/usr/local/www/firewall_aliases_edit.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_aliases_edit.php @ 0b9e4e8f

1	d2cfb7a4	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			firewall_aliases_edit.php
5	2e9ab96b	Scott Ullrich	Copyright (C) 2004 Scott Ullrich
6	460b3848	Ermal Lu?i	Copyright (C) 2009 Ermal Lu?i
7	fff3d2b9	jim-p	Copyright (C) 2010 Jim Pingle
8	2e9ab96b	Scott Ullrich	All rights reserved.
9
10			originially part of m0n0wall (http://m0n0.ch/wall)
11	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
12			All rights reserved.
13	d2cfb7a4	Scott Ullrich
14	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
15			modification, are permitted provided that the following conditions are met:
16	d2cfb7a4	Scott Ullrich
17	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
18			this list of conditions and the following disclaimer.
19	d2cfb7a4	Scott Ullrich
20	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
21			notice, this list of conditions and the following disclaimer in the
22			documentation and/or other materials provided with the distribution.
23	d2cfb7a4	Scott Ullrich
24	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
25			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
26			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
27			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
28			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33			POSSIBILITY OF SUCH DAMAGE.
34			*/
35	7ac5a4cb	Scott Ullrich	/*
36			pfSense_BUILDER_BINARIES: /bin/rm /bin/mkdir /usr/bin/fetch
37			pfSense_MODULE: aliases
38			*/
39	5b237745	Scott Ullrich
40	6b07c15a	Matthew Grooms	##\|+PRIV
41			##\|*IDENT=page-firewall-alias-edit
42			##\|*NAME=Firewall: Alias: Edit page
43			##\|*DESCR=Allow access to the 'Firewall: Alias: Edit' page.
44			##\|MATCH=firewall_aliases_edit.php
45			##\|-PRIV
46
47	5a1eebc7	Scott Ullrich
48	f76a479d	sullrich	// Keywords not allowed in names
49	66fc1f14	Scott Ullrich	$reserved_keywords = array("all", "pass", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec");
50	f76a479d	sullrich
51	5b237745	Scott Ullrich	require("guiconfig.inc");
52	7a927e67	Scott Ullrich	require_once("functions.inc");
53			require_once("filter.inc");
54			require_once("shaper.inc");
55	5b237745	Scott Ullrich
56	b13f7f80	Carlos Eduardo Ramos	$pgtitle = array(gettext("Firewall"),gettext("Aliases"),gettext("Edit"));
57
58	7c9d8d71	Ermal Lu?i	$reserved_ifs = get_configured_interface_list(false, true);
59			$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs);
60
61	5b237745	Scott Ullrich	if (!is_array($config['aliases']['alias']))
62			$config['aliases']['alias'] = array();
63			$a_aliases = &$config['aliases']['alias'];
64	f29109d0	Renato Botelho
65	ed0b7949	Scott Ullrich	if($_POST)
66			$origname = $_POST['origname'];
67
68			// Debugging
69	f5200c44	Scott Ullrich	if($debug)
70	7515fb4b	Ermal Lu?i	exec("rm -f {$g['tmp_path']}/alias_rename_log.txt");
71	ed0b7949	Scott Ullrich
72	5e34cdb2	Ermal Lu?i	function alias_same_type($name, $type) {
73			global $config;
74	f29109d0	Renato Botelho
75	5e34cdb2	Ermal Lu?i	foreach ($config['aliases']['alias'] as $alias) {
76			if ($name == $alias['name']) {
77	d6c9ab97	Ermal Lu?i	if (in_array($type, array("host", "network")) &&
78	5e34cdb2	Ermal Lu?i	in_array($alias['type'], array("host", "network")))
79			return true;
80			if ($type == $alias['type'])
81			return true;
82			else
83			return false;
84			}
85			}
86			return true;
87			}
88
89	5b237745	Scott Ullrich	$id = $_GET['id'];
90			if (isset($_POST['id']))
91			$id = $_POST['id'];
92
93			if (isset($id) && $a_aliases[$id]) {
94	ed0b7949	Scott Ullrich	$original_alias_name = $a_aliases[$id]['name'];
95	5b237745	Scott Ullrich	$pconfig['name'] = $a_aliases[$id]['name'];
96	ba393f6c	Scott Dale	$pconfig['detail'] = $a_aliases[$id]['detail'];
97			$pconfig['address'] = $a_aliases[$id]['address'];
98	b4deddce	Ermal Lu?i	$pconfig['type'] = $a_aliases[$id]['type'];
