Project

General

Profile

Download (34.3 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/*
3
	guiconfig.inc
4
	by Scott Ullrich, Copyright 2004, All rights reserved.
5
	originally based on of m0n0wall (http://m0n0.ch/wall)
6

    
7
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8
	All rights reserved.
9

    
10
	Redistribution and use in source and binary forms, with or without
11
	modification, are permitted provided that the following conditions are met:
12

    
13
	1. Redistributions of source code must retain the above copyright notice,
14
	   this list of conditions and the following disclaimer.
15

    
16
	2. Redistributions in binary form must reproduce the above copyright
17
	   notice, this list of conditions and the following disclaimer in the
18
	   documentation and/or other materials provided with the distribution.
19

    
20
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29
	POSSIBILITY OF SUCH DAMAGE.
30
*/
31
/*
32
	pfSense_MODULE:	base
33
*/
34

    
35
/* Include authentication routines */
36
/* THIS MUST BE ABOVE ALL OTHER CODE */
37
if(!$nocsrf) {
38
	function csrf_startup() {
39
		csrf_conf('rewrite-js', '/csrf/csrf-magic.js');
40
		$timeout_minutes = isset($config['system']['webgui']['session_timeout']) ?  $config['system']['webgui']['session_timeout'] : 240;
41
		csrf_conf('expires', $timeout_minutes * 60);
42
	}
43
	require_once("csrf/csrf-magic.php");
44
}
45

    
46
/* make sure nothing is cached */
47
if (!$omit_nocacheheaders) {
48
	header("Expires: 0");
49
	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
50
	header("Cache-Control: no-store, no-cache, must-revalidate");
51
	header("Cache-Control: post-check=0, pre-check=0", false);
52
	header("Pragma: no-cache");
53
}
54

    
55
Header("X-Frame-Options: SAMEORIGIN");
56
require_once("authgui.inc");
57

    
58
/* parse the configuration and include all configuration functions */
59
require_once("functions.inc");
60

    
61
/* Pull in all the gui related display classes) */
62
foreach (scandir("/usr/local/www/classes/") as $file) {
63
	if (substr($file, -4) == ".inc") {
64
		require_once("classes/{$file}");
65
	}
66
}
67

    
68
$g['theme'] = get_current_theme();
69

    
70
/* Set the default interface language */
71
if($config['system']['language'] <> "") {
72
	$g['language'] = $config['system']['language'];
73
} elseif ($g['language'] == "") {
74
	$g['language'] = 'en_US';
75
}
76

    
77
set_language($g['language']);
78

    
79
/* used by progress bar */
80
$lastseen = "-1";
81

    
82
$navlevelsep = ": ";	/* navigation level separator string */
83
$mandfldhtml = "";		/* display this before mandatory input fields */
84
$mandfldhtmlspc = "";	/* same as above, but with spacing */
85

    
86
/* Some ajax scripts still need access to GUI */
87
if(!$ignorefirmwarelock) {
88
	if (is_subsystem_dirty('firmwarelock')) {
89
		if (!$d_isfwfile) {
90
			header("Location: system_firmware.php");
91
			exit;
92
		} else {
93
			return;
94
		}
95
	}
96
}
97

    
98
/* Reserved table names to avoid colision */
99
$reserved_table_names = array(
100
        "bogons",
101
        "bogonsv6",
102
        "negate_networks",
103
        "snort2c",
104
        "sshlockout",
105
        "tonatsubnets",
106
        "virusprot",
107
        "vpn_networks",
108
        "webConfiguratorlockout"
109
);
110

    
111
$firewall_rules_dscp_types = array("af11",
112
				"af12",
113
				"af13",
114
				"af21",
115
				"af22",
116
				"af23",
117
				"af31",
118
				"af32",
119
				"af33",
120
				"af41",
121
				"af42",
122
				"af43",
123
				"VA",
124
				"EF",
125
				"cs1",
126
				"cs2",
127
				"cs3",
128
				"cs4",
129
				"cs5",
130
				"cs6",
131
				"cs7",
132
				"0x01 (reliability, ToS 0x04)",
133
				"0x02 (throughput, ToS 0x08)",
134
				"0x04 (lowdelay, ToS 0x10)");
135

    
136
$auth_server_types = array(
137
	'ldap' => "LDAP",
138
	'radius' => "Radius");
139

    
140
$ldap_urltypes = array(
141
	'TCP - Standard' => 389,
142
	'SSL - Encrypted' => 636);
143

    
144
$ldap_scopes = array(
145
	'one' => "One Level",
146
	'subtree' => "Entire Subtree");
147

    
148
$ldap_protvers = array(
149
	2,
150
	3);
151

    
152
$ldap_templates = array(
153

    
154
	'open' => array(
155
				'desc' => "OpenLDAP",
156
				'attr_user' => "cn",
157
				'attr_group' => "cn",
158
				'attr_member' => "member"),
159

    
160
	'msad' => array(
161
				'desc' => "Microsoft AD",
162
				'attr_user' => "samAccountName",
163
				'attr_group' => "cn",
164
				'attr_member' => "memberOf"),
165

    
166
	'edir' => array(
167
				'desc' => "Novell eDirectory",
168
				'attr_user' => "cn",
169
				'attr_group' => "cn",
170
				'attr_member' => "uniqueMember"));
171

    
172
$radius_srvcs = array(
173
	'both' => "Authentication and Accounting",
174
	'auth' => "Authentication",
175
	'acct' => "Accounting");
176

    
177
$netbios_nodetypes = array(
178
	'0' => "none",
179
	'1' => "b-node",
180
	'2' => "p-node",
181
	'4' => "m-node",
182
	'5' => "h-node");
183

