+// "Constants".
+
+$Version = '';
+$ScriptName = $HTTP_SERVER_VARS['SCRIPT_NAME'];
+$Title = 'm0n0wall: execute command';
+
+// Get year.
+
+$arrDT = localtime();
+$intYear = $arrDT[5] + 1900;
+
+?>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+<title><?=$Title ?></title>
+<script language="javascript">
+<!--
+
+ // Create recall buffer array (of encoded strings).
+
+<?php
+
+if (isBlank( $_POST['txtRecallBuffer'] )) {
+ puts( " var arrRecallBuffer = new Array;" );
+} else {
+ puts( " var arrRecallBuffer = new Array(" );
+ $arrBuffer = explode( "&", $_POST['txtRecallBuffer'] );
+ for ($i=0; $i < (count( $arrBuffer ) - 1); $i++) puts( " '" . $arrBuffer[$i] . "'," );
+ puts( " '" . $arrBuffer[count( $arrBuffer ) - 1] . "'" );
+ puts( " );" );
+}
+
+?>
+
+ // Set pointer to end of recall buffer.
+ var intRecallPtr = arrRecallBuffer.length;
+
+ // Functions to extend String class.
+ function str_encode() { return escape( this ) }
+ function str_decode() { return unescape( this ) }
+
+ // Extend string class to include encode() and decode() functions.
+ String.prototype.encode = str_encode
+ String.prototype.decode = str_decode
+
+ // Function: is Blank
+ // Returns boolean true or false if argument is blank.
+ function isBlank( strArg ) { return strArg.match( /^\s*$/ ) }
+
+ // Function: frmExecPlus onSubmit (event handler)
+ // Builds the recall buffer from the command string on submit.
+ function frmExecPlus_onSubmit( form ) {
+
+ if (!isBlank(form.txtCommand.value)) {
+ // If this command is repeat of last command, then do not store command.
+ if (form.txtCommand.value.encode() == arrRecallBuffer[arrRecallBuffer.length-1]) { return true }
+
+ // Stuff encoded command string into the recall buffer.
+ if (isBlank(form.txtRecallBuffer.value))
+ form.txtRecallBuffer.value = form.txtCommand.value.encode();
+ else
+ form.txtRecallBuffer.value += '&' + form.txtCommand.value.encode();
+ }
+
+ return true;
+ }
+
+ // Function: btnRecall onClick (event handler)
+ // Recalls command buffer going either up or down.
+ function btnRecall_onClick( form, n ) {
+
+ // If nothing in recall buffer, then error.
+ if (!arrRecallBuffer.length) {
+ alert( 'Nothing to recall!' );
+ form.txtCommand.focus();
+ return;
+ }
+
+ // Increment recall buffer pointer in positive or negative direction
+ // according to <n>.
+ intRecallPtr += n;
+
+ // Make sure the buffer stays circular.
+ if (intRecallPtr < 0) { intRecallPtr = arrRecallBuffer.length - 1 }
+ if (intRecallPtr > (arrRecallBuffer.length - 1)) { intRecallPtr = 0 }
+
+ // Recall the command.
+ form.txtCommand.value = arrRecallBuffer[intRecallPtr].decode();
+ }
+
+ // Function: Reset onClick (event handler)
+ // Resets form on reset button click event.
+ function Reset_onClick( form ) {
+
+ // Reset recall buffer pointer.
+ intRecallPtr = arrRecallBuffer.length;
+
+ // Clear form (could have spaces in it) and return focus ready for cmd.
+ form.txtCommand.value = '';
+ form.txtCommand.focus();
+
+ return true;
+ }
+
+ // hansmi, 2005-01-13
+ function txtCommand_onKey(e) {
+ if(!e) var e = window.event; // IE-Fix
+ var code = (e.keyCode?e.keyCode:(e.which?e.which:0));
+ if(!code) return;
+ var f = document.getElementsByName('frmExecPlus')[0];
+ if(!f) return;
+ switch(code) {
+ case 38: // up
+ btnRecall_onClick(f, -1);
+ break;
+ case 40: // down
+ btnRecall_onClick(f, 1);
+ break;
+ }
+ }
+//-->
+</script>
+<link href="gui.css" rel="stylesheet" type="text/css">
+<style>
+<!--
+
+input {
+ font-family: courier new, courier;
+ font-weight: normal;
+ font-size: 9pt;
+}
+
+pre {
+ border: 2px solid #435370;
+ background: #F0F0F0;
+ padding: 1em;
+ font-family: courier new, courier;
+ white-space: pre;
+ line-height: 10pt;
+ font-size: 10pt;
+}
+
+.label {
+ font-family: tahoma, verdana, arial, helvetica;
+ font-size: 11px;
+ font-weight: bold;
+}
+
+.button {
+ font-family: tahoma, verdana, arial, helvetica;
+ font-weight: bold;
+ font-size: 11px;
+}
+
+-->
+</style>
+</head>
+<body<?php
+if(!isBlank($_POST['txtCommand'])) {
+ echo ' onload="document.forms[\'frmExecPlus\'].txtCommand.focus();"';
+}
+?>>
+<p><span class="pgtitle"><?=$Title ?></span>
+<?php if (isBlank($_POST['txtCommand'])): ?>
+<p class="red"><strong>Note: this function is unsupported. Use it
+on your own risk!</strong></p>
+<?php endif; ?>
+<?php if ($ulmsg) echo "<p><strong>" . $ulmsg . "</strong></p>\n"; ?>
+<?php
+
+if (!isBlank($_POST['txtCommand'])) {
+ puts("<pre>");
+ puts("\$ " . htmlspecialchars($_POST['txtCommand']));
+ putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");
+ putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " ")); /* PHP scripts */
+ $ph = popen($_POST['txtCommand'], "r" );
+ while ($line = fgets($ph)) echo htmlspecialchars($line);
+ pclose($ph);
+ puts("</pre>");
+}
+
+?>
+
+<form action="<?=$ScriptName ?>" method="POST" enctype="multipart/form-data" name="frmExecPlus" onSubmit="return frmExecPlus_onSubmit( this );">
+ <table>
+ <tr>
+ <td class="label" align="right">Command:</td>
+ <td class="type"><input name="txtCommand" type="text" size="80" value="" onkeypress="txtCommand_onKey(event);"></td>
+ </tr>
+ <tr>
+ <td valign="top"> </td>
+ <td valign="top" class="label">
+ <input type="hidden" name="txtRecallBuffer" value="<?=$_POST['txtRecallBuffer'] ?>">
+ <input type="button" class="button" name="btnRecallPrev" value="<" onClick="btnRecall_onClick( this.form, -1 );">
+ <input type="submit" class="button" value="Execute">
+ <input type="button" class="button" name="btnRecallNext" value=">" onClick="btnRecall_onClick( this.form, 1 );">
+ <input type="button" class="button" value="Clear" onClick="return Reset_onClick( this.form );">
+ </td>
+ </tr>
+ <tr>
+ <td height="8"></td>
+ <td></td>
+ </tr>
+ <tr>
+ <td align="right">Download:</td>
+ <td>
+ <input name="dlPath" type="text" id="dlPath" size="50">
+ <input name="submit" type="submit" class="button" id="download" value="Download">
+ </td>
+ </tr>
+ <tr>
+ <td align="right">Upload:</td>
+ <td valign="top" class="label">
+<input name="ulfile" type="file" class="button" id="ulfile">
+ <input name="submit" type="submit" class="button" id="upload" value="Upload"></td>
+ </tr>
+ </table>
+</form>
+</body>
+</html>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
-\r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
-\r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
-\r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
-\r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
-\r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-require("guiconfig.inc");\r
-\r
-header("Content-Type: text/plain");\r
-\r
-putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");\r
-passthru($_GET['cmd']);\r
-\r
-exit(0);\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+require("guiconfig.inc");
+
+header("Content-Type: text/plain");
+
+putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");
+passthru($_GET['cmd']);
+
+exit(0);
?>
\ No newline at end of file
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Firewall", "NAT", "Inbound");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['nat']['rule'])) {\r
- $config['nat']['rule'] = array();\r
-}\r
-nat_rules_sort();\r
-$a_nat = &$config['nat']['rule'];\r
-\r
-if ($_POST) {\r
-\r
- $pconfig = $_POST;\r
-\r
- if ($_POST['apply']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval |= filter_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- \r
- if ($retval == 0) {\r
- if (file_exists($d_natconfdirty_path))\r
- unlink($d_natconfdirty_path);\r
- if (file_exists($d_filterconfdirty_path))\r
- unlink($d_filterconfdirty_path);\r
- }\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_nat[$_GET['id']]) {\r
- unset($a_nat[$_GET['id']]);\r
- write_config();\r
- touch($d_natconfdirty_path);\r
- header("Location: firewall_nat.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="firewall_nat.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_natconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php\r
- $tabs = array('Inbound' => 'firewall_nat.php',\r
- 'Server NAT' => 'firewall_nat_server.php',\r
- '1:1' => 'firewall_nat_1to1.php',\r
- 'Outbound' => 'firewall_nat_out.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td width="5%" class="listhdrr">If</td>\r
- <td width="5%" class="listhdrr">Proto</td>\r
- <td width="20%" class="listhdrr">Ext. port range</td>\r
- <td width="20%" class="listhdrr">NAT IP</td>\r
- <td width="20%" class="listhdrr">Int. port range</td>\r
- <td width="20%" class="listhdr">Description</td>\r
- <td width="5%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_nat as $natent): ?>\r
- <tr valign="top"> \r
- <td class="listlr">\r
- <?php\r
- if (!$natent['interface'] || ($natent['interface'] == "wan"))\r
- echo "WAN";\r
- else\r
- echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);\r
- ?>\r
- </td>\r
- <td class="listr"> \r
- <?=strtoupper($natent['protocol']);?>\r
- </td>\r
- <td class="listr">\r
- <?php \r
- list($beginport, $endport) = split("-", $natent['external-port']);\r
- if ((!$endport) || ($beginport == $endport)) {\r
- echo $beginport;\r
- if ($wkports[$beginport])\r
- echo " (" . $wkports[$beginport] . ")";\r
- } else\r
- echo $beginport . " - " . $endport;\r
- ?>\r
- </td>\r
- <td class="listr"> \r
- <?=$natent['target'];?>\r
- <?php if ($natent['external-address'])\r
- echo "<br>(ext.: " . $natent['external-address'] . ")";\r
- ?>\r
- </td>\r
- <td class="listr"> \r
- <?php if ((!$endport) || ($beginport == $endport)) {\r
- echo $natent['local-port'];\r
- if ($wkports[$natent['local-port']])\r
- echo " (" . $wkports[$natent['local-port']] . ")";\r
- } else\r
- echo $natent['local-port'] . " - " . \r
- ($natent['local-port']+$endport-$beginport);\r
- ?>\r
- </td>\r
- <td class="listbg"> \r
- <?=htmlspecialchars($natent['descr']);?> \r
- </td>\r
- <td valign="middle" class="list" nowrap> <a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a>\r
- <a href="firewall_nat.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="6"></td>\r
- <td class="list"> <a href="firewall_nat_edit.php"><img src="plus.gif" title="add rule" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table><br>\r
- <span class="vexpl"><span class="red"><strong>Note:<br>\r
- </strong></span>It is not possible to access NATed services \r
- using the WAN IP address from within LAN (or an optional \r
- network).</span></td>\r
- </tr>\r
-</table>\r
- </form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Firewall", "NAT", "Inbound");
+require("guiconfig.inc");
+
+if (!is_array($config['nat']['rule'])) {
+ $config['nat']['rule'] = array();
+}
+nat_rules_sort();
+$a_nat = &$config['nat']['rule'];
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval |= filter_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+
+ if ($retval == 0) {
+ if (file_exists($d_natconfdirty_path))
+ unlink($d_natconfdirty_path);
+ if (file_exists($d_filterconfdirty_path))
+ unlink($d_filterconfdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_nat[$_GET['id']]) {
+ unset($a_nat[$_GET['id']]);
+ write_config();
+ touch($d_natconfdirty_path);
+ header("Location: firewall_nat.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="firewall_nat.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_natconfdirty_path)): ?><p>
+<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Inbound' => 'firewall_nat.php',
+ 'Server NAT' => 'firewall_nat_server.php',
+ '1:1' => 'firewall_nat_1to1.php',
+ 'Outbound' => 'firewall_nat_out.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="5%" class="listhdrr">If</td>
+ <td width="5%" class="listhdrr">Proto</td>
+ <td width="20%" class="listhdrr">Ext. port range</td>
+ <td width="20%" class="listhdrr">NAT IP</td>
+ <td width="20%" class="listhdrr">Int. port range</td>
+ <td width="20%" class="listhdr">Description</td>
+ <td width="5%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_nat as $natent): ?>
+ <tr valign="top">
+ <td class="listlr">
+ <?php
+ if (!$natent['interface'] || ($natent['interface'] == "wan"))
+ echo "WAN";
+ else
+ echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
+ ?>
+ </td>
+ <td class="listr">
+ <?=strtoupper($natent['protocol']);?>
+ </td>
+ <td class="listr">
+ <?php
+ list($beginport, $endport) = split("-", $natent['external-port']);
+ if ((!$endport) || ($beginport == $endport)) {
+ echo $beginport;
+ if ($wkports[$beginport])
+ echo " (" . $wkports[$beginport] . ")";
+ } else
+ echo $beginport . " - " . $endport;
+ ?>
+ </td>
+ <td class="listr">
+ <?=$natent['target'];?>
+ <?php if ($natent['external-address'])
+ echo "<br>(ext.: " . $natent['external-address'] . ")";
+ ?>
+ </td>
+ <td class="listr">
+ <?php if ((!$endport) || ($beginport == $endport)) {
+ echo $natent['local-port'];
+ if ($wkports[$natent['local-port']])
+ echo " (" . $wkports[$natent['local-port']] . ")";
+ } else
+ echo $natent['local-port'] . " - " .
+ ($natent['local-port']+$endport-$beginport);
+ ?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($natent['descr']);?>
+ </td>
+ <td valign="middle" class="list" nowrap> <a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a>
+ <a href="firewall_nat.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="6"></td>
+ <td class="list"> <a href="firewall_nat_edit.php"><img src="plus.gif" title="add rule" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table><br>
+ <span class="vexpl"><span class="red"><strong>Note:<br>
+ </strong></span>It is not possible to access NATed services
+ using the WAN IP address from within LAN (or an optional
+ network).</span></td>
+ </tr>
+</table>
+ </form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Firewall", "NAT", "1:1");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['nat']['onetoone'])) {\r
- $config['nat']['onetoone'] = array();\r
-}\r
-$a_1to1 = &$config['nat']['onetoone'];\r
-nat_1to1_rules_sort();\r
-\r
-if ($_POST) {\r
-\r
- $pconfig = $_POST;\r
-\r
- if ($_POST['apply']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval |= filter_configure();\r
- $retval |= services_proxyarp_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- \r
- if ($retval == 0) {\r
- if (file_exists($d_natconfdirty_path))\r
- unlink($d_natconfdirty_path);\r
- if (file_exists($d_filterconfdirty_path))\r
- unlink($d_filterconfdirty_path);\r
- if (file_exists($d_proxyarpdirty_path))\r
- unlink($d_proxyarpdirty_path);\r
- }\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_1to1[$_GET['id']]) {\r
- unset($a_1to1[$_GET['id']]);\r
- write_config();\r
- touch($d_natconfdirty_path);\r
- header("Location: firewall_nat_1to1.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="firewall_nat_1to1.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_natconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
-<tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php\r
- $tabs = array('Inbound' => 'firewall_nat.php',\r
- 'Server NAT' => 'firewall_nat_server.php',\r
- '1:1' => 'firewall_nat_1to1.php',\r
- 'Outbound' => 'firewall_nat_out.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td width="10%" class="listhdrr">Interface</td>\r
- <td width="20%" class="listhdrr">External IP</td>\r
- <td width="20%" class="listhdrr">Internal IP</td>\r
- <td width="40%" class="listhdr">Description</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_1to1 as $natent): ?>\r
- <tr> \r
- <td class="listlr">\r
- <?php\r
- if (!$natent['interface'] || ($natent['interface'] == "wan"))\r
- echo "WAN";\r
- else\r
- echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);\r
- ?>\r
- </td>\r
- <td class="listr"> \r
- <?php echo $natent['external'];\r
- if ($natent['subnet']) echo "/" . $natent['subnet']; ?>\r
- </td>\r
- <td class="listr"> \r
- <?php echo $natent['internal'];\r
- if ($natent['subnet']) echo "/" . $natent['subnet']; ?>\r
- </td>\r
- <td class="listbg"> \r
- <?=htmlspecialchars($natent['descr']);?> \r
- </td>\r
- <td class="list" nowrap> <a href="firewall_nat_1to1_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit mapping" width="17" height="17" border="0"></a>\r
- <a href="firewall_nat_1to1.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this mapping?')"><img src="x.gif" title="delete mapping" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="4"></td>\r
- <td class="list"> <a href="firewall_nat_1to1_edit.php"><img src="plus.gif" title="add mapping" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table><br>\r
- <span class="vexpl"><span class="red"><strong>Note:<br>\r
- </strong></span>Depending on the way your WAN connection is setup, you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span>\r
-</td>\r
-</tr>\r
-</table>\r
-</form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Firewall", "NAT", "1:1");
+require("guiconfig.inc");
+
+if (!is_array($config['nat']['onetoone'])) {
+ $config['nat']['onetoone'] = array();
+}
+$a_1to1 = &$config['nat']['onetoone'];
+nat_1to1_rules_sort();
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval |= filter_configure();
+ $retval |= services_proxyarp_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+
+ if ($retval == 0) {
+ if (file_exists($d_natconfdirty_path))
+ unlink($d_natconfdirty_path);
+ if (file_exists($d_filterconfdirty_path))
+ unlink($d_filterconfdirty_path);
+ if (file_exists($d_proxyarpdirty_path))
+ unlink($d_proxyarpdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_1to1[$_GET['id']]) {
+ unset($a_1to1[$_GET['id']]);
+ write_config();
+ touch($d_natconfdirty_path);
+ header("Location: firewall_nat_1to1.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="firewall_nat_1to1.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_natconfdirty_path)): ?><p>
+<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Inbound' => 'firewall_nat.php',
+ 'Server NAT' => 'firewall_nat_server.php',
+ '1:1' => 'firewall_nat_1to1.php',
+ 'Outbound' => 'firewall_nat_out.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="10%" class="listhdrr">Interface</td>
+ <td width="20%" class="listhdrr">External IP</td>
+ <td width="20%" class="listhdrr">Internal IP</td>
+ <td width="40%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_1to1 as $natent): ?>
+ <tr>
+ <td class="listlr">
+ <?php
+ if (!$natent['interface'] || ($natent['interface'] == "wan"))
+ echo "WAN";
+ else
+ echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
+ ?>
+ </td>
+ <td class="listr">
+ <?php echo $natent['external'];
+ if ($natent['subnet']) echo "/" . $natent['subnet']; ?>
+ </td>
+ <td class="listr">
+ <?php echo $natent['internal'];
+ if ($natent['subnet']) echo "/" . $natent['subnet']; ?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($natent['descr']);?>
+ </td>
+ <td class="list" nowrap> <a href="firewall_nat_1to1_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit mapping" width="17" height="17" border="0"></a>
+ <a href="firewall_nat_1to1.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this mapping?')"><img src="x.gif" title="delete mapping" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="4"></td>
+ <td class="list"> <a href="firewall_nat_1to1_edit.php"><img src="plus.gif" title="add mapping" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table><br>
+ <span class="vexpl"><span class="red"><strong>Note:<br>
+ </strong></span>Depending on the way your WAN connection is setup, you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span>
+</td>
+</tr>
+</table>
+</form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Firewall", "NAT", "Outbound");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['nat']['advancedoutbound']['rule']))\r
- $config['nat']['advancedoutbound']['rule'] = array();\r
- \r
-$a_out = &$config['nat']['advancedoutbound']['rule'];\r
-nat_out_rules_sort();\r
-\r
-if ($_POST) {\r
-\r
- $pconfig = $_POST;\r
-\r
- $config['nat']['advancedoutbound']['enable'] = ($_POST['enable']) ? true : false;\r
- write_config();\r
- \r
- $retval = 0;\r
- \r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval |= filter_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- \r
- if ($retval == 0) {\r
- if (file_exists($d_natconfdirty_path))\r
- unlink($d_natconfdirty_path);\r
- if (file_exists($d_filterconfdirty_path))\r
- unlink($d_filterconfdirty_path);\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_out[$_GET['id']]) {\r
- unset($a_out[$_GET['id']]);\r
- write_config();\r
- touch($d_natconfdirty_path);\r
- header("Location: firewall_nat_out.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="firewall_nat_out.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_natconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
-<tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php\r
- $tabs = array('Inbound' => 'firewall_nat.php',\r
- 'Server NAT' => 'firewall_nat_server.php',\r
- '1:1' => 'firewall_nat_1to1.php',\r
- 'Outbound' => 'firewall_nat_out.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td class="vtable">\r
- <input name="enable" type="checkbox" id="enable" value="yes" <?php if (isset($config['nat']['advancedoutbound']['enable'])) echo "checked";?>>\r
- <strong>Enable advanced outbound NAT</strong></td>\r
- </tr>\r
- <tr> \r
- <td> <input name="submit" type="submit" class="formbtn" value="Save"> \r
- </td>\r
- </tr>\r
- <tr>\r
- <td><p><span class="vexpl"><span class="red"><strong>Note:<br>\r
- </strong></span>If advanced outbound NAT is enabled, no outbound NAT\r
- rules will be automatically generated anymore. Instead, only the mappings\r
- you specify below will be used. With advanced outbound NAT disabled,\r
- a mapping is automatically created for each interface's subnet\r
- (except WAN) and any mappings specified below will be ignored.</span>\r
- If you use target addresses other than the WAN interface's IP address,\r
- then depending on<span class="vexpl"> the way your WAN connection is setup,\r
- you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span><br>\r
- <br>\r
- You may enter your own mappings below.</p>\r
- </td>\r
- </tr>\r
- </table>\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td width="10%" class="listhdrr">Interface</td>\r
- <td width="20%" class="listhdrr">Source</td>\r
- <td width="20%" class="listhdrr">Destination</td>\r
- <td width="20%" class="listhdrr">Target</td>\r
- <td width="25%" class="listhdr">Description</td>\r
- <td width="5%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_out as $natent): ?>\r
- <tr> \r
- <td class="listlr">\r
- <?php\r
- if (!$natent['interface'] || ($natent['interface'] == "wan"))\r
- echo "WAN";\r
- else\r
- echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);\r
- ?>\r
- </td>\r
- <td class="listr"> \r
- <?=$natent['source']['network'];?>\r
- </td>\r
- <td class="listr"> \r
- <?php\r
- if (isset($natent['destination']['any']))\r
- echo "*";\r
- else {\r
- if (isset($natent['destination']['not']))\r
- echo "! ";\r
- echo $natent['destination']['network'];\r
- }\r
- ?>\r
- </td>\r
- <td class="listr"> \r
- <?php\r
- if (!$natent['target'])\r
- echo "*";\r
- else\r
- echo $natent['target'];\r
- ?>\r
- </td>\r
- <td class="listbg"> \r
- <?=htmlspecialchars($natent['descr']);?> \r
- </td>\r
- <td class="list" nowrap> <a href="firewall_nat_out_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit mapping" width="17" height="17" border="0"></a>\r
- <a href="firewall_nat_out.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this mapping?')"><img src="x.gif" title="delete mapping" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="5"></td>\r
- <td class="list"> <a href="firewall_nat_out_edit.php"><img src="plus.gif" title="add mapping" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table>\r
-</td>\r
- </tr>\r
-</table>\r
- </form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Firewall", "NAT", "Outbound");
+require("guiconfig.inc");
+
+if (!is_array($config['nat']['advancedoutbound']['rule']))
+ $config['nat']['advancedoutbound']['rule'] = array();
+
+$a_out = &$config['nat']['advancedoutbound']['rule'];
+nat_out_rules_sort();
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ $config['nat']['advancedoutbound']['enable'] = ($_POST['enable']) ? true : false;
+ write_config();
+
+ $retval = 0;
+
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval |= filter_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+
+ if ($retval == 0) {
+ if (file_exists($d_natconfdirty_path))
+ unlink($d_natconfdirty_path);
+ if (file_exists($d_filterconfdirty_path))
+ unlink($d_filterconfdirty_path);
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_out[$_GET['id']]) {
+ unset($a_out[$_GET['id']]);
+ write_config();
+ touch($d_natconfdirty_path);
+ header("Location: firewall_nat_out.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="firewall_nat_out.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_natconfdirty_path)): ?><p>
+<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Inbound' => 'firewall_nat.php',
+ 'Server NAT' => 'firewall_nat_server.php',
+ '1:1' => 'firewall_nat_1to1.php',
+ 'Outbound' => 'firewall_nat_out.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td class="vtable">
+ <input name="enable" type="checkbox" id="enable" value="yes" <?php if (isset($config['nat']['advancedoutbound']['enable'])) echo "checked";?>>
+ <strong>Enable advanced outbound NAT</strong></td>
+ </tr>
+ <tr>
+ <td> <input name="submit" type="submit" class="formbtn" value="Save">
+ </td>
+ </tr>
+ <tr>
+ <td><p><span class="vexpl"><span class="red"><strong>Note:<br>
+ </strong></span>If advanced outbound NAT is enabled, no outbound NAT
+ rules will be automatically generated anymore. Instead, only the mappings
+ you specify below will be used. With advanced outbound NAT disabled,
+ a mapping is automatically created for each interface's subnet
+ (except WAN) and any mappings specified below will be ignored.</span>
+ If you use target addresses other than the WAN interface's IP address,
+ then depending on<span class="vexpl"> the way your WAN connection is setup,
+ you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span><br>
+ <br>
+ You may enter your own mappings below.</p>
+ </td>
+ </tr>
+ </table>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="10%" class="listhdrr">Interface</td>
+ <td width="20%" class="listhdrr">Source</td>
+ <td width="20%" class="listhdrr">Destination</td>
+ <td width="20%" class="listhdrr">Target</td>
+ <td width="25%" class="listhdr">Description</td>
+ <td width="5%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_out as $natent): ?>
+ <tr>
+ <td class="listlr">
+ <?php
+ if (!$natent['interface'] || ($natent['interface'] == "wan"))
+ echo "WAN";
+ else
+ echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
+ ?>
+ </td>
+ <td class="listr">
+ <?=$natent['source']['network'];?>
+ </td>
+ <td class="listr">
+ <?php
+ if (isset($natent['destination']['any']))
+ echo "*";
+ else {
+ if (isset($natent['destination']['not']))
+ echo "! ";
+ echo $natent['destination']['network'];
+ }
+ ?>
+ </td>
+ <td class="listr">
+ <?php
+ if (!$natent['target'])
+ echo "*";
+ else
+ echo $natent['target'];
+ ?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($natent['descr']);?>
+ </td>
+ <td class="list" nowrap> <a href="firewall_nat_out_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit mapping" width="17" height="17" border="0"></a>
+ <a href="firewall_nat_out.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this mapping?')"><img src="x.gif" title="delete mapping" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="5"></td>
+ <td class="list"> <a href="firewall_nat_out_edit.php"><img src="plus.gif" title="add mapping" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
+</td>
+ </tr>
+</table>
+ </form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Firewall", "NAT", "Server NAT");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['nat']['servernat'])) {\r
- $config['nat']['servernat'] = array();\r
-}\r
-$a_snat = &$config['nat']['servernat'];\r
-nat_server_rules_sort();\r
-\r
-if ($_POST) {\r
-\r
- $pconfig = $_POST;\r
-\r
- if ($_POST['apply']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval |= filter_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- \r
- if ($retval == 0) {\r
- if (file_exists($d_natconfdirty_path))\r
- unlink($d_natconfdirty_path);\r
- if (file_exists($d_filterconfdirty_path))\r
- unlink($d_filterconfdirty_path);\r
- }\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_snat[$_GET['id']]) {\r
- /* make sure no inbound NAT mappings reference this entry */\r
- if (is_array($config['nat']['rule'])) {\r
- foreach ($config['nat']['rule'] as $rule) {\r
- if ($rule['external-address'] == $a_snat[$_GET['id']]['ipaddr']) {\r
- $input_errors[] = "This entry cannot be deleted because it is still referenced by at least one inbound NAT mapping.";\r
- break;\r
- }\r
- }\r
- }\r
- \r
- if (!$input_errors) {\r
- unset($a_snat[$_GET['id']]);\r
- write_config();\r
- touch($d_natconfdirty_path);\r
- header("Location: firewall_nat_server.php");\r
- exit;\r
- }\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="firewall_nat_server.php" method="post">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_natconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
-<tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php\r
- $tabs = array('Inbound' => 'firewall_nat.php',\r
- 'Server NAT' => 'firewall_nat_server.php',\r
- '1:1' => 'firewall_nat_1to1.php',\r
- 'Outbound' => 'firewall_nat_out.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td width="40%" class="listhdrr">External IP address</td>\r
- <td width="50%" class="listhdr">Description</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_snat as $natent): ?>\r
- <tr> \r
- <td class="listlr"> \r
- <?=$natent['ipaddr'];?>\r
- </td>\r
- <td class="listbg"> \r
- <?=htmlspecialchars($natent['descr']);?> \r
- </td>\r
- <td class="list" nowrap> <a href="firewall_nat_server_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit entry" width="17" height="17" border="0"></a>\r
- <a href="firewall_nat_server.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="x.gif" title="delete entry" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="2"></td>\r
- <td class="list"> <a href="firewall_nat_server_edit.php"><img src="plus.gif" title="add entry" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table><br>\r
- <span class="vexpl"><span class="red"><strong>Note:<br>\r
- </strong></span>The external IP addresses defined on this page may be used in <a href="firewall_nat.php">inbound NAT</a> mappings. Depending on the way your WAN connection is setup, you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span>\r
-</td>\r
- </tr>\r
-</table>\r
- </form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Firewall", "NAT", "Server NAT");
+require("guiconfig.inc");
+
+if (!is_array($config['nat']['servernat'])) {
+ $config['nat']['servernat'] = array();
+}
+$a_snat = &$config['nat']['servernat'];
+nat_server_rules_sort();
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval |= filter_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+
+ if ($retval == 0) {
+ if (file_exists($d_natconfdirty_path))
+ unlink($d_natconfdirty_path);
+ if (file_exists($d_filterconfdirty_path))
+ unlink($d_filterconfdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_snat[$_GET['id']]) {
+ /* make sure no inbound NAT mappings reference this entry */
+ if (is_array($config['nat']['rule'])) {
+ foreach ($config['nat']['rule'] as $rule) {
+ if ($rule['external-address'] == $a_snat[$_GET['id']]['ipaddr']) {
+ $input_errors[] = "This entry cannot be deleted because it is still referenced by at least one inbound NAT mapping.";
+ break;
+ }
+ }
+ }
+
+ if (!$input_errors) {
+ unset($a_snat[$_GET['id']]);
+ write_config();
+ touch($d_natconfdirty_path);
+ header("Location: firewall_nat_server.php");
+ exit;
+ }
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="firewall_nat_server.php" method="post">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_natconfdirty_path)): ?><p>
+<?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Inbound' => 'firewall_nat.php',
+ 'Server NAT' => 'firewall_nat_server.php',
+ '1:1' => 'firewall_nat_1to1.php',
+ 'Outbound' => 'firewall_nat_out.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="80%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="40%" class="listhdrr">External IP address</td>
+ <td width="50%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_snat as $natent): ?>
+ <tr>
+ <td class="listlr">
+ <?=$natent['ipaddr'];?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($natent['descr']);?>
+ </td>
+ <td class="list" nowrap> <a href="firewall_nat_server_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit entry" width="17" height="17" border="0"></a>
+ <a href="firewall_nat_server.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="x.gif" title="delete entry" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="2"></td>
+ <td class="list"> <a href="firewall_nat_server_edit.php"><img src="plus.gif" title="add entry" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table><br>
+ <span class="vexpl"><span class="red"><strong>Note:<br>
+ </strong></span>The external IP addresses defined on this page may be used in <a href="firewall_nat.php">inbound NAT</a> mappings. Depending on the way your WAN connection is setup, you may also need <a href="services_proxyarp.php">proxy ARP</a>.</span>
+</td>
+ </tr>
+</table>
+ </form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Firewall", "Traffic shaper", "Rules");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['shaper']['rule'])) {\r
- $config['shaper']['rule'] = array();\r
-}\r
-if (!is_array($config['shaper']['pipe'])) {\r
- $config['shaper']['pipe'] = array();\r
-}\r
-if (!is_array($config['shaper']['queue'])) {\r
- $config['shaper']['queue'] = array();\r
-}\r
-$a_shaper = &$config['shaper']['rule'];\r
-$a_pipe = &$config['shaper']['pipe'];\r
-$a_queue = &$config['shaper']['queue'];\r
-\r
-$pconfig['enable'] = isset($config['shaper']['enable']);\r