99	ba393f6c	Scott Dale	$pconfig['descr'] = html_entity_decode($a_aliases[$id]['descr']);
100	e47c266d	Scott Ullrich
101	9bc8788a	Erik Fonnesbeck	/* interface list */
102			$iflist = get_configured_interface_with_descr(false, true);
103	cbe3ea96	Ermal Luçi	foreach ($iflist as $if => $ifdesc)
104	f29109d0	Renato Botelho	if($ifdesc == $pconfig['descr'])
105	24148939	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("Sorry, an interface is already named %s."), $pconfig['descr']);
106	e47c266d	Scott Ullrich
107	c7de8be4	jim-p	if($a_aliases[$id]['type'] == "urltable") {
108			$pconfig['address'] = $a_aliases[$id]['url'];
109			$pconfig['updatefreq'] = $a_aliases[$id]['updatefreq'];
110			}
111	5a1eebc7	Scott Ullrich	if($a_aliases[$id]['aliasurl'] <> "") {
112			$pconfig['type'] = "url";
113			if(is_array($a_aliases[$id]['aliasurl'])) {
114			$isfirst = 0;
115			$pconfig['address'] = "";
116			foreach($a_aliases[$id]['aliasurl'] as $aa) {
117			if($isfirst == 1)
118			$pconfig['address'] .= " ";
119			$isfirst = 1;
120			$pconfig['address'] .= $aa;
121			}
122			} else {
123			$pconfig['address'] = $a_aliases[$id]['aliasurl'];
124			}
125			}
126	5b237745	Scott Ullrich	}
127
128			if ($_POST) {
129			unset($input_errors);
130
131			/* input validation */
132	0cd7ed19	Scott Ullrich
133	69d2ad77	Erik Fonnesbeck	$reqdfields = explode(" ", "name");
134	bd413d76	Renato Botelho	$reqdfieldsn = array(gettext("Name"));
135	69d2ad77	Erik Fonnesbeck
136			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
137
138	0df6adf8	Bill Marquette	$x = is_validaliasname($_POST['name']);
139			if (!isset($x)) {
140	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("Reserved word used for alias name.");
141	3deb92f7	Renato Botelho	} else if ($_POST['type'] == "port" && (getservbyname($_POST['name'], "tcp") \|\| getservbyname($_POST['name'], "udp"))) {
142	bd413d76	Renato Botelho	$input_errors[] = gettext("Reserved word used for alias name.");
143	3deb92f7	Renato Botelho	} else {
144			if (is_validaliasname($_POST['name']) == false)
145	bac9941b	jim-p	$input_errors[] = gettext("The alias name must be less than 32 characters long and may only consist of the characters") . " a-z, A-Z, 0-9, _.";
146	3deb92f7	Renato Botelho	}
147	5b237745	Scott Ullrich	/* check for name conflicts */
148	6c33fb4b	Ermal	if (empty($a_aliases[$id])) {
149	6b487ec6	Ermal	foreach ($a_aliases as $alias) {
150			if ($alias['name'] == $_POST['name']) {
151	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("An alias with this name already exists.");
152	6b487ec6	Ermal	break;
153			}
154	5b237745	Scott Ullrich	}
155			}
156	5a1eebc7	Scott Ullrich
157	f76a479d	sullrich	/* Check for reserved keyword names */
158	f29109d0	Renato Botelho	foreach($reserved_keywords as $rk)
159	f76a479d	sullrich	if($rk == $_POST['name'])
160	24148939	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk);
161	f76a479d	sullrich
162	cfa466bb	Scott Ullrich	/* check for name interface description conflicts */
163			foreach($config['interfaces'] as $interface) {
164			if($interface['descr'] == $_POST['name']) {
165	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("An interface description with this name already exists.");
166	5a1eebc7	Scott Ullrich	break;
167	cfa466bb	Scott Ullrich	}
168	5a1eebc7	Scott Ullrich	}
169	f29109d0	Renato Botelho
170	ba393f6c	Scott Dale	$alias = array();
171	6c33fb4b	Ermal	$address = array();
172			$final_address_details = array();
173	ba393f6c	Scott Dale	$alias['name'] = $_POST['name'];
174	c7de8be4	jim-p
175			if ($_POST['type'] == "urltable") {
176			$address = "";
177			$isfirst = 0;
178
179			/* item is a url type */
180			if ($_POST['address0']) {
181			/* fetch down and add in */
182	fd86d829	Cristian Feldman	$_POST['address0'] = trim($_POST['address0']);
183	c7de8be4	jim-p	$isfirst = 0;
184	578c81b6	bcyrill	$address[] = $_POST['address0'];
185	c7de8be4	jim-p	$alias['url'] = $_POST['address0'];
186			$alias['updatefreq'] = $_POST['address_subnet0'] ? $_POST['address_subnet0'] : 7;