    
184
/* some well knows ports */
185
$wkports = array(
186
	5999 => "CVSup",
187
	53 => "DNS",
188
	21 => "FTP",
189
	3000 => "HBCI",
190
	80 => "HTTP",
191
	443 => "HTTPS",
192
	5190 => "ICQ",
193
	113 => "IDENT/AUTH",
194
	143 => "IMAP",
195
	993 => "IMAP/S",
196
	4500 => "IPsec NAT-T",
197
	500 => "ISAKMP",
198
	1701 => "L2TP",
199
	389 => "LDAP",
200
	1755 => "MMS/TCP",
201
	7000 => "MMS/UDP",
202
	445 => "MS DS",
203
	3389 => "MS RDP",
204
	1512 => "MS WINS",
205
	1863 => "MSN",
206
	119 => "NNTP",
207
	123 => "NTP",
208
	138 => "NetBIOS-DGM",
209
	137 => "NetBIOS-NS",
210
	139 => "NetBIOS-SSN",
211
	1194 => "OpenVPN",
212
	110 => "POP3",
213
	995 => "POP3/S",
214
	1723 => "PPTP",
215
	1812 => "RADIUS",
216
	1813 => "RADIUS accounting",
217
	5004 => "RTP",
218
	5060 => "SIP",
219
	25 => "SMTP",
220
	465 => "SMTP/S",
221
	161 => "SNMP",
222
	162 => "SNMP-Trap",
223
	22 => "SSH",
224
	3478 => "STUN",
225
	587 => "SUBMISSION",
226
	3544 => "Teredo",
227
	23 => "Telnet",
228
	69 => "TFTP",
229
	5900 => "VNC");
230

    
231
/* TCP flags */
232
$tcpflags = array("fin", "syn", "rst", "psh", "ack", "urg", "ece", "cwr");
233

    
234
$specialnets = array("pptp" => "PPTP clients", "pppoe" => "PPPoE clients", "l2tp" => "L2TP clients");
235

    
236
$spiflist = get_configured_interface_with_descr(false, true);
237
foreach ($spiflist as $ifgui => $ifdesc) {
238
	$specialnets[$ifgui] = $ifdesc . " net";
239
	$specialnets[$ifgui . 'ip'] = $ifdesc . " address";
240
}
241

    
242
$medias = array("auto" => "autoselect", "100full" => "100BASE-TX full-duplex",
243
	"100half" => "100BASE-TX half-duplex", "10full" => "10BASE-T full-duplex",
244
	"10half" => "10BASE-T half-duplex");
245

    
246
$wlan_modes = array("bss" => "Infrastructure (BSS)", "adhoc" => "Ad-hoc (IBSS)",
247
	"hostap" => "Access Point");
248

    
249
/* platforms that support firmware updating */
250
$fwupplatforms = array('pfSense', 'net45xx', 'net48xx', 'generic-pc', 'embedded', 'wrap', 'nanobsd');
251

    
252
function do_input_validation($postdata, $reqdfields, $reqdfieldsn, &$input_errors) {
253

    
254
	/* check for bad control characters */
255
	foreach ($postdata as $pn => $pd) {
256
		if (is_string($pd) && preg_match("/[\\x00-\\x08\\x0b\\x0c\\x0e-\\x1f]/", $pd)) {
257
			$input_errors[] = sprintf(gettext("The field %s contains invalid characters."), $pn);
258
		}
259
	}
260

    
261
	for ($i = 0; $i < count($reqdfields); $i++) {
262
		if ($_POST[$reqdfields[$i]] == "" && $_REQUEST[$reqdfields[$i]] == "") {
263
			$input_errors[] = sprintf(gettext("The field %s is required."), $reqfieldsn[$i]);
264
		}
265
	}
266
}
267

    
268
function print_input_errors($input_errors) {
269
	global $g;
270

    
271
	print <<<EOF
272
	<div id="inputerrorsdiv">
273
	<table border="0" cellspacing="0" cellpadding="4" width="100%" summary="input errors">
274
	<tr>
275
		<td class="inputerrorsleft">
276
			<img src="/themes/{$g['theme']}/images/icons/icon_error.gif" alt="errors" />
277
		</td>
278
        <td class="inputerrorsright errmsg">
279
EOF;
280
    echo "<p>" . gettext("The following input errors were detected:") . "</p>\n<ul>";
281
	foreach ($input_errors as $ierr) {
282
		echo "<li>" . htmlspecialchars($ierr) . "</li>";
283
	}
284

    
285
	print <<<EOF2
286
				</ul>
287
		</td></tr>
288
	</table>
289
	</div>
290
	&nbsp;<br />
291
EOF2;
292

    
293
}
294

    
295
function verify_gzip_file($fname) {
296
	$returnvar = mwexec("/usr/bin/gzip -t " . escapeshellarg($fname));
297
	if ($returnvar != 0)
298
		return 0;
299
	else
300
		return 1;
301
}
302

    
303
function print_info_box_np($msg, $name="apply",$value="", $showapply=false) {
304
	global $g, $nifty_redbox, $nifty_blackbox, $nifty_background;
305

    
306
	if(empty($value)) {
307
		$value = gettext("Apply changes");
308
	}
309

    
310
	// Set the Nifty background color if one is not set already (defaults to white)
311
	if($nifty_background == "")
312
		$nifty_background = "#FFF";
313

    
314
	if(stristr($msg, gettext("apply")) != false || stristr($msg, gettext("save")) != false || stristr($msg, gettext("create")) != false || $showapply) {
315
		$savebutton = "<td class=\"infoboxsave\">";
316
		$savebutton .= "<input name=\"{$name}\" type=\"submit\" class=\"formbtn\" id=\"${name}\" value=\"{$value}\" />";
317
		if($_POST['if'])
318
			$savebutton .= "<input type=\"hidden\" name=\"if\" value=\"" . htmlspecialchars($_POST['if']) . "\" />";
319
		$savebutton.="</td>";
320
	}
321
	$nifty_redbox = "#990000";
322
	$nifty_blackbox = "#000000";
323

    
324
	$themename = $g['theme'];
325

    
326
	if(file_exists("/usr/local/www/themes/{$themename}/tabcontrols.php")) {
327
		$toeval = file_get_contents("/usr/local/www/themes/{$themename}/tabcontrols.php");
328
		eval($toeval);
329
	}
330