-\r
-if ($_POST) {\r
-\r
- if ($_POST['submit']) {\r
- $pconfig = $_POST;\r
- $config['shaper']['enable'] = $_POST['enable'] ? true : false;\r
- write_config();\r
- }\r
- \r
- if ($_POST['apply'] || $_POST['submit']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval = shaper_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- if ($retval == 0) {\r
- if (file_exists($d_shaperconfdirty_path))\r
- unlink($d_shaperconfdirty_path);\r
- }\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_shaper[$_GET['id']]) {\r
- unset($a_shaper[$_GET['id']]);\r
- write_config();\r
- touch($d_shaperconfdirty_path);\r
- header("Location: firewall_shaper.php");\r
- exit;\r
- }\r
-} else if ($_GET['act'] == "down") {\r
- if ($a_shaper[$_GET['id']] && $a_shaper[$_GET['id']+1]) {\r
- $tmp = $a_shaper[$_GET['id']+1];\r
- $a_shaper[$_GET['id']+1] = $a_shaper[$_GET['id']];\r
- $a_shaper[$_GET['id']] = $tmp;\r
- write_config();\r
- touch($d_shaperconfdirty_path);\r
- header("Location: firewall_shaper.php");\r
- exit;\r
- }\r
-} else if ($_GET['act'] == "up") {\r
- if (($_GET['id'] > 0) && $a_shaper[$_GET['id']]) {\r
- $tmp = $a_shaper[$_GET['id']-1];\r
- $a_shaper[$_GET['id']-1] = $a_shaper[$_GET['id']];\r
- $a_shaper[$_GET['id']] = $tmp;\r
- write_config();\r
- touch($d_shaperconfdirty_path);\r
- header("Location: firewall_shaper.php");\r
- exit;\r
- }\r
-} else if ($_GET['act'] == "toggle") {\r
- if ($a_shaper[$_GET['id']]) {\r
- $a_shaper[$_GET['id']]['disabled'] = !isset($a_shaper[$_GET['id']]['disabled']);\r
- write_config();\r
- touch($d_shaperconfdirty_path);\r
- header("Location: firewall_shaper.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="firewall_shaper.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_shaperconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Rules' => 'firewall_shaper.php',\r
- 'Pipes' => 'firewall_shaper_pipes.php',\r
- 'Queues' => 'firewall_shaper_queues.php',\r
- 'Magic shaper wizard' => 'firewall_shaper_magic.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td class="vtable">\r
- <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked";?>>\r
- <strong>Enable traffic shaper</strong></td>\r
- </tr>\r
- <tr> \r
- <td> <input name="submit" type="submit" class="formbtn" value="Save"> \r
- </td>\r
- </tr>\r
- </table>\r
- <br>\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td width="5%" class="listhdrrns">If</td>\r
- <td width="5%" class="listhdrrns">Proto</td>\r
- <td width="20%" class="listhdrr">Source</td>\r
- <td width="20%" class="listhdrr">Destination</td>\r
- <td width="15%" class="listhdrrns">Target</td>\r
- <td width="25%" class="listhdr">Description</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_shaper as $shaperent): ?>\r
- <tr valign="top"> \r
- <td class="listlr"> \r
- <?php\r
- $dis = "";\r
- if (isset($shaperent['disabled'])) {\r
- $dis = "_d";\r
- $textss = "<span class=\"gray\">";\r
- $textse = "</span>";\r
- } else {\r
- $textss = $textse = "";\r
- }\r
- $iflabels = array('lan' => 'LAN', 'wan' => 'WAN', 'pptp' => 'PPTP');\r
- for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)\r
- $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];\r
- echo $textss . htmlspecialchars($iflabels[$shaperent['interface']]);\r
- echo "<br>";\r
- echo "<a href=\"?act=toggle&id={$i}\">";\r
- if ($shaperent['direction'] != "in")\r
- echo "<img src=\"out{$dis}.gif\" width=\"11\" height=\"11\" border=\"0\" style=\"margin-top: 5px\" title=\"click to toggle enabled/disabled status\">";\r
- if ($shaperent['direction'] != "out")\r
- echo "<img src=\"in{$dis}.gif\" width=\"11\" height=\"11\" border=\"0\" style=\"margin-top: 5px\" title=\"click to toggle enabled/disabled status\">";\r
- echo "</a>" . $textse;;\r
- ?>\r
- </td>\r
- <td class="listr"> \r
- <?=$textss;?><?php if (isset($shaperent['protocol'])) echo strtoupper($shaperent['protocol']); else echo "*"; ?><?=$textse;?>\r
- </td>\r
- <td class="listr"><?=$textss;?><?php echo htmlspecialchars(pprint_address($shaperent['source'])); ?>\r
- <?php if ($shaperent['source']['port']): ?><br>\r
- Port: <?=htmlspecialchars(pprint_port($shaperent['source']['port'])); ?> \r
- <?php endif; ?><?=$textse;?>\r
- </td>\r
- <td class="listr"><?=$textss;?><?php echo htmlspecialchars(pprint_address($shaperent['destination'])); ?>\r
- <?php if ($shaperent['destination']['port']): ?><br>\r
- Port: <?=htmlspecialchars(pprint_port($shaperent['destination']['port'])); ?>\r
- <?php endif; ?><?=$textse;?>\r
- </td>\r
- <td class="listr"><?=$textss;?>\r
- <?php \r
- if (isset($shaperent['targetpipe'])) {\r
- if ($a_pipe[$shaperent['targetpipe']]['descr'])\r
- $desc = htmlspecialchars($a_pipe[$shaperent['targetpipe']]['descr']);\r
- else \r
- $desc = "Pipe " . ($shaperent['targetpipe']+1);\r
- echo "<a href=\"firewall_shaper_pipes_edit.php?id={$shaperent['targetpipe']}\">{$desc}</a>";\r
- } else if (isset($shaperent['targetqueue'])) {\r
- if ($a_queue[$shaperent['targetqueue']]['descr'])\r
- $desc = htmlspecialchars($a_queue[$shaperent['targetqueue']]['descr']);\r
- else \r
- $desc = "Queue " . ($shaperent['targetqueue']+1);\r
- echo "<a href=\"firewall_shaper_queues_edit.php?id={$shaperent['targetqueue']}\">{$desc}</a>";\r
- }\r
- ?><?=$textse;?>\r
- </td>\r
- <td class="listbg"> \r
- <?=$textss;?><?=htmlspecialchars($shaperent['descr']);?><?=$textse;?>\r
- </td>\r
- <td valign="middle" nowrap class="list"> <a href="firewall_shaper_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a> \r
- <?php if ($i > 0): ?>\r
- <a href="firewall_shaper.php?act=up&id=<?=$i;?>"><img src="up.gif" title="move up" width="17" height="17" border="0"></a> \r
- <?php else: ?>\r
- <img src="up_d.gif" width="17" height="17" border="0"> \r
- <?php endif; ?><br>\r
- <a href="firewall_shaper.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a> \r
- <?php if (isset($a_shaper[$i+1])): ?>\r
- <a href="firewall_shaper.php?act=down&id=<?=$i;?>"><img src="down.gif" title="move down" width="17" height="17" border="0"></a> \r
- <?php else: ?>\r
- <img src="down_d.gif" width="17" height="17" border="0"> \r
- <?php endif; ?>\r
- <a href="firewall_shaper_edit.php?dup=<?=$i;?>"><img src="plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a> \r
- </td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="6"></td>\r
- <td class="list"> <a href="firewall_shaper_edit.php"><img src="plus.gif" title="add rule" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table>\r
- \r
- <table border="0" cellspacing="0" cellpadding="0">\r
- <tr> \r
- <td width="16"><img src="in.gif" width="11" height="11"></td>\r
- <td>incoming (as seen by firewall)</td>\r
- <td width="14"></td>\r
- <td width="16"><img src="out.gif" width="11" height="11"></td>\r
- <td>outgoing (as seen by firewall)</td>\r
- </tr>\r
- <tr> \r
- <td colspan="5" height="4"></td>\r
- </tr>\r
- <tr> \r
- <td><img src="in_d.gif" width="11" height="11"></td>\r
- <td>incoming (disabled)</td>\r
- <td width="14"></td>\r
- <td><img src="out_d.gif" width="11" height="11"></td>\r
- <td>outgoing (disabled)</td>\r
- </tr>\r
- </table><br>\r
- <span class="red"><strong>Note:</strong></span><strong><br>\r
- </strong>the first rule that matches a packet will be executed.<br>\r
- The following match patterns are not shown in the list above: \r
- IP packet length, TCP flags.</td>\r
- </tr>\r
-</table>\r
- </form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Firewall", "Traffic shaper", "Rules");
+require("guiconfig.inc");
+
+if (!is_array($config['shaper']['rule'])) {
+ $config['shaper']['rule'] = array();
+}
+if (!is_array($config['shaper']['pipe'])) {
+ $config['shaper']['pipe'] = array();
+}
+if (!is_array($config['shaper']['queue'])) {
+ $config['shaper']['queue'] = array();
+}
+$a_shaper = &$config['shaper']['rule'];
+$a_pipe = &$config['shaper']['pipe'];
+$a_queue = &$config['shaper']['queue'];
+
+$pconfig['enable'] = isset($config['shaper']['enable']);
+
+if ($_POST) {
+
+ if ($_POST['submit']) {
+ $pconfig = $_POST;
+ $config['shaper']['enable'] = $_POST['enable'] ? true : false;
+ write_config();
+ }
+
+ if ($_POST['apply'] || $_POST['submit']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval = shaper_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+ if ($retval == 0) {
+ if (file_exists($d_shaperconfdirty_path))
+ unlink($d_shaperconfdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_shaper[$_GET['id']]) {
+ unset($a_shaper[$_GET['id']]);
+ write_config();
+ touch($d_shaperconfdirty_path);
+ header("Location: firewall_shaper.php");
+ exit;
+ }
+} else if ($_GET['act'] == "down") {
+ if ($a_shaper[$_GET['id']] && $a_shaper[$_GET['id']+1]) {
+ $tmp = $a_shaper[$_GET['id']+1];
+ $a_shaper[$_GET['id']+1] = $a_shaper[$_GET['id']];
+ $a_shaper[$_GET['id']] = $tmp;
+ write_config();
+ touch($d_shaperconfdirty_path);
+ header("Location: firewall_shaper.php");
+ exit;
+ }
+} else if ($_GET['act'] == "up") {
+ if (($_GET['id'] > 0) && $a_shaper[$_GET['id']]) {
+ $tmp = $a_shaper[$_GET['id']-1];
+ $a_shaper[$_GET['id']-1] = $a_shaper[$_GET['id']];
+ $a_shaper[$_GET['id']] = $tmp;
+ write_config();
+ touch($d_shaperconfdirty_path);
+ header("Location: firewall_shaper.php");
+ exit;
+ }
+} else if ($_GET['act'] == "toggle") {
+ if ($a_shaper[$_GET['id']]) {
+ $a_shaper[$_GET['id']]['disabled'] = !isset($a_shaper[$_GET['id']]['disabled']);
+ write_config();
+ touch($d_shaperconfdirty_path);
+ header("Location: firewall_shaper.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="firewall_shaper.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_shaperconfdirty_path)): ?><p>
+<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Rules' => 'firewall_shaper.php',
+ 'Pipes' => 'firewall_shaper_pipes.php',
+ 'Queues' => 'firewall_shaper_queues.php',
+ 'Magic shaper wizard' => 'firewall_shaper_magic.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td class="vtable">
+ <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked";?>>
+ <strong>Enable traffic shaper</strong></td>
+ </tr>
+ <tr>
+ <td> <input name="submit" type="submit" class="formbtn" value="Save">
+ </td>
+ </tr>
+ </table>
+ <br>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="5%" class="listhdrrns">If</td>
+ <td width="5%" class="listhdrrns">Proto</td>
+ <td width="20%" class="listhdrr">Source</td>
+ <td width="20%" class="listhdrr">Destination</td>
+ <td width="15%" class="listhdrrns">Target</td>
+ <td width="25%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_shaper as $shaperent): ?>
+ <tr valign="top">
+ <td class="listlr">
+ <?php
+ $dis = "";
+ if (isset($shaperent['disabled'])) {
+ $dis = "_d";
+ $textss = "<span class=\"gray\">";
+ $textse = "</span>";
+ } else {
+ $textss = $textse = "";
+ }
+ $iflabels = array('lan' => 'LAN', 'wan' => 'WAN', 'pptp' => 'PPTP');
+ for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)
+ $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];
+ echo $textss . htmlspecialchars($iflabels[$shaperent['interface']]);
+ echo "<br>";
+ echo "<a href=\"?act=toggle&id={$i}\">";
+ if ($shaperent['direction'] != "in")
+ echo "<img src=\"out{$dis}.gif\" width=\"11\" height=\"11\" border=\"0\" style=\"margin-top: 5px\" title=\"click to toggle enabled/disabled status\">";
+ if ($shaperent['direction'] != "out")
+ echo "<img src=\"in{$dis}.gif\" width=\"11\" height=\"11\" border=\"0\" style=\"margin-top: 5px\" title=\"click to toggle enabled/disabled status\">";
+ echo "</a>" . $textse;;
+ ?>
+ </td>
+ <td class="listr">
+ <?=$textss;?><?php if (isset($shaperent['protocol'])) echo strtoupper($shaperent['protocol']); else echo "*"; ?><?=$textse;?>
+ </td>
+ <td class="listr"><?=$textss;?><?php echo htmlspecialchars(pprint_address($shaperent['source'])); ?>
+ <?php if ($shaperent['source']['port']): ?><br>
+ Port: <?=htmlspecialchars(pprint_port($shaperent['source']['port'])); ?>
+ <?php endif; ?><?=$textse;?>
+ </td>
+ <td class="listr"><?=$textss;?><?php echo htmlspecialchars(pprint_address($shaperent['destination'])); ?>
+ <?php if ($shaperent['destination']['port']): ?><br>
+ Port: <?=htmlspecialchars(pprint_port($shaperent['destination']['port'])); ?>
+ <?php endif; ?><?=$textse;?>
+ </td>
+ <td class="listr"><?=$textss;?>
+ <?php
+ if (isset($shaperent['targetpipe'])) {
+ if ($a_pipe[$shaperent['targetpipe']]['descr'])
+ $desc = htmlspecialchars($a_pipe[$shaperent['targetpipe']]['descr']);
+ else
+ $desc = "Pipe " . ($shaperent['targetpipe']+1);
+ echo "<a href=\"firewall_shaper_pipes_edit.php?id={$shaperent['targetpipe']}\">{$desc}</a>";
+ } else if (isset($shaperent['targetqueue'])) {
+ if ($a_queue[$shaperent['targetqueue']]['descr'])
+ $desc = htmlspecialchars($a_queue[$shaperent['targetqueue']]['descr']);
+ else
+ $desc = "Queue " . ($shaperent['targetqueue']+1);
+ echo "<a href=\"firewall_shaper_queues_edit.php?id={$shaperent['targetqueue']}\">{$desc}</a>";
+ }
+ ?><?=$textse;?>
+ </td>
+ <td class="listbg">
+ <?=$textss;?><?=htmlspecialchars($shaperent['descr']);?><?=$textse;?>
+ </td>
+ <td valign="middle" nowrap class="list"> <a href="firewall_shaper_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit rule" width="17" height="17" border="0"></a>
+ <?php if ($i > 0): ?>
+ <a href="firewall_shaper.php?act=up&id=<?=$i;?>"><img src="up.gif" title="move up" width="17" height="17" border="0"></a>
+ <?php else: ?>
+ <img src="up_d.gif" width="17" height="17" border="0">
+ <?php endif; ?><br>
+ <a href="firewall_shaper.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" title="delete rule" width="17" height="17" border="0"></a>
+ <?php if (isset($a_shaper[$i+1])): ?>
+ <a href="firewall_shaper.php?act=down&id=<?=$i;?>"><img src="down.gif" title="move down" width="17" height="17" border="0"></a>
+ <?php else: ?>
+ <img src="down_d.gif" width="17" height="17" border="0">
+ <?php endif; ?>
+ <a href="firewall_shaper_edit.php?dup=<?=$i;?>"><img src="plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a>
+ </td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="6"></td>
+ <td class="list"> <a href="firewall_shaper_edit.php"><img src="plus.gif" title="add rule" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
+
+ <table border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td width="16"><img src="in.gif" width="11" height="11"></td>
+ <td>incoming (as seen by firewall)</td>
+ <td width="14"></td>
+ <td width="16"><img src="out.gif" width="11" height="11"></td>
+ <td>outgoing (as seen by firewall)</td>
+ </tr>
+ <tr>
+ <td colspan="5" height="4"></td>
+ </tr>
+ <tr>
+ <td><img src="in_d.gif" width="11" height="11"></td>
+ <td>incoming (disabled)</td>
+ <td width="14"></td>
+ <td><img src="out_d.gif" width="11" height="11"></td>
+ <td>outgoing (disabled)</td>
+ </tr>
+ </table><br>
+ <span class="red"><strong>Note:</strong></span><strong><br>
+ </strong>the first rule that matches a packet will be executed.<br>
+ The following match patterns are not shown in the list above:
+ IP packet length, TCP flags.</td>
+ </tr>
+</table>
+ </form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2004 Justin Ellison <justin@techadvise.com> \r
- Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>\r
-\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Firewall", "Traffic shaper", "Magic shaper wizard");\r
-require("guiconfig.inc");\r
-\r
-function wipe_magic () {\r
- global $config;\r
-\r
- /* wipe previous */\r
- $types=array("pipe","queue","rule");\r
- foreach ($types as $type) {\r
- foreach (array_keys($config['shaper'][$type]) as $num) {\r
- if (substr($config['shaper'][$type][$num]['descr'],0,2) == "m_") {\r
- unset($config['shaper'][$type][$num]);\r
- }\r
- }\r
- }\r
- /* Although we don't delete user-defined rules, it's probably best to\r
- disable the shaper to prevent bad things from happening */\r
- $config['shaper']['enable'] = FALSE;\r
-}\r
-\r
-function populate_p2p(&$rulei) {\r
- global $config;\r
- \r
- /* To add p2p clients, push Descr,Protocol,Start,End,src/dest/both onto p2plist */\r
- $p2plist[] = array('BitTorrent','tcp','6881','6999','both');\r
- $p2plist[] = array('DirectConnect','','412','412','both');\r
- $p2plist[] = array('DirectFileExpress','','1044','1045','both');\r
- $p2plist[] = array('FastTrack','','1214','1214','both');\r
- $p2plist[] = array('CuteMX','','2340','2340','both');\r
- $p2plist[] = array('iMest','','4329','4329','both');\r
- $p2plist[] = array('EDonkey2000','','4661','4665','both');\r
- $p2plist[] = array('SongSpy','','5190','5190','both');\r
- $p2plist[] = array('HotlineConnect','','5500','5503','both');\r
- $p2plist[] = array('Gnutella','','6346','6346','both');\r
- $p2plist[] = array('dcc','','6666','6668','both');\r
- $p2plist[] = array('Napster','','6699','6701','both');\r
- $p2plist[] = array('Aimster','','7668','7668','both');\r
- $p2plist[] = array('BuddyShare','','7788','7788','both');\r
- $p2plist[] = array('Scour','','8311','8311','both');\r
- $p2plist[] = array('OpenNap','','8888','8889','both');\r
- $p2plist[] = array('hotComm','','28864','28865','both');\r
-\r
- /* Set up/down p2p as lowest weight */\r
- $direction = array("in","out");\r
- foreach ($p2plist as $p2pclient) {\r
- foreach ($direction as $dir) {\r
- foreach (array('source','destination') as $srcdest) {\r
- if (($p2pclient[4] == $srcdest) || ($p2pclient[4] == 'both')) { \r
- $config['shaper']['rule'][$rulei]['descr'] = "m_P2P $p2pclient[0]";\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "$dir";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = 1;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = 1;\r
- $config['shaper']['rule'][$rulei][$srcdest]['port'] = $p2pclient[2]."-".$p2pclient[3];\r
- if($p2pclient[1] != '')\r
- $config['shaper']['rule'][$rulei]['protocol'] = $p2pclient[1];\r
- if ($dir == "out") {\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 4;\r
- } else {\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 6;\r
- }\r
- $rulei++;\r
- }\r
- }\r
- }\r
- }\r
-}\r
-\r
-function create_magic ($maxup, $maxdown, $p2plow,$maskq) {\r
- global $config;\r
-\r
- $config['shaper']['enable'] = TRUE;\r
- $pipei = 0;\r
- $queuei = 0;\r
- $rulei = 0;\r
-\r
- /* Create new pipes */\r
- $config['shaper']['pipe'][$pipei]['descr'] = "m_Total Upload";\r
- $config['shaper']['pipe'][$pipei]['bandwidth'] = round($maxup * .90);\r
- $pipei++;\r
- $config['shaper']['pipe'][$pipei]['descr'] = "m_Total Download";\r
- $config['shaper']['pipe'][$pipei]['bandwidth'] = round($maxdown * .95);\r
- $pipei++;\r
-\r
- /* Create new queues */\r
- $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #1 Upload";\r
- $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
- $config['shaper']['queue'][$queuei]['weight'] = 50;\r
- $queuei++;\r
- $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #2 Upload";\r
- $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
- $config['shaper']['queue'][$queuei]['weight'] = 30;\r
- $queuei++;\r
- $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #3 Upload";\r
- $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
- $config['shaper']['queue'][$queuei]['weight'] = 15;\r
- $queuei++;\r
- $config['shaper']['queue'][$queuei]['descr'] = "m_Bulk Upload";\r
- $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
- $config['shaper']['queue'][$queuei]['weight'] = 4;\r
- $queuei++;\r
- $config['shaper']['queue'][$queuei]['descr'] = "m_Hated Upload";\r
- $config['shaper']['queue'][$queuei]['targetpipe'] = 0;\r
- $config['shaper']['queue'][$queuei]['weight'] = 1;\r
- $queuei++;\r
- $config['shaper']['queue'][$queuei]['descr'] = "m_Bulk Download";\r
- $config['shaper']['queue'][$queuei]['targetpipe'] = 1;\r
- $config['shaper']['queue'][$queuei]['weight'] = 30;\r
- $queuei++;\r
- $config['shaper']['queue'][$queuei]['descr'] = "m_Hated Download";\r
- $config['shaper']['queue'][$queuei]['targetpipe'] = 1;\r
- $config['shaper']['queue'][$queuei]['weight'] = 10;\r
- $queuei++;\r
- $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority Download";\r
- $config['shaper']['queue'][$queuei]['targetpipe'] = 1;\r
- $config['shaper']['queue'][$queuei]['weight'] = 60;\r
- $queuei++;\r
- if ($maskq) {\r
- for ($i = 0; $i < $queuei; $i++) {\r
- if (stristr($config['shaper']['queue'][$i]['descr'],"upload")) {\r
- $config['shaper']['queue'][$i]['mask'] = 'source';\r
- } else if (stristr($config['shaper']['queue'][$i]['descr'],"download")) {\r
- $config['shaper']['queue'][$i]['mask'] = 'destination';\r
- }\r
- }\r
- }\r
-\r
- /* Create new rules */\r
- if ($p2plow) \r
- populate_p2p($rulei);\r
-\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_TCP ACK Upload";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 2;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "out";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['iplen'] = "0-80";\r
- $config['shaper']['rule'][$rulei]['protocol'] = "tcp";\r
- $config['shaper']['rule'][$rulei]['tcpflags'] = "ack";\r
- $rulei++; \r
- $config['shaper']['rule'][$rulei]['descr'] = "m_Small Pkt Upload";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "out";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['iplen'] = "0-100";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_Outbound DNS Query";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "out";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['port'] = 53;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "udp";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_AH Upload";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "out";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "ah";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_ESP Upload";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "out";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "esp";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_GRE Upload";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 0;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "out";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "gre";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_ICMP Upload";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 1;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "out";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "icmp";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_Catch-All Upload";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 3;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "out";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_ICMP Download";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "in";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "icmp";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_Small Pkt Download";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "in";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['iplen'] = "0-100";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_AH Download";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "in";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "ah";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_ESP Download";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "in";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "esp";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_GRE Download";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 7;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "in";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['protocol'] = "gre";\r
- $rulei++;\r
- $config['shaper']['rule'][$rulei]['descr'] = "m_Catch-All Download";\r
- $config['shaper']['rule'][$rulei]['targetqueue'] = 5;\r
- $config['shaper']['rule'][$rulei]['interface'] = "wan";\r
- $config['shaper']['rule'][$rulei]['direction'] = "in";\r
- $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;\r
- $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;\r
- $rulei++;\r
-}\r
-\r
-if (!is_array($config['shaper']['rule'])) {\r
- $config['shaper']['rule'] = array();\r
-}\r
-if (!is_array($config['shaper']['pipe'])) {\r
- $config['shaper']['pipe'] = array();\r
-}\r
-if (!is_array($config['shaper']['queue'])) {\r
- $config['shaper']['queue'] = array();\r
-}\r
-\r
-$a_shaper = &$config['shaper']['rule'];\r
-$a_queues = &$config['shaper']['queue'];\r
-$a_pipes = &$config['shaper']['pipe'];\r
-\r
-$pconfig['p2plow'] = isset($config['shaper']['magic']['p2plow']);\r
-$pconfig['maskq'] = isset($config['shaper']['magic']['maskq']);\r
-$pconfig['maxup'] = $config['shaper']['magic']['maxup'];\r
-$pconfig['maxdown'] = $config['shaper']['magic']['maxdown'];\r
-\r
-if ($_POST) {\r
-\r
- if ($_POST['install']) {\r
- unset($input_errors);\r
- $pconfig = $_POST;\r
- $reqdfields = explode(" ", "maxup maxdown");\r
- $reqdfieldsn = explode(",", "Max. Upload,Max.Download");\r
- do_input_validation($_POST,$reqdfields, $reqdfieldsn, &$input_errors);\r
- if (($_POST['maxup'] && !is_numericint($_POST['maxup']))) {\r
- $input_errors[] = "The max upload bandwidth must be an integer.";\r
- }\r
- if (($_POST['maxdown'] && !is_numericint($_POST['maxdown']))) {\r
- $input_errors[] = "The max download bandwidth must be an integer.";\r
- }\r
- if (!$input_errors) {\r
- if ($_POST['install']) {\r
- unset ($config['shaper']);\r
- create_magic($_POST['maxup'],$_POST['maxdown'],$_POST['p2plow']?TRUE:FALSE,$_POST['maskq']?TRUE:FALSE);\r
- touch($d_shaperconfdirty_path);\r
- }\r
- $config['shaper']['magic']['p2plow'] = $_POST['p2plow'] ? TRUE : FALSE;\r
- $config['shaper']['magic']['maskq'] = $_POST['maskq'] ? TRUE : FALSE;\r
- $config['shaper']['magic']['maxup'] = $_POST['maxup'];\r
- $config['shaper']['magic']['maxdown'] = $_POST['maxdown'];\r
- write_config();\r
- }\r
- }\r
- if ($_POST['remove']) {\r
- wipe_magic();\r
- $note = '<p><span class="red"><strong>Note: The traffic shaper has been disabled.<br>All of your user-defined rules/pipes/queues are still intact.</strong></span><strong><br>';\r
- touch($d_shaperconfdirty_path);\r
- write_config();\r
- }\r
- if ($_POST['apply']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval = shaper_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- if ($retval == 0) {\r
- if (file_exists($d_shaperconfdirty_path))\r
- unlink($d_shaperconfdirty_path);\r
- }\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="firewall_shaper_magic.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_shaperconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.$note");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Rules' => 'firewall_shaper.php',\r
- 'Pipes' => 'firewall_shaper_pipes.php',\r
- 'Queues' => 'firewall_shaper_queues.php',\r
- 'Magic shaper wizard' => 'firewall_shaper_magic.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable">\r
- <input name="p2plow" type="checkbox" id="p2plow" value="yes" <?php if ($pconfig['p2plow']) echo "checked";?>>\r
- Set P2P traffic to lowest priority</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable">\r
- <input name="maskq" type="checkbox" id="maskq" value="yes" <?php if ($pconfig['maskq']) echo "checked";?>>\r
- Share bandwidth evenly on LAN</td>\r
- </tr>\r
- <tr valign="top">\r
- <td width="22%" class="vncellreq">Downstream<br>\r
- speed </td>\r
- <td width="78%" class="vtable">\r
- <?=$mandfldhtml;?><input name="maxdown" type="text" size="10" value="<?php if ($pconfig['maxdown']) echo $pconfig['maxdown']; ?>"> \r
- kbps<br>\r
- Enter the speed of your WAN downstream link here.</td>\r
- </tr>\r
- <tr valign="top">\r
- <td width="22%" class="vncellreq">Upstream<br>\r
- speed</td>\r
- <td width="78%" class="vtable"><?=$mandfldhtml;?><input name="maxup" type="text" size="10" value="<?php if ($pconfig['maxup']) echo $pconfig['maxup']; ?>">\r
- kbps<br>\r
- Enter the speed of your WAN upstream link here.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%"> </td>\r
- <td width="78%">\r
- <input name="install" type="submit" class="formbtn" id="install" value="Install/Update"> \r
- \r
- <input name="remove" type="submit" class="formbtn" id="remove" value="Remove">\r
- <br><br>\r
- <span class="red"><strong>All existing traffic shaper <strong>rules</strong>/pipes/queues will be deleted once "Install/Update" has been pressed! Backup your configuration before proceeding! </strong></span></td>\r
- </tr>\r
- </table><br>\r
- <span class="vexpl"><span class="red"><strong>Note:</strong></span><strong><br>\r
- </strong>By entering your maximum upload and download values and pressing the "Install/Update" button, the magic shaper will do its best to create the optimum shaping rules, queues, and pipes for you. These rules will help ensure that interactive traffic remains acceptable while the upstream bandwidth is being consumed by heavy traffic.</span>\r
- </td>\r
- </tr>\r
-</table>\r
-</form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2004 Justin Ellison <justin@techadvise.com>
+ Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>
+
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Firewall", "Traffic shaper", "Magic shaper wizard");
+require("guiconfig.inc");
+
+function wipe_magic () {
+ global $config;
+
+ /* wipe previous */
+ $types=array("pipe","queue","rule");
+ foreach ($types as $type) {
+ foreach (array_keys($config['shaper'][$type]) as $num) {
+ if (substr($config['shaper'][$type][$num]['descr'],0,2) == "m_") {
+ unset($config['shaper'][$type][$num]);
+ }
+ }
+ }
+ /* Although we don't delete user-defined rules, it's probably best to
+ disable the shaper to prevent bad things from happening */
+ $config['shaper']['enable'] = FALSE;
+}
+
+function populate_p2p(&$rulei) {
+ global $config;
+
+ /* To add p2p clients, push Descr,Protocol,Start,End,src/dest/both onto p2plist */
+ $p2plist[] = array('BitTorrent','tcp','6881','6999','both');
+ $p2plist[] = array('DirectConnect','','412','412','both');
+ $p2plist[] = array('DirectFileExpress','','1044','1045','both');
+ $p2plist[] = array('FastTrack','','1214','1214','both');
+ $p2plist[] = array('CuteMX','','2340','2340','both');
+ $p2plist[] = array('iMest','','4329','4329','both');
+ $p2plist[] = array('EDonkey2000','','4661','4665','both');
+ $p2plist[] = array('SongSpy','','5190','5190','both');
+ $p2plist[] = array('HotlineConnect','','5500','5503','both');
+ $p2plist[] = array('Gnutella','','6346','6346','both');
+ $p2plist[] = array('dcc','','6666','6668','both');
+ $p2plist[] = array('Napster','','6699','6701','both');
+ $p2plist[] = array('Aimster','','7668','7668','both');
+ $p2plist[] = array('BuddyShare','','7788','7788','both');
+ $p2plist[] = array('Scour','','8311','8311','both');
+ $p2plist[] = array('OpenNap','','8888','8889','both');
+ $p2plist[] = array('hotComm','','28864','28865','both');
+
+ /* Set up/down p2p as lowest weight */
+ $direction = array("in","out");
+ foreach ($p2plist as $p2pclient) {
+ foreach ($direction as $dir) {
+ foreach (array('source','destination') as $srcdest) {
+ if (($p2pclient[4] == $srcdest) || ($p2pclient[4] == 'both')) {
+ $config['shaper']['rule'][$rulei]['descr'] = "m_P2P $p2pclient[0]";
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "$dir";
+ $config['shaper']['rule'][$rulei]['source']['any'] = 1;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = 1;
+ $config['shaper']['rule'][$rulei][$srcdest]['port'] = $p2pclient[2]."-".$p2pclient[3];
+ if($p2pclient[1] != '')
+ $config['shaper']['rule'][$rulei]['protocol'] = $p2pclient[1];
+ if ($dir == "out") {
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 4;
+ } else {
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 6;
+ }
+ $rulei++;
+ }
+ }
+ }
+ }
+}
+
+function create_magic ($maxup, $maxdown, $p2plow,$maskq) {
+ global $config;
+
+ $config['shaper']['enable'] = TRUE;
+ $pipei = 0;
+ $queuei = 0;
+ $rulei = 0;
+
+ /* Create new pipes */
+ $config['shaper']['pipe'][$pipei]['descr'] = "m_Total Upload";
+ $config['shaper']['pipe'][$pipei]['bandwidth'] = round($maxup * .90);
+ $pipei++;
+ $config['shaper']['pipe'][$pipei]['descr'] = "m_Total Download";
+ $config['shaper']['pipe'][$pipei]['bandwidth'] = round($maxdown * .95);
+ $pipei++;
+
+ /* Create new queues */
+ $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #1 Upload";
+ $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
+ $config['shaper']['queue'][$queuei]['weight'] = 50;
+ $queuei++;
+ $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #2 Upload";
+ $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
+ $config['shaper']['queue'][$queuei]['weight'] = 30;
+ $queuei++;
+ $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority #3 Upload";
+ $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
+ $config['shaper']['queue'][$queuei]['weight'] = 15;
+ $queuei++;
+ $config['shaper']['queue'][$queuei]['descr'] = "m_Bulk Upload";
+ $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
+ $config['shaper']['queue'][$queuei]['weight'] = 4;
+ $queuei++;
+ $config['shaper']['queue'][$queuei]['descr'] = "m_Hated Upload";
+ $config['shaper']['queue'][$queuei]['targetpipe'] = 0;
+ $config['shaper']['queue'][$queuei]['weight'] = 1;
+ $queuei++;
+ $config['shaper']['queue'][$queuei]['descr'] = "m_Bulk Download";
+ $config['shaper']['queue'][$queuei]['targetpipe'] = 1;
+ $config['shaper']['queue'][$queuei]['weight'] = 30;
+ $queuei++;
+ $config['shaper']['queue'][$queuei]['descr'] = "m_Hated Download";
+ $config['shaper']['queue'][$queuei]['targetpipe'] = 1;
+ $config['shaper']['queue'][$queuei]['weight'] = 10;
+ $queuei++;
+ $config['shaper']['queue'][$queuei]['descr'] = "m_High Priority Download";
+ $config['shaper']['queue'][$queuei]['targetpipe'] = 1;
+ $config['shaper']['queue'][$queuei]['weight'] = 60;
+ $queuei++;
+ if ($maskq) {
+ for ($i = 0; $i < $queuei; $i++) {
+ if (stristr($config['shaper']['queue'][$i]['descr'],"upload")) {
+ $config['shaper']['queue'][$i]['mask'] = 'source';
+ } else if (stristr($config['shaper']['queue'][$i]['descr'],"download")) {
+ $config['shaper']['queue'][$i]['mask'] = 'destination';
+ }
+ }
+ }
+
+ /* Create new rules */
+ if ($p2plow)
+ populate_p2p($rulei);
+
+ $config['shaper']['rule'][$rulei]['descr'] = "m_TCP ACK Upload";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 2;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "out";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['iplen'] = "0-80";