187			if (!is_URL($alias['url']) \|\| empty($alias['url'])) {
188	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("You must provide a valid URL.");
189	c7de8be4	jim-p	$dont_update = true;
190			} elseif (! process_alias_urltable($alias['name'], $alias['url'], 0, true)) {
191	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("Unable to fetch usable data.");
192	c7de8be4	jim-p	$dont_update = true;
193			}
194	0b9e4e8f	Renato Botelho	if ($_POST["detail0"] <> "")
195			$final_address_details[] = $_POST["detail0"];
196			else
197			$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
198	c7de8be4	jim-p	}
199			} elseif($_POST['type'] == "url") {
200	d2cfb7a4	Scott Ullrich	$isfirst = 0;
201	ba393f6c	Scott Dale	$address_count = 2;
202
203			/* item is a url type */
204	fd86d829	Cristian Feldman	for($x=0; isset($_POST['address' . $x]); $x++) {
205			$_POST['address' . $x] = trim($_POST['address' . $x]);
206	ba393f6c	Scott Dale	if($_POST['address' . $x]) {
207			/* fetch down and add in */
208			$isfirst = 0;
209	7c872d3b	Scott Ullrich	$temp_filename = tempnam("{$g['tmp_path']}/", "alias_import");
210	ba393f6c	Scott Dale	unlink($temp_filename);
211	7515fb4b	Ermal Lu?i	$fda = fopen("{$g['tmp_path']}/tmpfetch","w");
212	ba393f6c	Scott Dale	fwrite($fda, "/usr/bin/fetch -q -o \"{$temp_filename}/aliases\" \"" . $_POST['address' . $x] . "\"");
213			fclose($fda);
214	7ac5a4cb	Scott Ullrich	mwexec("/bin/mkdir -p {$temp_filename}");
215	ba393f6c	Scott Dale	mwexec("/usr/bin/fetch -q -o \"{$temp_filename}/aliases\" \"" . $_POST['address' . $x] . "\"");
216			/* if the item is tar gzipped then extract */
217			if(stristr($_POST['address' . $x], ".tgz"))
218			process_alias_tgz($temp_filename);
219			if(file_exists("{$temp_filename}/aliases")) {
220			$file_contents = file_get_contents("{$temp_filename}/aliases");
221			$file_contents = str_replace("#", "\n#", $file_contents);
222	cfbfd941	smos	$file_contents_split = explode("\n", $file_contents);
223	ba393f6c	Scott Dale	foreach($file_contents_split as $fc) {
224	c7de8be4	jim-p	// Stop at 3000 items, aliases larger than that tend to break both pf and the WebGUI.
225			if ($address_count >= 3000)
226			break;
227	ba393f6c	Scott Dale	$tmp = trim($fc);
228			if(stristr($fc, "#")) {
229	cfbfd941	smos	$tmp_split = explode("#", $tmp);
230	ba393f6c	Scott Dale	$tmp = trim($tmp_split[0]);
231	5a1eebc7	Scott Ullrich	}
232	74e861e3	jim-p	$tmp = trim($tmp);
233			if(!empty($tmp) && (is_ipaddr($tmp) \|\| is_subnet($tmp))) {
234	6c33fb4b	Ermal	$address[] = $tmp;
235	ba393f6c	Scott Dale	$isfirst = 1;
236	0b9e4e8f	Renato Botelho	if ($_POST["detail{$x}"] <> "")
237			$final_address_details[] = $_POST["detail{$x}"];
238			else
239			$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
240	c7de8be4	jim-p	$address_count++;
241	5a1eebc7	Scott Ullrich	}
242	ba393f6c	Scott Dale	}
243			if($isfirst == 0) {
244			/* nothing was found */
245	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("You must provide a valid URL. Could not fetch usable data.");
246	5a1eebc7	Scott Ullrich	$dont_update = true;
247			break;
248			}
249	ba393f6c	Scott Dale	$alias['aliasurl'][] = $_POST['address' . $x];
250			mwexec("/bin/rm -rf {$temp_filename}");
251			} else {
252	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("You must provide a valid URL.");
253	ba393f6c	Scott Dale	$dont_update = true;
254			break;
255	5a1eebc7	Scott Ullrich	}
256			}
257	ba393f6c	Scott Dale	}
258			} else {
259			/* item is a normal alias type */
260	5e34cdb2	Ermal Lu?i	$wrongaliases = "";
261	a2d8d3dd	Ermal Luçi	for($x=0; $x<4999; $x++) {
262	b6f3005c	Ermal Luçi	if($_POST["address{$x}"] <> "") {
263	fd86d829	Cristian Feldman	$_POST["address{$x}"] = trim($_POST["address{$x}"]);
264	f71e0ac6	Ermal Lu?i	if (is_alias($_POST["address{$x}"])) {
265			if (!alias_same_type($_POST["address{$x}"], $_POST['type']))
266	ae660b3c	Evgeny Yurchenko	// But alias type network can include alias type urltable. Feature#1603.