    
331
	if(file_exists("/usr/local/www/themes/{$themename}/infobox.php")) {
332
		$toeval = file_get_contents("/usr/local/www/themes/{$themename}/infobox.php");
333
		eval($toeval);
334
	}
335

    
336
	if(!$savebutton) {
337
		$savebutton = "<td class=\"infoboxsave\"><input value=\"" . gettext("Close") . "\" type=\"button\" onclick=\"jQuery('#redboxtable').hide();\" /></td>";
338
	}
339

    
340
	echo <<<EOFnp
341
	<table class="infobox" id="redboxtable" summary="red box table">
342
		<tr>
343
			<td>
344
				<div class="infoboxnp" id="redbox">
345
					<table class="infoboxnptable2" summary="message">
346
						<tr>
347
							<td class="infoboxnptd">
348
								&nbsp;&nbsp;&nbsp;<img class="infoboxnpimg" src="/themes/{$g['theme']}/images/icons/icon_exclam.gif" alt="exclamation" />
349
							</td>
350
							<td class="infoboxnptd2">
351
								<b>{$msg}</b>
352
							</td>
353
							{$savebutton}
354
						</tr>
355
					</table>
356
				</div>
357
				<div>
358
					<p>&nbsp;</p>
359
				</div>
360
			</td>
361
		</tr>
362
	</table>
363
	<script type="text/javascript">
364
	//<![CDATA[
365
		NiftyCheck();
366
		Rounded("div#redbox","all","{$nifty_background}","{$nifty_redbox}","smooth");
367
		Rounded("td#blackbox","all","{$nifty_background}","{$nifty_blackbox}","smooth");
368
	//]]>
369
	</script>
370
EOFnp;
371

    
372
}
373

    
374
function print_info_box_np_undo($msg, $name="apply",$value="Apply changes", $undo) {
375
	global $g;
376

    
377
	if(stristr($msg, "apply") != false || stristr($msg, "save") != false || stristr($msg, "create") != false) {
378
		$savebutton = "<td class=\"infoboxsave nowrap\">";
379
		$savebutton .= "<input type=\"button\" value=\"". gettext("Undo") . "\" onclick=\"document.location='{$undo}'\" />";
380
		$savebutton .= "<input name=\"{$name}\" type=\"submit\" class=\"formbtn\" id=\"${name}\" value=\"{$value}\" />";
381
		$savebutton .= "</td>";
382
		if($_POST['if'])
383
			$savebutton .= "<input type=\"hidden\" name=\"if\" value=\"" . htmlspecialchars($_POST['if']) . "\" />";
384
	}
385
	$nifty_redbox = "#990000";
386
	$nifty_blackbox = "#000000";
387

    
388
	$themename = $g['theme'];
389

    
390
	if(file_exists("/usr/local/www/themes/{$themename}/tabcontrols.php")) {
391
		$toeval = file_get_contents("/usr/local/www/themes/{$themename}/tabcontrols.php");
392
		eval($toeval);
393
	}
394

    
395
	if(file_exists("/usr/local/www/themes/{$themename}/infobox.php")) {
396
		$toeval = file_get_contents("/usr/local/www/themes/{$themename}/infobox.php");
397
		eval($toeval);
398
	}
399

    
400

    
401
	if(!$savebutton) {
402
		$savebutton = "<td class=\"infoboxsave\"><input value=\"" . gettext("Close") . "\" type=\"button\" onclick=\"jQuery('#redboxtable').hide();\" /></td>";
403
	}
404

    
405
	echo <<<EOFnp
406
	<table class="infobox" id="redboxtable" summary="red box table">
407
		<tr>
408
			<td>
409
				<div class="infoboxnp" id="redbox">
410
					<table class="infoboxnptable2" summary="message">
411
						<tr>
412
							<td class="infoboxnptd">
413
								&nbsp;&nbsp;&nbsp;<img class="infoboxnpimg" src="/themes/{$g['theme']}/images/icons/icon_exclam.gif" alt="exclamation" />
414
							</td>
415
							<td class="infoboxnptd2">
416
								<b>{$msg}</b>
417
							</td>
418
							{$savebutton}
419
							{$undobutton}
420
						</tr>
421
					</table>
422
				</div>
423
				<div>
424
					<p>&nbsp;</p>
425
				</div>
426
			</td>
427
		</tr>
428
	</table>
429
	<script type="text/javascript">
430
	//<![CDATA[
431
		NiftyCheck();
432
		Rounded("div#redbox","all","#FFF","{$nifty_redbox}","smooth");
433
		Rounded("td#blackbox","all","#FFF","{$nifty_blackbox}","smooth");
434
	//]]>
435
	</script>
436
EOFnp;
437

    
438
}
439

    
440
function print_info_box($msg) {
441
	print_info_box_np($msg);
442
}
443

    
444
function get_std_save_message($ok) {
445
	global $d_sysrebootreqd_path;
446
	$filter_related = false;
447
	$filter_pages = array("nat", "filter");
448
	$to_return = gettext("The changes have been applied successfully.");
449
	foreach($filter_pages as $fp)
450
		if(stristr($_SERVER['SCRIPT_FILENAME'], $fp))
451
			$filter_related = true;
452
	if($filter_related)
453
		$to_return .= "<br />" . gettext("You can also <a href=\"status_filter_reload.php\">monitor</a> the filter reload progress.");
454
	return $to_return;
455
}
456

    
457
function pprint_address($adr) {
458
	global $specialnets;
459

    
460
	if (isset($adr['any'])) {
461
		$padr = "*";
462
	} else if ($adr['network']) {
463
		$padr = $specialnets[$adr['network']];
464
	} else {
465
		$padr = $adr['address'];
466
	}
467