+ $config['shaper']['rule'][$rulei]['protocol'] = "tcp";
+ $config['shaper']['rule'][$rulei]['tcpflags'] = "ack";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_Small Pkt Upload";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "out";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['iplen'] = "0-100";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_Outbound DNS Query";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "out";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['port'] = 53;
+ $config['shaper']['rule'][$rulei]['protocol'] = "udp";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_AH Upload";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "out";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['protocol'] = "ah";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_ESP Upload";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "out";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['protocol'] = "esp";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_GRE Upload";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 0;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "out";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['protocol'] = "gre";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_ICMP Upload";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 1;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "out";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['protocol'] = "icmp";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_Catch-All Upload";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 3;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "out";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_ICMP Download";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "in";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['protocol'] = "icmp";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_Small Pkt Download";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "in";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['iplen'] = "0-100";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_AH Download";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "in";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['protocol'] = "ah";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_ESP Download";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "in";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['protocol'] = "esp";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_GRE Download";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 7;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "in";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['protocol'] = "gre";
+ $rulei++;
+ $config['shaper']['rule'][$rulei]['descr'] = "m_Catch-All Download";
+ $config['shaper']['rule'][$rulei]['targetqueue'] = 5;
+ $config['shaper']['rule'][$rulei]['interface'] = "wan";
+ $config['shaper']['rule'][$rulei]['direction'] = "in";
+ $config['shaper']['rule'][$rulei]['source']['any'] = TRUE;
+ $config['shaper']['rule'][$rulei]['destination']['any'] = TRUE;
+ $rulei++;
+}
+
+if (!is_array($config['shaper']['rule'])) {
+ $config['shaper']['rule'] = array();
+}
+if (!is_array($config['shaper']['pipe'])) {
+ $config['shaper']['pipe'] = array();
+}
+if (!is_array($config['shaper']['queue'])) {
+ $config['shaper']['queue'] = array();
+}
+
+$a_shaper = &$config['shaper']['rule'];
+$a_queues = &$config['shaper']['queue'];
+$a_pipes = &$config['shaper']['pipe'];
+
+$pconfig['p2plow'] = isset($config['shaper']['magic']['p2plow']);
+$pconfig['maskq'] = isset($config['shaper']['magic']['maskq']);
+$pconfig['maxup'] = $config['shaper']['magic']['maxup'];
+$pconfig['maxdown'] = $config['shaper']['magic']['maxdown'];
+
+if ($_POST) {
+
+ if ($_POST['install']) {
+ unset($input_errors);
+ $pconfig = $_POST;
+ $reqdfields = explode(" ", "maxup maxdown");
+ $reqdfieldsn = explode(",", "Max. Upload,Max.Download");
+ do_input_validation($_POST,$reqdfields, $reqdfieldsn, &$input_errors);
+ if (($_POST['maxup'] && !is_numericint($_POST['maxup']))) {
+ $input_errors[] = "The max upload bandwidth must be an integer.";
+ }
+ if (($_POST['maxdown'] && !is_numericint($_POST['maxdown']))) {
+ $input_errors[] = "The max download bandwidth must be an integer.";
+ }
+ if (!$input_errors) {
+ if ($_POST['install']) {
+ unset ($config['shaper']);
+ create_magic($_POST['maxup'],$_POST['maxdown'],$_POST['p2plow']?TRUE:FALSE,$_POST['maskq']?TRUE:FALSE);
+ touch($d_shaperconfdirty_path);
+ }
+ $config['shaper']['magic']['p2plow'] = $_POST['p2plow'] ? TRUE : FALSE;
+ $config['shaper']['magic']['maskq'] = $_POST['maskq'] ? TRUE : FALSE;
+ $config['shaper']['magic']['maxup'] = $_POST['maxup'];
+ $config['shaper']['magic']['maxdown'] = $_POST['maxdown'];
+ write_config();
+ }
+ }
+ if ($_POST['remove']) {
+ wipe_magic();
+ $note = '<p><span class="red"><strong>Note: The traffic shaper has been disabled.<br>All of your user-defined rules/pipes/queues are still intact.</strong></span><strong><br>';
+ touch($d_shaperconfdirty_path);
+ write_config();
+ }
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval = shaper_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+ if ($retval == 0) {
+ if (file_exists($d_shaperconfdirty_path))
+ unlink($d_shaperconfdirty_path);
+ }
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<form action="firewall_shaper_magic.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_shaperconfdirty_path)): ?><p>
+<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.$note");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Rules' => 'firewall_shaper.php',
+ 'Pipes' => 'firewall_shaper_pipes.php',
+ 'Queues' => 'firewall_shaper_queues.php',
+ 'Magic shaper wizard' => 'firewall_shaper_magic.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable">
+ <input name="p2plow" type="checkbox" id="p2plow" value="yes" <?php if ($pconfig['p2plow']) echo "checked";?>>
+ Set P2P traffic to lowest priority</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable">
+ <input name="maskq" type="checkbox" id="maskq" value="yes" <?php if ($pconfig['maskq']) echo "checked";?>>
+ Share bandwidth evenly on LAN</td>
+ </tr>
+ <tr valign="top">
+ <td width="22%" class="vncellreq">Downstream<br>
+ speed </td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="maxdown" type="text" size="10" value="<?php if ($pconfig['maxdown']) echo $pconfig['maxdown']; ?>">
+ kbps<br>
+ Enter the speed of your WAN downstream link here.</td>
+ </tr>
+ <tr valign="top">
+ <td width="22%" class="vncellreq">Upstream<br>
+ speed</td>
+ <td width="78%" class="vtable"><?=$mandfldhtml;?><input name="maxup" type="text" size="10" value="<?php if ($pconfig['maxup']) echo $pconfig['maxup']; ?>">
+ kbps<br>
+ Enter the speed of your WAN upstream link here.</td>
+ </tr>
+ <tr>
+ <td width="22%"> </td>
+ <td width="78%">
+ <input name="install" type="submit" class="formbtn" id="install" value="Install/Update">
+
+ <input name="remove" type="submit" class="formbtn" id="remove" value="Remove">
+ <br><br>
+ <span class="red"><strong>All existing traffic shaper <strong>rules</strong>/pipes/queues will be deleted once "Install/Update" has been pressed! Backup your configuration before proceeding! </strong></span></td>
+ </tr>
+ </table><br>
+ <span class="vexpl"><span class="red"><strong>Note:</strong></span><strong><br>
+ </strong>By entering your maximum upload and download values and pressing the "Install/Update" button, the magic shaper will do its best to create the optimum shaping rules, queues, and pipes for you. These rules will help ensure that interactive traffic remains acceptable while the upstream bandwidth is being consumed by heavy traffic.</span>
+ </td>
+ </tr>
+</table>
+</form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Firewall", "Traffic shaper", "Pipes");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['shaper']['pipe'])) {\r
- $config['shaper']['pipe'] = array();\r
-}\r
-if (!is_array($config['shaper']['queue'])) {\r
- $config['shaper']['queue'] = array();\r
-}\r
-$a_pipes = &$config['shaper']['pipe'];\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_pipes[$_GET['id']]) {\r
- /* check that no rule references this pipe */\r
- if (is_array($config['shaper']['rule'])) {\r
- foreach ($config['shaper']['rule'] as $rule) {\r
- if (isset($rule['targetpipe']) && ($rule['targetpipe'] == $_GET['id'])) {\r
- $input_errors[] = "This pipe cannot be deleted because it is still referenced by a rule.";\r
- break;\r
- }\r
- }\r
- }\r
- \r
- /* check that no queue references this pipe */\r
- if (is_array($config['shaper']['queue'])) {\r
- foreach ($config['shaper']['queue'] as $queue) {\r
- if ($queue['targetpipe'] == $_GET['id']) {\r
- $input_errors[] = "This pipe cannot be deleted because it is still referenced by a queue.";\r
- break;\r
- }\r
- }\r
- }\r
- \r
- if (!$input_errors) {\r
- unset($a_pipes[$_GET['id']]);\r
- \r
- /* renumber all rules and queues */\r
- if (is_array($config['shaper']['rule'])) {\r
- for ($i = 0; isset($config['shaper']['rule'][$i]); $i++) {\r
- $currule = &$config['shaper']['rule'][$i];\r
- if (isset($currule['targetpipe']) && ($currule['targetpipe'] > $_GET['id']))\r
- $currule['targetpipe']--;\r
- }\r
- }\r
- if (is_array($config['shaper']['queue'])) {\r
- for ($i = 0; isset($config['shaper']['queue'][$i]); $i++) {\r
- $curqueue = &$config['shaper']['queue'][$i];\r
- if ($curqueue['targetpipe'] > $_GET['id'])\r
- $curqueue['targetpipe']--;\r
- }\r
- }\r
- \r
- write_config();\r
- touch($d_shaperconfdirty_path);\r
- header("Location: firewall_shaper_pipes.php");\r
- exit;\r
- }\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="firewall_shaper.php" method="post">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_shaperconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Rules' => 'firewall_shaper.php',\r
- 'Pipes' => 'firewall_shaper_pipes.php',\r
- 'Queues' => 'firewall_shaper_queues.php',\r
- 'Magic shaper wizard' => 'firewall_shaper_magic.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td width="10%" class="listhdrr">No.</td>\r
- <td width="15%" class="listhdrr">Bandwidth</td>\r
- <td width="10%" class="listhdrr">Delay</td>\r
- <td width="10%" class="listhdrr">PLR</td>\r
- <td width="10%" class="listhdrr">Queue</td>\r
- <td width="15%" class="listhdrr">Mask</td>\r
- <td width="20%" class="listhdr">Description</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_pipes as $pipe): ?>\r
- <tr valign="top">\r
- <td class="listlr"> \r
- <?=($i+1);?></td>\r
- <td class="listr"> \r
- <?=htmlspecialchars($pipe['bandwidth']);?>\r
- Kbit/s </td>\r
- <td class="listr"> \r
- <?php if ($pipe['delay']): ?>\r
- <?=$pipe['delay'];?>\r
- ms \r
- <?php endif; ?>\r
- </td>\r
- <td class="listr"> \r
- <?php if ($pipe['plr']): ?>\r
- <?=$pipe['plr'];?>\r
- <?php endif; ?>\r
- </td>\r
- <td class="listr"> \r
- <?php if ($pipe['qsize']): ?>\r
- <?=htmlspecialchars($pipe['qsize']);?>\r
- <?php endif; ?>\r
- </td>\r
- <td class="listr"> \r
- <?php if ($pipe['mask']): ?>\r
- <?=$pipe['mask'];?>\r
- <?php endif; ?>\r
- </td>\r
- <td class="listbg"> \r
- <?=htmlspecialchars($pipe['descr']);?>\r
- </td>\r
- <td valign="middle" nowrap class="list"> <a href="firewall_shaper_pipes_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit pipe" width="17" height="17" border="0"></a> \r
- <a href="firewall_shaper_pipes.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pipe?')"><img src="x.gif" title="delete pipe" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="7"></td>\r
- <td class="list"> <a href="firewall_shaper_pipes_edit.php"><img src="plus.gif" title="add pipe" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table><br>\r
- <strong><span class="red">Note:</span></strong> a pipe can \r
- only be deleted if it is not referenced by any rules or queues.</td>\r
- </tr>\r
-</table>\r
- </form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Firewall", "Traffic shaper", "Pipes");
+require("guiconfig.inc");
+
+if (!is_array($config['shaper']['pipe'])) {
+ $config['shaper']['pipe'] = array();
+}
+if (!is_array($config['shaper']['queue'])) {
+ $config['shaper']['queue'] = array();
+}
+$a_pipes = &$config['shaper']['pipe'];
+
+if ($_GET['act'] == "del") {
+ if ($a_pipes[$_GET['id']]) {
+ /* check that no rule references this pipe */
+ if (is_array($config['shaper']['rule'])) {
+ foreach ($config['shaper']['rule'] as $rule) {
+ if (isset($rule['targetpipe']) && ($rule['targetpipe'] == $_GET['id'])) {
+ $input_errors[] = "This pipe cannot be deleted because it is still referenced by a rule.";
+ break;
+ }
+ }
+ }
+
+ /* check that no queue references this pipe */
+ if (is_array($config['shaper']['queue'])) {
+ foreach ($config['shaper']['queue'] as $queue) {
+ if ($queue['targetpipe'] == $_GET['id']) {
+ $input_errors[] = "This pipe cannot be deleted because it is still referenced by a queue.";
+ break;
+ }
+ }
+ }
+
+ if (!$input_errors) {
+ unset($a_pipes[$_GET['id']]);
+
+ /* renumber all rules and queues */
+ if (is_array($config['shaper']['rule'])) {
+ for ($i = 0; isset($config['shaper']['rule'][$i]); $i++) {
+ $currule = &$config['shaper']['rule'][$i];
+ if (isset($currule['targetpipe']) && ($currule['targetpipe'] > $_GET['id']))
+ $currule['targetpipe']--;
+ }
+ }
+ if (is_array($config['shaper']['queue'])) {
+ for ($i = 0; isset($config['shaper']['queue'][$i]); $i++) {
+ $curqueue = &$config['shaper']['queue'][$i];
+ if ($curqueue['targetpipe'] > $_GET['id'])
+ $curqueue['targetpipe']--;
+ }
+ }
+
+ write_config();
+ touch($d_shaperconfdirty_path);
+ header("Location: firewall_shaper_pipes.php");
+ exit;
+ }
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="firewall_shaper.php" method="post">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_shaperconfdirty_path)): ?><p>
+<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Rules' => 'firewall_shaper.php',
+ 'Pipes' => 'firewall_shaper_pipes.php',
+ 'Queues' => 'firewall_shaper_queues.php',
+ 'Magic shaper wizard' => 'firewall_shaper_magic.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="10%" class="listhdrr">No.</td>
+ <td width="15%" class="listhdrr">Bandwidth</td>
+ <td width="10%" class="listhdrr">Delay</td>
+ <td width="10%" class="listhdrr">PLR</td>
+ <td width="10%" class="listhdrr">Queue</td>
+ <td width="15%" class="listhdrr">Mask</td>
+ <td width="20%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_pipes as $pipe): ?>
+ <tr valign="top">
+ <td class="listlr">
+ <?=($i+1);?></td>
+ <td class="listr">
+ <?=htmlspecialchars($pipe['bandwidth']);?>
+ Kbit/s </td>
+ <td class="listr">
+ <?php if ($pipe['delay']): ?>
+ <?=$pipe['delay'];?>
+ ms
+ <?php endif; ?>
+ </td>
+ <td class="listr">
+ <?php if ($pipe['plr']): ?>
+ <?=$pipe['plr'];?>
+ <?php endif; ?>
+ </td>
+ <td class="listr">
+ <?php if ($pipe['qsize']): ?>
+ <?=htmlspecialchars($pipe['qsize']);?>
+ <?php endif; ?>
+ </td>
+ <td class="listr">
+ <?php if ($pipe['mask']): ?>
+ <?=$pipe['mask'];?>
+ <?php endif; ?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($pipe['descr']);?>
+ </td>
+ <td valign="middle" nowrap class="list"> <a href="firewall_shaper_pipes_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit pipe" width="17" height="17" border="0"></a>
+ <a href="firewall_shaper_pipes.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pipe?')"><img src="x.gif" title="delete pipe" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="7"></td>
+ <td class="list"> <a href="firewall_shaper_pipes_edit.php"><img src="plus.gif" title="add pipe" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table><br>
+ <strong><span class="red">Note:</span></strong> a pipe can
+ only be deleted if it is not referenced by any rules or queues.</td>
+ </tr>
+</table>
+ </form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Firewall", "Traffic shaper", "Queues");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['shaper']['pipe'])) {\r
- $config['shaper']['pipe'] = array();\r
-}\r
-if (!is_array($config['shaper']['queue'])) {\r
- $config['shaper']['queue'] = array();\r
-}\r
-$a_queues = &$config['shaper']['queue'];\r
-$a_pipe = &$config['shaper']['pipe'];\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_queues[$_GET['id']]) {\r
- /* check that no rule references this queue */\r
- if (is_array($config['shaper']['rule'])) {\r
- foreach ($config['shaper']['rule'] as $rule) {\r
- if (isset($rule['targetqueue']) && ($rule['targetqueue'] == $_GET['id'])) {\r
- $input_errors[] = "This queue cannot be deleted because it is still referenced by a rule.";\r
- break;\r
- }\r
- }\r
- }\r
- \r
- if (!$input_errors) {\r
- unset($a_queues[$_GET['id']]);\r
- \r
- /* renumber all rules */\r
- if (is_array($config['shaper']['rule'])) {\r
- for ($i = 0; isset($config['shaper']['rule'][$i]); $i++) {\r
- $currule = &$config['shaper']['rule'][$i];\r
- if (isset($currule['targetqueue']) && ($currule['targetqueue'] > $_GET['id']))\r
- $currule['targetqueue']--;\r
- }\r
- }\r
- \r
- write_config();\r
- touch($d_shaperconfdirty_path);\r
- header("Location: firewall_shaper_queues.php");\r
- exit;\r
- }\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="firewall_shaper.php" method="post">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_shaperconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Rules' => 'firewall_shaper.php',\r
- 'Pipes' => 'firewall_shaper_pipes.php',\r
- 'Queues' => 'firewall_shaper_queues.php',\r
- 'Magic shaper wizard' => 'firewall_shaper_magic.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td width="10%" class="listhdrr">No.</td>\r
- <td width="25%" class="listhdrr">Pipe</td>\r
- <td width="5%" class="listhdrr">Weight</td>\r
- <td width="20%" class="listhdrr">Mask</td>\r
- <td width="30%" class="listhdr">Description</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_queues as $queue): ?>\r
- <tr valign="top"> \r
- <td class="listlr"> \r
- <?=($i+1);?></td>\r
- <td class="listr"> \r
- <?php\r
- if ($a_pipe[$queue['targetpipe']]['descr'])\r
- $desc = htmlspecialchars($a_pipe[$queue['targetpipe']]['descr']);\r
- else \r
- $desc = "Pipe " . ($queue['targetpipe']+1);\r
- ?> \r
- <a href="firewall_shaper_pipes_edit.php?id=<?=$queue['targetpipe'];?>"><?=$desc;?></a></td>\r
- <td class="listr"> \r
- <?=$queue['weight'];?></td>\r
- <td class="listr"> \r
- <?php if ($queue['mask']): ?>\r
- <?=$queue['mask'];?>\r
- <?php endif; ?>\r
- </td>\r
- <td class="listbg"> \r
- <?=htmlspecialchars($queue['descr']);?>\r
- </td>\r
- <td valign="middle" nowrap class="list"> <a href="firewall_shaper_queues_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit queue" width="17" height="17" border="0"></a> \r
- <a href="firewall_shaper_queues.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this queue?')"><img src="x.gif" title="delete queue" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="5"></td>\r
- <td class="list"> <a href="firewall_shaper_queues_edit.php"><img src="plus.gif" title="add queue" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table><br>\r
- <strong><span class="red">Note:</span></strong> a queue can \r
- only be deleted if it is not referenced by any rules.</td>\r
- </tr>\r
-</table>\r
- </form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Firewall", "Traffic shaper", "Queues");
+require("guiconfig.inc");
+
+if (!is_array($config['shaper']['pipe'])) {
+ $config['shaper']['pipe'] = array();
+}
+if (!is_array($config['shaper']['queue'])) {
+ $config['shaper']['queue'] = array();
+}
+$a_queues = &$config['shaper']['queue'];
+$a_pipe = &$config['shaper']['pipe'];
+
+if ($_GET['act'] == "del") {
+ if ($a_queues[$_GET['id']]) {
+ /* check that no rule references this queue */
+ if (is_array($config['shaper']['rule'])) {
+ foreach ($config['shaper']['rule'] as $rule) {
+ if (isset($rule['targetqueue']) && ($rule['targetqueue'] == $_GET['id'])) {
+ $input_errors[] = "This queue cannot be deleted because it is still referenced by a rule.";
+ break;
+ }
+ }
+ }
+
+ if (!$input_errors) {
+ unset($a_queues[$_GET['id']]);
+
+ /* renumber all rules */
+ if (is_array($config['shaper']['rule'])) {
+ for ($i = 0; isset($config['shaper']['rule'][$i]); $i++) {
+ $currule = &$config['shaper']['rule'][$i];
+ if (isset($currule['targetqueue']) && ($currule['targetqueue'] > $_GET['id']))
+ $currule['targetqueue']--;
+ }
+ }
+
+ write_config();
+ touch($d_shaperconfdirty_path);
+ header("Location: firewall_shaper_queues.php");
+ exit;
+ }
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="firewall_shaper.php" method="post">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_shaperconfdirty_path)): ?><p>
+<?php print_info_box_np("The traffic shaper configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Rules' => 'firewall_shaper.php',
+ 'Pipes' => 'firewall_shaper_pipes.php',
+ 'Queues' => 'firewall_shaper_queues.php',
+ 'Magic shaper wizard' => 'firewall_shaper_magic.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="10%" class="listhdrr">No.</td>
+ <td width="25%" class="listhdrr">Pipe</td>
+ <td width="5%" class="listhdrr">Weight</td>
+ <td width="20%" class="listhdrr">Mask</td>
+ <td width="30%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_queues as $queue): ?>
+ <tr valign="top">
+ <td class="listlr">
+ <?=($i+1);?></td>
+ <td class="listr">
+ <?php
+ if ($a_pipe[$queue['targetpipe']]['descr'])
+ $desc = htmlspecialchars($a_pipe[$queue['targetpipe']]['descr']);
+ else
+ $desc = "Pipe " . ($queue['targetpipe']+1);
+ ?>
+ <a href="firewall_shaper_pipes_edit.php?id=<?=$queue['targetpipe'];?>"><?=$desc;?></a></td>
+ <td class="listr">
+ <?=$queue['weight'];?></td>
+ <td class="listr">
+ <?php if ($queue['mask']): ?>
+ <?=$queue['mask'];?>
+ <?php endif; ?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($queue['descr']);?>
+ </td>
+ <td valign="middle" nowrap class="list"> <a href="firewall_shaper_queues_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit queue" width="17" height="17" border="0"></a>
+ <a href="firewall_shaper_queues.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this queue?')"><img src="x.gif" title="delete queue" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="5"></td>
+ <td class="list"> <a href="firewall_shaper_queues_edit.php"><img src="plus.gif" title="add queue" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table><br>
+ <strong><span class="red">Note:</span></strong> a queue can
+ only be deleted if it is not referenced by any rules.</td>
+ </tr>
+</table>
+ </form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Services", "Captive portal");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['captiveportal'])) {\r
- $config['captiveportal'] = array();\r
- $config['captiveportal']['page'] = array();\r
- $config['captiveportal']['timeout'] = 60;\r
-}\r
-\r
-if ($_GET['act'] == "viewhtml") {\r
- echo base64_decode($config['captiveportal']['page']['htmltext']);\r
- exit;\r
-} else if ($_GET['act'] == "viewerrhtml") {\r
- echo base64_decode($config['captiveportal']['page']['errtext']);\r
- exit;\r
-}\r
-\r
-$pconfig['cinterface'] = $config['captiveportal']['interface'];\r
-$pconfig['maxproc'] = $config['captiveportal']['maxproc'];\r
-$pconfig['maxprocperip'] = $config['captiveportal']['maxprocperip'];\r
-$pconfig['timeout'] = $config['captiveportal']['timeout'];\r
-$pconfig['idletimeout'] = $config['captiveportal']['idletimeout'];\r
-$pconfig['enable'] = isset($config['captiveportal']['enable']);\r
-$pconfig['auth_method'] = $config['captiveportal']['auth_method'];\r
-$pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']);\r
-$pconfig['radmac_enable'] = isset($config['captiveportal']['radmac_enable']);\r
-$pconfig['radmac_secret'] = $config['captiveportal']['radmac_secret'];\r
-$pconfig['reauthenticate'] = isset($config['captiveportal']['reauthenticate']);\r
-$pconfig['reauthenticateacct'] = $config['captiveportal']['reauthenticateacct'];\r
-$pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']);\r
-$pconfig['httpsname'] = $config['captiveportal']['httpsname'];\r
-$pconfig['cert'] = base64_decode($config['captiveportal']['certificate']);\r
-$pconfig['key'] = base64_decode($config['captiveportal']['private-key']);\r
-$pconfig['logoutwin_enable'] = isset($config['captiveportal']['logoutwin_enable']);\r
-$pconfig['nomacfilter'] = isset($config['captiveportal']['nomacfilter']);\r
-$pconfig['noconcurrentlogins'] = isset($config['captiveportal']['noconcurrentlogins']);\r
-$pconfig['redirurl'] = $config['captiveportal']['redirurl'];\r
-$pconfig['radiusip'] = $config['captiveportal']['radiusip'];\r
-$pconfig['radiusip2'] = $config['captiveportal']['radiusip2'];\r
-$pconfig['radiusport'] = $config['captiveportal']['radiusport'];\r
-$pconfig['radiusport2'] = $config['captiveportal']['radiusport2'];\r
-$pconfig['radiusacctport'] = $config['captiveportal']['radiusacctport'];\r
-$pconfig['radiuskey'] = $config['captiveportal']['radiuskey'];\r
-$pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2'];\r
-$pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor'];\r
-$pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']);\r
-\r
-if ($_POST) {\r
-\r
- unset($input_errors);\r
- $pconfig = $_POST;\r
-\r
- /* input validation */\r
- if ($_POST['enable']) {\r
- $reqdfields = explode(" ", "cinterface");\r
- $reqdfieldsn = explode(",", "Interface");\r
- \r
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
- \r
- /* make sure no interfaces are bridged */\r
- for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {\r
- $coptif = &$config['interfaces']['opt' . $i];\r
- if (isset($coptif['enable']) && $coptif['bridge']) {\r
- $input_errors[] = "The captive portal cannot be used when one or more interfaces are bridged.";\r
- break;\r
- }\r
- }\r
- \r
- if ($_POST['httpslogin_enable']) {\r
- if (!$_POST['cert'] || !$_POST['key']) {\r
- $input_errors[] = "Certificate and key must be specified for HTTPS login.";\r
- } else {\r
- if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))\r
- $input_errors[] = "This certificate does not appear to be valid.";\r
- if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['key'], "END RSA PRIVATE KEY"))\r
- $input_errors[] = "This key does not appear to be valid.";\r
- }\r
- \r
- if (!$_POST['httpsname'] || !is_domain($_POST['httpsname'])) {\r
- $input_errors[] = "The HTTPS server name must be specified for HTTPS login.";\r
- }\r
- }\r
- }\r
- \r
- if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1))) {\r
- $input_errors[] = "The timeout must be at least 1 minute.";\r
- }\r
- if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) || ($_POST['idletimeout'] < 1))) {\r
- $input_errors[] = "The idle timeout must be at least 1 minute.";\r
- }\r
- if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {\r
- $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip']."]";\r
- }\r
- if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) {\r
- $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip2']."]";\r
- }\r
- if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {\r
- $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport']."]";\r
- }\r
- if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) {\r
- $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport2']."]";\r
- }\r
- if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {\r
- $input_errors[] = "A valid port number must be specified. [".$_POST['radiusacctport']."]";\r
- }\r
- if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) || ($_POST['maxproc'] < 4) || ($_POST['maxproc'] > 100))) {\r
- $input_errors[] = "The total maximum number of concurrent connections must be between 4 and 100.";\r
- }\r
- $mymaxproc = $_POST['maxproc'] ? $_POST['maxproc'] : 16;\r
- if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) || ($_POST['maxprocperip'] > $mymaxproc))) {\r
- $input_errors[] = "The maximum number of concurrent connections per client IP address may not be larger than the global maximum.";\r
- }\r
-\r
- if (!$input_errors) {\r
- $config['captiveportal']['interface'] = $_POST['cinterface'];\r
- $config['captiveportal']['maxproc'] = $_POST['maxproc'];\r
- $config['captiveportal']['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false;\r
- $config['captiveportal']['timeout'] = $_POST['timeout'];\r
- $config['captiveportal']['idletimeout'] = $_POST['idletimeout'];\r
- $config['captiveportal']['enable'] = $_POST['enable'] ? true : false;\r
- $config['captiveportal']['auth_method'] = $_POST['auth_method'];\r
- $config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false;\r
- $config['captiveportal']['reauthenticate'] = $_POST['reauthenticate'] ? true : false;\r
- $config['captiveportal']['radmac_enable'] = $_POST['radmac_enable'] ? true : false;\r
- $config['captiveportal']['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false;\r
- $config['captiveportal']['reauthenticateacct'] = $_POST['reauthenticateacct'];\r
- $config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;\r
- $config['captiveportal']['httpsname'] = $_POST['httpsname'];\r
- $config['captiveportal']['certificate'] = base64_encode($_POST['cert']);\r
- $config['captiveportal']['private-key'] = base64_encode($_POST['key']);\r
- $config['captiveportal']['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;\r
- $config['captiveportal']['nomacfilter'] = $_POST['nomacfilter'] ? true : false;\r
- $config['captiveportal']['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false;\r
- $config['captiveportal']['redirurl'] = $_POST['redirurl'];\r
- $config['captiveportal']['radiusip'] = $_POST['radiusip'];\r
- $config['captiveportal']['radiusip2'] = $_POST['radiusip2'];\r
- $config['captiveportal']['radiusport'] = $_POST['radiusport'];\r
- $config['captiveportal']['radiusport2'] = $_POST['radiusport2'];\r
- $config['captiveportal']['radiusacctport'] = $_POST['radiusacctport'];\r
- $config['captiveportal']['radiuskey'] = $_POST['radiuskey'];\r
- $config['captiveportal']['radiuskey2'] = $_POST['radiuskey2'];\r
- $config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false;\r
- $config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false;\r
- \r
- /* file upload? */\r
- if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))\r
- $config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));\r
- if (is_uploaded_file($_FILES['errfile']['tmp_name']))\r
- $config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));\r
- \r
- write_config();\r
- \r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval = captiveportal_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<script language="JavaScript">\r
-<!--\r
-function enable_change(enable_change) {\r
- var endis, radius_endis;\r
- endis = !(document.iform.enable.checked || enable_change);\r
- radius_endis = !((!endis && document.iform.auth_method[2].checked) || enable_change);\r
- \r
- document.iform.cinterface.disabled = endis;\r
- document.iform.maxproc.disabled = endis;\r
- document.iform.maxprocperip.disabled = endis;\r
- document.iform.idletimeout.disabled = endis;\r
- document.iform.timeout.disabled = endis;\r
- document.iform.redirurl.disabled = endis;\r
- document.iform.radiusip.disabled = radius_endis;\r
- document.iform.radiusip2.disabled = radius_endis;\r
- document.iform.radiusport.disabled = radius_endis;\r
- document.iform.radiusport2.disabled = radius_endis;\r
- document.iform.radiuskey.disabled = radius_endis;\r
- document.iform.radiuskey2.disabled = radius_endis;\r
- document.iform.radacct_enable.disabled = radius_endis;\r
- document.iform.reauthenticate.disabled = radius_endis;\r
- document.iform.auth_method[0].disabled = endis;\r
- document.iform.auth_method[1].disabled = endis;\r
- document.iform.auth_method[2].disabled = endis;\r
- document.iform.radmac_enable.disabled = radius_endis;\r
- document.iform.httpslogin_enable.disabled = endis;\r
- document.iform.httpsname.disabled = endis;\r
- document.iform.cert.disabled = endis;\r
- document.iform.key.disabled = endis;\r
- document.iform.logoutwin_enable.disabled = endis;\r
- document.iform.nomacfilter.disabled = endis;\r
- document.iform.noconcurrentlogins.disabled = endis;\r
- document.iform.radiusvendor.disabled = radius_endis;\r
- document.iform.radiussession_timeout.disabled = radius_endis;\r
- document.iform.htmlfile.disabled = endis;\r
- document.iform.errfile.disabled = endis;\r
- \r
- document.iform.radiusacctport.disabled = (radius_endis || !document.iform.radacct_enable.checked) && !enable_change;\r
- \r
- document.iform.radmac_secret.disabled = (radius_endis || !document.iform.radmac_enable.checked) && !enable_change;\r
- \r
- var reauthenticate_dis = (radius_endis || !document.iform.reauthenticate.checked) && !enable_change;\r
- document.iform.reauthenticateacct[0].disabled = reauthenticate_dis;\r
- document.iform.reauthenticateacct[1].disabled = reauthenticate_dis;\r
- document.iform.reauthenticateacct[2].disabled = reauthenticate_dis;\r
-}\r
-//-->\r
-</script>\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
- 'Pass-through MAC' => 'services_captiveportal_mac.php',\r
- 'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
- 'Users' => 'services_captiveportal_users.php',\r
- 'File Manager' => 'services_captiveportal_filemanager.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr>\r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable">\r
- <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">\r
- <strong>Enable captive portal </strong></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Interface</td>\r
- <td width="78%" class="vtable">\r
- <select name="cinterface" class="formfld" id="cinterface">\r
- <?php $interfaces = array('lan' => 'LAN');\r
- for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {\r
- if (isset($config['interfaces']['opt' . $i]['enable']))\r
- $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];\r
- }\r
- foreach ($interfaces as $iface => $ifacename): ?>\r