267			if (!($_POST['type'] == 'network' &&
268	5ffa3389	Ermal	alias_get_type($_POST["address{$x}"]) == 'urltable'))
269	ae660b3c	Evgeny Yurchenko	$wrongaliases .= " " . $_POST["address{$x}"];
270	f71e0ac6	Ermal Lu?i	} else if ($_POST['type'] == "port") {
271	231e0606	Ermal Lu?i	if (!is_port($_POST["address{$x}"]))
272	24148939	Carlos Eduardo Ramos	$input_errors[] = $_POST["address{$x}"] . " " . gettext("is not a valid port or alias.");
273	f71e0ac6	Ermal Lu?i	} else if ($_POST['type'] == "host" \|\| $_POST['type'] == "network") {
274	ecd1f2d9	jim-p	if (!is_ipaddr($_POST["address{$x}"])
275			&& !is_hostname($_POST["address{$x}"])
276			&& !is_iprange($_POST["address{$x}"]))
277	ddc55e12	Erik Fonnesbeck	$input_errors[] = sprintf(gettext('%1$s is not a valid %2$s alias.'), $_POST["address{$x}"], $_POST['type']);
278	f71e0ac6	Ermal Lu?i	}
279	6c33fb4b	Ermal	if (is_iprange($_POST["address{$x}"])) {
280			list($startip, $endip) = explode('-', $_POST["address{$x}"]);
281			$rangesubnets = ip_range_to_subnet_array($startip, $endip);
282	9ae9a7fc	Ermal	$address = array_merge($address, $rangesubnets);
283	6c33fb4b	Ermal	} else {
284			$tmpaddress = $_POST["address{$x}"];
285	6775c54e	Ermal	if(is_ipaddr($_POST["address{$x}"]) && $_POST["address_subnet{$x}"] <> "")
286	6c33fb4b	Ermal	$tmpaddress .= "/" . $_POST["address_subnet{$x}"];
287			$address[] = $tmpaddress;
288			}
289			if ($_POST["detail{$x}"] <> "")
290			$final_address_details[] = $_POST["detail{$x}"];
291			else
292	24148939	Carlos Eduardo Ramos	$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
293	5e34cdb2	Ermal Lu?i	}
294	d2cfb7a4	Scott Ullrich	}
295	5e34cdb2	Ermal Lu?i	if ($wrongaliases <> "")
296	bcc8d8a3	Erik Fonnesbeck	$input_errors[] = sprintf(gettext('The alias(es): %s cannot be nested because they are not of the same type.'), $wrongaliases);
297	ba393f6c	Scott Dale	}
298	d2cfb7a4	Scott Ullrich
299	f29109d0	Renato Botelho	// Allow extending of the firewall edit page and include custom input validation
300	439cc13f	Scott Ullrich	pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/input_validation");
301
302	ba393f6c	Scott Dale	if (!$input_errors) {
303	c7de8be4	jim-p	$alias['address'] = is_array($address) ? implode(" ", $address) : $address;
304	d865241e	jim-p	$alias['descr'] = $_POST['descr'];
305	ba393f6c	Scott Dale	$alias['type'] = $_POST['type'];
306	6c33fb4b	Ermal	$alias['detail'] = implode("\|\|", $final_address_details);
307	d2cfb7a4	Scott Ullrich
308	ed0b7949	Scott Ullrich	/* Check to see if alias name needs to be
309			* renamed on referenced rules and such
310			*/
311			if ($_POST['name'] <> $_POST['origname']) {
312			// Firewall rules
313	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('filter', 'rule'), array('source', 'address'), $_POST['name'], $origname);
314			update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
315			update_alias_names_upon_change(array('filter', 'rule'), array('source', 'port'), $_POST['name'], $origname);
316			update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'port'), $_POST['name'], $origname);
317	ed0b7949	Scott Ullrich	// NAT Rules
318	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'rule'), array('source', 'address'), $_POST['name'], $origname);
319			update_alias_names_upon_change(array('nat', 'rule'), array('source', 'port'), $_POST['name'], $origname);
320			update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
321			update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'port'), $_POST['name'], $origname);
322			update_alias_names_upon_change(array('nat', 'rule'), array('target'), $_POST['name'], $origname);
323			update_alias_names_upon_change(array('nat', 'rule'), array('local-port'), $_POST['name'], $origname);
324	b43b7613	Erik Fonnesbeck	// NAT 1:1 Rules
325			//update_alias_names_upon_change(array('nat', 'onetoone'), array('external'), $_POST['name'], $origname);
326			//update_alias_names_upon_change(array('nat', 'onetoone'), array('source', 'address'), $_POST['name'], $origname);
327			update_alias_names_upon_change(array('nat', 'onetoone'), array('destination', 'address'), $_POST['name'], $origname);
328			// NAT Outbound Rules