    
468
	if (isset($adr['not']))
469
		$padr = "! " . $padr;
470

    
471
	return $padr;
472
}
473

    
474
function pprint_port($port) {
475
	global $wkports;
476

    
477
	$pport = "";
478

    
479
	if (!$port)
480
		return "*";
481
	else {
482
		$srcport = explode("-", $port);
483
		if ((!$srcport[1]) || ($srcport[0] == $srcport[1])) {
484
			$pport = $srcport[0];
485
			if ($wkports[$srcport[0]]) {
486
				$pport .= " (" . $wkports[$srcport[0]] . ")";
487
			}
488
		} else
489
			$pport .= $srcport[0] . " - " . $srcport[1];
490
	}
491

    
492
	return $pport;
493
}
494

    
495
function firewall_check_for_advanced_options(&$item) {
496
	$item_set = "";
497
	if($item['os'])
498
		$item_set .= "os {$item['os']} ";
499
	if($item['dscp'])
500
		$item_set .= "dscp {$item['dscp']} ";
501
	if($item['max'])
502
		$item_set .= "max {$item['max']} ";
503
	if($item['max-src-nodes'])
504
		$item_set .= "max-src-nodes {$item['max-src-nodes']} ";
505
	if($item['max-src-conn'])
506
		$item_set .= "max-src-conn {$item['max-src-conn']} ";
507
	if($item['max-src-states'])
508
		$item_set .= "max-src-states {$item['max-src-states']} ";
509
	if(isset($item['nopfsync']))
510
		$item_set .= "nopfsync ";
511
	if($item['statetype'] != "keep state" && $item['statetype'] != "")
512
		$item_set .= "statetype {$item['statetype']} ";
513
	if($item['statetimeout'])
514
		$item_set .= "statetimeout {$item['statetimeout']} ";
515
	if(isset($item['nosync']))
516
		$item_set .= "no XMLRPC Sync ";
517
	if($item['max-src-conn-rate'])
518
		$item_set .= "max-src-conn-rate {$item['max-src-conn-rate']} ";
519
	if($item['max-src-conn-rates'])
520
		$item_set .= "max-src-conn-rates {$item['max-src-conn-rates']} ";
521
	if($item['vlanprio'])
522
		$item_set .= "vlanprio {$item['vlanprio']} ";
523
	if($item['vlanprioset'])
524
		$item_set .= "vlanprioset {$item['vlanprioset']} ";
525
	if($item['gateway'])
526
		$item_set .= "gateway {$item['gateway']} ";
527
	if($item['dnpipe'])
528
		$item_set .= "limiter {$item['dnpipe']} ";
529
	if($item['pdnpipe'])
530
		$item_set .= "limiter {$item['pdnpipe']} ";
531
	if($item['ackqueue'])
532
		$item_set .= "ackqueue {$item['ackqueue']} ";
533
	if($item['defaultqueue'])
534
		$item_set .= "defaultqueue {$item['defaultqueue']} ";
535
	if($item['l7container'])
536
		$item_set .= "layer7 {$item['l7container']} ";
537
	if($item['tag'])
538
		$item_set .= "tag {$item['tag']} ";
539
	if($item['tagged'])
540
		$item_set .= "tagged {$item['tagged']} ";
541
	if(isset($item['allowopts']))
542
		$item_set .= "allowopts ";
543
	if(isset($item['disablereplyto']))
544
		$item_set .= "disable reply-to ";
545
	if($item['tcpflags_any'] || $item['tcpflags1'] || $item['tcpflags2'])
546
		$item_set .= "tcpflags set";
547

    
548
	return $item_set;
549
}
550

    
551
function gentitle($title) {
552
	global $navlevelsep;
553
	if(!is_array($title))
554
		return $title;
555
	else
556
		return join($navlevelsep, $title);
557
}
558

    
559
function genhtmltitle($title) {
560
	global $config;
561
	return gentitle($title);
562
}
563

    
564
/* update the changedesc and changecount(er) variables */
565
function update_changedesc($update) {
566
	global $changedesc;
567
	global $changecount;
568

    
569
	$changedesc .= " {$update}";
570
	$changecount++;
571
}
572

    
573
function clear_log_file($logfile = "/var/log/system.log", $restart_syslogd = true) {
574
	global $config, $g;
575
	if ($restart_syslogd)
576
		exec("/usr/bin/killall syslogd");
577
	if(isset($config['system']['disablesyslogclog'])) {
578
		unlink($logfile);
579
		touch($logfile);
580
	} else {
581
		$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : "511488";
582
		if(isset($config['system']['usefifolog']))
583
			exec("/usr/sbin/fifolog_create -s {$log_size} " . escapeshellarg($logfile));
584
		else
585
			exec("/usr/sbin/clog -i -s {$log_size} " . escapeshellarg($logfile));
586
	}
587
	if ($restart_syslogd)
588
		system_syslogd_start();
589
}
590

    
591
function clear_all_log_files() {
592
	global $g;
593
	exec("/usr/bin/killall syslogd");
594

    
595
	$log_files = array("system", "filter", "dhcpd", "vpn", "pptps", "poes", "l2tps", "openvpn", "portalauth", "ipsec", "ppp", "relayd", "wireless", "lighttpd", "ntpd", "gateways", "resolver", "routing");
596
	foreach ($log_files as $lfile) {
597
		clear_log_file("{$g['varlog_path']}/{$lfile}.log", false);
598
	}
599

    
600
	system_syslogd_start();
601
	killbyname("dhcpd");
602
	services_dhcpd_configure();
603
	return;
604
}
605