- <option value="<?=$iface;?>" <?php if ($iface == $pconfig['cinterface']) echo "selected"; ?>> \r
- <?=htmlspecialchars($ifacename);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <br>\r
- <span class="vexpl">Choose which interface to run the captive portal on.</span></td>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">Maximum concurrent connections</td>\r
- <td class="vtable">\r
- <table cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td><input name="maxprocperip" type="text" class="formfld" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> per client IP address (0 = no limit)</td>\r
- </tr>\r
- <tr>\r
- <td><input name="maxproc" type="text" class="formfld" id="maxproc" size="5" value="<?=htmlspecialchars($pconfig['maxproc']);?>"> total</td>\r
- </tr>\r
- </table>\r
-This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in\r
-to the captive portal, but rather how many users can load the portal page or authenticate at the same time!\r
-Default is 4 connections per client IP address, with a total maximum of 16 connections.</td>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">Idle timeout</td>\r
- <td class="vtable">\r
- <input name="idletimeout" type="text" class="formfld" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">\r
-minutes<br>\r
-Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Hard timeout</td>\r
- <td width="78%" class="vtable"> \r
- <input name="timeout" type="text" class="formfld" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>"> \r
- minutes<br>\r
- Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set).</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Logout popup window</td>\r
- <td width="78%" class="vtable"> \r
- <input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>\r
- <strong>Enable logout popup window</strong><br>\r
- If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs.</td>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">Redirection URL</td>\r
- <td class="vtable">\r
- <input name="redirurl" type="text" class="formfld" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">\r
- <br>\r
-If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried\r
-to access after they've authenticated.</td>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">Concurrent user logins</td>\r
- <td class="vtable">\r
- <input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked"; ?>>\r
- <strong>Disable concurrent logins</strong><br>\r
- If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected.</td>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">MAC filtering </td>\r
- <td class="vtable">\r
- <input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked"; ?>>\r
- <strong>Disable MAC filtering</strong><br>\r
- If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in.\r
- This is required when the MAC address of the client cannot be determined (usually because there are routers between m0n0wall and the clients).</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Authentication</td>\r
- <td width="78%" class="vtable"> \r
- <table cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onClick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked"; ?>>\r
- No authentication</td> \r
- </tr>\r
- <tr>\r
- <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked"; ?>>\r
- Local <a href="services_captiveportal_users.php">user manager</a></td> \r
- </tr>\r
- <tr>\r
- <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?>>\r
- RADIUS authentication</td> \r
- </tr><tr>\r
- <td> </td>\r
- <td> </td>\r
- </tr>\r
- </table>\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td colspan="2" valign="top" class="optsect_t2">Primary RADIUS server</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">IP address</td>\r
- <td class="vtable"><input name="radiusip" type="text" class="formfld" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"><br>\r
- Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against.</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">Port</td>\r
- <td class="vtable"><input name="radiusport" type="text" class="formfld" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"><br>\r
- Leave this field blank to use the default port (1812).</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">Shared secret </td>\r
- <td class="vtable"><input name="radiuskey" type="text" class="formfld" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"><br>\r
- Leave this field blank to not use a RADIUS shared secret (not recommended).</td>\r
- </tr>\r
- <tr> \r
- <td colspan="2" class="list" height="12"></td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" valign="top" class="optsect_t2">Secondary RADIUS server</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">IP address</td>\r
- <td class="vtable"><input name="radiusip2" type="text" class="formfld" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>"><br>\r
- If you have a second RADIUS server, you can activate it by entering its IP address here.</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">Port</td>\r
- <td class="vtable"><input name="radiusport2" type="text" class="formfld" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>"></td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">Shared secret </td>\r
- <td class="vtable"><input name="radiuskey2" type="text" class="formfld" id="radiuskey2" size="16" value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td>\r
- </tr>\r
- <tr> \r
- <td colspan="2" class="list" height="12"></td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" valign="top" class="optsect_t2">Accounting</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell"> </td>\r
- <td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked"; ?>>\r
- <strong>send RADIUS accounting packets</strong><br>\r
- If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server.</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">Accounting port</td>\r
- <td class="vtable"><input name="radiusacctport" type="text" class="formfld" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"><br>\r
- Leave blank to use the default port (1813).</td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" class="list" height="12"></td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" valign="top" class="optsect_t2">Reauthentication</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell"> </td>\r
- <td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onClick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked"; ?>>\r
- <strong>Reauthenticate connected users every minute</strong><br>\r
- If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is\r
- logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately.</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">Accounting updates</td>\r
- <td class="vtable">\r
- <input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked"; ?>> no accounting updates<br>\r
- <input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked"; ?>> stop/start accounting<br>\r
- <input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked"; ?>> interim update\r
- </td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" class="list" height="12"></td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" valign="top" class="optsect_t2">RADIUS MAC authentication</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell"> </td>\r
- <td class="vtable">\r
- <input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onClick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked"; ?>><strong>Enable RADIUS MAC authentication</strong><br>\r
- If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password\r
- entered below to the RADIUS server.</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell">Shared secret</td>\r
- <td class="vtable"><input name="radmac_secret" type="text" class="formfld" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>"></td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" class="list" height="12"></td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" valign="top" class="optsect_t2">RADIUS options</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">Session-Timeout</td>\r
- <td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong>Use RADIUS Session-Timeout attributes</strong><br>\r
- When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute.</td>\r
- </tr>\r
- <tr>\r
- <td class="vncell" valign="top">Type</td>\r
- <td class="vtable"><select name="radiusvendor" id="radiusvendor">\r
- <option>default</option>\r
- <?php \r
- $radiusvendors = array("cisco");\r
- foreach ($radiusvendors as $radiusvendor){\r
- if ($pconfig['radiusvendor'] == $radiusvendor)\r
- echo "<option selected value=\"$radiusvendor\">$radiusvendor</option>\n";\r
- else\r
- echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n";\r
- }\r
- ?></select><br>\r
- If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and\r
- the Called-Station-Id to the client's MAC address. Default behaviour is Calling-Station-Id = client's MAC address and Called-Station-Id = m0n0wall's WAN IP address.</td>\r
- </tr>\r
- </table>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">HTTPS login</td>\r
- <td class="vtable">\r
- <input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>>\r
- <strong>Enable HTTPS login</strong><br>\r
- If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below.</td>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">HTTPS server name </td>\r
- <td class="vtable">\r
- <input name="httpsname" type="text" class="formfld" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>\r
- This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS. </td>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">HTTPS certificate</td>\r
- <td class="vtable">\r
- <textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>\r
- <br>\r
- Paste a signed certificate in X.509 PEM format here.</td>\r
- </tr>\r
- <tr>\r
- <td valign="top" class="vncell">HTTPS private key</td>\r
- <td class="vtable">\r
- <textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>\r
- <br>\r
- Paste an RSA private key in PEM format here.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Portal page contents</td>\r
- <td width="78%" class="vtable"> \r
- <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld" id="htmlfile"><br>\r
- <?php if ($config['captiveportal']['page']['htmltext']): ?>\r
- <a href="?act=viewhtml" target="_blank">View current page</a> \r
- <br>\r
- <br>\r
- <?php endif; ?>\r
- Upload an HTML file for the portal page here (leave blank to keep the current one). Make sure to include a form (POST to "$PORTAL_ACTION$")\r
-with a submit button (name="accept") and a hidden field with name="redirurl" and value="$PORTAL_REDIRURL$".\r
-Include the "auth_user" and "auth_pass" input fields if authentication is enabled, otherwise it will always fail.\r
-Example code for the form:<br>\r
- <br>\r
- <tt><form method="post" action="$PORTAL_ACTION$"><br>\r
- <input name="auth_user" type="text"><br>\r
- <input name="auth_pass" type="password"><br>\r
- <input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br>\r
- <input name="accept" type="submit" value="Continue"><br>\r
- </form></tt></td>\r
- </tr>\r
- <tr>\r
- <td width="22%" valign="top" class="vncell">Authentication<br>\r
- error page<br>\r
- contents</td>\r
- <td class="vtable">\r
- <input name="errfile" type="file" class="formfld" id="errfile"><br>\r
- <?php if ($config['captiveportal']['page']['errtext']): ?>\r
- <a href="?act=viewerrhtml" target="_blank">View current page</a> \r
- <br>\r
- <br>\r
- <?php endif; ?>\r
-The contents of the HTML file that you upload here are displayed when an authentication error occurs.\r
-You may include "$PORTAL_MESSAGE$", which will be replaced by the error or reply messages from the RADIUS server, if any.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)"> \r
- </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>\r
- </strong></span>Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work. </span></td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
- </table>\r
-</form>\r
-<script language="JavaScript">\r
-<!--\r
-enable_change(false);\r
-//-->\r
-</script>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Services", "Captive portal");
+require("guiconfig.inc");
+
+if (!is_array($config['captiveportal'])) {
+ $config['captiveportal'] = array();
+ $config['captiveportal']['page'] = array();
+ $config['captiveportal']['timeout'] = 60;
+}
+
+if ($_GET['act'] == "viewhtml") {
+ echo base64_decode($config['captiveportal']['page']['htmltext']);
+ exit;
+} else if ($_GET['act'] == "viewerrhtml") {
+ echo base64_decode($config['captiveportal']['page']['errtext']);
+ exit;
+}
+
+$pconfig['cinterface'] = $config['captiveportal']['interface'];
+$pconfig['maxproc'] = $config['captiveportal']['maxproc'];
+$pconfig['maxprocperip'] = $config['captiveportal']['maxprocperip'];
+$pconfig['timeout'] = $config['captiveportal']['timeout'];
+$pconfig['idletimeout'] = $config['captiveportal']['idletimeout'];
+$pconfig['enable'] = isset($config['captiveportal']['enable']);
+$pconfig['auth_method'] = $config['captiveportal']['auth_method'];
+$pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']);
+$pconfig['radmac_enable'] = isset($config['captiveportal']['radmac_enable']);
+$pconfig['radmac_secret'] = $config['captiveportal']['radmac_secret'];
+$pconfig['reauthenticate'] = isset($config['captiveportal']['reauthenticate']);
+$pconfig['reauthenticateacct'] = $config['captiveportal']['reauthenticateacct'];
+$pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']);
+$pconfig['httpsname'] = $config['captiveportal']['httpsname'];
+$pconfig['cert'] = base64_decode($config['captiveportal']['certificate']);
+$pconfig['key'] = base64_decode($config['captiveportal']['private-key']);
+$pconfig['logoutwin_enable'] = isset($config['captiveportal']['logoutwin_enable']);
+$pconfig['nomacfilter'] = isset($config['captiveportal']['nomacfilter']);
+$pconfig['noconcurrentlogins'] = isset($config['captiveportal']['noconcurrentlogins']);
+$pconfig['redirurl'] = $config['captiveportal']['redirurl'];
+$pconfig['radiusip'] = $config['captiveportal']['radiusip'];
+$pconfig['radiusip2'] = $config['captiveportal']['radiusip2'];
+$pconfig['radiusport'] = $config['captiveportal']['radiusport'];
+$pconfig['radiusport2'] = $config['captiveportal']['radiusport2'];
+$pconfig['radiusacctport'] = $config['captiveportal']['radiusacctport'];
+$pconfig['radiuskey'] = $config['captiveportal']['radiuskey'];
+$pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2'];
+$pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor'];
+$pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']);
+
+if ($_POST) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ if ($_POST['enable']) {
+ $reqdfields = explode(" ", "cinterface");
+ $reqdfieldsn = explode(",", "Interface");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ /* make sure no interfaces are bridged */
+ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
+ $coptif = &$config['interfaces']['opt' . $i];
+ if (isset($coptif['enable']) && $coptif['bridge']) {
+ $input_errors[] = "The captive portal cannot be used when one or more interfaces are bridged.";
+ break;
+ }
+ }
+
+ if ($_POST['httpslogin_enable']) {
+ if (!$_POST['cert'] || !$_POST['key']) {
+ $input_errors[] = "Certificate and key must be specified for HTTPS login.";
+ } else {
+ if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))
+ $input_errors[] = "This certificate does not appear to be valid.";
+ if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['key'], "END RSA PRIVATE KEY"))
+ $input_errors[] = "This key does not appear to be valid.";
+ }
+
+ if (!$_POST['httpsname'] || !is_domain($_POST['httpsname'])) {
+ $input_errors[] = "The HTTPS server name must be specified for HTTPS login.";
+ }
+ }
+ }
+
+ if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1))) {
+ $input_errors[] = "The timeout must be at least 1 minute.";
+ }
+ if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) || ($_POST['idletimeout'] < 1))) {
+ $input_errors[] = "The idle timeout must be at least 1 minute.";
+ }
+ if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {
+ $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip']."]";
+ }
+ if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) {
+ $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip2']."]";
+ }
+ if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {
+ $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport']."]";
+ }
+ if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) {
+ $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport2']."]";
+ }
+ if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {
+ $input_errors[] = "A valid port number must be specified. [".$_POST['radiusacctport']."]";
+ }
+ if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) || ($_POST['maxproc'] < 4) || ($_POST['maxproc'] > 100))) {
+ $input_errors[] = "The total maximum number of concurrent connections must be between 4 and 100.";
+ }
+ $mymaxproc = $_POST['maxproc'] ? $_POST['maxproc'] : 16;
+ if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) || ($_POST['maxprocperip'] > $mymaxproc))) {
+ $input_errors[] = "The maximum number of concurrent connections per client IP address may not be larger than the global maximum.";
+ }
+
+ if (!$input_errors) {
+ $config['captiveportal']['interface'] = $_POST['cinterface'];
+ $config['captiveportal']['maxproc'] = $_POST['maxproc'];
+ $config['captiveportal']['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false;
+ $config['captiveportal']['timeout'] = $_POST['timeout'];
+ $config['captiveportal']['idletimeout'] = $_POST['idletimeout'];
+ $config['captiveportal']['enable'] = $_POST['enable'] ? true : false;
+ $config['captiveportal']['auth_method'] = $_POST['auth_method'];
+ $config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false;
+ $config['captiveportal']['reauthenticate'] = $_POST['reauthenticate'] ? true : false;
+ $config['captiveportal']['radmac_enable'] = $_POST['radmac_enable'] ? true : false;
+ $config['captiveportal']['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false;
+ $config['captiveportal']['reauthenticateacct'] = $_POST['reauthenticateacct'];
+ $config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;
+ $config['captiveportal']['httpsname'] = $_POST['httpsname'];
+ $config['captiveportal']['certificate'] = base64_encode($_POST['cert']);
+ $config['captiveportal']['private-key'] = base64_encode($_POST['key']);
+ $config['captiveportal']['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;
+ $config['captiveportal']['nomacfilter'] = $_POST['nomacfilter'] ? true : false;
+ $config['captiveportal']['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false;
+ $config['captiveportal']['redirurl'] = $_POST['redirurl'];
+ $config['captiveportal']['radiusip'] = $_POST['radiusip'];
+ $config['captiveportal']['radiusip2'] = $_POST['radiusip2'];
+ $config['captiveportal']['radiusport'] = $_POST['radiusport'];
+ $config['captiveportal']['radiusport2'] = $_POST['radiusport2'];
+ $config['captiveportal']['radiusacctport'] = $_POST['radiusacctport'];
+ $config['captiveportal']['radiuskey'] = $_POST['radiuskey'];
+ $config['captiveportal']['radiuskey2'] = $_POST['radiuskey2'];
+ $config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false;
+ $config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false;
+
+ /* file upload? */
+ if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))
+ $config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));
+ if (is_uploaded_file($_FILES['errfile']['tmp_name']))
+ $config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));
+
+ write_config();
+
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval = captiveportal_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<script language="JavaScript">
+<!--
+function enable_change(enable_change) {
+ var endis, radius_endis;
+ endis = !(document.iform.enable.checked || enable_change);
+ radius_endis = !((!endis && document.iform.auth_method[2].checked) || enable_change);
+
+ document.iform.cinterface.disabled = endis;
+ document.iform.maxproc.disabled = endis;
+ document.iform.maxprocperip.disabled = endis;
+ document.iform.idletimeout.disabled = endis;
+ document.iform.timeout.disabled = endis;
+ document.iform.redirurl.disabled = endis;
+ document.iform.radiusip.disabled = radius_endis;
+ document.iform.radiusip2.disabled = radius_endis;
+ document.iform.radiusport.disabled = radius_endis;
+ document.iform.radiusport2.disabled = radius_endis;
+ document.iform.radiuskey.disabled = radius_endis;
+ document.iform.radiuskey2.disabled = radius_endis;
+ document.iform.radacct_enable.disabled = radius_endis;
+ document.iform.reauthenticate.disabled = radius_endis;
+ document.iform.auth_method[0].disabled = endis;
+ document.iform.auth_method[1].disabled = endis;
+ document.iform.auth_method[2].disabled = endis;
+ document.iform.radmac_enable.disabled = radius_endis;
+ document.iform.httpslogin_enable.disabled = endis;
+ document.iform.httpsname.disabled = endis;
+ document.iform.cert.disabled = endis;
+ document.iform.key.disabled = endis;
+ document.iform.logoutwin_enable.disabled = endis;
+ document.iform.nomacfilter.disabled = endis;
+ document.iform.noconcurrentlogins.disabled = endis;
+ document.iform.radiusvendor.disabled = radius_endis;
+ document.iform.radiussession_timeout.disabled = radius_endis;
+ document.iform.htmlfile.disabled = endis;
+ document.iform.errfile.disabled = endis;
+
+ document.iform.radiusacctport.disabled = (radius_endis || !document.iform.radacct_enable.checked) && !enable_change;
+
+ document.iform.radmac_secret.disabled = (radius_endis || !document.iform.radmac_enable.checked) && !enable_change;
+
+ var reauthenticate_dis = (radius_endis || !document.iform.reauthenticate.checked) && !enable_change;
+ document.iform.reauthenticateacct[0].disabled = reauthenticate_dis;
+ document.iform.reauthenticateacct[1].disabled = reauthenticate_dis;
+ document.iform.reauthenticateacct[2].disabled = reauthenticate_dis;
+}
+//-->
+</script>
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Captive Portal' => 'services_captiveportal.php',
+ 'Pass-through MAC' => 'services_captiveportal_mac.php',
+ 'Allowed IP addresses' => 'services_captiveportal_ip.php',
+ 'Users' => 'services_captiveportal_users.php',
+ 'File Manager' => 'services_captiveportal_filemanager.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable">
+ <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
+ <strong>Enable captive portal </strong></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Interface</td>
+ <td width="78%" class="vtable">
+ <select name="cinterface" class="formfld" id="cinterface">
+ <?php $interfaces = array('lan' => 'LAN');
+ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
+ if (isset($config['interfaces']['opt' . $i]['enable']))
+ $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
+ }
+ foreach ($interfaces as $iface => $ifacename): ?>
+ <option value="<?=$iface;?>" <?php if ($iface == $pconfig['cinterface']) echo "selected"; ?>>
+ <?=htmlspecialchars($ifacename);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <br>
+ <span class="vexpl">Choose which interface to run the captive portal on.</span></td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">Maximum concurrent connections</td>
+ <td class="vtable">
+ <table cellpadding="0" cellspacing="0">
+ <tr>
+ <td><input name="maxprocperip" type="text" class="formfld" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> per client IP address (0 = no limit)</td>
+ </tr>
+ <tr>
+ <td><input name="maxproc" type="text" class="formfld" id="maxproc" size="5" value="<?=htmlspecialchars($pconfig['maxproc']);?>"> total</td>
+ </tr>
+ </table>
+This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in
+to the captive portal, but rather how many users can load the portal page or authenticate at the same time!
+Default is 4 connections per client IP address, with a total maximum of 16 connections.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">Idle timeout</td>
+ <td class="vtable">
+ <input name="idletimeout" type="text" class="formfld" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">
+minutes<br>
+Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Hard timeout</td>
+ <td width="78%" class="vtable">
+ <input name="timeout" type="text" class="formfld" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>">
+ minutes<br>
+ Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set).</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Logout popup window</td>
+ <td width="78%" class="vtable">
+ <input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>
+ <strong>Enable logout popup window</strong><br>
+ If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">Redirection URL</td>
+ <td class="vtable">
+ <input name="redirurl" type="text" class="formfld" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">
+ <br>
+If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried
+to access after they've authenticated.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">Concurrent user logins</td>
+ <td class="vtable">
+ <input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked"; ?>>
+ <strong>Disable concurrent logins</strong><br>
+ If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">MAC filtering </td>
+ <td class="vtable">
+ <input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked"; ?>>
+ <strong>Disable MAC filtering</strong><br>
+ If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in.
+ This is required when the MAC address of the client cannot be determined (usually because there are routers between m0n0wall and the clients).</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Authentication</td>
+ <td width="78%" class="vtable">
+ <table cellpadding="0" cellspacing="0">
+ <tr>
+ <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onClick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked"; ?>>
+ No authentication</td>
+ </tr>
+ <tr>
+ <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked"; ?>>
+ Local <a href="services_captiveportal_users.php">user manager</a></td>
+ </tr>
+ <tr>
+ <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?>>
+ RADIUS authentication</td>
+ </tr><tr>
+ <td> </td>
+ <td> </td>
+ </tr>
+ </table>
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" valign="top" class="optsect_t2">Primary RADIUS server</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">IP address</td>
+ <td class="vtable"><input name="radiusip" type="text" class="formfld" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"><br>
+ Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against.</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">Port</td>
+ <td class="vtable"><input name="radiusport" type="text" class="formfld" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"><br>
+ Leave this field blank to use the default port (1812).</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">Shared secret </td>
+ <td class="vtable"><input name="radiuskey" type="text" class="formfld" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"><br>
+ Leave this field blank to not use a RADIUS shared secret (not recommended).</td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list" height="12"></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="optsect_t2">Secondary RADIUS server</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">IP address</td>
+ <td class="vtable"><input name="radiusip2" type="text" class="formfld" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>"><br>
+ If you have a second RADIUS server, you can activate it by entering its IP address here.</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">Port</td>
+ <td class="vtable"><input name="radiusport2" type="text" class="formfld" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>"></td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">Shared secret </td>
+ <td class="vtable"><input name="radiuskey2" type="text" class="formfld" id="radiuskey2" size="16" value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list" height="12"></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="optsect_t2">Accounting</td>
+ </tr>
+ <tr>
+ <td class="vncell"> </td>
+ <td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked"; ?>>
+ <strong>send RADIUS accounting packets</strong><br>
+ If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server.</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">Accounting port</td>
+ <td class="vtable"><input name="radiusacctport" type="text" class="formfld" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"><br>
+ Leave blank to use the default port (1813).</td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list" height="12"></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="optsect_t2">Reauthentication</td>
+ </tr>
+ <tr>
+ <td class="vncell"> </td>
+ <td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onClick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked"; ?>>
+ <strong>Reauthenticate connected users every minute</strong><br>
+ If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is
+ logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately.</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">Accounting updates</td>
+ <td class="vtable">
+ <input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked"; ?>> no accounting updates<br>
+ <input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked"; ?>> stop/start accounting<br>
+ <input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked"; ?>> interim update
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list" height="12"></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="optsect_t2">RADIUS MAC authentication</td>
+ </tr>
+ <tr>
+ <td class="vncell"> </td>
+ <td class="vtable">
+ <input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onClick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked"; ?>><strong>Enable RADIUS MAC authentication</strong><br>
+ If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password
+ entered below to the RADIUS server.</td>
+ </tr>
+ <tr>
+ <td class="vncell">Shared secret</td>
+ <td class="vtable"><input name="radmac_secret" type="text" class="formfld" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>"></td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list" height="12"></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="optsect_t2">RADIUS options</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">Session-Timeout</td>
+ <td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong>Use RADIUS Session-Timeout attributes</strong><br>
+ When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute.</td>
+ </tr>
+ <tr>
+ <td class="vncell" valign="top">Type</td>
+ <td class="vtable"><select name="radiusvendor" id="radiusvendor">
+ <option>default</option>
+ <?php
+ $radiusvendors = array("cisco");
+ foreach ($radiusvendors as $radiusvendor){
+ if ($pconfig['radiusvendor'] == $radiusvendor)
+ echo "<option selected value=\"$radiusvendor\">$radiusvendor</option>\n";
+ else
+ echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n";
+ }
+ ?></select><br>
+ If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and
+ the Called-Station-Id to the client's MAC address. Default behaviour is Calling-Station-Id = client's MAC address and Called-Station-Id = m0n0wall's WAN IP address.</td>
+ </tr>
+ </table>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">HTTPS login</td>
+ <td class="vtable">
+ <input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>>
+ <strong>Enable HTTPS login</strong><br>
+ If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">HTTPS server name </td>
+ <td class="vtable">
+ <input name="httpsname" type="text" class="formfld" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>
+ This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS. </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">HTTPS certificate</td>
+ <td class="vtable">
+ <textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>
+ <br>
+ Paste a signed certificate in X.509 PEM format here.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">HTTPS private key</td>
+ <td class="vtable">
+ <textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>
+ <br>
+ Paste an RSA private key in PEM format here.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Portal page contents</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld" id="htmlfile"><br>
+ <?php if ($config['captiveportal']['page']['htmltext']): ?>
+ <a href="?act=viewhtml" target="_blank">View current page</a>
+ <br>
+ <br>
+ <?php endif; ?>
+ Upload an HTML file for the portal page here (leave blank to keep the current one). Make sure to include a form (POST to "$PORTAL_ACTION$")
+with a submit button (name="accept") and a hidden field with name="redirurl" and value="$PORTAL_REDIRURL$".
+Include the "auth_user" and "auth_pass" input fields if authentication is enabled, otherwise it will always fail.
+Example code for the form:<br>
+ <br>
+ <tt><form method="post" action="$PORTAL_ACTION$"><br>
+ <input name="auth_user" type="text"><br>
+ <input name="auth_pass" type="password"><br>
+ <input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br>
+ <input name="accept" type="submit" value="Continue"><br>
+ </form></tt></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Authentication<br>
+ error page<br>
+ contents</td>
+ <td class="vtable">
+ <input name="errfile" type="file" class="formfld" id="errfile"><br>
+ <?php if ($config['captiveportal']['page']['errtext']): ?>
+ <a href="?act=viewerrhtml" target="_blank">View current page</a>
+ <br>
+ <br>
+ <?php endif; ?>
+The contents of the HTML file that you upload here are displayed when an authentication error occurs.