329			update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('source', 'network'), $_POST['name'], $origname);
330	ca640261	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('sourceport'), $_POST['name'], $origname);
331	b43b7613	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
332	ca640261	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('dstport'), $_POST['name'], $origname);
333	b43b7613	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('target'), $_POST['name'], $origname);
334	f43ba926	Scott Ullrich	// Alias in an alias
335	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $_POST['name'], $origname);
336	ed0b7949	Scott Ullrich	}
337
338	b22bf161	Scott Ullrich	pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/pre_write_config");
339
340	171aa30d	Ermal Lu?i	if (isset($id) && $a_aliases[$id]) {
341			if ($a_aliases[$id]['name'] <> $alias['name']) {
342			foreach ($a_aliases as $aliasid => $aliasd) {
343	16f78ff0	Ermal Lu?i	if ($aliasd['address'] <> "") {
344	96b4269c	Ermal Lu?i	$tmpdirty = false;
345	16f78ff0	Ermal Lu?i	$tmpaddr = explode(" ", $aliasd['address']);
346			foreach ($tmpaddr as $tmpidx => $tmpalias) {
347	96b4269c	Ermal Lu?i	if ($tmpalias == $a_aliases[$id]['name']) {
348	16f78ff0	Ermal Lu?i	$tmpaddr[$tmpidx] = $alias['name'];
349	96b4269c	Ermal Lu?i	$tmpdirty = true;
350			}
351	16f78ff0	Ermal Lu?i	}
352	96b4269c	Ermal Lu?i	if ($tmpdirty == true)
353			$a_aliases[$aliasid]['address'] = implode(" ", $tmpaddr);
354	16f78ff0	Ermal Lu?i	}
355	171aa30d	Ermal Lu?i	}
356			}
357	ba393f6c	Scott Dale	$a_aliases[$id] = $alias;
358	171aa30d	Ermal Lu?i	} else
359	ba393f6c	Scott Dale	$a_aliases[] = $alias;
360	a18b6b97	Scott Ullrich
361	974cbfe0	Ermal Lu?i	// Sort list
362			$a_aliases = msort($a_aliases, "name");
363
364	3a343d73	jim-p	if (write_config())
365			mark_subsystem_dirty('aliases');
366	d2cfb7a4	Scott Ullrich
367	a5416de2	Warren Baker	if($_POST['tab'])
368			header("Location: firewall_aliases.php?tab=" . htmlspecialchars ($_POST['tab']));
369			else
370			header("Location: firewall_aliases.php");
371			exit;
372	ba393f6c	Scott Dale	}
373			//we received input errors, copy data to prevent retype
374			else
375			{
376	c7de8be4	jim-p	$pconfig['name'] = $_POST['name'];
377	d865241e	jim-p	$pconfig['descr'] = $_POST['descr'];
378	6c33fb4b	Ermal	$pconfig['address'] = implode(" ", $address);
379	ba393f6c	Scott Dale	$pconfig['type'] = $_POST['type'];
380	6c33fb4b	Ermal	$pconfig['detail'] = implode("\|\|", $final_address_details);
381	5b237745	Scott Ullrich	}
382			}
383	da7ae7ef	Bill Marquette
384			include("head.inc");
385
386	5a1eebc7	Scott Ullrich	$jscriptstr = <<<EOD
387	da7ae7ef	Bill Marquette
388	5a1eebc7	Scott Ullrich	<script type="text/javascript">
389	0cea9a23	Ermal Lu?i
390			var objAlias = new Array(4999);
391	5b237745	Scott Ullrich	function typesel_change() {
392			switch (document.iform.type.selectedIndex) {
393			case 0: /* host */
394	d2cfb7a4	Scott Ullrich	var cmd;
395	5a1eebc7	Scott Ullrich
396	b6f3005c	Ermal Luçi	newrows = totalrows;
397			for(i=0; i<newrows; i++) {
398	5a1eebc7	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
399			eval(comd);
400			comd = 'document.iform.address_subnet' + i + '.value = "";';
401			eval(comd);
402	d2cfb7a4	Scott Ullrich	}
403	5b237745	Scott Ullrich	break;
404			case 1: /* network */
405	d2cfb7a4	Scott Ullrich	var cmd;
406	5a1eebc7	Scott Ullrich
407	b6f3005c	Ermal Luçi	newrows = totalrows;
408			for(i=0; i<newrows; i++) {
409	5a1eebc7	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 0;';
410			eval(comd);
411	d2cfb7a4	Scott Ullrich	}
412	5b237745	Scott Ullrich	break;
413	4d6b6263	Scott Ullrich	case 2: /* port */
414			var cmd;
415	5a1eebc7	Scott Ullrich
416	b6f3005c	Ermal Luçi	newrows = totalrows;
417			for(i=0; i<newrows; i++) {
418	5a1eebc7	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
419			eval(comd);
420	2936a57e	Seth Mos	comd = 'document.iform.address_subnet' + i + '.value = "128";';
421	5a1eebc7	Scott Ullrich	eval(comd);
422			}
423			break;
424	f29109d0	Renato Botelho	/* case 3: // OpenVPN Users
425	5a1eebc7	Scott Ullrich	var cmd;
426	cd35a596	Scott Ullrich