    
606
function dump_clog($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert = "") {
607
	global $g, $config;
608
	$sor = isset($config['syslog']['reverse']) ? "-r" : "";
609
	$logarr = "";
610
	$grepline = "  ";
611
	if(is_array($grepfor))
612
		$grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor));
613
	if(is_array($grepinvert))
614
		$grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert));
615
	if(file_exists($logfile) && filesize($logfile) == 0) {
616
		$logarr = array("Log file started.");
617
	} else {
618
		if($config['system']['disablesyslogclog']) {
619
			exec("cat " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
620
		} else {
621
			if(isset($config['system']['usefifolog']))
622
				exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
623
			else
624
				exec("/usr/sbin/clog " . escapeshellarg($logfile) . "{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
625
		}
626
	}
627
	foreach ($logarr as $logent) {
628
			$logent = preg_split("/\s+/", $logent, 6);
629
			echo "<tr valign=\"top\">\n";
630
			if ($withorig) {
631
					if(isset($config['system']['usefifolog'])) {
632
						$entry_date_time = htmlspecialchars(date("F j, Y, g:i a","" . $logent[1] . ""));
633
						$entry_text = htmlspecialchars($logent[5]);
634
					} else {
635
						$entry_date_time = htmlspecialchars(join(" ", array_slice($logent, 0, 3)));
636
						$entry_text = ($logent[3] ==  $config['system']['hostname']) ? "" : $logent[3] . " ";
637
						$entry_text .= htmlspecialchars($logent[4] . " " . $logent[5]);
638
					}
639
					echo "<td class=\"listlr nowrap\">{$entry_date_time}</td>\n";
640
					echo "<td class=\"listr\">{$entry_text}</td>\n";
641

    
642
			} else {
643
					echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
644
			}
645
			echo "</tr>\n";
646
	}
647
}
648

    
649
function return_clog($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert = "", $grepreverse = false) {
650
	global $g, $config;
651
	$sor = (isset($config['syslog']['reverse']) || $grepreverse) ? "-r" : "";
652
	$logarr = "";
653
	$grepline = "  ";
654
	if(is_array($grepfor))
655
		$grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor));
656
	if(is_array($grepinvert))
657
		$grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert));
658
	if($config['system']['disablesyslogclog']) {
659
		exec("cat " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
660
	} else {
661
		if(isset($config['system']['usefifolog'])) {
662
			exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
663
		} else {
664
			exec("/usr/sbin/clog " . escapeshellarg($logfile) . "{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
665
		}
666
	}
667
	return($logarr);
668
}
669

    
670
/* Check if variable has changed, update and log if it has
671
 * returns true if var changed
672
 * varname = variable name in plain text
673
 * orig = original value
674
 * new = new value
675
 */
676
function update_if_changed($varname, & $orig, $new) {
677
	if (is_array($orig) && is_array($new)) {
678
		$a_diff = array_diff($orig, $new);
679
		foreach ($a_diff as $diff) {
680
			update_changedesc("removed {$varname}: \"{$diff}\"");
681
		}
682
		$a_diff = array_diff($new, $orig);
683
		foreach ($a_diff as $diff) {
684
			update_changedesc("added {$varname}: \"{$diff}\"");
685
		}
686
		$orig = $new;
687
		return true;
688

    
689
	} else {
690
		if ($orig != $new) {
691
			update_changedesc("{$varname}: \"{$orig}\" -> \"{$new}\"");
692
			$orig = $new;
693
			return true;
694
		}
695
	}
696
	return false;
697
}
698

    
699
function address_to_pconfig($adr, &$padr, &$pmask, &$pnot, &$pbeginport, &$pendport) {
700
	if (isset($adr['any']))
701
		$padr = "any";
702
	else if ($adr['network'])
703
		$padr = $adr['network'];
704
	else if ($adr['address']) {
705
		list($padr, $pmask) = explode("/", $adr['address']);
706
		if (!$pmask) {
707
			if (is_ipaddrv6($padr))
708
				$pmask = 128;
709
			else
710
				$pmask = 32;
711
		}
712
	}
713

    
714
	if (isset($adr['not']))
715
		$pnot = 1;
716
	else
717
		$pnot = 0;
718

    
719
	if ($adr['port']) {
720
		list($pbeginport, $pendport) = explode("-", $adr['port']);
721
		if (!$pendport)
722
			$pendport = $pbeginport;
723
	} else if (!is_alias($pbeginport) && !is_alias($pendport)) {
724
		$pbeginport = "any";
725
		$pendport = "any";
726
	}
727
}
728

    
729
function pconfig_to_address(&$adr, $padr, $pmask, $pnot=false, $pbeginport=0, $pendport=0) {
730
	$adr = array();
731

    
732
	if ($padr == "any")
733
		$adr['any'] = true;
734
	else if (is_specialnet($padr))
735
		$adr['network'] = $padr;
736
	else {
737
		$adr['address'] = $padr;
738
		if (is_ipaddrv6($padr)) {
739
			if ($pmask != 128)
740
				$adr['address'] .= "/" . $pmask;
741
		} else {
742
			if ($pmask != 32)
743
				$adr['address'] .= "/" . $pmask;
744
		}
745
	}
746

    
747
	if ($pnot)
748
		$adr['not'] = true;
749
	else
750
		unset($adr['not']);
751

    
752
	if (($pbeginport != 0) && ($pbeginport != "any")) {
753
		if ($pbeginport != $pendport)
754
			$adr['port'] = $pbeginport . "-" . $pendport;
755
		else
756
			$adr['port'] = $pbeginport;
757
	}
758

    
759
	if(is_alias($pbeginport)) {
760
		$adr['port'] = $pbeginport;
761
	}
762
}
763

    
764
function is_specialnet($net) {
765
	global $specialsrcdst;
766

    
767
	if(!$net)
768
		return false;
769
	if (in_array($net, $specialsrcdst))
770
		return true;
771
	else
772
		return false;
773
}
774

    
775
//function to create widget tabs when called
776
function display_widget_tabs(& $tab_array) {
777
	echo "<div id=\"tabs\">";
778
	$tabscounter = 0;
779
	foreach ($tab_array as $ta) {
780
	$dashpos = strpos($ta[2],'-');
781
	$tabname = $ta[2] . "-tab";
782
	$tabclass = substr($ta[2],0,$dashpos);
783
	$tabclass = $tabclass . "-class";
784
		if ($ta[1] == true) {
785
			$tabActive = "table-cell";
786
			$tabNonActive = "none";
787
		}
788
		else {
789
			$tabActive = "none";
790
			$tabNonActive = "table-cell";
791
		}
792
		echo "<div id=\"{$ta[2]}-active\" class=\"{$tabclass}-tabactive\" style=\"display:{$tabActive}; background-color:#EEEEEE; color:black;\">";
793
		echo "<b>&nbsp;&nbsp;&nbsp;{$ta[0]}";
794
		echo "&nbsp;&nbsp;&nbsp;</b>";
795
		echo "</div>";
796