+You may include "$PORTAL_MESSAGE$", which will be replaced by the error or reply messages from the RADIUS server, if any.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)">
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>
+ </strong></span>Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work. </span></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+<script language="JavaScript">
+<!--
+enable_change(false);
+//-->
+</script>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
-\r
- Copyright (C) 2005-2006 Jonathan De Graeve (jonathan.de.graeve@imelda.be)\r
- and Paul Taylor (paultaylor@winn-dixie.com).\r
- All rights reserved.\r
-\r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Services", "Captive portal", "File Manager");\r
-\r
-require_once("guiconfig.inc");\r
-\r
-if (!is_array($config['captiveportal']['element']))\r
- $config['captiveportal']['element'] = array();\r
-\r
-cpelements_sort();\r
-$a_element = &$config['captiveportal']['element'];\r
-\r
-// Calculate total size of all files\r
-$total_size = 0;\r
-foreach ($a_element as $element) {\r
- $total_size += $element['size'];\r
-}\r
-\r
-if ($_POST) {\r
- unset($input_errors);\r
- \r
- if (is_uploaded_file($_FILES['new']['tmp_name'])) {\r
- \r
- $name = $_FILES['new']['name'];\r
- $size = filesize($_FILES['new']['tmp_name']);\r
- \r
- // is there already a file with that name?\r
- foreach ($a_element as $element) {\r
- if ($element['name'] == $name) {\r
- $input_errors[] = "A file with the name '$name' already exists.";\r
- break;\r
- }\r
- }\r
- \r
- // check total file size\r
- if (($total_size + $size) > $g['captiveportal_element_sizelimit']) {\r
- $input_errors[] = "The total size of all files uploaded may not exceed " .\r
- format_bytes($g['captiveportal_element_sizelimit']) . ".";\r
- }\r
- \r
- if (!$input_errors) {\r
- $element = array();\r
- $element['name'] = $name;\r
- $element['size'] = $size;\r
- $element['content'] = base64_encode(file_get_contents($_FILES['new']['tmp_name']));\r
- \r
- $a_element[] = $element;\r
- \r
- write_config();\r
- captiveportal_write_elements();\r
- header("Location: services_captiveportal_filemanager.php");\r
- exit;\r
- }\r
- }\r
-} else {\r
- if (($_GET['act'] == "del") && $a_element[$_GET['id']]) {\r
- unset($a_element[$_GET['id']]);\r
- write_config();\r
- captiveportal_write_elements();\r
- header("Location: services_captiveportal_filemanager.php");\r
- exit;\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="services_captiveportal_filemanager.php" method="post" enctype="multipart/form-data" name="iform" id="iform">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
- 'Pass-through MAC' => 'services_captiveportal_mac.php',\r
- 'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
- 'Users' => 'services_captiveportal_users.php',\r
- 'File Manager' => 'services_captiveportal_filemanager.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr>\r
- <td class="tabcont">\r
- <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td width="70%" class="listhdrr">Name</td>\r
- <td width="20%" class="listhdr">Size</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_element as $element): ?>\r
- <tr>\r
- <td class="listlr"><?=htmlspecialchars($element['name']);?></td>\r
- <td class="listr" align="right"><?=format_bytes($element['size']);?></td>\r
- <td valign="middle" nowrap class="list">\r
- <a href="services_captiveportal_filemanager.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this file?')"><img src="x.gif" title="delete file" width="17" height="17" border="0"></a>\r
- </td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- \r
- <?php if (count($a_element) > 0): ?>\r
- <tr>\r
- <td class="listlr" style="background-color: #eee"><strong>TOTAL</strong></td>\r
- <td class="listr" style="background-color: #eee" align="right"><strong><?=format_bytes($total_size);?></strong></td>\r
- <td valign="middle" nowrap class="list"></td>\r
- </tr>\r
- <?php endif; ?>\r
- \r
- <?php if ($_GET['act'] == 'add'): ?>\r
- <tr>\r
- <td class="listlr" colspan="2"><input type="file" name="new" class="formfld" size="40" id="new"> \r
- <input name="Submit" type="submit" class="formbtn" value="Upload"></td>\r
- <td valign="middle" nowrap class="list">\r
- <a href="services_captiveportal_filemanager.php"><img src="x.gif" title="cancel" width="17" height="17" border="0"></a>\r
- </td>\r
- </tr>\r
- <?php else: ?>\r
- <tr>\r
- <td class="list" colspan="2"></td>\r
- <td class="list"> <a href="services_captiveportal_filemanager.php?act=add"><img src="plus.gif" title="add file" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php endif; ?>\r
- </table>\r
- <span class="vexpl"><span class="red"><strong>\r
- Note:<br>\r
- </strong></span>\r
- Any files that you upload here will be made available in the root directory\r
- of the captive portal HTTP(S) server. You may reference them directly from\r
- your portal page HTML code using relative paths. Example: you've uploaded\r
- an image with the name 'test.jpg' using the file manager. Then you can\r
- include it in your portal page like this:<br><br>\r
- <tt><img src="test.jpg" width=... height=...></tt>\r
- <br><br>\r
- The total size limit for all files is <?=format_bytes($g['captiveportal_element_sizelimit']);?>.</span>\r
-</td>\r
-</tr>\r
-</table>\r
-</form>\r
-<?php include("fend.inc"); ?> \r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2005-2006 Jonathan De Graeve (jonathan.de.graeve@imelda.be)
+ and Paul Taylor (paultaylor@winn-dixie.com).
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Services", "Captive portal", "File Manager");
+
+require_once("guiconfig.inc");
+
+if (!is_array($config['captiveportal']['element']))
+ $config['captiveportal']['element'] = array();
+
+cpelements_sort();
+$a_element = &$config['captiveportal']['element'];
+
+// Calculate total size of all files
+$total_size = 0;
+foreach ($a_element as $element) {
+ $total_size += $element['size'];
+}
+
+if ($_POST) {
+ unset($input_errors);
+
+ if (is_uploaded_file($_FILES['new']['tmp_name'])) {
+
+ $name = $_FILES['new']['name'];
+ $size = filesize($_FILES['new']['tmp_name']);
+
+ // is there already a file with that name?
+ foreach ($a_element as $element) {
+ if ($element['name'] == $name) {
+ $input_errors[] = "A file with the name '$name' already exists.";
+ break;
+ }
+ }
+
+ // check total file size
+ if (($total_size + $size) > $g['captiveportal_element_sizelimit']) {
+ $input_errors[] = "The total size of all files uploaded may not exceed " .
+ format_bytes($g['captiveportal_element_sizelimit']) . ".";
+ }
+
+ if (!$input_errors) {
+ $element = array();
+ $element['name'] = $name;
+ $element['size'] = $size;
+ $element['content'] = base64_encode(file_get_contents($_FILES['new']['tmp_name']));
+
+ $a_element[] = $element;
+
+ write_config();
+ captiveportal_write_elements();
+ header("Location: services_captiveportal_filemanager.php");
+ exit;
+ }
+ }
+} else {
+ if (($_GET['act'] == "del") && $a_element[$_GET['id']]) {
+ unset($a_element[$_GET['id']]);
+ write_config();
+ captiveportal_write_elements();
+ header("Location: services_captiveportal_filemanager.php");
+ exit;
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<form action="services_captiveportal_filemanager.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Captive Portal' => 'services_captiveportal.php',
+ 'Pass-through MAC' => 'services_captiveportal_mac.php',
+ 'Allowed IP addresses' => 'services_captiveportal_ip.php',
+ 'Users' => 'services_captiveportal_users.php',
+ 'File Manager' => 'services_captiveportal_filemanager.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="80%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="70%" class="listhdrr">Name</td>
+ <td width="20%" class="listhdr">Size</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_element as $element): ?>
+ <tr>
+ <td class="listlr"><?=htmlspecialchars($element['name']);?></td>
+ <td class="listr" align="right"><?=format_bytes($element['size']);?></td>
+ <td valign="middle" nowrap class="list">
+ <a href="services_captiveportal_filemanager.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this file?')"><img src="x.gif" title="delete file" width="17" height="17" border="0"></a>
+ </td>
+ </tr>
+ <?php $i++; endforeach; ?>
+
+ <?php if (count($a_element) > 0): ?>
+ <tr>
+ <td class="listlr" style="background-color: #eee"><strong>TOTAL</strong></td>
+ <td class="listr" style="background-color: #eee" align="right"><strong><?=format_bytes($total_size);?></strong></td>
+ <td valign="middle" nowrap class="list"></td>
+ </tr>
+ <?php endif; ?>
+
+ <?php if ($_GET['act'] == 'add'): ?>
+ <tr>
+ <td class="listlr" colspan="2"><input type="file" name="new" class="formfld" size="40" id="new">
+ <input name="Submit" type="submit" class="formbtn" value="Upload"></td>
+ <td valign="middle" nowrap class="list">
+ <a href="services_captiveportal_filemanager.php"><img src="x.gif" title="cancel" width="17" height="17" border="0"></a>
+ </td>
+ </tr>
+ <?php else: ?>
+ <tr>
+ <td class="list" colspan="2"></td>
+ <td class="list"> <a href="services_captiveportal_filemanager.php?act=add"><img src="plus.gif" title="add file" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php endif; ?>
+ </table>
+ <span class="vexpl"><span class="red"><strong>
+ Note:<br>
+ </strong></span>
+ Any files that you upload here will be made available in the root directory
+ of the captive portal HTTP(S) server. You may reference them directly from
+ your portal page HTML code using relative paths. Example: you've uploaded
+ an image with the name 'test.jpg' using the file manager. Then you can
+ include it in your portal page like this:<br><br>
+ <tt><img src="test.jpg" width=... height=...></tt>
+ <br><br>
+ The total size limit for all files is <?=format_bytes($g['captiveportal_element_sizelimit']);?>.</span>
+</td>
+</tr>
+</table>
+</form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Services", "Captive portal", "Allowed IP Addresses");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['captiveportal']['allowedip']))\r
- $config['captiveportal']['allowedip'] = array();\r
-\r
-allowedips_sort();\r
-$a_allowedips = &$config['captiveportal']['allowedip'] ;\r
-\r
-if ($_POST) {\r
-\r
- $pconfig = $_POST;\r
-\r
- if ($_POST['apply']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- $retval = captiveportal_allowedip_configure();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- if ($retval == 0) {\r
- if (file_exists($d_allowedipsdirty_path)) {\r
- config_lock();\r
- unlink($d_allowedipsdirty_path);\r
- config_unlock();\r
- }\r
- }\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_allowedips[$_GET['id']]) {\r
- unset($a_allowedips[$_GET['id']]);\r
- write_config();\r
- touch($d_allowedipsdirty_path);\r
- header("Location: services_captiveportal_ip.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="services_captiveportal_ip.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_allowedipsdirty_path)): ?><p>\r
-<?php print_info_box_np("The captive portal IP address configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
- 'Pass-through MAC' => 'services_captiveportal_mac.php',\r
- 'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
- 'Users' => 'services_captiveportal_users.php',\r
- 'File Manager' => 'services_captiveportal_filemanager.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr>\r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td width="30%" class="listhdrr">IP address</td>\r
- <td width="60%" class="listhdr">Description</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_allowedips as $ip): ?>\r
- <tr>\r
- <td class="listlr">\r
- <?php if($ip['dir'] == "to") \r
- echo "any <img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\">";\r
- ?> \r
- <?=strtolower($ip['ip']);?>\r
- <?php if($ip['dir'] == "from") \r
- echo "<img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any";\r
- ?> \r
- </td>\r
- <td class="listbg">\r
- <?=htmlspecialchars($ip['descr']);?> \r
- </td>\r
- <td valign="middle" nowrap class="list"> <a href="services_captiveportal_ip_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit address" width="17" height="17" border="0"></a>\r
- <a href="services_captiveportal_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this address?')"><img src="x.gif" title="delete address" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="2"> </td>\r
- <td class="list"> <a href="services_captiveportal_ip_edit.php"><img src="plus.gif" title="add address" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" class="list"><p class="vexpl"><span class="red"><strong>\r
- Note:<br>\r
- </strong></span>\r
- Adding allowed IP addresses will allow IP access to/from these addresses through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example. By specifying <em>from</em> addresses, it may be used to always allow pass-through access from a client behind the captive portal.</p>\r
- <table border="0" cellspacing="0" cellpadding="0">\r
- <tr>\r
- <td><span class="vexpl">any <img src="in.gif" width="11" height="11" align="absmiddle"> x.x.x.x </span></td>\r
- <td><span class="vexpl">All connections <strong>to</strong> the IP address are allowed</span></td>\r
- </tr>\r
- <tr>\r
- <td colspan="5" height="4"></td>\r
- </tr>\r
- <tr>\r
- <td>x.x.x.x <span class="vexpl"><img src="in.gif" width="11" height="11" align="absmiddle"></span> any </td>\r
- <td><span class="vexpl">All connections <strong>from</strong> the IP address are allowed </span></td>\r
- </tr>\r
- </table></td>\r
- <td class="list"> </td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
- </table>\r
-</form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Services", "Captive portal", "Allowed IP Addresses");
+require("guiconfig.inc");
+
+if (!is_array($config['captiveportal']['allowedip']))
+ $config['captiveportal']['allowedip'] = array();
+
+allowedips_sort();
+$a_allowedips = &$config['captiveportal']['allowedip'] ;
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ $retval = captiveportal_allowedip_configure();
+ }
+ $savemsg = get_std_save_message($retval);
+ if ($retval == 0) {
+ if (file_exists($d_allowedipsdirty_path)) {
+ config_lock();
+ unlink($d_allowedipsdirty_path);
+ config_unlock();
+ }
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_allowedips[$_GET['id']]) {
+ unset($a_allowedips[$_GET['id']]);
+ write_config();
+ touch($d_allowedipsdirty_path);
+ header("Location: services_captiveportal_ip.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="services_captiveportal_ip.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_allowedipsdirty_path)): ?><p>
+<?php print_info_box_np("The captive portal IP address configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Captive Portal' => 'services_captiveportal.php',
+ 'Pass-through MAC' => 'services_captiveportal_mac.php',
+ 'Allowed IP addresses' => 'services_captiveportal_ip.php',
+ 'Users' => 'services_captiveportal_users.php',
+ 'File Manager' => 'services_captiveportal_filemanager.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="30%" class="listhdrr">IP address</td>
+ <td width="60%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_allowedips as $ip): ?>
+ <tr>
+ <td class="listlr">
+ <?php if($ip['dir'] == "to")
+ echo "any <img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\">";
+ ?>
+ <?=strtolower($ip['ip']);?>
+ <?php if($ip['dir'] == "from")
+ echo "<img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any";
+ ?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($ip['descr']);?>
+ </td>
+ <td valign="middle" nowrap class="list"> <a href="services_captiveportal_ip_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit address" width="17" height="17" border="0"></a>
+ <a href="services_captiveportal_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this address?')"><img src="x.gif" title="delete address" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="2"> </td>
+ <td class="list"> <a href="services_captiveportal_ip_edit.php"><img src="plus.gif" title="add address" width="17" height="17" border="0"></a></td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list"><p class="vexpl"><span class="red"><strong>
+ Note:<br>
+ </strong></span>
+ Adding allowed IP addresses will allow IP access to/from these addresses through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example. By specifying <em>from</em> addresses, it may be used to always allow pass-through access from a client behind the captive portal.</p>
+ <table border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td><span class="vexpl">any <img src="in.gif" width="11" height="11" align="absmiddle"> x.x.x.x </span></td>
+ <td><span class="vexpl">All connections <strong>to</strong> the IP address are allowed</span></td>
+ </tr>
+ <tr>
+ <td colspan="5" height="4"></td>
+ </tr>
+ <tr>
+ <td>x.x.x.x <span class="vexpl"><img src="in.gif" width="11" height="11" align="absmiddle"></span> any </td>
+ <td><span class="vexpl">All connections <strong>from</strong> the IP address are allowed </span></td>
+ </tr>
+ </table></td>
+ <td class="list"> </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("Services", "Captive portal", "Pass-through MAC");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['captiveportal']['passthrumac']))\r
- $config['captiveportal']['passthrumac'] = array();\r
-\r
-passthrumacs_sort();\r
-$a_passthrumacs = &$config['captiveportal']['passthrumac'] ;\r
-\r
-if ($_POST) {\r
-\r
- $pconfig = $_POST;\r
-\r
- if ($_POST['apply']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- $retval = captiveportal_passthrumac_configure();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- if ($retval == 0) {\r
- if (file_exists($d_passthrumacsdirty_path)) {\r
- config_lock();\r
- unlink($d_passthrumacsdirty_path);\r
- config_unlock();\r
- }\r
- }\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_passthrumacs[$_GET['id']]) {\r
- unset($a_passthrumacs[$_GET['id']]);\r
- write_config();\r
- touch($d_passthrumacsdirty_path);\r
- header("Location: services_captiveportal_mac.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="services_captiveportal_mac.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_passthrumacsdirty_path)): ?><p>\r
-<?php print_info_box_np("The captive portal MAC address configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
- 'Pass-through MAC' => 'services_captiveportal_mac.php',\r
- 'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
- 'Users' => 'services_captiveportal_users.php',\r
- 'File Manager' => 'services_captiveportal_filemanager.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr>\r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td width="30%" class="listhdrr">MAC address</td>\r
- <td width="60%" class="listhdr">Description</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_passthrumacs as $mac): ?>\r
- <tr>\r
- <td class="listlr">\r
- <?=strtolower($mac['mac']);?>\r
- </td>\r
- <td class="listbg">\r
- <?=htmlspecialchars($mac['descr']);?> \r
- </td>\r
- <td valign="middle" nowrap class="list"> <a href="services_captiveportal_mac_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit host" width="17" height="17" border="0"></a>\r
- <a href="services_captiveportal_mac.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this host?')"><img src="x.gif" title="delete host" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="2"> </td>\r
- <td class="list"> <a href="services_captiveportal_mac_edit.php"><img src="plus.gif" title="add host" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <tr>\r
- <td colspan="2" class="list"><span class="vexpl"><span class="red"><strong>\r
- Note:<br>\r
- </strong></span>\r
- Adding MAC addresses as pass-through MACs allows them access through the captive portal automatically without being taken to the portal page. The pass-through MACs can change their IP addresses on the fly and upon the next access, the pass-through tables are changed accordingly. Pass-through MACs will however still be disconnected after the captive portal timeout period.</span></td>\r
- <td class="list"> </td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
- </table>\r
-</form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com>
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("Services", "Captive portal", "Pass-through MAC");
+require("guiconfig.inc");
+
+if (!is_array($config['captiveportal']['passthrumac']))
+ $config['captiveportal']['passthrumac'] = array();
+
+passthrumacs_sort();
+$a_passthrumacs = &$config['captiveportal']['passthrumac'] ;
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ $retval = captiveportal_passthrumac_configure();
+ }
+ $savemsg = get_std_save_message($retval);
+ if ($retval == 0) {
+ if (file_exists($d_passthrumacsdirty_path)) {
+ config_lock();
+ unlink($d_passthrumacsdirty_path);
+ config_unlock();
+ }
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_passthrumacs[$_GET['id']]) {
+ unset($a_passthrumacs[$_GET['id']]);
+ write_config();
+ touch($d_passthrumacsdirty_path);
+ header("Location: services_captiveportal_mac.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="services_captiveportal_mac.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_passthrumacsdirty_path)): ?><p>
+<?php print_info_box_np("The captive portal MAC address configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Captive Portal' => 'services_captiveportal.php',
+ 'Pass-through MAC' => 'services_captiveportal_mac.php',
+ 'Allowed IP addresses' => 'services_captiveportal_ip.php',
+ 'Users' => 'services_captiveportal_users.php',
+ 'File Manager' => 'services_captiveportal_filemanager.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="30%" class="listhdrr">MAC address</td>
+ <td width="60%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_passthrumacs as $mac): ?>
+ <tr>
+ <td class="listlr">
+ <?=strtolower($mac['mac']);?>
+ </td>
+ <td class="listbg">
+ <?=htmlspecialchars($mac['descr']);?>
+ </td>
+ <td valign="middle" nowrap class="list"> <a href="services_captiveportal_mac_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit host" width="17" height="17" border="0"></a>
+ <a href="services_captiveportal_mac.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this host?')"><img src="x.gif" title="delete host" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="2"> </td>
+ <td class="list"> <a href="services_captiveportal_mac_edit.php"><img src="plus.gif" title="add host" width="17" height="17" border="0"></a></td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list"><span class="vexpl"><span class="red"><strong>
+ Note:<br>
+ </strong></span>
+ Adding MAC addresses as pass-through MACs allows them access through the captive portal automatically without being taken to the portal page. The pass-through MACs can change their IP addresses on the fly and upon the next access, the pass-through tables are changed accordingly. Pass-through MACs will however still be disconnected after the captive portal timeout period.</span></td>
+ <td class="list"> </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- Copyright (C) 2005 Pascal Suter <d-monodev@psuter.ch>.\r
- All rights reserved. \r
- (files was created by Pascal based on the source code of services_captiveportal.php from Manuel)\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-$pgtitle = array("Services", "Captive portal", "Users");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['captiveportal']['user'])) {\r
- $config['captiveportal']['user'] = array();\r
-}\r
-captiveportal_users_sort();\r
-$a_user = &$config['captiveportal']['user'];\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_user[$_GET['id']]) {\r
- unset($a_user[$_GET['id']]);\r
- write_config();\r
- header("Location: services_captiveportal_users.php");\r
- exit;\r
- }\r
-}\r
-\r
-//erase expired accounts\r
-$changed = false;\r
-for ($i = 0; $i < count($a_user); $i++) {\r
- if ($a_user[$i]['expirationdate'] && (strtotime("-1 day") > strtotime($a_user[$i]['expirationdate']))) {\r
- unset($a_user[$i]);\r
- $changed = true;\r
- }\r
-}\r
-if ($changed) {\r
- write_config();\r
- header("Location: services_captiveportal_users.php");\r
- exit;\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td>\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Captive Portal' => 'services_captiveportal.php',\r
- 'Pass-through MAC' => 'services_captiveportal_mac.php',\r
- 'Allowed IP addresses' => 'services_captiveportal_ip.php',\r
- 'Users' => 'services_captiveportal_users.php',\r
- 'File Manager' => 'services_captiveportal_filemanager.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr>\r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td width="35%" class="listhdrr">Username</td>\r
- <td width="20%" class="listhdrr">Full name</td>\r
- <td width="35%" class="listhdr">Expires</td>\r
- <td width="10%" class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach($a_user as $userent): ?>\r
- <tr>\r
- <td class="listlr">\r
- <?=htmlspecialchars($userent['name']); ?> \r
- </td>\r
- <td class="listr">\r
- <?=htmlspecialchars($userent['fullname']);?> \r
- </td>\r
- <td class="listbg">\r
- <?=$userent['expirationdate']; ?> \r
- </td>\r
- <td valign="middle" nowrap class="list"> <a href="services_captiveportal_users_edit.php?id=<?=$i; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>\r
- <a href="services_captiveportal_users.php?act=del&id=<?=$i; ?>" onclick="return confirm('Do you really want to delete this user?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="3"></td>\r
- <td class="list"> <a href="services_captiveportal_users_edit.php"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table> \r
-</td>\r
-</tr>\r
-</table>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+ Copyright (C) 2005 Pascal Suter <d-monodev@psuter.ch>.
+ All rights reserved.
+ (files was created by Pascal based on the source code of services_captiveportal.php from Manuel)
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+$pgtitle = array("Services", "Captive portal", "Users");
+require("guiconfig.inc");
+
+if (!is_array($config['captiveportal']['user'])) {
+ $config['captiveportal']['user'] = array();
+}
+captiveportal_users_sort();
+$a_user = &$config['captiveportal']['user'];
+
+if ($_GET['act'] == "del") {
+ if ($a_user[$_GET['id']]) {
+ unset($a_user[$_GET['id']]);
+ write_config();
+ header("Location: services_captiveportal_users.php");
+ exit;
+ }
+}
+
+//erase expired accounts
+$changed = false;
+for ($i = 0; $i < count($a_user); $i++) {
+ if ($a_user[$i]['expirationdate'] && (strtotime("-1 day") > strtotime($a_user[$i]['expirationdate']))) {
+ unset($a_user[$i]);
+ $changed = true;
+ }
+}
+if ($changed) {
+ write_config();
+ header("Location: services_captiveportal_users.php");
+ exit;
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td>
+ <ul id="tabnav">
+<?php
+ $tabs = array('Captive Portal' => 'services_captiveportal.php',
+ 'Pass-through MAC' => 'services_captiveportal_mac.php',
+ 'Allowed IP addresses' => 'services_captiveportal_ip.php',
+ 'Users' => 'services_captiveportal_users.php',
+ 'File Manager' => 'services_captiveportal_filemanager.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="35%" class="listhdrr">Username</td>
+ <td width="20%" class="listhdrr">Full name</td>
+ <td width="35%" class="listhdr">Expires</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php $i = 0; foreach($a_user as $userent): ?>
+ <tr>
+ <td class="listlr">
+ <?=htmlspecialchars($userent['name']); ?>
+ </td>
+ <td class="listr">
+ <?=htmlspecialchars($userent['fullname']);?>
+ </td>
+ <td class="listbg">
+ <?=$userent['expirationdate']; ?>
+ </td>
+ <td valign="middle" nowrap class="list"> <a href="services_captiveportal_users_edit.php?id=<?=$i; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>
+ <a href="services_captiveportal_users.php?act=del&id=<?=$i; ?>" onclick="return confirm('Do you really want to delete this user?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="3"></td>
+ <td class="list"> <a href="services_captiveportal_users_edit.php"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
+</td>
+</tr>
+</table>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id: system_groupmanager.php \r
- part of m0n0wall (http://m0n0.ch/wall)\r
-\r
- Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.\r
- All rights reserved. \r
-\r
- Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-require("guiconfig.inc");\r
-\r
-$pgtitle = array("System", "Group manager");\r
-\r
-// Returns an array of pages with their descriptions\r
-function getAdminPageList() {\r
- global $g;\r
- \r
- $tmp = Array();\r
-\r
- if ($dir = opendir($g['www_path'])) {\r
- while($file = readdir($dir)) {\r
- // Make sure the file exists\r
- if($file != "." && $file != ".." && $file[0] != '.') {\r
- // Is this a .php file?\r
- if (fnmatch('*.php',$file)) {\r
- // Read the description out of the file\r
- $contents = file_get_contents($file);\r
- // Looking for a line like:\r
- // $pgtitle = array("System", "Group manager");\r
- $offset = strpos($contents,'$pgtitle');\r
- $titlepos = strpos($contents,'(',$offset);\r
- $titleendpos = strpos($contents,')',$titlepos);\r
- if (($offset > 0) && ($titlepos > 0) && ($titleendpos > 0)) {\r
- // Title found, extract it\r
- $title = str_replace(',',':',str_replace(array('"'),'',substr($contents,++$titlepos,($titleendpos - $titlepos))));\r
- $tmp[$file] = trim($title);\r
- }\r
- else {\r
- $tmp[$file] = '';\r
- }\r
- \r
- }\r
- }\r
- }\r
-\r
- closedir($dir);\r
- \r
- // Sets Interfaces:Optional page that didn't read in properly with the above method,\r
- // and pages that don't have descriptions.\r
- $tmp['interfaces_opt.php'] = "Interfaces: Optional";\r
- $tmp['graph.php'] = "Diagnostics: Interface Traffic";\r
- $tmp['graph_cpu.php'] = "Diagnostics: CPU Utilization";\r
- $tmp['exec.php'] = "Hidden: Exec";\r
- $tmp['exec_raw.php'] = "Hidden: Exec Raw";\r
- $tmp['status.php'] = "Hidden: Detailed Status";\r
- $tmp['uploadconfig.php'] = "Hidden: Upload Configuration";\r
- $tmp['index.php'] = "*Landing Page after Login";\r
- $tmp['system_usermanager.php'] = "*User Password";\r
- $tmp['diag_logs_settings.php'] = "Diagnostics: Logs: Settings";\r
- $tmp['diag_logs_vpn.php'] = "Diagnostics: Logs: PPTP VPN";\r
- $tmp['diag_logs_filter.php'] = "Diagnostics: Logs: Firewall";\r
- $tmp['diag_logs_portal.php'] = "Diagnostics: Logs: Captive Portal";\r
- $tmp['diag_logs_dhcp.php'] = "Diagnostics: Logs: DHCP";\r
- $tmp['diag_logs.php'] = "Diagnostics: Logs: System";\r
- \r
-\r
- asort($tmp);\r
- return $tmp;\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-\r
-<?php \r
-// Get a list of all admin pages & Descriptions\r
-$pages = getAdminPageList();\r
-\r
-if ($_GET['act']=="new" || $_GET['act']=="edit") {\r
- if (isset($_GET['groupname'])) {\r
- $group=$config['system']['groups'][$_GET['groupname']];\r
- }\r
-} \r
-\r
-if (($_GET['act']=='delete') && (isset($_GET['groupname']))) {\r
-\r
- // See if there are any users who are members of this group. \r
- $ok_to_delete = true;\r
- if (is_array($config['system']['users'])) {\r
- foreach ($config['system']['users'] as $key => $user) {\r
- if ($user['group'] == $_GET['groupname']) {\r
- $ok_to_delete = false;\r
- $input_errors[] = "users still exist who are members of this group!";\r
- break;\r
- }\r
- }\r
- }\r
- \r
- if ($ok_to_delete) {\r
- unset($config['system']['groups'][$_GET['groupname']]);\r
- write_config();\r
- $retval = system_password_configure();\r
- $savemsg = get_std_save_message($retval);\r
- $savemsg="Group ".$_GET['groupname']." successfully deleted<br>"; \r
- }\r
-}\r
-\r
-if(isset($_POST['save'])) {\r
- //value-checking\r
- if($_POST['groupname']==""){\r
- $input_errors[] = "group name must not be empty!";\r
- }\r
- if($_POST['old_groupname'] != $_POST['groupname']) {\r
- // Either a new group, or one with a group name change\r
- if (isset($config['system']['groups'][$_POST['groupname']])) {\r
- $input_errors[] = "group name can not match an existing group!";\r
- }\r
- }\r
- \r
- //check groupname: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: groupname can\r
- //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a groupname, config.xml\r
- //could not be parsed anymore!\r
- if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['groupname'])){\r
- $input_errors[] = "groupname contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed";\r
- }\r
- if(!empty($input_errors)){\r
- //there are illegal inputs --> print out error message and show formula again \r
- //and fill in all recently entered values except passwords\r
- $_GET['act']="new";\r
- $_POST['old_groupname']=($_POST['old_groupname'] ? $_POST['old_groupname'] : $_POST['groupname']);\r
- $_GET['groupname']=$_POST['old_groupname'];\r
-\r
- $group['description']=$_POST['description'];\r
-\r
- foreach ($pages as $fname => $title) {\r
- $id = str_replace('.php','',$fname);\r
- if ($_POST[$id] == 'yes') {\r
- $group['pages'][] = $fname;\r
- } \r
- }\r
- \r
- } else {\r
- //all values are okay --> saving changes\r
- $_POST['groupname']=trim($_POST['groupname']);\r
- if($_POST['old_groupname']!="" && $_POST['old_groupname']!=$_POST['groupname']){\r
- //change the groupname (which is used as array-index)\r
- $config['system']['groups'][$_POST['groupname']]=$config['system']['groups'][$_POST['old_groupname']];\r
- unset($config['system']['groups'][$_POST['old_groupname']]);\r
-\r
- // Group name was changed. Update all users that are members of this group to point to the new groupname.\r
- foreach ($config['system']['users'] as $key => $user) {\r
- if ($user['group'] == $_POST['old_groupname']) \r
- $config['system']['users'][$key]['group'] = $_POST['groupname']; \r
- }\r
- }\r
- $config['system']['groups'][$_POST['groupname']]['description']=trim($_POST['description']);\r
- // Clear pages info and read pages from POST\r
- if (isset($config['system']['groups'][$_POST['groupname']]['pages']))\r
- unset($config['system']['groups'][$_POST['groupname']]['pages']);\r
- foreach ($pages as $fname => $title) {\r
- $id = str_replace('.php','',$fname);\r
- if ($_POST[$id] == 'yes') {\r
- $config['system']['groups'][$_POST['groupname']]['pages'][] = $fname;\r
- }\r
- }\r
- write_config();\r
- $retval = system_password_configure();\r
- $savemsg = get_std_save_message($retval);\r
- $savemsg="Group ".$_POST['groupname']." successfully saved<br>";\r
- }\r
-}\r
-\r
-?>\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
- <?php \r
- $tabs = array('Users' => 'system_usermanager.php',\r
- 'Groups' => 'system_groupmanager.php');\r
- dynamic_tab_menu($tabs);\r
- ?> \r
- </ul>\r
- </td></tr> \r
-<tr>\r
- <td class="tabcont">\r
-<?php\r
-if($_GET['act']=="new" || $_GET['act']=="edit"){\r
- if($_GET['act']=="edit" && isset($_GET['groupname'])){\r
- $group=$config['system']['groups'][$_GET['groupname']];\r
- }\r
-?>\r
-<form action="system_groupmanager.php" method="post" name="iform" id="iform">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Group name</td>\r
- <td width="78%" class="vtable"> \r
- <input name="groupname" type="text" class="formfld" id="groupname" size="20" value="<?=$_GET['groupname'];?>"> \r
- </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Description</td>\r
- <td width="78%" class="vtable"> \r
- <input name="description" type="text" class="formfld" id="description" size="20" value="<?=htmlspecialchars($group['description']);?>">\r
- <br>\r
- Group description, for your own information only</td>\r
- </tr>\r
- <tr>\r
- <td colspan="4"><br> Select that pages that this group may access. Members of this group will be able to perform all actions that<br> are possible from each individual web page. Ensure you set access levels appropriately.<br><br>\r
- <span class="vexpl"><span class="red"><strong> Note: </strong></span>Pages \r
- marked with an * are strongly recommended for every group.</span>\r
- </td>\r
- </tr>\r
- <tr>\r
- <td colspan="2">\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td class="listhdrr"> </td>\r
- <td class="listhdrr">Page Description</td>\r
- <td class="listhdr">Filename</td>\r
- </tr>\r
- <?php \r
- foreach ($pages as $fname => $title) {\r
- $id = str_replace('.php','',$fname);\r
- ?>\r
- <tr><td class="listlr">\r
- <input name="<?=$id?>" type="checkbox" id="<?=$id?>" value="yes" <?php if (in_array($fname,$group['pages'])) echo "checked"; ?>></td>\r
- <td class="listr"><?=$title?></td>\r
- <td class="listr"><?=$fname?></td>\r
- </tr>\r
- <?\r
- } ?>\r
- </table>\r
- </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="save" type="submit" class="formbtn" value="Save"> \r
- <input name="old_groupname" type="hidden" value="<?=$_GET['groupname'];?>">\r
- </td>\r
- </tr>\r
- </table>\r
- </form>\r
-<?php\r
-} else {\r
-?>\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td width="35%" class="listhdrr">Group name</td>\r
- <td width="20%" class="listhdrr">Description</td>\r
- <td width="20%" class="listhdrr">Pages Accessible</td> \r
- <td width="10%" class="list"></td>\r
- </tr>\r
-<?php\r
- if(is_array($config['system']['groups'])){\r
- foreach($config['system']['groups'] as $groupname => $group){\r
-?>\r
- <tr>\r
- <td class="listlr">\r
- <?=$groupname; ?> \r
- </td>\r
- <td class="listr">\r
- <?=htmlspecialchars($group['description']);?> \r
- </td>\r
- <td class="listr">\r
- <?=count($group['pages']);?>\r
- </td>\r
- <td valign="middle" nowrap class="list"> <a href="system_groupmanager.php?act=edit&groupname=<?=$groupname; ?>"><img src="e.gif" title="edit group" width="17" height="17" border="0"></a>\r
- <a href="system_groupmanager.php?act=delete&groupname=<?=$groupname; ?>" onclick="return confirm('Do you really want to delete this Group?')"><img src="x.gif" title="delete group" width="17" height="17" border="0"></a></td>\r
- </tr>\r
-<?php\r
- }\r
- } ?>\r
- <tr> \r
- <td class="list" colspan="3"></td>\r
- <td class="list"> <a href="system_groupmanager.php?act=new"><img src="plus.gif" title="add group" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <tr>\r
- <td colspan="3">\r
- Additional webGui admin groups can be added here. Each group can be restricted to specific portions of the webGUI. Individually select the desired web pages each group may access. For example, a troubleshooting group could be created which has access only to selected Status and Diagnostics pages.\r
- </td>\r
- </tr>\r
- </table>\r
-<?php } ?>\r
- \r
- </td>\r
- </tr>\r
- </table>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id: system_groupmanager.php
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
+ All rights reserved.