427	b6f3005c	Ermal Luçi	newrows = totalrows;
428			for(i=0; i<newrows; i++) {
429	cd35a596	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
430			eval(comd);
431			comd = 'document.iform.address_subnet' + i + '.value = "";';
432	5a1eebc7	Scott Ullrich	eval(comd);
433	4d6b6263	Scott Ullrich	}
434			break;
435	aa11af07	jim-p	*/
436			case 3: /* url */
437	6e7e1814	Scott Ullrich	var cmd;
438	b6f3005c	Ermal Luçi	newrows = totalrows;
439			for(i=0; i<newrows; i++) {
440	a0fc25ae	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
441	6e7e1814	Scott Ullrich	eval(comd);
442			}
443			break;
444	c7de8be4	jim-p
445	aa11af07	jim-p	case 4: /* urltable */
446	c7de8be4	jim-p	var cmd;
447			newrows = totalrows;
448			for(i=0; i<newrows; i++) {
449			comd = 'document.iform.address_subnet' + i + '.disabled = 0;';
450			eval(comd);
451			}
452			break;
453	5b237745	Scott Ullrich	}
454			}
455	d2cfb7a4	Scott Ullrich
456	0cea9a23	Ermal Lu?i	function add_alias_control() {
457			var name = "address" + (totalrows - 1);
458			obj = document.getElementById(name);
459			obj.setAttribute('class', 'formfldalias');
460			obj.setAttribute('autocomplete', 'off');
461			objAlias[totalrows - 1] = new AutoSuggestControl(obj, new StateSuggestions(addressarray));
462			}
463	5a1eebc7	Scott Ullrich	EOD;
464
465			$network_str = gettext("Network");
466			$networks_str = gettext("Network(s)");
467			$cidr_str = gettext("CIDR");
468			$description_str = gettext("Description");
469			$hosts_str = gettext("Host(s)");
470			$ip_str = gettext("IP");
471			$ports_str = gettext("Port(s)");
472			$port_str = gettext("Port");
473			$url_str = gettext("URL");
474	c7de8be4	jim-p	$urltable_str = gettext("URL Table");
475	5a1eebc7	Scott Ullrich	$update_freq_str = gettext("Update Freq.");
476
477	2936a57e	Seth Mos	$networks_help = gettext("Networks are specified in CIDR format. Select the CIDR mask that pertains to each entry. /32 specifies a single IPv4 host, /128 specifies a single IPv6 host, /24 specifies 255.255.255.0, /64 specifies a normal IPv6 network, etc. Hostnames (FQDNs) may also be specified, using a /32 mask for IPv4 or /128 for IPv6. You may also enter an IP range such as 192.168.1.1-192.168.1.254 and a list of CIDR networks will be derived to fill the range.");
478	e8e2ffbd	jim-p	$hosts_help = gettext("Enter as many hosts as you would like. Hosts must be specified by their IP address or fully qualified domain name (FQDN). FQDN hostnames are periodically re-resolved and updated. If multiple IPs are returned by a DNS query, all are used.");
479	5a1eebc7	Scott Ullrich	$ports_help = gettext("Enter as many ports as you wish. Port ranges can be expressed by seperating with a colon.");
480	24148939	Carlos Eduardo Ramos	$url_help = sprintf(gettext("Enter as many URLs as you wish. After saving %s will download the URL and import the items into the alias. Use only with small sets of IP addresses (less than 3000)."), $g['product_name']);
481			$urltable_help = sprintf(gettext("Enter a single URL containing a large number of IPs and/or Subnets. After saving %s will download the URL and create a table file containing these addresses. This will work with large numbers of addresses (30,000+) or small numbers."), $g['product_name']);
482	5a1eebc7	Scott Ullrich
483	3ebd97eb	Scott Ullrich	$openvpn_str = gettext("Username");
484			$openvpn_user_str = gettext("OpenVPN Users");
485			$openvpn_help = gettext("Enter as many usernames as you wish.");
486	bd413d76	Renato Botelho	$openvpn_freq = "";
487	3ebd97eb	Scott Ullrich
488	5a1eebc7	Scott Ullrich	$jscriptstr .= <<<EOD
489
490	d2cfb7a4	Scott Ullrich	function update_box_type() {
491			var indexNum = document.forms[0].type.selectedIndex;
492			var selected = document.forms[0].type.options[indexNum].text;
493	5a1eebc7	Scott Ullrich	if(selected == '{$networks_str}') {
494			document.getElementById ("addressnetworkport").firstChild.data = "{$networks_str}";
495			document.getElementById ("onecolumn").firstChild.data = "{$network_str}";
496			document.getElementById ("twocolumn").firstChild.data = "{$cidr_str}";
497			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
498			document.getElementById ("itemhelp").firstChild.data = "{$networks_help}";
