Project

General

Profile

Actions

Bug #12648

open

Undocumented variables 'listenporthttp' and 'listenporthttps'

Added by Viktor Gurov 5 months ago. Updated 5 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Captive Portal
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
2.5.2
Affected Architecture:

Description

It's not possible to set the variables 'listenporthttp' and 'listenporthttps' via WebGUI
and there is no mention in the docs
looks like a legacy code:

grep listenporthttp:

captiveportal.inc:              if (!empty($cpcfg['listenporthttps'])) {
captiveportal.inc:                      $listenporthttps = $cpcfg['listenporthttps'];
captiveportal.inc:                      $listenporthttps = 8001 + $cpcfg['zoneid'];
captiveportal.inc:                      $crt, $key, $ca, "nginx-{$cpzone}-CaptivePortal-SSL.pid", $listenporthttps, "/usr/local/captiveportal",
captiveportal.inc:      if (!empty($cpcfg['listenporthttp'])) {
captiveportal.inc:              $listenporthttp = $cpcfg['listenporthttp'];
captiveportal.inc:              $listenporthttp = 8000 + $cpcfg['zoneid'];
captiveportal.inc:              "", "", "", "nginx-{$cpzone}-CaptivePortal.pid", $listenporthttp, "/usr/local/captiveportal",
captiveportal.inc:      if (!empty($config['captiveportal'][$cpzone]['listenporthttp'])) {
captiveportal.inc:              $listenporthttp = $config['captiveportal'][$cpzone]['listenporthttp'];
captiveportal.inc:              $listenporthttp = 8000 + $cpzoneid;
captiveportal.inc:              if (!empty($config['captiveportal'][$cpzone]['listenporthttps'])) {
captiveportal.inc:                      $listenporthttps = $config['captiveportal'][$cpzone]['listenporthttps'];
captiveportal.inc:                      $listenporthttps = 8001 + $cpzoneid;
captiveportal.inc:                          "fwd 127.0.0.1,{$listenporthttps} tcp from any to any dst-port 443 in");
captiveportal.inc:          "fwd 127.0.0.1,{$listenporthttp} tcp from any to any dst-port 80 in");
captiveportal.inc:              $listenporthttps = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : ($cpcfg['zoneid'] + 8001);
captiveportal.inc:              if ($listenporthttps != 443) {
captiveportal.inc:                      $ourhostname .= ":" . $listenporthttps;
captiveportal.inc:              $listenporthttp = $cpcfg['listenporthttp'] ? $cpcfg['listenporthttp'] : ($cpcfg['zoneid'] + 8000);
captiveportal.inc:              if ($listenporthttp != 80) {
captiveportal.inc:                      $ourhostname .= ":" . $listenporthttp;
filter.inc:                             $listenporthttps = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : 8000 + ($cpcfg['zoneid'] + 1);
filter.inc:                             $listenporthttp  = $cpcfg['listenporthttp']  ? $cpcfg['listenporthttp']  : 8000 + $cpcfg['zoneid'];
filter.inc:                             $portalias = $listenporthttps;
filter.inc:                             $portalias .= " {$listenporthttp}";

Actions #1

Updated by Jim Pingle 5 months ago

I seem to recall that was intentional, as it let people who really needed to adjust it do so by altering config.xml but for most people it was more likely to break things than help, as it's far too easy to unintentionally cause a port conflict due to the way that number serves as a base and isn't used directly. (e.g. someone could set it to a port near the GUI port and end up breaking both)

If we add a way to set it in the GUI it will need to be hidden by default, have a lot of warnings against setting it, and have significant validation to avoid common overlap scenarios.

Actions #2

Updated by Viktor Gurov 5 months ago

another port overlap issue - #5786

Actions

Also available in: Atom PDF