+
+ Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+$pgtitle = array("System", "Group manager");
+
+// Returns an array of pages with their descriptions
+function getAdminPageList() {
+ global $g;
+
+ $tmp = Array();
+
+ if ($dir = opendir($g['www_path'])) {
+ while($file = readdir($dir)) {
+ // Make sure the file exists
+ if($file != "." && $file != ".." && $file[0] != '.') {
+ // Is this a .php file?
+ if (fnmatch('*.php',$file)) {
+ // Read the description out of the file
+ $contents = file_get_contents($file);
+ // Looking for a line like:
+ // $pgtitle = array("System", "Group manager");
+ $offset = strpos($contents,'$pgtitle');
+ $titlepos = strpos($contents,'(',$offset);
+ $titleendpos = strpos($contents,')',$titlepos);
+ if (($offset > 0) && ($titlepos > 0) && ($titleendpos > 0)) {
+ // Title found, extract it
+ $title = str_replace(',',':',str_replace(array('"'),'',substr($contents,++$titlepos,($titleendpos - $titlepos))));
+ $tmp[$file] = trim($title);
+ }
+ else {
+ $tmp[$file] = '';
+ }
+
+ }
+ }
+ }
+
+ closedir($dir);
+
+ // Sets Interfaces:Optional page that didn't read in properly with the above method,
+ // and pages that don't have descriptions.
+ $tmp['interfaces_opt.php'] = "Interfaces: Optional";
+ $tmp['graph.php'] = "Diagnostics: Interface Traffic";
+ $tmp['graph_cpu.php'] = "Diagnostics: CPU Utilization";
+ $tmp['exec.php'] = "Hidden: Exec";
+ $tmp['exec_raw.php'] = "Hidden: Exec Raw";
+ $tmp['status.php'] = "Hidden: Detailed Status";
+ $tmp['uploadconfig.php'] = "Hidden: Upload Configuration";
+ $tmp['index.php'] = "*Landing Page after Login";
+ $tmp['system_usermanager.php'] = "*User Password";
+ $tmp['diag_logs_settings.php'] = "Diagnostics: Logs: Settings";
+ $tmp['diag_logs_vpn.php'] = "Diagnostics: Logs: PPTP VPN";
+ $tmp['diag_logs_filter.php'] = "Diagnostics: Logs: Firewall";
+ $tmp['diag_logs_portal.php'] = "Diagnostics: Logs: Captive Portal";
+ $tmp['diag_logs_dhcp.php'] = "Diagnostics: Logs: DHCP";
+ $tmp['diag_logs.php'] = "Diagnostics: Logs: System";
+
+
+ asort($tmp);
+ return $tmp;
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+
+<?php
+// Get a list of all admin pages & Descriptions
+$pages = getAdminPageList();
+
+if ($_GET['act']=="new" || $_GET['act']=="edit") {
+ if (isset($_GET['groupname'])) {
+ $group=$config['system']['groups'][$_GET['groupname']];
+ }
+}
+
+if (($_GET['act']=='delete') && (isset($_GET['groupname']))) {
+
+ // See if there are any users who are members of this group.
+ $ok_to_delete = true;
+ if (is_array($config['system']['users'])) {
+ foreach ($config['system']['users'] as $key => $user) {
+ if ($user['group'] == $_GET['groupname']) {
+ $ok_to_delete = false;
+ $input_errors[] = "users still exist who are members of this group!";
+ break;
+ }
+ }
+ }
+
+ if ($ok_to_delete) {
+ unset($config['system']['groups'][$_GET['groupname']]);
+ write_config();
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg="Group ".$_GET['groupname']." successfully deleted<br>";
+ }
+}
+
+if(isset($_POST['save'])) {
+ //value-checking
+ if($_POST['groupname']==""){
+ $input_errors[] = "group name must not be empty!";
+ }
+ if($_POST['old_groupname'] != $_POST['groupname']) {
+ // Either a new group, or one with a group name change
+ if (isset($config['system']['groups'][$_POST['groupname']])) {
+ $input_errors[] = "group name can not match an existing group!";
+ }
+ }
+
+ //check groupname: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: groupname can
+ //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a groupname, config.xml
+ //could not be parsed anymore!
+ if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['groupname'])){
+ $input_errors[] = "groupname contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed";
+ }
+ if(!empty($input_errors)){
+ //there are illegal inputs --> print out error message and show formula again
+ //and fill in all recently entered values except passwords
+ $_GET['act']="new";
+ $_POST['old_groupname']=($_POST['old_groupname'] ? $_POST['old_groupname'] : $_POST['groupname']);
+ $_GET['groupname']=$_POST['old_groupname'];
+
+ $group['description']=$_POST['description'];
+
+ foreach ($pages as $fname => $title) {
+ $id = str_replace('.php','',$fname);
+ if ($_POST[$id] == 'yes') {
+ $group['pages'][] = $fname;
+ }
+ }
+
+ } else {
+ //all values are okay --> saving changes
+ $_POST['groupname']=trim($_POST['groupname']);
+ if($_POST['old_groupname']!="" && $_POST['old_groupname']!=$_POST['groupname']){
+ //change the groupname (which is used as array-index)
+ $config['system']['groups'][$_POST['groupname']]=$config['system']['groups'][$_POST['old_groupname']];
+ unset($config['system']['groups'][$_POST['old_groupname']]);
+
+ // Group name was changed. Update all users that are members of this group to point to the new groupname.
+ foreach ($config['system']['users'] as $key => $user) {
+ if ($user['group'] == $_POST['old_groupname'])
+ $config['system']['users'][$key]['group'] = $_POST['groupname'];
+ }
+ }
+ $config['system']['groups'][$_POST['groupname']]['description']=trim($_POST['description']);
+ // Clear pages info and read pages from POST
+ if (isset($config['system']['groups'][$_POST['groupname']]['pages']))
+ unset($config['system']['groups'][$_POST['groupname']]['pages']);
+ foreach ($pages as $fname => $title) {
+ $id = str_replace('.php','',$fname);
+ if ($_POST[$id] == 'yes') {
+ $config['system']['groups'][$_POST['groupname']]['pages'][] = $fname;
+ }
+ }
+ write_config();
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg="Group ".$_POST['groupname']." successfully saved<br>";
+ }
+}
+
+?>
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+ <?php
+ $tabs = array('Users' => 'system_usermanager.php',
+ 'Groups' => 'system_groupmanager.php');
+ dynamic_tab_menu($tabs);
+ ?>
+ </ul>
+ </td></tr>
+<tr>
+ <td class="tabcont">
+<?php
+if($_GET['act']=="new" || $_GET['act']=="edit"){
+ if($_GET['act']=="edit" && isset($_GET['groupname'])){
+ $group=$config['system']['groups'][$_GET['groupname']];
+ }
+?>
+<form action="system_groupmanager.php" method="post" name="iform" id="iform">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Group name</td>
+ <td width="78%" class="vtable">
+ <input name="groupname" type="text" class="formfld" id="groupname" size="20" value="<?=$_GET['groupname'];?>">
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Description</td>
+ <td width="78%" class="vtable">
+ <input name="description" type="text" class="formfld" id="description" size="20" value="<?=htmlspecialchars($group['description']);?>">
+ <br>
+ Group description, for your own information only</td>
+ </tr>
+ <tr>
+ <td colspan="4"><br> Select that pages that this group may access. Members of this group will be able to perform all actions that<br> are possible from each individual web page. Ensure you set access levels appropriately.<br><br>
+ <span class="vexpl"><span class="red"><strong> Note: </strong></span>Pages
+ marked with an * are strongly recommended for every group.</span>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td class="listhdrr"> </td>
+ <td class="listhdrr">Page Description</td>
+ <td class="listhdr">Filename</td>
+ </tr>
+ <?php
+ foreach ($pages as $fname => $title) {
+ $id = str_replace('.php','',$fname);
+ ?>
+ <tr><td class="listlr">
+ <input name="<?=$id?>" type="checkbox" id="<?=$id?>" value="yes" <?php if (in_array($fname,$group['pages'])) echo "checked"; ?>></td>
+ <td class="listr"><?=$title?></td>
+ <td class="listr"><?=$fname?></td>
+ </tr>
+ <?
+ } ?>
+ </table>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="save" type="submit" class="formbtn" value="Save">
+ <input name="old_groupname" type="hidden" value="<?=$_GET['groupname'];?>">
+ </td>
+ </tr>
+ </table>
+ </form>
+<?php
+} else {
+?>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="35%" class="listhdrr">Group name</td>
+ <td width="20%" class="listhdrr">Description</td>
+ <td width="20%" class="listhdrr">Pages Accessible</td>
+ <td width="10%" class="list"></td>
+ </tr>
+<?php
+ if(is_array($config['system']['groups'])){
+ foreach($config['system']['groups'] as $groupname => $group){
+?>
+ <tr>
+ <td class="listlr">
+ <?=$groupname; ?>
+ </td>
+ <td class="listr">
+ <?=htmlspecialchars($group['description']);?>
+ </td>
+ <td class="listr">
+ <?=count($group['pages']);?>
+ </td>
+ <td valign="middle" nowrap class="list"> <a href="system_groupmanager.php?act=edit&groupname=<?=$groupname; ?>"><img src="e.gif" title="edit group" width="17" height="17" border="0"></a>
+ <a href="system_groupmanager.php?act=delete&groupname=<?=$groupname; ?>" onclick="return confirm('Do you really want to delete this Group?')"><img src="x.gif" title="delete group" width="17" height="17" border="0"></a></td>
+ </tr>
+<?php
+ }
+ } ?>
+ <tr>
+ <td class="list" colspan="3"></td>
+ <td class="list"> <a href="system_groupmanager.php?act=new"><img src="plus.gif" title="add group" width="17" height="17" border="0"></a></td>
+ </tr>
+ <tr>
+ <td colspan="3">
+ Additional webGui admin groups can be added here. Each group can be restricted to specific portions of the webGUI. Individually select the desired web pages each group may access. For example, a troubleshooting group could be created which has access only to selected Status and Diagnostics pages.
+ </td>
+ </tr>
+ </table>
+<?php } ?>
+
+ </td>
+ </tr>
+ </table>
<?php include("fend.inc"); ?>
\ No newline at end of file
-#!/usr/local/bin/php\r
-<?php \r
-/*\r
- $Id: system_usermanager.php\r
- part of m0n0wall (http://m0n0.ch/wall)\r
-\r
- Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.\r
- All rights reserved. \r
-\r
- Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-require("guiconfig.inc");\r
-\r
-// The page title for non-admins\r
-$pgtitle = array("System", "User password");\r
-if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {\r
- $pgtitle = array("System", "User manager");\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<?php \r
-if ($_SERVER['REMOTE_USER'] === $config['system']['username']) { \r
- \r
- if ($_GET['act']=="new" || $_GET['act']=="edit") {\r
- if (isset($_GET['username'])) {\r
- $user=$config['system']['users'][$_GET['username']];\r
- }\r
- } \r
- \r
- if (($_GET['act']=='delete') && (isset($_GET['username']))) {\r
- unset($config['system']['users'][$_GET['username']]);\r
- write_config();\r
- $retval = system_password_configure();\r
- $savemsg = get_std_save_message($retval);\r
- $savemsg="User ".$_GET['username']." successfully deleted<br>"; \r
- }\r
- \r
- if(isset($_POST['save'])) {\r
- //value-checking\r
- if(trim($_POST['password1'])!="********" && \r
- trim($_POST['password1'])!="" && \r
- trim($_POST['password1'])!=trim($_POST['password2'])){\r
- //passwords are to be changed but don't match\r
- $input_errors[]="passwords don't match";\r
- }\r
- if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") && \r
- (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){\r
- //assume password should be left as is if a password is set already.\r
- if(!empty($config['system']['users'][$_POST['old_username']]['password'])){\r
- $_POST['password1']="********";\r
- $_POST['password2']="********";\r
- } else {\r
- $input_errors[]="password must not be empty";\r
- }\r
- } else {\r
- if(trim($_POST['password1'])!=trim($_POST['password2'])){\r
- //passwords are to be changed or set but don't match\r
- $input_errors[]="passwords don't match";\r
- } else {\r
- //check password for invalid characters\r
- if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){\r
- $input_errors[] = "password contains illegal characters, only letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed";\r
- //test pw: AZaz_-.@~()&*+§?!$£°%;:\r
- }\r
- }\r
- }\r
- if($_POST['username']==""){\r
- $input_errors[] = "username must not be empty!";\r
- }\r
- if($_POST['username']==$config['system']['username']) {\r
- $input_errors[] = "username can not match the administrator username!";\r
- }\r
- if($_POST['old_username'] != $_POST['username']) {\r
- // Either a new user, or one with a username change\r
- if (isset($config['system']['users'][$_POST['username']])) {\r
- $input_errors[] = "username can not match an existing user!";\r
- }\r
- }\r
- if(!isset($config['system']['groups'][$_POST['group']])) {\r
- $input_errors[] = "group does not exist, please define the group before assigning users.";\r
- }\r
- \r
- //check username: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: username can\r
- //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a username, config.xml\r
- //could not be parsed anymore!\r
- if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['username'])){\r
- $input_errors[] = "username contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed";\r
- }\r
- if(!empty($input_errors)){\r
- //there are illegal inputs --> print out error message and show formula again \r
- //and fill in all recently entered values except passwords\r
- $_GET['act']="new";\r
- $_POST['old_username']=($_POST['old_username'] ? $_POST['old_username'] : $_POST['username']);\r
- $_GET['username']=$_POST['old_username'];\r
-\r
- $user['fullname']=$_POST['fullname'];\r
-\r
- } else {\r
- //all values are okay --> saving changes\r
- $_POST['username']=trim($_POST['username']);\r
- if($_POST['old_username']!="" && $_POST['old_username']!=$_POST['username']){\r
- //change the username (which is used as array-index)\r
- $config['system']['users'][$_POST['username']]=$config['system']['users'][$_POST['old_username']];\r
- unset($config['system']['users'][$_POST['old_username']]);\r
- }\r
- $config['system']['users'][$_POST['username']]['fullname']=trim($_POST['fullname']);\r
- if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){\r
- $config['system']['users'][$_POST['username']]['password']=crypt(trim($_POST['password1']));\r
- }\r
- $config['system']['users'][$_POST['username']]['group']=trim($_POST['group']);\r
- // Remove config information from old way of handling sub-admin users.\r
- if (isset($config['system']['users'][$_POST['username']]['pages'])) \r
- unset($config['system']['users'][$_POST['username']]['pages']);\r
- write_config();\r
- $retval = system_password_configure();\r
- $savemsg = get_std_save_message($retval);\r
- $savemsg="User ".$_POST['username']." successfully saved<br>";\r
- }\r
- }\r
-\r
-?>\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
- <?php \r
- $tabs = array('Users' => 'system_usermanager.php',\r
- 'Groups' => 'system_groupmanager.php');\r
- dynamic_tab_menu($tabs);\r
- ?> \r
- </ul>\r
- </td></tr> \r
-<tr>\r
- <td class="tabcont">\r
-<?php\r
-if($_GET['act']=="new" || $_GET['act']=="edit"){\r
- if($_GET['act']=="edit" && isset($_GET['username'])){\r
- $user=$config['system']['users'][$_GET['username']];\r
- }\r
-?>\r
- <form action="system_usermanager.php" method="post" name="iform" id="iform">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Username</td>\r
- <td width="78%" class="vtable"> \r
- <input name="username" type="text" class="formfld" id="username" size="20" value="<?=$_GET['username'];?>"> \r
- </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Password</td>\r
- <td width="78%" class="vtable"> \r
- <input name="password1" type="password" class="formfld" id="password1" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>"> <br>\r
- <input name="password2" type="password" class="formfld" id="password2" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>">\r
- (confirmation) </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Full name</td>\r
- <td width="78%" class="vtable"> \r
- <input name="fullname" type="text" class="formfld" id="fullname" size="20" value="<?=htmlspecialchars($user['fullname']);?>">\r
- <br>\r
- User's full name, for your own information only</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Group Name</td>\r
- <td width="78%" class="vtable">\r
- <select name="group" class="formfld" id="group">\r
- <?php foreach ($config['system']['groups'] as $gname => $group): ?>\r
- \r
- <option value="<?=$gname;?>" <?php if ($gname == $user['group']) echo "selected"; ?>>\r
- <?=htmlspecialchars($gname);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> \r
- <br>\r
- The admin group to which this user is assigned.</td>\r
- </tr> \r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="save" type="submit" class="formbtn" value="Save"> \r
- <input name="old_username" type="hidden" value="<?=$_GET['username'];?>">\r
- </td>\r
- </tr>\r
- </table>\r
- </form>\r
-<?php\r
-} else {\r
-?>\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td width="35%" class="listhdrr">Username</td>\r
- <td width="20%" class="listhdrr">Full name</td>\r
- <td width="20%" class="listhdrr">Group</td> \r
- <td width="10%" class="list"></td>\r
- </tr>\r
-<?php\r
- if(is_array($config['system']['users'])){\r
- foreach($config['system']['users'] as $username => $user){\r
-?>\r
- <tr>\r
- <td class="listlr">\r
- <?=$username; ?> \r
- </td>\r
- <td class="listr">\r
- <?=htmlspecialchars($user['fullname']);?> \r
- </td>\r
- <td class="listr">\r
- <?=$user['group'];?>\r
- </td>\r
- <td valign="middle" nowrap class="list"> <a href="system_usermanager.php?act=edit&username=<?=$username; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>\r
- <a href="system_usermanager.php?act=delete&username=<?=$username; ?>" onclick="return confirm('Do you really want to delete this User?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>\r
- </tr>\r
-<?php\r
- }\r
- } ?>\r
- <tr> \r
- <td class="list" colspan="3"></td>\r
- <td class="list"> <a href="system_usermanager.php?act=new"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <tr>\r
- <td colspan="3">\r
- Additional webGui users can be added here. User permissions are determined by the admin group they are a member of.\r
- </td>\r
- </tr>\r
- </table>\r
-<?php } ?>\r
- \r
- </td>\r
- </tr>\r
- </table>\r
-<?php \r
-} else { // end of admin user code, start of normal user code\r
- if(isset($_POST['save'])) {\r
- //value-checking\r
- if(trim($_POST['password1'])!="********" && \r
- trim($_POST['password1'])!="" && \r
- trim($_POST['password1'])!=trim($_POST['password2'])){\r
- //passwords are to be changed but don't match\r
- $input_errors[]="passwords don't match";\r
- }\r
- if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") && \r
- (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){\r
- //assume password should be left as is if a password is set already.\r
- if(!empty($config['system']['users'][$_POST['old_username']]['password'])){\r
- $_POST['password1']="********";\r
- $_POST['password2']="********";\r
- } else {\r
- $input_errors[]="password must not be empty";\r
- }\r
- } else {\r
- if(trim($_POST['password1'])!=trim($_POST['password2'])){\r
- //passwords are to be changed or set but don't match\r
- $input_errors[]="passwords don't match";\r
- } else {\r
- //check password for invalid characters\r
- if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){\r
- $input_errors[] = "password contains illegal characters, only letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed";\r
- //test pw: AZaz_-.@~()&*+§?!$£°%;:\r
- }\r
- }\r
- }\r
- if (!$input_errors) {\r
- //all values are okay --> saving changes\r
- if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){\r
- $config['system']['users'][$_SERVER['REMOTE_USER']]['password']=crypt(trim($_POST['password1']));\r
- }\r
- write_config();\r
- $retval = system_password_configure();\r
- $savemsg = get_std_save_message($retval);\r
- $savemsg = "Password successfully changed<br>";\r
- } \r
- }\r
-\r
- \r
-?>\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
- <form action="system_usermanager.php" method="post" name="iform" id="iform">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td colspan="2" valign="top" class="listtopic"><?=$_SERVER['REMOTE_USER']?>'s Password</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Password</td>\r
- <td width="78%" class="vtable"> <input name="password1" type="password" class="formfld" id="password1" size="20"> \r
- <br> <input name="password2" type="password" class="formfld" id="password2" size="20"> \r
- (confirmation) <br> <span class="vexpl">Select a new password</span></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="save" type="submit" class="formbtn" value="Save"> \r
- </td>\r
- </tr> \r
- </table>\r
- </form> \r
-\r
-<?php \r
-} // end of normal user code ?>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id: system_usermanager.php
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
+ All rights reserved.
+
+ Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+// The page title for non-admins
+$pgtitle = array("System", "User password");
+if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {
+ $pgtitle = array("System", "User manager");
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<?php
+if ($_SERVER['REMOTE_USER'] === $config['system']['username']) {
+
+ if ($_GET['act']=="new" || $_GET['act']=="edit") {
+ if (isset($_GET['username'])) {
+ $user=$config['system']['users'][$_GET['username']];
+ }
+ }
+
+ if (($_GET['act']=='delete') && (isset($_GET['username']))) {
+ unset($config['system']['users'][$_GET['username']]);
+ write_config();
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg="User ".$_GET['username']." successfully deleted<br>";
+ }
+
+ if(isset($_POST['save'])) {
+ //value-checking
+ if(trim($_POST['password1'])!="********" &&
+ trim($_POST['password1'])!="" &&
+ trim($_POST['password1'])!=trim($_POST['password2'])){
+ //passwords are to be changed but don't match
+ $input_errors[]="passwords don't match";
+ }
+ if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") &&
+ (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){
+ //assume password should be left as is if a password is set already.
+ if(!empty($config['system']['users'][$_POST['old_username']]['password'])){
+ $_POST['password1']="********";
+ $_POST['password2']="********";
+ } else {
+ $input_errors[]="password must not be empty";
+ }
+ } else {
+ if(trim($_POST['password1'])!=trim($_POST['password2'])){
+ //passwords are to be changed or set but don't match
+ $input_errors[]="passwords don't match";
+ } else {
+ //check password for invalid characters
+ if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){
+ $input_errors[] = "password contains illegal characters, only letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed";
+ //test pw: AZaz_-.@~()&*+§?!$£°%;:
+ }
+ }
+ }
+ if($_POST['username']==""){
+ $input_errors[] = "username must not be empty!";
+ }
+ if($_POST['username']==$config['system']['username']) {
+ $input_errors[] = "username can not match the administrator username!";
+ }
+ if($_POST['old_username'] != $_POST['username']) {
+ // Either a new user, or one with a username change
+ if (isset($config['system']['users'][$_POST['username']])) {
+ $input_errors[] = "username can not match an existing user!";
+ }
+ }
+ if(!isset($config['system']['groups'][$_POST['group']])) {
+ $input_errors[] = "group does not exist, please define the group before assigning users.";
+ }
+
+ //check username: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: username can
+ //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a username, config.xml
+ //could not be parsed anymore!
+ if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['username'])){
+ $input_errors[] = "username contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed";
+ }
+ if(!empty($input_errors)){
+ //there are illegal inputs --> print out error message and show formula again
+ //and fill in all recently entered values except passwords
+ $_GET['act']="new";
+ $_POST['old_username']=($_POST['old_username'] ? $_POST['old_username'] : $_POST['username']);
+ $_GET['username']=$_POST['old_username'];
+
+ $user['fullname']=$_POST['fullname'];
+
+ } else {
+ //all values are okay --> saving changes
+ $_POST['username']=trim($_POST['username']);
+ if($_POST['old_username']!="" && $_POST['old_username']!=$_POST['username']){
+ //change the username (which is used as array-index)
+ $config['system']['users'][$_POST['username']]=$config['system']['users'][$_POST['old_username']];
+ unset($config['system']['users'][$_POST['old_username']]);
+ }
+ $config['system']['users'][$_POST['username']]['fullname']=trim($_POST['fullname']);
+ if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){
+ $config['system']['users'][$_POST['username']]['password']=crypt(trim($_POST['password1']));
+ }
+ $config['system']['users'][$_POST['username']]['group']=trim($_POST['group']);
+ // Remove config information from old way of handling sub-admin users.
+ if (isset($config['system']['users'][$_POST['username']]['pages']))
+ unset($config['system']['users'][$_POST['username']]['pages']);
+ write_config();
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg="User ".$_POST['username']." successfully saved<br>";
+ }
+ }
+
+?>
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+ <?php
+ $tabs = array('Users' => 'system_usermanager.php',
+ 'Groups' => 'system_groupmanager.php');
+ dynamic_tab_menu($tabs);
+ ?>
+ </ul>
+ </td></tr>
+<tr>
+ <td class="tabcont">
+<?php
+if($_GET['act']=="new" || $_GET['act']=="edit"){
+ if($_GET['act']=="edit" && isset($_GET['username'])){
+ $user=$config['system']['users'][$_GET['username']];
+ }
+?>
+ <form action="system_usermanager.php" method="post" name="iform" id="iform">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Username</td>
+ <td width="78%" class="vtable">
+ <input name="username" type="text" class="formfld" id="username" size="20" value="<?=$_GET['username'];?>">
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Password</td>
+ <td width="78%" class="vtable">
+ <input name="password1" type="password" class="formfld" id="password1" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>"> <br>
+ <input name="password2" type="password" class="formfld" id="password2" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>">
+ (confirmation) </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Full name</td>
+ <td width="78%" class="vtable">
+ <input name="fullname" type="text" class="formfld" id="fullname" size="20" value="<?=htmlspecialchars($user['fullname']);?>">
+ <br>
+ User's full name, for your own information only</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Group Name</td>
+ <td width="78%" class="vtable">
+ <select name="group" class="formfld" id="group">
+ <?php foreach ($config['system']['groups'] as $gname => $group): ?>
+
+ <option value="<?=$gname;?>" <?php if ($gname == $user['group']) echo "selected"; ?>>
+ <?=htmlspecialchars($gname);?>
+ </option>
+ <?php endforeach; ?>
+ </select>
+ <br>
+ The admin group to which this user is assigned.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="save" type="submit" class="formbtn" value="Save">
+ <input name="old_username" type="hidden" value="<?=$_GET['username'];?>">
+ </td>
+ </tr>
+ </table>
+ </form>
+<?php
+} else {
+?>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="35%" class="listhdrr">Username</td>
+ <td width="20%" class="listhdrr">Full name</td>
+ <td width="20%" class="listhdrr">Group</td>
+ <td width="10%" class="list"></td>
+ </tr>
+<?php
+ if(is_array($config['system']['users'])){
+ foreach($config['system']['users'] as $username => $user){
+?>
+ <tr>
+ <td class="listlr">
+ <?=$username; ?>
+ </td>
+ <td class="listr">
+ <?=htmlspecialchars($user['fullname']);?>
+ </td>
+ <td class="listr">
+ <?=$user['group'];?>
+ </td>
+ <td valign="middle" nowrap class="list"> <a href="system_usermanager.php?act=edit&username=<?=$username; ?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>
+ <a href="system_usermanager.php?act=delete&username=<?=$username; ?>" onclick="return confirm('Do you really want to delete this User?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>
+ </tr>
+<?php
+ }
+ } ?>
+ <tr>
+ <td class="list" colspan="3"></td>
+ <td class="list"> <a href="system_usermanager.php?act=new"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>
+ </tr>
+ <tr>
+ <td colspan="3">
+ Additional webGui users can be added here. User permissions are determined by the admin group they are a member of.
+ </td>
+ </tr>
+ </table>
+<?php } ?>
+
+ </td>
+ </tr>
+ </table>
+<?php
+} else { // end of admin user code, start of normal user code
+ if(isset($_POST['save'])) {
+ //value-checking
+ if(trim($_POST['password1'])!="********" &&
+ trim($_POST['password1'])!="" &&
+ trim($_POST['password1'])!=trim($_POST['password2'])){
+ //passwords are to be changed but don't match
+ $input_errors[]="passwords don't match";
+ }
+ if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") &&
+ (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){
+ //assume password should be left as is if a password is set already.