    
797
		echo "<div id=\"{$ta[2]}-deactive\" class=\"{$tabclass}-tabdeactive\" style=\"display:{$tabNonActive}; background-color:#777777; color:white; cursor: pointer;\" onclick=\"return changeTabDIV('{$ta[2]}')\">";
798
		echo "<b>&nbsp;&nbsp;&nbsp;{$ta[0]}";
799
		echo "&nbsp;&nbsp;&nbsp;</b>";
800
		echo "</div>";
801
	}
802

    
803
	echo "<script type=\"text/javascript\">";
804
	echo "\n//<![CDATA[\n";
805
	echo "NiftyCheck();\n";
806
	echo "Rounded(\"div.{$tabclass}-tabactive\",\"top\",\"#CCCCCC\",\"#EEEEEE\",\"smooth\");\n";
807
	echo "Rounded(\"div.{$tabclass}-tabdeactive\",\"top\",\"#CCCCCC\",\"#777777\",\"smooth\");\n";
808
	echo "//]]>\n";
809
	echo "</script>";
810
	echo "</div>";
811
}
812

    
813

    
814
// Return inline javascript file or CSS to minimizie
815
// request count going back to server.
816
function outputJavaScriptFileInline($javascript) {
817
	if(file_exists($javascript)) {
818
		echo "\n<script type=\"text/javascript\">\n";
819
		include($javascript);
820
		echo "\n</script>\n";
821
	} else {
822
		echo "\n\n<!-- Could not location file:  {$javascript} -->\n\n";
823
	}
824
}
825

    
826

    
827

    
828
function outputCSSPrintFileInline($css) {
829
	if(file_exists($css)) {
830
		echo "\n<style media=\"print\" type=\"text/css\">\n";
831
		include($css);
832
		echo "\n</style>\n";
833
	} else {
834
		echo "\n\n<!-- Could not location file:  {$css} -->\n\n";
835
	}
836
}
837

    
838

    
839
function outputCSSFileInline($css) {
840
	if(file_exists($css)) {
841
		echo "\n<style type=\"text/css\">\n";
842
		include($css);
843
		echo "\n</style>\n";
844
	} else {
845
		echo "\n\n<!-- Could not location file:  {$css} -->\n\n";
846
	}
847
}
848

    
849
$rfc2616 = array(
850
	100 => "100 Continue",
851
	101 => "101 Switching Protocols",
852
	200 => "200 OK",
853
	201 => "201 Created",
854
	202 => "202 Accepted",
855
	203 => "203 Non-Authoritative Information",
856
	204 => "204 No Content",
857
	205 => "205 Reset Content",
858
	206 => "206 Partial Content",
859
	300 => "300 Multiple Choices",
860
	301 => "301 Moved Permanently",
861
	302 => "302 Found",
862
	303 => "303 See Other",
863
	304 => "304 Not Modified",
864
	305 => "305 Use Proxy",
865
	306 => "306 (Unused)",
866
	307 => "307 Temporary Redirect",
867
	400 => "400 Bad Request",
868
	401 => "401 Unauthorized",
869
	402 => "402 Payment Required",
870
	403 => "403 Forbidden",
871
	404 => "404 Not Found",
872
	405 => "405 Method Not Allowed",
873
	406 => "406 Not Acceptable",
874
	407 => "407 Proxy Authentication Required",
875
	408 => "408 Request Timeout",
876
	409 => "409 Conflict",
877
	410 => "410 Gone",
878
	411 => "411 Length Required",
879
	412 => "412 Precondition Failed",
880
	413 => "413 Request Entity Too Large",
881
	414 => "414 Request-URI Too Long",
882
	415 => "415 Unsupported Media Type",
883
	416 => "416 Requested Range Not Satisfiable",
884
	417 => "417 Expectation Failed",
885
	500 => "500 Internal Server Error",
886
	501 => "501 Not Implemented",
887
	502 => "502 Bad Gateway",
888
	503 => "503 Service Unavailable",
889
	504 => "504 Gateway Timeout",
890
	505 => "505 HTTP Version Not Supported"
891
);
892

    
893
function is_rfc2616_code($code) {
894
	global $rfc2616;
895
	if (isset($rfc2616[$code]))
896
		return true;
897
	else
898
		return false;
899
}
900

    
901
function print_rfc2616_select($tag, $current){
902
	global $rfc2616;
903

    
904
	/* Default to 200 OK if not set */
905
	if ($current == "")
906
		$current = 200;
907

    
908
	echo "<select id=\"{$tag}\" name=\"{$tag}\">\n";
909
	foreach($rfc2616 as $code => $message) {
910
		if ($code == $current) {
911
			$sel = " selected=\"selected\"";
912
		} else {
913
			$sel = "";
914
		}
915
		echo "<option value=\"{$code}\"{$sel}>{$message}</option>\n";
916
	}
917
}
918

    
919
// Useful debugging function, much cleaner than print_r
920
function echo_array($array,$return_me=false){
921
	if(is_array($array) == false){
922
		$return = "The provided variable is not an array.";
923
	}else{
924
		foreach($array as $name=>$value){
925
			if(is_array($value)){
926
				$return .= "";
927
				$return .= "['<b>$name</b>'] {<div style=\"margin-left:10px;\">\n";
928
				$return .= echo_array($value,true);
929
				$return .= "</div>}";
930
				$return .= "\n\n";
931
			}else{
932
				if(is_string($value)){
933
					$value = "\"$value\"";
934
				}
935
				$return .= "['<b>$name</b>'] = $value\n\n";
936
			}
937
		}
938
	}
939
	if($return_me == true){
940
		return $return;
941
	}else{
942
		echo "<pre>".$return."</pre>";
943
	}
944
}
945