499	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
500	5a1eebc7	Scott Ullrich	} else if(selected == '{$hosts_str}') {
501			document.getElementById ("addressnetworkport").firstChild.data = "{$hosts_str}";
502			document.getElementById ("onecolumn").firstChild.data = "{$ip_str}";
503			document.getElementById ("twocolumn").firstChild.data = "";
504			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
505			document.getElementById ("itemhelp").firstChild.data = "{$hosts_help}";
506	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
507	5a1eebc7	Scott Ullrich	} else if(selected == '{$ports_str}') {
508			document.getElementById ("addressnetworkport").firstChild.data = "{$ports_str}";
509			document.getElementById ("onecolumn").firstChild.data = "{$port_str}";
510			document.getElementById ("twocolumn").firstChild.data = "";
511			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
512			document.getElementById ("itemhelp").firstChild.data = "{$ports_help}";
513	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
514	5a1eebc7	Scott Ullrich	} else if(selected == '{$url_str}') {
515			document.getElementById ("addressnetworkport").firstChild.data = "{$url_str}";
516			document.getElementById ("onecolumn").firstChild.data = "{$url_str}";
517	a0fc25ae	Scott Ullrich	document.getElementById ("twocolumn").firstChild.data = "";
518	5a1eebc7	Scott Ullrich	document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
519			document.getElementById ("itemhelp").firstChild.data = "{$url_help}";
520	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
521	6e7e1814	Scott Ullrich	} else if(selected == '{$openvpn_user_str}') {
522			document.getElementById ("addressnetworkport").firstChild.data = "{$openvpn_user_str}";
523	3ebd97eb	Scott Ullrich	document.getElementById ("onecolumn").firstChild.data = "{$openvpn_str}";
524	4c743413	Scott Ullrich	document.getElementById ("twocolumn").firstChild.data = "{$openvpn_freq}";
525	6e7e1814	Scott Ullrich	document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
526	3ebd97eb	Scott Ullrich	document.getElementById ("itemhelp").firstChild.data = "{$openvpn_help}";
527	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
528			} else if(selected == '{$urltable_str}') {
529			if ((typeof(totalrows) == "undefined") \|\| (totalrows < 1)) {
530			addRowTo('maintable', 'formfldalias');
531			typesel_change();
532			add_alias_control(this);
533			}
534			document.getElementById ("addressnetworkport").firstChild.data = "{$url_str}";
535			document.getElementById ("onecolumn").firstChild.data = "{$url_str}";
536			document.getElementById ("twocolumn").firstChild.data = "{$update_freq_str}";
537			document.getElementById ("threecolumn").firstChild.data = "";
538			document.getElementById ("threecolumn").style.display = 'none';
539			document.getElementById ("itemhelp").firstChild.data = "{$urltable_help}";
540			document.getElementById ("addrowbutton").style.display = 'none';
541	d2cfb7a4	Scott Ullrich	}
542			}
543	5b237745	Scott Ullrich	</script>
544
545	66138bf6	Scott Dale	EOD;
546	d2cfb7a4	Scott Ullrich
547	5a1eebc7	Scott Ullrich	?>
548	d2cfb7a4	Scott Ullrich
549	5a1eebc7	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
550			<?php
551			include("fbegin.inc");
552			echo $jscriptstr;
553			?>
554
555	f51d5d57	Darren Embry	<script type="text/javascript" src="/javascript/jquery.ipv4v6ify.js">
556			</script>
557	625dcc40	Bill Marquette	<script type="text/javascript" src="/javascript/row_helper.js">
558	5a1eebc7	Scott Ullrich	</script>
559	0cea9a23	Ermal Lu?i	<script type="text/javascript" src="/javascript/autosuggest.js">
560			</script>
561			<script type="text/javascript" src="/javascript/suggestions.js">
562			</script>
563	d2cfb7a4	Scott Ullrich
564	5a1eebc7	Scott Ullrich	<input type='hidden' name='address_type' value='textbox' />
565			<input type='hidden' name='address_subnet_type' value='select' />
566	d2cfb7a4	Scott Ullrich
567	5a1eebc7	Scott Ullrich	<script type="text/javascript">
568			rowname[0] = "address";
569	a8fe61f1	Darren Embry	rowtype[0] = "textbox,ipv4v6";
570	5a1eebc7	Scott Ullrich	rowsize[0] = "30";