+ if(!empty($config['system']['users'][$_POST['old_username']]['password'])){
+ $_POST['password1']="********";
+ $_POST['password2']="********";
+ } else {
+ $input_errors[]="password must not be empty";
+ }
+ } else {
+ if(trim($_POST['password1'])!=trim($_POST['password2'])){
+ //passwords are to be changed or set but don't match
+ $input_errors[]="passwords don't match";
+ } else {
+ //check password for invalid characters
+ if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){
+ $input_errors[] = "password contains illegal characters, only letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed";
+ //test pw: AZaz_-.@~()&*+§?!$£°%;:
+ }
+ }
+ }
+ if (!$input_errors) {
+ //all values are okay --> saving changes
+ if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){
+ $config['system']['users'][$_SERVER['REMOTE_USER']]['password']=crypt(trim($_POST['password1']));
+ }
+ write_config();
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg = "Password successfully changed<br>";
+ }
+ }
+
+
+?>
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+ <form action="system_usermanager.php" method="post" name="iform" id="iform">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" valign="top" class="listtopic"><?=$_SERVER['REMOTE_USER']?>'s Password</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Password</td>
+ <td width="78%" class="vtable"> <input name="password1" type="password" class="formfld" id="password1" size="20">
+ <br> <input name="password2" type="password" class="formfld" id="password2" size="20">
+ (confirmation) <br> <span class="vexpl">Select a new password</span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="save" type="submit" class="formbtn" value="Save">
+ </td>
+ </tr>
+ </table>
+ </form>
+
+<?php
+} // end of normal user code ?>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("VPN", "IPsec", "Tunnels");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['ipsec']['tunnel'])) {\r
- $config['ipsec']['tunnel'] = array();\r
-}\r
-$a_ipsec = &$config['ipsec']['tunnel'];\r
-$wancfg = &$config['interfaces']['wan'];\r
-\r
-$pconfig['enable'] = isset($config['ipsec']['enable']);\r
-\r
-if ($_POST) {\r
-\r
- if ($_POST['apply']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path))\r
- $retval = vpn_ipsec_configure();\r
- $savemsg = get_std_save_message($retval);\r
- if ($retval == 0) {\r
- if (file_exists($d_ipsecconfdirty_path))\r
- unlink($d_ipsecconfdirty_path);\r
- }\r
- } else if ($_POST['submit']) {\r
- $pconfig = $_POST;\r
- \r
- $config['ipsec']['enable'] = $_POST['enable'] ? true : false;\r
- \r
- write_config();\r
- \r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval = vpn_ipsec_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- if ($retval == 0) {\r
- if (file_exists($d_ipsecconfdirty_path))\r
- unlink($d_ipsecconfdirty_path);\r
- }\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_ipsec[$_GET['id']]) {\r
- unset($a_ipsec[$_GET['id']]);\r
- write_config();\r
- touch($d_ipsecconfdirty_path);\r
- header("Location: vpn_ipsec.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="vpn_ipsec.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Tunnels' => 'vpn_ipsec.php',\r
- 'Mobile clients' => 'vpn_ipsec_mobile.php',\r
- 'Pre-shared keys' => 'vpn_ipsec_keys.php',\r
- 'CAs' => 'vpn_ipsec_ca.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td class="vtable">\r
- <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked";?>>\r
- <strong>Enable IPsec</strong></td>\r
- </tr>\r
- <tr> \r
- <td> <input name="submit" type="submit" class="formbtn" value="Save"> \r
- </td>\r
- </tr>\r
- </table>\r
- <br>\r
- <table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr>\r
- <td nowrap class="listhdrr">Local net<br>\r
- Remote net</td>\r
- <td class="listhdrr">Interface<br>Remote gw</td>\r
- <td class="listhdrr">P1 mode</td>\r
- <td class="listhdrr">P1 Enc. Algo</td>\r
- <td class="listhdrr">P1 Hash Algo</td>\r
- <td class="listhdr">Description</td>\r
- <td class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_ipsec as $ipsecent):\r
- if (isset($ipsecent['disabled'])) {\r
- $spans = "<span class=\"gray\">";\r
- $spane = "</span>";\r
- } else {\r
- $spans = $spane = "";\r
- }\r
- ?>\r
- <tr valign="top">\r
- <td nowrap class="listlr"><?=$spans;?> \r
- <?php if ($ipsecent['local-subnet']['network'])\r
- echo strtoupper($ipsecent['local-subnet']['network']);\r
- else\r
- echo $ipsecent['local-subnet']['address'];\r
- ?>\r
- <br>\r
- <?=$ipsecent['remote-subnet'];?>\r
- <?=$spane;?></td>\r
- <td class="listr"><?=$spans;?>\r
- <?php if ($ipsecent['interface']) {\r
- $iflabels = array('lan' => 'LAN', 'wan' => 'WAN');\r
- for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)\r
- $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];\r
- $if = htmlspecialchars($iflabels[$ipsecent['interface']]);\r
- } else\r
- $if = "WAN";\r
- \r
- echo $if . "<br>" . $ipsecent['remote-gateway'];\r
- ?>\r
- <?=$spane;?></td>\r
- <td class="listr"><?=$spans;?>\r
- <?=$ipsecent['p1']['mode'];?>\r
- <?=$spane;?></td>\r
- <td class="listr"><?=$spans;?>\r
- <?=$p1_ealgos[$ipsecent['p1']['encryption-algorithm']];?>\r
- <?=$spane;?></td>\r
- <td class="listr"><?=$spans;?>\r
- <?=$p1_halgos[$ipsecent['p1']['hash-algorithm']];?>\r
- <?=$spane;?></td>\r
- <td class="listbg"><?=$spans;?>\r
- <?=htmlspecialchars($ipsecent['descr']);?> \r
- <?=$spane;?></td>\r
- <td valign="middle" nowrap class="list"> <a href="vpn_ipsec_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit tunnel" width="17" height="17" border="0"></a> \r
- <a href="vpn_ipsec.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this tunnel?')"><img src="x.gif" title="delete tunnel" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="6"></td>\r
- <td class="list"> <a href="vpn_ipsec_edit.php"><img src="plus.gif" title="add tunnel" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
-</table>\r
-</form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("VPN", "IPsec", "Tunnels");
+require("guiconfig.inc");
+
+if (!is_array($config['ipsec']['tunnel'])) {
+ $config['ipsec']['tunnel'] = array();
+}
+$a_ipsec = &$config['ipsec']['tunnel'];
+$wancfg = &$config['interfaces']['wan'];
+
+$pconfig['enable'] = isset($config['ipsec']['enable']);
+
+if ($_POST) {
+
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path))
+ $retval = vpn_ipsec_configure();
+ $savemsg = get_std_save_message($retval);
+ if ($retval == 0) {
+ if (file_exists($d_ipsecconfdirty_path))
+ unlink($d_ipsecconfdirty_path);
+ }
+ } else if ($_POST['submit']) {
+ $pconfig = $_POST;
+
+ $config['ipsec']['enable'] = $_POST['enable'] ? true : false;
+
+ write_config();
+
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval = vpn_ipsec_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+ if ($retval == 0) {
+ if (file_exists($d_ipsecconfdirty_path))
+ unlink($d_ipsecconfdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_ipsec[$_GET['id']]) {
+ unset($a_ipsec[$_GET['id']]);
+ write_config();
+ touch($d_ipsecconfdirty_path);
+ header("Location: vpn_ipsec.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="vpn_ipsec.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>
+<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Tunnels' => 'vpn_ipsec.php',
+ 'Mobile clients' => 'vpn_ipsec_mobile.php',
+ 'Pre-shared keys' => 'vpn_ipsec_keys.php',
+ 'CAs' => 'vpn_ipsec_ca.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td class="vtable">
+ <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked";?>>
+ <strong>Enable IPsec</strong></td>
+ </tr>
+ <tr>
+ <td> <input name="submit" type="submit" class="formbtn" value="Save">
+ </td>
+ </tr>
+ </table>
+ <br>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td nowrap class="listhdrr">Local net<br>
+ Remote net</td>
+ <td class="listhdrr">Interface<br>Remote gw</td>
+ <td class="listhdrr">P1 mode</td>
+ <td class="listhdrr">P1 Enc. Algo</td>
+ <td class="listhdrr">P1 Hash Algo</td>
+ <td class="listhdr">Description</td>
+ <td class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_ipsec as $ipsecent):
+ if (isset($ipsecent['disabled'])) {
+ $spans = "<span class=\"gray\">";
+ $spane = "</span>";
+ } else {
+ $spans = $spane = "";
+ }
+ ?>
+ <tr valign="top">
+ <td nowrap class="listlr"><?=$spans;?>
+ <?php if ($ipsecent['local-subnet']['network'])
+ echo strtoupper($ipsecent['local-subnet']['network']);
+ else
+ echo $ipsecent['local-subnet']['address'];
+ ?>
+ <br>
+ <?=$ipsecent['remote-subnet'];?>
+ <?=$spane;?></td>
+ <td class="listr"><?=$spans;?>
+ <?php if ($ipsecent['interface']) {
+ $iflabels = array('lan' => 'LAN', 'wan' => 'WAN');
+ for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++)
+ $iflabels['opt' . $j] = $config['interfaces']['opt' . $j]['descr'];
+ $if = htmlspecialchars($iflabels[$ipsecent['interface']]);
+ } else
+ $if = "WAN";
+
+ echo $if . "<br>" . $ipsecent['remote-gateway'];
+ ?>
+ <?=$spane;?></td>
+ <td class="listr"><?=$spans;?>
+ <?=$ipsecent['p1']['mode'];?>
+ <?=$spane;?></td>
+ <td class="listr"><?=$spans;?>
+ <?=$p1_ealgos[$ipsecent['p1']['encryption-algorithm']];?>
+ <?=$spane;?></td>
+ <td class="listr"><?=$spans;?>
+ <?=$p1_halgos[$ipsecent['p1']['hash-algorithm']];?>
+ <?=$spane;?></td>
+ <td class="listbg"><?=$spans;?>
+ <?=htmlspecialchars($ipsecent['descr']);?>
+ <?=$spane;?></td>
+ <td valign="middle" nowrap class="list"> <a href="vpn_ipsec_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit tunnel" width="17" height="17" border="0"></a>
+ <a href="vpn_ipsec.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this tunnel?')"><img src="x.gif" title="delete tunnel" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="6"></td>
+ <td class="list"> <a href="vpn_ipsec_edit.php"><img src="plus.gif" title="add tunnel" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+</table>
+</form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("VPN", "IPsec", "CAs");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['ipsec']['cacert'])) {\r
- $config['ipsec']['cacert'] = array();\r
-}\r
-ipsec_ca_sort();\r
-$a_secret = &$config['ipsec']['cacert'];\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_secret[$_GET['id']]) {\r
- unset($a_secret[$_GET['id']]);\r
- write_config();\r
- touch($d_ipsecconfdirty_path);\r
- header("Location: vpn_ipsec_ca.php");\r
- exit;\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="vpn_ipsec.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td>\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Tunnels' => 'vpn_ipsec.php',\r
- 'Mobile clients' => 'vpn_ipsec_mobile.php',\r
- 'Pre-shared keys' => 'vpn_ipsec_keys.php',\r
- 'CAs' => 'vpn_ipsec_ca.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td class="listhdrr">Identifier</td>\r
- <td class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_secret as $secretent): ?>\r
- <tr> \r
- <td class="listlr">\r
- <?=htmlspecialchars($secretent['ident']);?>\r
- </td>\r
- <td class="list" nowrap> <a href="vpn_ipsec_ca_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit certificate" width="17" height="17" border="0"></a>\r
- <a href="vpn_ipsec_ca.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this certificate?')"><img src="x.gif" title="delete certificate" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list"></td>\r
- <td class="list"> <a href="vpn_ipsec_ca_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
- </table>\r
-</form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("VPN", "IPsec", "CAs");
+require("guiconfig.inc");
+
+if (!is_array($config['ipsec']['cacert'])) {
+ $config['ipsec']['cacert'] = array();
+}
+ipsec_ca_sort();
+$a_secret = &$config['ipsec']['cacert'];
+
+if ($_GET['act'] == "del") {
+ if ($a_secret[$_GET['id']]) {
+ unset($a_secret[$_GET['id']]);
+ write_config();
+ touch($d_ipsecconfdirty_path);
+ header("Location: vpn_ipsec_ca.php");
+ exit;
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<form action="vpn_ipsec.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>
+<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td>
+ <ul id="tabnav">
+<?php
+ $tabs = array('Tunnels' => 'vpn_ipsec.php',
+ 'Mobile clients' => 'vpn_ipsec_mobile.php',
+ 'Pre-shared keys' => 'vpn_ipsec_keys.php',
+ 'CAs' => 'vpn_ipsec_ca.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="80%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td class="listhdrr">Identifier</td>
+ <td class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_secret as $secretent): ?>
+ <tr>
+ <td class="listlr">
+ <?=htmlspecialchars($secretent['ident']);?>
+ </td>
+ <td class="list" nowrap> <a href="vpn_ipsec_ca_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit certificate" width="17" height="17" border="0"></a>
+ <a href="vpn_ipsec_ca.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this certificate?')"><img src="x.gif" title="delete certificate" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list"></td>
+ <td class="list"> <a href="vpn_ipsec_ca_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("VPN", "IPsec", "Pre-shared keys");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['ipsec']['mobilekey'])) {\r
- $config['ipsec']['mobilekey'] = array();\r
-}\r
-ipsec_mobilekey_sort();\r
-$a_secret = &$config['ipsec']['mobilekey'];\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_secret[$_GET['id']]) {\r
- unset($a_secret[$_GET['id']]);\r
- write_config();\r
- touch($d_ipsecconfdirty_path);\r
- header("Location: vpn_ipsec_keys.php");\r
- exit;\r
- }\r
-}\r
-\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="vpn_ipsec.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Tunnels' => 'vpn_ipsec.php',\r
- 'Mobile clients' => 'vpn_ipsec_mobile.php',\r
- 'Pre-shared keys' => 'vpn_ipsec_keys.php',\r
- 'CAs' => 'vpn_ipsec_ca.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td class="listhdrr">Identifier</td>\r
- <td class="listhdr">Pre-shared key</td>\r
- <td class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_secret as $secretent): ?>\r
- <tr> \r
- <td class="listlr">\r
- <?=htmlspecialchars($secretent['ident']);?>\r
- </td>\r
- <td class="listr">\r
- <?=htmlspecialchars($secretent['pre-shared-key']);?>\r
- </td>\r
- <td class="list" nowrap> <a href="vpn_ipsec_keys_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit key" width="17" height="17" border="0"></a>\r
- <a href="vpn_ipsec_keys.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pre-shared key?')"><img src="x.gif" title="delete key" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="2"></td>\r
- <td class="list"> <a href="vpn_ipsec_keys_edit.php"><img src="plus.gif" title="add key" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
- </table>\r
-</form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("VPN", "IPsec", "Pre-shared keys");
+require("guiconfig.inc");
+
+if (!is_array($config['ipsec']['mobilekey'])) {
+ $config['ipsec']['mobilekey'] = array();
+}
+ipsec_mobilekey_sort();
+$a_secret = &$config['ipsec']['mobilekey'];
+
+if ($_GET['act'] == "del") {
+ if ($a_secret[$_GET['id']]) {
+ unset($a_secret[$_GET['id']]);
+ write_config();
+ touch($d_ipsecconfdirty_path);
+ header("Location: vpn_ipsec_keys.php");
+ exit;
+ }
+}
+
+?>
+<?php include("fbegin.inc"); ?>
+<form action="vpn_ipsec.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>
+<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Tunnels' => 'vpn_ipsec.php',
+ 'Mobile clients' => 'vpn_ipsec_mobile.php',
+ 'Pre-shared keys' => 'vpn_ipsec_keys.php',
+ 'CAs' => 'vpn_ipsec_ca.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="80%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td class="listhdrr">Identifier</td>
+ <td class="listhdr">Pre-shared key</td>
+ <td class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_secret as $secretent): ?>
+ <tr>
+ <td class="listlr">
+ <?=htmlspecialchars($secretent['ident']);?>
+ </td>
+ <td class="listr">
+ <?=htmlspecialchars($secretent['pre-shared-key']);?>
+ </td>
+ <td class="list" nowrap> <a href="vpn_ipsec_keys_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit key" width="17" height="17" border="0"></a>
+ <a href="vpn_ipsec_keys.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this pre-shared key?')"><img src="x.gif" title="delete key" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="2"></td>
+ <td class="list"> <a href="vpn_ipsec_keys_edit.php"><img src="plus.gif" title="add key" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("VPN", "IPsec", "Mobile clients");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['ipsec']['mobileclients'])) {\r
- $config['ipsec']['mobileclients'] = array();\r
-}\r
-$a_ipsec = &$config['ipsec']['mobileclients'];\r
-\r
-if (count($a_ipsec) == 0) {\r
- /* defaults */\r
- $pconfig['p1mode'] = "aggressive";\r
- $pconfig['p1myidentt'] = "myaddress";\r
- $pconfig['p1ealgo'] = "3des";\r
- $pconfig['p1halgo'] = "sha1";\r
- $pconfig['p1dhgroup'] = "2";\r
- $pconfig['p1authentication_method'] = "pre_shared_key";\r
- $pconfig['p2proto'] = "esp";\r
- $pconfig['p2ealgos'] = explode(",", "3des,blowfish,cast128,rijndael");\r
- $pconfig['p2halgos'] = explode(",", "hmac_sha1,hmac_md5");\r
- $pconfig['p2pfsgroup'] = "0";\r
-} else {\r
- $pconfig['enable'] = isset($a_ipsec['enable']);\r
- $pconfig['p1mode'] = $a_ipsec['p1']['mode'];\r
- \r
- if (isset($a_ipsec['p1']['myident']['myaddress']))\r
- $pconfig['p1myidentt'] = 'myaddress';\r
- else if (isset($a_ipsec['p1']['myident']['address'])) {\r
- $pconfig['p1myidentt'] = 'address';\r
- $pconfig['p1myident'] = $a_ipsec['p1']['myident']['address'];\r
- } else if (isset($a_ipsec['p1']['myident']['fqdn'])) {\r
- $pconfig['p1myidentt'] = 'fqdn';\r
- $pconfig['p1myident'] = $a_ipsec['p1']['myident']['fqdn'];\r
- } else if (isset($a_ipsec['p1']['myident']['ufqdn'])) {\r
- $pconfig['p1myidentt'] = 'user_fqdn';\r
- $pconfig['p1myident'] = $a_ipsec['p1']['myident']['ufqdn'];\r
- }\r
- \r
- $pconfig['p1ealgo'] = $a_ipsec['p1']['encryption-algorithm'];\r
- $pconfig['p1halgo'] = $a_ipsec['p1']['hash-algorithm'];\r
- $pconfig['p1dhgroup'] = $a_ipsec['p1']['dhgroup'];\r
- $pconfig['p1lifetime'] = $a_ipsec['p1']['lifetime'];\r
- $pconfig['p1authentication_method'] = $a_ipsec['p1']['authentication_method'];\r
- $pconfig['p1cert'] = base64_decode($a_ipsec['p1']['cert']);\r
- $pconfig['p1privatekey'] = base64_decode($a_ipsec['p1']['private-key']);\r
- $pconfig['p2proto'] = $a_ipsec['p2']['protocol'];\r
- $pconfig['p2ealgos'] = $a_ipsec['p2']['encryption-algorithm-option'];\r
- $pconfig['p2halgos'] = $a_ipsec['p2']['hash-algorithm-option'];\r
- $pconfig['p2pfsgroup'] = $a_ipsec['p2']['pfsgroup'];\r
- $pconfig['p2lifetime'] = $a_ipsec['p2']['lifetime'];\r
-}\r
-\r
-if ($_POST) {\r
- unset($input_errors);\r
- $pconfig = $_POST;\r
-\r
- /* input validation */\r
- $reqdfields = explode(" ", "p2ealgos p2halgos");\r
- $reqdfieldsn = explode(",", "P2 Encryption Algorithms,P2 Hash Algorithms");\r
- \r
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
- \r
- if ($_POST['p1authentication_method']== "rsasig") {\r
- if (!strstr($_POST['p1cert'], "BEGIN CERTIFICATE") || !strstr($_POST['p1cert'], "END CERTIFICATE"))\r
- $input_errors[] = "This certificate does not appear to be valid.";\r
- if (!strstr($_POST['p1privatekey'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['p1privatekey'], "END RSA PRIVATE KEY"))\r
- $input_errors[] = "This key does not appear to be valid."; \r
- }\r
- \r
- if (($_POST['p1lifetime'] && !is_numeric($_POST['p1lifetime']))) {\r
- $input_errors[] = "The P1 lifetime must be an integer.";\r
- }\r
- if (($_POST['p2lifetime'] && !is_numeric($_POST['p2lifetime']))) {\r
- $input_errors[] = "The P2 lifetime must be an integer.";\r
- }\r
- if ((($_POST['p1myidentt'] == "address") && !is_ipaddr($_POST['p1myident']))) {\r
- $input_errors[] = "A valid IP address for 'My identifier' must be specified.";\r
- }\r
- if ((($_POST['p1myidentt'] == "fqdn") && !is_domain($_POST['p1myident']))) {\r
- $input_errors[] = "A valid domain name for 'My identifier' must be specified.";\r
- }\r
- if ($_POST['p1myidentt'] == "user_fqdn") {\r
- $ufqdn = explode("@",$_POST['p1myident']);\r
- if (!is_domain($ufqdn[1])) \r
- $input_errors[] = "A valid User FQDN in the form of user@my.domain.com for 'My identifier' must be specified.";\r
- }\r
- \r
- if ($_POST['p1myidentt'] == "myaddress")\r
- $_POST['p1myident'] = "";\r
-\r
- if (!$input_errors) {\r
- $ipsecent = array();\r
- $ipsecent['enable'] = $_POST['enable'] ? true : false;\r
- $ipsecent['p1']['mode'] = $_POST['p1mode'];\r
- \r
- $ipsecent['p1']['myident'] = array();\r
- switch ($_POST['p1myidentt']) {\r
- case 'myaddress':\r
- $ipsecent['p1']['myident']['myaddress'] = true;\r
- break;\r
- case 'address':\r
- $ipsecent['p1']['myident']['address'] = $_POST['p1myident'];\r
- break;\r
- case 'fqdn':\r
- $ipsecent['p1']['myident']['fqdn'] = $_POST['p1myident'];\r
- break;\r
- case 'user_fqdn':\r
- $ipsecent['p1']['myident']['ufqdn'] = $_POST['p1myident'];\r
- break;\r
- }\r
- \r
- $ipsecent['p1']['encryption-algorithm'] = $_POST['p1ealgo'];\r
- $ipsecent['p1']['hash-algorithm'] = $_POST['p1halgo'];\r
- $ipsecent['p1']['dhgroup'] = $_POST['p1dhgroup'];\r
- $ipsecent['p1']['lifetime'] = $_POST['p1lifetime'];\r
- $ipsecent['p1']['private-key'] = base64_encode($_POST['p1privatekey']);\r
- $ipsecent['p1']['cert'] = base64_encode($_POST['p1cert']);\r
- $ipsecent['p1']['authentication_method'] = $_POST['p1authentication_method'];\r
- $ipsecent['p2']['protocol'] = $_POST['p2proto'];\r
- $ipsecent['p2']['encryption-algorithm-option'] = $_POST['p2ealgos'];\r
- $ipsecent['p2']['hash-algorithm-option'] = $_POST['p2halgos'];\r
- $ipsecent['p2']['pfsgroup'] = $_POST['p2pfsgroup'];\r
- $ipsecent['p2']['lifetime'] = $_POST['p2lifetime'];\r
- \r
- $a_ipsec = $ipsecent;\r
- \r
- write_config();\r
- touch($d_ipsecconfdirty_path);\r
- \r
- header("Location: vpn_ipsec_mobile.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<script language="JavaScript">\r
-<!--\r
-function methodsel_change() {\r
- switch (document.iform.p1authentication_method.selectedIndex) {\r
- case 1: /* rsa */\r
- document.iform.p1privatekey.disabled = 0;\r
- document.iform.p1cert.disabled = 0;\r
- break;\r
- default: /* pre-shared */\r
- document.iform.p1privatekey.disabled = 1;\r
- document.iform.p1cert.disabled = 1;\r
- break;\r
- }\r
-}\r
-//-->\r
-</script>\r
-<form action="vpn_ipsec.php" method="post">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>\r
-<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-</form>\r
-<form action="vpn_ipsec_mobile.php" method="post" name="iform" id="iform">\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Tunnels' => 'vpn_ipsec.php',\r
- 'Mobile clients' => 'vpn_ipsec_mobile.php',\r
- 'Pre-shared keys' => 'vpn_ipsec_keys.php',\r
- 'CAs' => 'vpn_ipsec_ca.php');\r
- dynamic_tab_menu($tabs);\r
-?> \r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?>>\r
- <strong>Allow mobile clients</strong></td>\r
- </tr>\r
- <tr> \r
- <td colspan="2" valign="top" class="listtopic">Phase 1 proposal \r
- (Authentication)</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Negotiation mode</td>\r
- <td width="78%" class="vtable">\r
- <select name="p1mode" class="formfld">\r
- <?php $modes = explode(" ", "main aggressive"); foreach ($modes as $mode): ?>\r
- <option value="<?=$mode;?>" <?php if ($mode == $pconfig['p1mode']) echo "selected"; ?>> \r
- <?=htmlspecialchars($mode);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <br> <span class="vexpl">Aggressive is faster, but \r
- less secure.</span></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">My identifier</td>\r
- <td width="78%" class="vtable">\r
- <select name="p1myidentt" class="formfld">\r
- <?php foreach ($my_identifier_list as $mode => $modename): ?>\r
- <option value="<?=$mode;?>" <?php if ($mode == $pconfig['p1myidentt']) echo "selected"; ?>> \r
- <?=htmlspecialchars($modename);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <input name="p1myident" type="text" class="formfld" id="p1myident" size="30" value="<?=$pconfig['p1myident'];?>"> \r
- </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Encryption algorithm</td>\r
- <td width="78%" class="vtable">\r
- <select name="p1ealgo" class="formfld">\r
- <?php foreach ($p1_ealgos as $algo => $algoname): ?>\r
- <option value="<?=$algo;?>" <?php if ($algo == $pconfig['p1ealgo']) echo "selected"; ?>> \r
- <?=htmlspecialchars($algoname);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <br> <span class="vexpl">Must match the setting \r
- chosen on the remote side. </span></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Hash algorithm</td>\r
- <td width="78%" class="vtable">\r
- <select name="p1halgo" class="formfld">\r
- <?php foreach ($p1_halgos as $algo => $algoname): ?>\r
- <option value="<?=$algo;?>" <?php if ($algo == $pconfig['p1halgo']) echo "selected"; ?>> \r
- <?=htmlspecialchars($algoname);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <br> <span class="vexpl">Must match the setting \r
- chosen on the remote side. </span></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">DH key group</td>\r
- <td width="78%" class="vtable">\r
- <select name="p1dhgroup" class="formfld">\r
- <?php $keygroups = explode(" ", "1 2 5"); foreach ($keygroups as $keygroup): ?>\r
- <option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['p1dhgroup']) echo "selected"; ?>> \r
- <?=htmlspecialchars($keygroup);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <br> <span class="vexpl"><em>1 = 768 bit, 2 = 1024 \r
- bit, 5 = 1536 bit</em><br>\r
- Must match the setting chosen on the remote side. </span></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Lifetime</td>\r
- <td width="78%" class="vtable"> \r
- <input name="p1lifetime" type="text" class="formfld" id="p1lifetime" size="20" value="<?=$pconfig['p1lifetime'];?>">\r
- seconds</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Authentication method</td>\r
- <td width="78%" class="vtable">\r
- <select name="p1authentication_method" class="formfld" onChange="methodsel_change()">\r
- <?php foreach ($p1_authentication_methods as $method => $methodname): ?>\r
- <option value="<?=$method;?>" <?php if ($method == $pconfig['p1authentication_method']) echo "selected"; ?>> \r
- <?=htmlspecialchars($methodname);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <br> <span class="vexpl">Must match the setting \r
- chosen on the remote side. </span></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Certificate</td>\r
- <td width="78%" class="vtable"> \r
- <textarea name="p1cert" cols="65" rows="7" id="p1cert" class="formpre"><?=htmlspecialchars($pconfig['p1cert']);?></textarea>\r
- <br> \r
- Paste a certificate in X.509 PEM format here.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Key</td>\r
- <td width="78%" class="vtable"> \r
- <textarea name="p1privatekey" cols="65" rows="7" id="p1privatekey" class="formpre"><?=htmlspecialchars($pconfig['p1privatekey']);?></textarea>\r
- <br> \r
- Paste an RSA private key in PEM format here.</td>\r
- </tr>\r
- <tr> \r
- <td colspan="2" class="list" height="12"></td>\r
- </tr>\r
- <tr> \r
- <td colspan="2" valign="top" class="listtopic">Phase 2 proposal \r
- (SA/Key Exchange)</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Protocol</td>\r
- <td width="78%" class="vtable">\r
- <select name="p2proto" class="formfld">\r
- <?php foreach ($p2_protos as $proto => $protoname): ?>\r
- <option value="<?=$proto;?>" <?php if ($proto == $pconfig['p2proto']) echo "selected"; ?>> \r
- <?=htmlspecialchars($protoname);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <br> <span class="vexpl">ESP is encryption, AH is \r
- authentication only </span></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Encryption algorithms</td>\r
- <td width="78%" class="vtable"> \r
- <?php foreach ($p2_ealgos as $algo => $algoname): ?>\r
- <input type="checkbox" name="p2ealgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['p2ealgos'])) echo "checked"; ?>> \r
- <?=htmlspecialchars($algoname);?>\r
- <br> \r
- <?php endforeach; ?>\r
- <br>\r
- Hint: use 3DES for best compatibility or if you have a hardware \r
- crypto accelerator card. Blowfish is usually the fastest in \r
- software encryption. </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Hash algorithms</td>\r
- <td width="78%" class="vtable"> \r
- <?php foreach ($p2_halgos as $algo => $algoname): ?>\r
- <input type="checkbox" name="p2halgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['p2halgos'])) echo "checked"; ?>> \r
- <?=htmlspecialchars($algoname);?>\r
- <br> \r
- <?php endforeach; ?>\r
- </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">PFS key group</td>\r
- <td width="78%" class="vtable">\r
- <select name="p2pfsgroup" class="formfld">\r
- <?php foreach ($p2_pfskeygroups as $keygroup => $keygroupname): ?>\r
- <option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['p2pfsgroup']) echo "selected"; ?>> \r
- <?=htmlspecialchars($keygroupname);?>\r
- </option>\r
- <?php endforeach; ?>\r
- </select> <br> <span class="vexpl"><em>1 = 768 bit, 2 = 1024 \r
- bit, 5 = 1536 bit</em></span></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">Lifetime</td>\r
- <td width="78%" class="vtable"> \r
- <input name="p2lifetime" type="text" class="formfld" id="p2lifetime" size="20" value="<?=$pconfig['p2lifetime'];?>">\r
- seconds</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="Submit" type="submit" class="formbtn" value="Save">\r
- </td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
- </table>\r
-</form>\r
-<script language="JavaScript">\r
-<!--\r
-methodsel_change();\r
-//-->\r
-</script>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("VPN", "IPsec", "Mobile clients");
+require("guiconfig.inc");
+
+if (!is_array($config['ipsec']['mobileclients'])) {
+ $config['ipsec']['mobileclients'] = array();
+}
+$a_ipsec = &$config['ipsec']['mobileclients'];
+
+if (count($a_ipsec) == 0) {
+ /* defaults */
+ $pconfig['p1mode'] = "aggressive";
+ $pconfig['p1myidentt'] = "myaddress";
+ $pconfig['p1ealgo'] = "3des";
+ $pconfig['p1halgo'] = "sha1";
+ $pconfig['p1dhgroup'] = "2";
+ $pconfig['p1authentication_method'] = "pre_shared_key";
+ $pconfig['p2proto'] = "esp";
+ $pconfig['p2ealgos'] = explode(",", "3des,blowfish,cast128,rijndael");
+ $pconfig['p2halgos'] = explode(",", "hmac_sha1,hmac_md5");
+ $pconfig['p2pfsgroup'] = "0";
+} else {
+ $pconfig['enable'] = isset($a_ipsec['enable']);
+ $pconfig['p1mode'] = $a_ipsec['p1']['mode'];
+
+ if (isset($a_ipsec['p1']['myident']['myaddress']))
+ $pconfig['p1myidentt'] = 'myaddress';
+ else if (isset($a_ipsec['p1']['myident']['address'])) {
+ $pconfig['p1myidentt'] = 'address';
+ $pconfig['p1myident'] = $a_ipsec['p1']['myident']['address'];
+ } else if (isset($a_ipsec['p1']['myident']['fqdn'])) {
+ $pconfig['p1myidentt'] = 'fqdn';
+ $pconfig['p1myident'] = $a_ipsec['p1']['myident']['fqdn'];
+ } else if (isset($a_ipsec['p1']['myident']['ufqdn'])) {
+ $pconfig['p1myidentt'] = 'user_fqdn';
+ $pconfig['p1myident'] = $a_ipsec['p1']['myident']['ufqdn'];
+ }
+
+ $pconfig['p1ealgo'] = $a_ipsec['p1']['encryption-algorithm'];
+ $pconfig['p1halgo'] = $a_ipsec['p1']['hash-algorithm'];
+ $pconfig['p1dhgroup'] = $a_ipsec['p1']['dhgroup'];
+ $pconfig['p1lifetime'] = $a_ipsec['p1']['lifetime'];
+ $pconfig['p1authentication_method'] = $a_ipsec['p1']['authentication_method'];
+ $pconfig['p1cert'] = base64_decode($a_ipsec['p1']['cert']);
+ $pconfig['p1privatekey'] = base64_decode($a_ipsec['p1']['private-key']);
+ $pconfig['p2proto'] = $a_ipsec['p2']['protocol'];
+ $pconfig['p2ealgos'] = $a_ipsec['p2']['encryption-algorithm-option'];
+ $pconfig['p2halgos'] = $a_ipsec['p2']['hash-algorithm-option'];
+ $pconfig['p2pfsgroup'] = $a_ipsec['p2']['pfsgroup'];
+ $pconfig['p2lifetime'] = $a_ipsec['p2']['lifetime'];
+}
+
+if ($_POST) {
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ $reqdfields = explode(" ", "p2ealgos p2halgos");
+ $reqdfieldsn = explode(",", "P2 Encryption Algorithms,P2 Hash Algorithms");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if ($_POST['p1authentication_method']== "rsasig") {
+ if (!strstr($_POST['p1cert'], "BEGIN CERTIFICATE") || !strstr($_POST['p1cert'], "END CERTIFICATE"))
+ $input_errors[] = "This certificate does not appear to be valid.";
+ if (!strstr($_POST['p1privatekey'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['p1privatekey'], "END RSA PRIVATE KEY"))
+ $input_errors[] = "This key does not appear to be valid.";
+ }
+
+ if (($_POST['p1lifetime'] && !is_numeric($_POST['p1lifetime']))) {
+ $input_errors[] = "The P1 lifetime must be an integer.";
+ }
+ if (($_POST['p2lifetime'] && !is_numeric($_POST['p2lifetime']))) {
+ $input_errors[] = "The P2 lifetime must be an integer.";
+ }
+ if ((($_POST['p1myidentt'] == "address") && !is_ipaddr($_POST['p1myident']))) {
+ $input_errors[] = "A valid IP address for 'My identifier' must be specified.";
+ }
+ if ((($_POST['p1myidentt'] == "fqdn") && !is_domain($_POST['p1myident']))) {
+ $input_errors[] = "A valid domain name for 'My identifier' must be specified.";
+ }
+ if ($_POST['p1myidentt'] == "user_fqdn") {
+ $ufqdn = explode("@",$_POST['p1myident']);
+ if (!is_domain($ufqdn[1]))
+ $input_errors[] = "A valid User FQDN in the form of user@my.domain.com for 'My identifier' must be specified.";
+ }
+