    
946
/****f* pfsense-utils/display_top_tabs
947
 * NAME
948
 *   display_top_tabs - display tabs with rounded edges
949
 * INPUTS
950
 *   $text      - array of tabs
951
 * RESULT
952
 *   null
953
 ******/
954
function display_top_tabs(& $tab_array, $no_drop_down = false) {
955
	global $config;
956
	global $g;
957
	global $tab_array_indent;
958
	global $tab_array_space;
959
	global $tab_array_char_limit;
960

    
961
	/*  does the user have access to this tab?
962
	 *  master user has access to everything.
963
	 *  if the user does not have access, simply
964
	 *  unset the tab item.
965
	 */
966

    
967
	/* empty string code */
968
	if ($tab_array_indent == '') {
969
		$tab_array_indent = 0;
970
	}
971

    
972
	if ($tab_array_space == '') {
973
		$tab_array_space = 1;
974
	}
975

    
976
	if ($tab_array_char_limit == '') {
977
		$tab_array_char_limit = 92;
978
	}
979

    
980
	foreach ($tab_array as $tab_id => $ta){
981
		if(!isAllowedPage($ta[2]))
982
			unset ($tab_array[$tab_id]);
983
	}
984

    
985
	$tab_active_bg   = "#EEEEEE";
986
	$tab_inactive_bg = "#777777";
987
	$nifty_tabs_corners = "#FFF";
988
	$font_color = "white";
989

    
990
	/* if tabcontrols.php exist for a theme, allow it to be overriden */
991
	$themename = $config['theme'];
992
	$filename = "/usr/local/www/themes/{$themename}/tabcontrols.php";
993
	if(file_exists($filename)) {
994
		$eval_code = file_get_contents($filename);
995
		eval($eval_code);
996
	}
997

    
998
	$tabcharcount = 0;
999
	foreach ($tab_array as $ta)
1000
		$tabcharcount = $tabcharcount + strlen($ta[0]);
1001

    
1002
	if($no_drop_down == true) {
1003
		$tabcharcount = 0;
1004
		unset($tab_array_char_limit);
1005
	}
1006

    
1007
	// If the character count of the tab names is > 670
1008
	// then show a select item dropdown menubox.
1009
	if($tabcharcount > $tab_array_char_limit) {
1010
		echo gettext("Currently viewing: ");
1011
		echo "<select name=\"TabSelect\" onchange=\"tabs_will_go(this)\">\n";
1012
		foreach ($tab_array as $ta) {
1013
			if($ta[1]=="true")
1014
				$selected = " selected=\"selected\"";
1015
			else
1016
				$selected = "";
1017
			// Onclick in option will not work in some browser
1018
			// echo "<option onclick=\"document.location='{$ta[2]}';\"{$selected}>{$ta['0']}</option>\n";
1019
			echo "<option value=\"{$ta[2]}\"{$selected}>{$ta['0']}</option>\n";
1020
		}
1021
		echo "</select>\n<p>&nbsp;</p>";
1022
		echo "<script type=\"text/javascript\">";
1023
		echo "\n//<![CDATA[\n";
1024
		echo " function tabs_will_go(obj){ document.location = obj.value; }\n";
1025
		echo "//]]>\n";
1026
		echo "</script>";
1027
	}  else {
1028
		echo "<div class=\"newtabmenu\" style=\"margin:{$tab_array_space}px {$tab_array_indent}px; width:775px;\">\n";
1029
		echo "<!-- Tabbed bar code-->\n";
1030
		echo "<ul class=\"newtabmenu\">\n";
1031
		$tabscounter = 0;
1032
		foreach ($tab_array as $ta) {
1033
			if ($ta[1] == true) {
1034
				echo "  <li class=\"newtabmenu_active\"><a href=\"{$ta[2]}\"><span>{$ta[0]}</span></a></li>\n";
1035
			} else {
1036
				echo "  <li><a href=\"{$ta[2]}\"><span>{$ta[0]}</span></a></li>\n";
1037
			}
1038
			$tabscounter++;
1039
		}
1040
		echo "</ul>\n</div>\n";
1041
	}
1042
}
1043

    
1044
function add_package_tabs($tabgroup, & $tab_array) {
1045
	global $config, $g;
1046

    
1047
	if(!is_array($config['installedpackages']))
1048
		return;
1049
	if(!is_array($config['installedpackages']['tab']))
1050
		return;
1051

    
1052
	foreach($config['installedpackages']['tab'] as $tab) {
1053
		if ($tab['group'] !== $group)
1054
			continue;
1055
		$tab_entry = array();
1056
		if($tab['name']) {
1057
			$tab_entry[] = $tab['name'];
1058
			$tab_entry[] = false;
1059
			$tab_entry[] = $tab['url'];
1060
			$tab_array[] = $tab_entry;
1061
		}
1062
	}
1063
}
1064

    
1065
function alias_info_popup($alias_id){
1066
	global $config;
1067
	$maxlength = 60;
1068
	$close_title="title='".gettext('move mouse out this alias to hide')."'";
1069
	if (is_array($config['aliases']['alias'][$alias_id])){
1070
		$alias_name=$config['aliases']['alias'][$alias_id];
1071
		$alias_objects_with_details = "<table width=\"100%\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" summary=\"alias info popup\">";
1072
		if ($alias_name['url']) {
1073
			// TODO: Change it when pf supports tables with ports
1074
			if ($alias_name['type'] == "urltable") {
1075
				exec("/sbin/pfctl -t {$alias_name['name']} -T show | wc -l", $total_entries);
1076
				$counter=preg_replace("/\D/","",$total_entries[0]);
1077
				exec("/sbin/pfctl -t {$alias_name['name']} -T show | head -10002", $alias_addresses);
1078
			} else {
1079
				$urlfn = alias_expand_urltable($alias_name['name']);
1080
				$alias_addresses = explode("\n", file_get_contents($urlfn));
1081
				$counter = count($alias_addresses);
1082
			}
1083
			$alias_objects_with_details .= "<tr><td colspan=\"3\" $close_title class=\"vncell\">{$alias_name['url']}</td></tr>";
1084
			$x=0;
1085
			foreach ($alias_addresses as $alias_ports_address ) {
1086
				switch ($x) {
1087
				case 0:
1088
					$x++;
1089
					$alias_objects_with_details .= "<tr><td $close_title class=\"vncell\" width=\"33%\" style=\"background: #FFFFFF;color: #000000;\">{$alias_ports_address}</td>";
1090
					break;
1091
				case 1:
1092
					$x++;
1093
					$alias_objects_with_details .= "<td $close_title class=\"vncell\" width=\"33%\" style=\"background: #FFFFFF;color: #000000;\">{$alias_ports_address}</td>";
1094
					break;
1095
				default:
1096
					$x=0;
1097
					$alias_objects_with_details .= "<td  $close_title class=\"vncell\" width=\"33%\" style=\"background: #FFFFFF;color: #000000;\">{$alias_ports_address}</td><tr>";
1098
					break;
1099
				}
1100
			}
1101
			for ($y = $x; $y <= $x; $y++) {
1102
				$alias_objects_with_details .= "<td $close_title class=\"vncell\" width=\"33%\">&nbsp;</td>";
1103
			}
1104
			if ($x > 0) {
1105
				$alias_objects_with_details .= "</tr>";
1106
			}
1107
			if ($counter > 10002) {
1108
				$alias_objects_with_details .= "<tr><td colspan=\"3\"> ". gettext("listing only first 10k items") . "</td><tr>";
1109
			}
1110
		}
1111
		else{
1112
			$alias_addresses = explode (" ", $alias_name['address']);
1113
			$alias_details = explode ("||", $alias_name['detail']);
1114
			$counter = 0;
1115
			foreach ($alias_addresses as $alias_ports_address) {
1116
				$alias_objects_with_details .= "<tr><td $close_title width=\"5%\" class=\"vncell\" style=\"background: #FFFFFF;color: #000000;\">{$alias_addresses[$counter]}</td>";
1117
				$alias_detail_default = strpos ($alias_details[$counter],"Entry added");
1118
				if ($alias_details[$counter] != "" && $alias_detail_default === False)
1119
					$alias_objects_with_details .="<td $close_title width=\"95%\" class=\"vncell\" style=\"background: #FFFFFF;color: #000000;\">{$alias_details[$counter]}</td>";
1120
				else
1121
					$alias_objects_with_details .="<td $close_title width=\"95%\" class=\"vncell\" style=\"background: #FFFFFF;color: #000000;\">&nbsp;</td>";
1122
				$alias_objects_with_details .= "</tr>";
1123
				$counter++;
1124
			}
1125
		}
1126
		$alias_objects_with_details .= "</table>";
1127
	}
1128
	$alias_descr_substr = $alias_name['descr'];
1129
	if ($strlength >= $maxlength)
1130
		$alias_descr_substr = substr($alias_descr_substr, 0, $maxlength) . "...";
1131
	$item_text = ($counter > 1 ? "items" : "item");
1132
	$alias_caption = "{$alias_descr_substr} - {$counter} {$item_text}<a href=\"/firewall_aliases_edit.php?id={$alias_id}\" title=\"".gettext('edit this alias')."\">&nbsp;&nbsp;edit </a>";
1133
	$strlength = strlen ($alias_caption);
1134
	print "<h1>{$alias_caption}</h1>" . $alias_objects_with_details;
1135
}
1136

    
1137
function rule_popup($src,$srcport,$dst,$dstport){
1138
	global $config,$g;
1139
	$aliases_array = array();
1140
	if ($config['aliases']['alias'] <> "" and is_array($config['aliases']['alias'])) {
1141
		$descriptions = array ();
1142
		foreach ($config['aliases']['alias'] as $alias_id=>$alias_name){
1143
			$loading_image="<a><img src=\'/themes/{$g['theme']}/images/misc/loader.gif\' alt=\'loader\' /> " .gettext("loading...")."</a>";
1144
			switch ($alias_name['type']){
1145
			case "port":
1146
				$width="250";
1147
				break;
1148
			case "urltable":
1149
				$width="500";
1150
				break;
1151
			default:
1152
				$width="350";
1153
				break;
1154
			}
1155
			$span_begin = "<span style=\"cursor: help;\" onmouseover=\"var response_html=domTT_activate(this, event, 'id','ttalias_{$alias_id}','content','{$loading_image}', 'trail', true, 'delay', 300, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle','type','velcro','width',{$width});alias_popup('{$alias_id}','{$g['theme']}','".gettext('loading...')."');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><u>";
1156
			$span_end = "</u></span>";
1157
			if ($alias_name['name'] == $src) {
1158
				$descriptions['src'] = $span_begin;
1159
				$descriptions['src_end'] = $span_end;
1160
			}
1161
			if ($alias_name['name'] == $srcport) {
1162
				$descriptions['srcport'] = $span_begin;
1163
				$descriptions['srcport_end'] = $span_end;
1164
			}
1165
			if ($alias_name['name'] == $dst ) {
1166
				$descriptions['dst'] = $span_begin;
1167
				$descriptions['dst_end'] = $span_end;
1168
			}
1169
			if ($alias_name['name'] == $dstport) {
1170
				$descriptions['dstport'] = $span_begin;
1171
				$descriptions['dstport_end'] = $span_end;
1172
			}
1173
		}
1174
		return $descriptions;
1175
	}
1176
}
1177

    
1178
$timezone = $config['system']['timezone'];
1179
if (!$timezone)
1180
	$timezone = "Etc/UTC";
1181

    
1182
date_default_timezone_set($timezone);
1183

    
1184
?>
(86-86/251)