+ if ($_POST['p1myidentt'] == "myaddress")
+ $_POST['p1myident'] = "";
+
+ if (!$input_errors) {
+ $ipsecent = array();
+ $ipsecent['enable'] = $_POST['enable'] ? true : false;
+ $ipsecent['p1']['mode'] = $_POST['p1mode'];
+
+ $ipsecent['p1']['myident'] = array();
+ switch ($_POST['p1myidentt']) {
+ case 'myaddress':
+ $ipsecent['p1']['myident']['myaddress'] = true;
+ break;
+ case 'address':
+ $ipsecent['p1']['myident']['address'] = $_POST['p1myident'];
+ break;
+ case 'fqdn':
+ $ipsecent['p1']['myident']['fqdn'] = $_POST['p1myident'];
+ break;
+ case 'user_fqdn':
+ $ipsecent['p1']['myident']['ufqdn'] = $_POST['p1myident'];
+ break;
+ }
+
+ $ipsecent['p1']['encryption-algorithm'] = $_POST['p1ealgo'];
+ $ipsecent['p1']['hash-algorithm'] = $_POST['p1halgo'];
+ $ipsecent['p1']['dhgroup'] = $_POST['p1dhgroup'];
+ $ipsecent['p1']['lifetime'] = $_POST['p1lifetime'];
+ $ipsecent['p1']['private-key'] = base64_encode($_POST['p1privatekey']);
+ $ipsecent['p1']['cert'] = base64_encode($_POST['p1cert']);
+ $ipsecent['p1']['authentication_method'] = $_POST['p1authentication_method'];
+ $ipsecent['p2']['protocol'] = $_POST['p2proto'];
+ $ipsecent['p2']['encryption-algorithm-option'] = $_POST['p2ealgos'];
+ $ipsecent['p2']['hash-algorithm-option'] = $_POST['p2halgos'];
+ $ipsecent['p2']['pfsgroup'] = $_POST['p2pfsgroup'];
+ $ipsecent['p2']['lifetime'] = $_POST['p2lifetime'];
+
+ $a_ipsec = $ipsecent;
+
+ write_config();
+ touch($d_ipsecconfdirty_path);
+
+ header("Location: vpn_ipsec_mobile.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<script language="JavaScript">
+<!--
+function methodsel_change() {
+ switch (document.iform.p1authentication_method.selectedIndex) {
+ case 1: /* rsa */
+ document.iform.p1privatekey.disabled = 0;
+ document.iform.p1cert.disabled = 0;
+ break;
+ default: /* pre-shared */
+ document.iform.p1privatekey.disabled = 1;
+ document.iform.p1cert.disabled = 1;
+ break;
+ }
+}
+//-->
+</script>
+<form action="vpn_ipsec.php" method="post">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if (file_exists($d_ipsecconfdirty_path)): ?><p>
+<?php print_info_box_np("The IPsec tunnel configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+</form>
+<form action="vpn_ipsec_mobile.php" method="post" name="iform" id="iform">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Tunnels' => 'vpn_ipsec.php',
+ 'Mobile clients' => 'vpn_ipsec_mobile.php',
+ 'Pre-shared keys' => 'vpn_ipsec_keys.php',
+ 'CAs' => 'vpn_ipsec_ca.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?>>
+ <strong>Allow mobile clients</strong></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Phase 1 proposal
+ (Authentication)</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Negotiation mode</td>
+ <td width="78%" class="vtable">
+ <select name="p1mode" class="formfld">
+ <?php $modes = explode(" ", "main aggressive"); foreach ($modes as $mode): ?>
+ <option value="<?=$mode;?>" <?php if ($mode == $pconfig['p1mode']) echo "selected"; ?>>
+ <?=htmlspecialchars($mode);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <br> <span class="vexpl">Aggressive is faster, but
+ less secure.</span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">My identifier</td>
+ <td width="78%" class="vtable">
+ <select name="p1myidentt" class="formfld">
+ <?php foreach ($my_identifier_list as $mode => $modename): ?>
+ <option value="<?=$mode;?>" <?php if ($mode == $pconfig['p1myidentt']) echo "selected"; ?>>
+ <?=htmlspecialchars($modename);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <input name="p1myident" type="text" class="formfld" id="p1myident" size="30" value="<?=$pconfig['p1myident'];?>">
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Encryption algorithm</td>
+ <td width="78%" class="vtable">
+ <select name="p1ealgo" class="formfld">
+ <?php foreach ($p1_ealgos as $algo => $algoname): ?>
+ <option value="<?=$algo;?>" <?php if ($algo == $pconfig['p1ealgo']) echo "selected"; ?>>
+ <?=htmlspecialchars($algoname);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <br> <span class="vexpl">Must match the setting
+ chosen on the remote side. </span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Hash algorithm</td>
+ <td width="78%" class="vtable">
+ <select name="p1halgo" class="formfld">
+ <?php foreach ($p1_halgos as $algo => $algoname): ?>
+ <option value="<?=$algo;?>" <?php if ($algo == $pconfig['p1halgo']) echo "selected"; ?>>
+ <?=htmlspecialchars($algoname);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <br> <span class="vexpl">Must match the setting
+ chosen on the remote side. </span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">DH key group</td>
+ <td width="78%" class="vtable">
+ <select name="p1dhgroup" class="formfld">
+ <?php $keygroups = explode(" ", "1 2 5"); foreach ($keygroups as $keygroup): ?>
+ <option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['p1dhgroup']) echo "selected"; ?>>
+ <?=htmlspecialchars($keygroup);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <br> <span class="vexpl"><em>1 = 768 bit, 2 = 1024
+ bit, 5 = 1536 bit</em><br>
+ Must match the setting chosen on the remote side. </span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Lifetime</td>
+ <td width="78%" class="vtable">
+ <input name="p1lifetime" type="text" class="formfld" id="p1lifetime" size="20" value="<?=$pconfig['p1lifetime'];?>">
+ seconds</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Authentication method</td>
+ <td width="78%" class="vtable">
+ <select name="p1authentication_method" class="formfld" onChange="methodsel_change()">
+ <?php foreach ($p1_authentication_methods as $method => $methodname): ?>
+ <option value="<?=$method;?>" <?php if ($method == $pconfig['p1authentication_method']) echo "selected"; ?>>
+ <?=htmlspecialchars($methodname);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <br> <span class="vexpl">Must match the setting
+ chosen on the remote side. </span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Certificate</td>
+ <td width="78%" class="vtable">
+ <textarea name="p1cert" cols="65" rows="7" id="p1cert" class="formpre"><?=htmlspecialchars($pconfig['p1cert']);?></textarea>
+ <br>
+ Paste a certificate in X.509 PEM format here.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Key</td>
+ <td width="78%" class="vtable">
+ <textarea name="p1privatekey" cols="65" rows="7" id="p1privatekey" class="formpre"><?=htmlspecialchars($pconfig['p1privatekey']);?></textarea>
+ <br>
+ Paste an RSA private key in PEM format here.</td>
+ </tr>
+ <tr>
+ <td colspan="2" class="list" height="12"></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Phase 2 proposal
+ (SA/Key Exchange)</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Protocol</td>
+ <td width="78%" class="vtable">
+ <select name="p2proto" class="formfld">
+ <?php foreach ($p2_protos as $proto => $protoname): ?>
+ <option value="<?=$proto;?>" <?php if ($proto == $pconfig['p2proto']) echo "selected"; ?>>
+ <?=htmlspecialchars($protoname);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <br> <span class="vexpl">ESP is encryption, AH is
+ authentication only </span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Encryption algorithms</td>
+ <td width="78%" class="vtable">
+ <?php foreach ($p2_ealgos as $algo => $algoname): ?>
+ <input type="checkbox" name="p2ealgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['p2ealgos'])) echo "checked"; ?>>
+ <?=htmlspecialchars($algoname);?>
+ <br>
+ <?php endforeach; ?>
+ <br>
+ Hint: use 3DES for best compatibility or if you have a hardware
+ crypto accelerator card. Blowfish is usually the fastest in
+ software encryption. </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Hash algorithms</td>
+ <td width="78%" class="vtable">
+ <?php foreach ($p2_halgos as $algo => $algoname): ?>
+ <input type="checkbox" name="p2halgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['p2halgos'])) echo "checked"; ?>>
+ <?=htmlspecialchars($algoname);?>
+ <br>
+ <?php endforeach; ?>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">PFS key group</td>
+ <td width="78%" class="vtable">
+ <select name="p2pfsgroup" class="formfld">
+ <?php foreach ($p2_pfskeygroups as $keygroup => $keygroupname): ?>
+ <option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['p2pfsgroup']) echo "selected"; ?>>
+ <?=htmlspecialchars($keygroupname);?>
+ </option>
+ <?php endforeach; ?>
+ </select> <br> <span class="vexpl"><em>1 = 768 bit, 2 = 1024
+ bit, 5 = 1536 bit</em></span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Lifetime</td>
+ <td width="78%" class="vtable">
+ <input name="p2lifetime" type="text" class="formfld" id="p2lifetime" size="20" value="<?=$pconfig['p2lifetime'];?>">
+ seconds</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="Submit" type="submit" class="formbtn" value="Save">
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+<script language="JavaScript">
+<!--
+methodsel_change();
+//-->
+</script>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("VPN", "PPTP", "Configuration");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['pptpd']['radius'])) {\r
- $config['pptpd']['radius'] = array();\r
-}\r
-$pptpcfg = &$config['pptpd'];\r
-\r
-$pconfig['remoteip'] = $pptpcfg['remoteip'];\r
-$pconfig['localip'] = $pptpcfg['localip'];\r
-$pconfig['redir'] = $pptpcfg['redir'];\r
-$pconfig['mode'] = $pptpcfg['mode'];\r
-$pconfig['req128'] = isset($pptpcfg['req128']);\r
-$pconfig['radiusenable'] = isset($pptpcfg['radius']['enable']);\r
-$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);\r
-$pconfig['radiusserver'] = $pptpcfg['radius']['server'];\r
-$pconfig['radiussecret'] = $pptpcfg['radius']['secret'];\r
-\r
-if ($_POST) {\r
-\r
- unset($input_errors);\r
- $pconfig = $_POST;\r
-\r
- /* input validation */\r
- if ($_POST['mode'] == "server") {\r
- $reqdfields = explode(" ", "localip remoteip");\r
- $reqdfieldsn = explode(",", "Server address,Remote start address");\r
- \r
- if ($_POST['radiusenable']) {\r
- $reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));\r
- $reqdfieldsn = array_merge($reqdfieldsn, \r
- explode(",", "RADIUS server address,RADIUS shared secret"));\r
- }\r
- \r
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
- \r
- if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {\r
- $input_errors[] = "A valid server address must be specified.";\r
- }\r
- if (($_POST['subnet'] && !is_ipaddr($_POST['remoteip']))) {\r
- $input_errors[] = "A valid remote start address must be specified.";\r
- }\r
- if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {\r
- $input_errors[] = "A valid RADIUS server address must be specified.";\r
- }\r
- \r
- if (!$input_errors) { \r
- $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $g['pptp_subnet']);\r
- $subnet_start = ip2long($_POST['remoteip']);\r
- $subnet_end = ip2long($_POST['remoteip']) + $g['n_pptp_units'] - 1;\r
- \r
- if ((ip2long($_POST['localip']) >= $subnet_start) && \r
- (ip2long($_POST['localip']) <= $subnet_end)) {\r
- $input_errors[] = "The specified server address lies in the remote subnet."; \r
- }\r
- if ($_POST['localip'] == $config['interfaces']['lan']['ipaddr']) {\r
- $input_errors[] = "The specified server address is equal to the LAN interface address."; \r
- }\r
- }\r
- } else if ($_POST['mode'] == "redir") {\r
- $reqdfields = explode(" ", "redir");\r
- $reqdfieldsn = explode(",", "PPTP redirection target address");\r
- \r
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);\r
- \r
- if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {\r
- $input_errors[] = "A valid target address must be specified.";\r
- }\r
- }\r
-\r
- if (!$input_errors) {\r
- $pptpcfg['remoteip'] = $_POST['remoteip'];\r
- $pptpcfg['redir'] = $_POST['redir'];\r
- $pptpcfg['localip'] = $_POST['localip'];\r
- $pptpcfg['mode'] = $_POST['mode'];\r
- $pptpcfg['req128'] = $_POST['req128'] ? true : false;\r
- $pptpcfg['radius']['enable'] = $_POST['radiusenable'] ? true : false;\r
- $pptpcfg['radius']['accounting'] = $_POST['radacct_enable'] ? true : false;\r
- $pptpcfg['radius']['server'] = $_POST['radiusserver'];\r
- $pptpcfg['radius']['secret'] = $_POST['radiussecret'];\r
- \r
- write_config();\r
- \r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval = vpn_pptpd_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<script language="JavaScript">\r
-<!--\r
-function get_radio_value(obj)\r
-{\r
- for (i = 0; i < obj.length; i++) {\r
- if (obj[i].checked)\r
- return obj[i].value;\r
- }\r
- return null;\r
-}\r
-\r
-function enable_change(enable_over) {\r
- if ((get_radio_value(document.iform.mode) == "server") || enable_over) {\r
- document.iform.remoteip.disabled = 0;\r
- document.iform.localip.disabled = 0;\r
- document.iform.req128.disabled = 0;\r
- document.iform.radiusenable.disabled = 0;\r
- \r
- if (document.iform.radiusenable.checked || enable_over) {\r
- document.iform.radacct_enable.disabled = 0;\r
- document.iform.radiusserver.disabled = 0;\r
- document.iform.radiussecret.disabled = 0;\r
- } else {\r
- document.iform.radacct_enable.disabled = 1;\r
- document.iform.radiusserver.disabled = 1;\r
- document.iform.radiussecret.disabled = 1;\r
- }\r
- } else {\r
- document.iform.remoteip.disabled = 1;\r
- document.iform.localip.disabled = 1;\r
- document.iform.req128.disabled = 1;\r
- document.iform.radiusenable.disabled = 1;\r
- document.iform.radacct_enable.disabled = 1;\r
- document.iform.radiusserver.disabled = 1;\r
- document.iform.radiussecret.disabled = 1;\r
- }\r
- if ((get_radio_value(document.iform.mode) == "redir") || enable_over) {\r
- document.iform.redir.disabled = 0;\r
- } else {\r
- document.iform.redir.disabled = 1;\r
- }\r
-}\r
-//-->\r
-</script>\r
-<form action="vpn_pptp.php" method="post" name="iform" id="iform">\r
-<?php if ($input_errors) print_input_errors($input_errors); ?>\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Configuration' => 'vpn_pptp.php',\r
- 'Users' => 'vpn_pptp_users.php');\r
- dynamic_tab_menu($tabs);\r
-?>\r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td class="tabcont">\r
- <table width="100%" border="0" cellpadding="6" cellspacing="0">\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable"> \r
- <input name="mode" type="radio" onclick="enable_change(false)" value="off"\r
- <?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked";?>>\r
- Off</td>\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable">\r
-<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked"; ?>>\r
- Redirect incoming PPTP connections to:</td>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">PPTP redirection</td>\r
- <td width="78%" class="vtable"> \r
- <?=$mandfldhtml;?><input name="redir" type="text" class="formfld" id="redir" size="20" value="<?=htmlspecialchars($pconfig['redir']);?>"> \r
- <br>\r
- Enter the IP address of a host which will accept incoming \r
- PPTP connections.</td>\r
- <tr> \r
- <td width="22%" valign="top" class="vtable"> </td>\r
- <td width="78%" class="vtable">\r
-<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>>\r
- Enable PPTP server</td>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Max. concurrent \r
- connections</td>\r
- <td width="78%" class="vtable"> \r
- <?=$g['n_pptp_units'];?>\r
- </td>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Server address</td>\r
- <td width="78%" class="vtable"> \r
- <?=$mandfldhtml;?><input name="localip" type="text" class="formfld" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>"> \r
- <br>\r
- Enter the IP address the PPTP server should use on its side \r
- for all clients.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncellreq">Remote address \r
- range</td>\r
- <td width="78%" class="vtable"> \r
- <?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>">\r
- / \r
- <?=$g['pptp_subnet'];?>\r
- <br>\r
- Specify the starting address for the client IP address subnet.<br>\r
- The PPTP server will assign \r
- <?=$g['n_pptp_units'];?>\r
- addresses, starting at the address entered above, to clients.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">RADIUS</td>\r
- <td width="78%" class="vtable"> \r
- <input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked"; ?>>\r
- <strong>Use a RADIUS server for authentication<br>\r
- </strong>When set, all users will be authenticated using \r
- the RADIUS server specified below. The local user database \r
- will not be used.<br>\r
- <br>\r
- <input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>>\r
- <strong>Enable RADIUS accounting <br>\r
- </strong>Sends accounting packets to the RADIUS server.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">RADIUS server </td>\r
- <td width="78%" class="vtable">\r
- <input name="radiusserver" type="text" class="formfld" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>">\r
- <br>\r
- Enter the IP address of the RADIUS server.</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top" class="vncell">RADIUS shared secret</td>\r
- <td width="78%" valign="top" class="vtable">\r
- <input name="radiussecret" type="password" class="formfld" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>">\r
- <br>\r
- Enter the shared secret that will be used to authenticate \r
- to the RADIUS server.</td>\r
- </tr>\r
- <tr> \r
- <td height="16" colspan="2" valign="top"></td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="middle"> </td>\r
- <td width="78%" class="vtable"> \r
- <input name="req128" type="checkbox" id="req128" value="yes" <?php if ($pconfig['req128']) echo "checked"; ?>> \r
- <strong>Require 128-bit encryption</strong><br>\r
- When set, 128-bit encryption will be accepted. Otherwise, \r
- 40-bit and 56-bit encryption will be accepted, too. Note that \r
- encryption will always be forced on PPTP connections (i.e. \r
- unencrypted connections will not be accepted).</td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"> \r
- <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> \r
- </td>\r
- </tr>\r
- <tr> \r
- <td width="22%" valign="top"> </td>\r
- <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>\r
- </strong></span>don't forget to add a firewall rule to permit \r
- traffic from PPTP clients!</span></td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
-</table>\r
-</form>\r
-<script language="JavaScript">\r
-<!--\r
-enable_change(false);\r
-//-->\r
-</script>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("VPN", "PPTP", "Configuration");
+require("guiconfig.inc");
+
+if (!is_array($config['pptpd']['radius'])) {
+ $config['pptpd']['radius'] = array();
+}
+$pptpcfg = &$config['pptpd'];
+
+$pconfig['remoteip'] = $pptpcfg['remoteip'];
+$pconfig['localip'] = $pptpcfg['localip'];
+$pconfig['redir'] = $pptpcfg['redir'];
+$pconfig['mode'] = $pptpcfg['mode'];
+$pconfig['req128'] = isset($pptpcfg['req128']);
+$pconfig['radiusenable'] = isset($pptpcfg['radius']['enable']);
+$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);
+$pconfig['radiusserver'] = $pptpcfg['radius']['server'];
+$pconfig['radiussecret'] = $pptpcfg['radius']['secret'];
+
+if ($_POST) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ if ($_POST['mode'] == "server") {
+ $reqdfields = explode(" ", "localip remoteip");
+ $reqdfieldsn = explode(",", "Server address,Remote start address");
+
+ if ($_POST['radiusenable']) {
+ $reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));
+ $reqdfieldsn = array_merge($reqdfieldsn,
+ explode(",", "RADIUS server address,RADIUS shared secret"));
+ }
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {
+ $input_errors[] = "A valid server address must be specified.";
+ }
+ if (($_POST['subnet'] && !is_ipaddr($_POST['remoteip']))) {
+ $input_errors[] = "A valid remote start address must be specified.";
+ }
+ if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {
+ $input_errors[] = "A valid RADIUS server address must be specified.";
+ }
+
+ if (!$input_errors) {
+ $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $g['pptp_subnet']);
+ $subnet_start = ip2long($_POST['remoteip']);
+ $subnet_end = ip2long($_POST['remoteip']) + $g['n_pptp_units'] - 1;
+
+ if ((ip2long($_POST['localip']) >= $subnet_start) &&
+ (ip2long($_POST['localip']) <= $subnet_end)) {
+ $input_errors[] = "The specified server address lies in the remote subnet.";
+ }
+ if ($_POST['localip'] == $config['interfaces']['lan']['ipaddr']) {
+ $input_errors[] = "The specified server address is equal to the LAN interface address.";
+ }
+ }
+ } else if ($_POST['mode'] == "redir") {
+ $reqdfields = explode(" ", "redir");
+ $reqdfieldsn = explode(",", "PPTP redirection target address");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {
+ $input_errors[] = "A valid target address must be specified.";
+ }
+ }
+
+ if (!$input_errors) {
+ $pptpcfg['remoteip'] = $_POST['remoteip'];
+ $pptpcfg['redir'] = $_POST['redir'];
+ $pptpcfg['localip'] = $_POST['localip'];
+ $pptpcfg['mode'] = $_POST['mode'];
+ $pptpcfg['req128'] = $_POST['req128'] ? true : false;
+ $pptpcfg['radius']['enable'] = $_POST['radiusenable'] ? true : false;
+ $pptpcfg['radius']['accounting'] = $_POST['radacct_enable'] ? true : false;
+ $pptpcfg['radius']['server'] = $_POST['radiusserver'];
+ $pptpcfg['radius']['secret'] = $_POST['radiussecret'];
+
+ write_config();
+
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval = vpn_pptpd_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<script language="JavaScript">
+<!--
+function get_radio_value(obj)
+{
+ for (i = 0; i < obj.length; i++) {
+ if (obj[i].checked)
+ return obj[i].value;
+ }
+ return null;
+}
+
+function enable_change(enable_over) {
+ if ((get_radio_value(document.iform.mode) == "server") || enable_over) {
+ document.iform.remoteip.disabled = 0;
+ document.iform.localip.disabled = 0;
+ document.iform.req128.disabled = 0;
+ document.iform.radiusenable.disabled = 0;
+
+ if (document.iform.radiusenable.checked || enable_over) {
+ document.iform.radacct_enable.disabled = 0;
+ document.iform.radiusserver.disabled = 0;
+ document.iform.radiussecret.disabled = 0;
+ } else {
+ document.iform.radacct_enable.disabled = 1;
+ document.iform.radiusserver.disabled = 1;
+ document.iform.radiussecret.disabled = 1;
+ }
+ } else {
+ document.iform.remoteip.disabled = 1;
+ document.iform.localip.disabled = 1;
+ document.iform.req128.disabled = 1;
+ document.iform.radiusenable.disabled = 1;
+ document.iform.radacct_enable.disabled = 1;
+ document.iform.radiusserver.disabled = 1;
+ document.iform.radiussecret.disabled = 1;
+ }
+ if ((get_radio_value(document.iform.mode) == "redir") || enable_over) {
+ document.iform.redir.disabled = 0;
+ } else {
+ document.iform.redir.disabled = 1;
+ }
+}
+//-->
+</script>
+<form action="vpn_pptp.php" method="post" name="iform" id="iform">
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Configuration' => 'vpn_pptp.php',
+ 'Users' => 'vpn_pptp_users.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable">
+ <input name="mode" type="radio" onclick="enable_change(false)" value="off"
+ <?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked";?>>
+ Off</td>
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable">
+<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked"; ?>>
+ Redirect incoming PPTP connections to:</td>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">PPTP redirection</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="redir" type="text" class="formfld" id="redir" size="20" value="<?=htmlspecialchars($pconfig['redir']);?>">
+ <br>
+ Enter the IP address of a host which will accept incoming
+ PPTP connections.</td>
+ <tr>
+ <td width="22%" valign="top" class="vtable"> </td>
+ <td width="78%" class="vtable">
+<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>>
+ Enable PPTP server</td>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Max. concurrent
+ connections</td>
+ <td width="78%" class="vtable">
+ <?=$g['n_pptp_units'];?>
+ </td>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Server address</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="localip" type="text" class="formfld" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>">
+ <br>
+ Enter the IP address the PPTP server should use on its side
+ for all clients.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Remote address
+ range</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>">
+ /
+ <?=$g['pptp_subnet'];?>
+ <br>
+ Specify the starting address for the client IP address subnet.<br>
+ The PPTP server will assign
+ <?=$g['n_pptp_units'];?>
+ addresses, starting at the address entered above, to clients.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">RADIUS</td>
+ <td width="78%" class="vtable">
+ <input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked"; ?>>
+ <strong>Use a RADIUS server for authentication<br>
+ </strong>When set, all users will be authenticated using
+ the RADIUS server specified below. The local user database
+ will not be used.<br>
+ <br>
+ <input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>>
+ <strong>Enable RADIUS accounting <br>
+ </strong>Sends accounting packets to the RADIUS server.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">RADIUS server </td>
+ <td width="78%" class="vtable">
+ <input name="radiusserver" type="text" class="formfld" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>">
+ <br>
+ Enter the IP address of the RADIUS server.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">RADIUS shared secret</td>
+ <td width="78%" valign="top" class="vtable">
+ <input name="radiussecret" type="password" class="formfld" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>">
+ <br>
+ Enter the shared secret that will be used to authenticate
+ to the RADIUS server.</td>
+ </tr>
+ <tr>
+ <td height="16" colspan="2" valign="top"></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="middle"> </td>
+ <td width="78%" class="vtable">
+ <input name="req128" type="checkbox" id="req128" value="yes" <?php if ($pconfig['req128']) echo "checked"; ?>>
+ <strong>Require 128-bit encryption</strong><br>
+ When set, 128-bit encryption will be accepted. Otherwise,
+ 40-bit and 56-bit encryption will be accepted, too. Note that
+ encryption will always be forced on PPTP connections (i.e.
+ unencrypted connections will not be accepted).</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)">
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>
+ </strong></span>don't forget to add a firewall rule to permit
+ traffic from PPTP clients!</span></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+</table>
+</form>
+<script language="JavaScript">
+<!--
+enable_change(false);
+//-->
+</script>
+<?php include("fend.inc"); ?>
-#!/usr/local/bin/php\r
-<?php\r
-/*\r
- $Id$\r
- part of m0n0wall (http://m0n0.ch/wall)\r
- \r
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.\r
- All rights reserved.\r
- \r
- Redistribution and use in source and binary forms, with or without\r
- modification, are permitted provided that the following conditions are met:\r
- \r
- 1. Redistributions of source code must retain the above copyright notice,\r
- this list of conditions and the following disclaimer.\r
- \r
- 2. Redistributions in binary form must reproduce the above copyright\r
- notice, this list of conditions and the following disclaimer in the\r
- documentation and/or other materials provided with the distribution.\r
- \r
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,\r
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY\r
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE\r
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\r
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF\r
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS\r
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\r
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE\r
- POSSIBILITY OF SUCH DAMAGE.\r
-*/\r
-\r
-$pgtitle = array("VPN", "PPTP", "Users");\r
-require("guiconfig.inc");\r
-\r
-if (!is_array($config['pptpd']['user'])) {\r
- $config['pptpd']['user'] = array();\r
-}\r
-pptpd_users_sort();\r
-$a_secret = &$config['pptpd']['user'];\r
-\r
-if ($_POST) {\r
-\r
- $pconfig = $_POST;\r
-\r
- if ($_POST['apply']) {\r
- $retval = 0;\r
- if (!file_exists($d_sysrebootreqd_path)) {\r
- config_lock();\r
- $retval = vpn_pptpd_configure();\r
- config_unlock();\r
- }\r
- $savemsg = get_std_save_message($retval);\r
- if ($retval == 0) {\r
- if (file_exists($d_pptpuserdirty_path))\r
- unlink($d_pptpuserdirty_path);\r
- }\r
- }\r
-}\r
-\r
-if ($_GET['act'] == "del") {\r
- if ($a_secret[$_GET['id']]) {\r
- unset($a_secret[$_GET['id']]);\r
- write_config();\r
- touch($d_pptpuserdirty_path);\r
- header("Location: vpn_pptp_users.php");\r
- exit;\r
- }\r
-}\r
-?>\r
-<?php include("fbegin.inc"); ?>\r
-<form action="vpn_pptp_users.php" method="post">\r
-<?php if ($savemsg) print_info_box($savemsg); ?>\r
-<?php if (isset($config['pptpd']['radius']['enable']))\r
- print_info_box("Warning: RADIUS is enabled. The local user database will not be used."); ?>\r
-<?php if (file_exists($d_pptpuserdirty_path)): ?><p>\r
-<?php print_info_box_np("The PPTP user list has been modified.<br>You must apply the changes in order for them to take effect.<br><b>Warning: this will terminate all current PPTP sessions!</b>");?><br>\r
-<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>\r
-<?php endif; ?>\r
-<table width="100%" border="0" cellpadding="0" cellspacing="0">\r
- <tr><td class="tabnavtbl">\r
- <ul id="tabnav">\r
-<?php \r
- $tabs = array('Configuration' => 'vpn_pptp.php',\r
- 'Users' => 'vpn_pptp_users.php');\r
- dynamic_tab_menu($tabs);\r
-?>\r
- </ul>\r
- </td></tr>\r
- <tr> \r
- <td colspan="3" class="tabcont">\r
- <table width="80%" border="0" cellpadding="0" cellspacing="0">\r
- <tr> \r
- <td class="listhdrr">Username</td>\r
- <td class="listhdr">IP address</td>\r
- <td class="list"></td>\r
- </tr>\r
- <?php $i = 0; foreach ($a_secret as $secretent): ?>\r
- <tr> \r
- <td class="listlr">\r
- <?=htmlspecialchars($secretent['name']);?>\r
- </td>\r
- <td class="listr">\r
- <?=htmlspecialchars($secretent['ip']);?> \r
- </td>\r
- <td class="list" nowrap> <a href="vpn_pptp_users_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>\r
- <a href="vpn_pptp_users.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this user?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- <?php $i++; endforeach; ?>\r
- <tr> \r
- <td class="list" colspan="2"></td>\r
- <td class="list"> <a href="vpn_pptp_users_edit.php"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>\r
- </tr>\r
- </table>\r
- </td>\r
- </tr>\r
-</table>\r
-</form>\r
-<?php include("fend.inc"); ?>\r
+#!/usr/local/bin/php
+<?php
+/*
+ $Id$
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array("VPN", "PPTP", "Users");
+require("guiconfig.inc");
+
+if (!is_array($config['pptpd']['user'])) {
+ $config['pptpd']['user'] = array();
+}
+pptpd_users_sort();
+$a_secret = &$config['pptpd']['user'];
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+ if (!file_exists($d_sysrebootreqd_path)) {
+ config_lock();
+ $retval = vpn_pptpd_configure();
+ config_unlock();
+ }
+ $savemsg = get_std_save_message($retval);
+ if ($retval == 0) {
+ if (file_exists($d_pptpuserdirty_path))
+ unlink($d_pptpuserdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_secret[$_GET['id']]) {
+ unset($a_secret[$_GET['id']]);
+ write_config();
+ touch($d_pptpuserdirty_path);
+ header("Location: vpn_pptp_users.php");
+ exit;
+ }
+}
+?>
+<?php include("fbegin.inc"); ?>
+<form action="vpn_pptp_users.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (isset($config['pptpd']['radius']['enable']))
+ print_info_box("Warning: RADIUS is enabled. The local user database will not be used."); ?>
+<?php if (file_exists($d_pptpuserdirty_path)): ?><p>
+<?php print_info_box_np("The PPTP user list has been modified.<br>You must apply the changes in order for them to take effect.<br><b>Warning: this will terminate all current PPTP sessions!</b>");?><br>
+<input name="apply" type="submit" class="formbtn" id="apply" value="Apply changes"></p>
+<?php endif; ?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+ <ul id="tabnav">
+<?php
+ $tabs = array('Configuration' => 'vpn_pptp.php',
+ 'Users' => 'vpn_pptp_users.php');
+ dynamic_tab_menu($tabs);
+?>
+ </ul>
+ </td></tr>
+ <tr>
+ <td colspan="3" class="tabcont">
+ <table width="80%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td class="listhdrr">Username</td>
+ <td class="listhdr">IP address</td>
+ <td class="list"></td>
+ </tr>
+ <?php $i = 0; foreach ($a_secret as $secretent): ?>
+ <tr>
+ <td class="listlr">
+ <?=htmlspecialchars($secretent['name']);?>
+ </td>
+ <td class="listr">
+ <?=htmlspecialchars($secretent['ip']);?>
+ </td>
+ <td class="list" nowrap> <a href="vpn_pptp_users_edit.php?id=<?=$i;?>"><img src="e.gif" title="edit user" width="17" height="17" border="0"></a>
+ <a href="vpn_pptp_users.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this user?')"><img src="x.gif" title="delete user" width="17" height="17" border="0"></a></td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="2"></td>
+ <td class="list"> <a href="vpn_pptp_users_edit.php"><img src="plus.gif" title="add user" width="17" height="17" border="0"></a></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+</table>
+</form>
+<?php include("fend.inc"); ?>
projects / m0n0chwall.git / commitdiff