571	d2cfb7a4	Scott Ullrich
572	5a1eebc7	Scott Ullrich	rowname[1] = "address_subnet";
573	a8fe61f1	Darren Embry	rowtype[1] = "select,ipv4v6";
574	5a1eebc7	Scott Ullrich	rowsize[1] = "1";
575	d2cfb7a4	Scott Ullrich
576	5a1eebc7	Scott Ullrich	rowname[2] = "detail";
577			rowtype[2] = "textbox";
578	b6f3005c	Ermal Luçi	rowsize[2] = "50";
579	d2cfb7a4	Scott Ullrich	</script>
580
581	193716d0	Scott Ullrich	<?php pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/pre_input_errors"); ?>
582	5b237745	Scott Ullrich	<?php if ($input_errors) print_input_errors($input_errors); ?>
583	5a1eebc7	Scott Ullrich	<div id="inputerrors"></div>
584
585			<form action="firewall_aliases_edit.php" method="post" name="iform" id="iform">
586	a5416de2	Warren Baker	<input name="tab" type="hidden" id="tab" value="<?=htmlspecialchars($pconfig['type']);?>" />
587	8fcb7cf4	Renato Botelho	<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0">
588	f29109d0	Renato Botelho	<tr>
589			<td colspan="2" valign="top" class="listtopic"><?=gettext("Alias Edit"); ?></td>
590			</tr>
591			<tr>
592			<td valign="top" class="vncellreq"><?=gettext("Name"); ?></td>
593			<td class="vtable">
594			<input name="origname" type="hidden" id="origname" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
595			<input name="name" type="text" id="name" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
596			<?php if (isset($id) && $a_aliases[$id]): ?>
597			<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
598			<?php endif; ?>
599			<br />
600			<span class="vexpl">
601			<?=gettext("The name of the alias may only consist of the characters \"a-z, A-Z, 0-9 and _\"."); ?>
602			</span>
603			</td>
604			</tr>
605			<?php pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/after_first_tr"); ?>
606			<tr>
607			<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
608			<td width="78%" class="vtable">
609			<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" />
610			<br />
611			<span class="vexpl">
612			<?=gettext("You may enter a description here for your reference (not parsed)."); ?>
613			</span>
614			</td>
615			</tr>
616			<tr>
617			<td valign="top" class="vncellreq"><?=gettext("Type"); ?></td>
618			<td class="vtable">
619			<select name="type" class="formselect" id="type" onchange="update_box_type(); typesel_change();">
620			<option value="host" <?php if ($pconfig['type'] == "host") echo "selected"; ?>><?=gettext("Host(s)"); ?></option>
621			<option value="network" <?php if ($pconfig['type'] == "network") echo "selected"; ?>><?=gettext("Network(s)"); ?></option>
622			<option value="port" <?php if ($pconfig['type'] == "port") echo "selected"; ?>><?=gettext("Port(s)"); ?></option>
623			<!--<option value="openvpn" <?php if ($pconfig['type'] == "openvpn") echo "selected"; ?>><?=gettext("OpenVPN Users"); ?></option> -->
624			<option value="url" <?php if ($pconfig['type'] == "url") echo "selected"; ?>><?=gettext("URL");?></option>
625			<option value="urltable" <?php if ($pconfig['type'] == "urltable") echo "selected"; ?>><?=gettext("URL Table"); ?></option>
626			</select>
627			</td>
628			</tr>
629			<tr>
630			<td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport"><?=gettext("Host(s)"); ?></div></td>
631			<td width="78%" class="vtable">
632			<table id="maintable">
633			<tbody>
634			<tr>
635			<td colspan="4">
636			<div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp"><?=gettext("Item information"); ?></div>
637			</td>
638			</tr>
639			<tr>
640			<td><div id="onecolumn"><?=gettext("Network"); ?></div></td>
641			<td><div id="twocolumn">CIDR</div></td>
642			<td><div id="threecolumn"><?=gettext("Description"); ?></div></td>
643			</tr>
644
645			<?php
646			$counter = 0;
647			$address = $pconfig['address'];
648			if ($address <> "") {
649			$item = explode(" ", $address);
650			$item3 = explode("\|\|", $pconfig['detail']);
651			foreach($item as $ww) {
652			$address = $item[$counter];
653			$address_subnet = "";
654			$item2 = explode("/", $address);
655			foreach($item2 as $current) {
656			if($item2[1] <> "") {
657			$address = $item2[0];
658			$address_subnet = $item2[1];
659			}
660	5a1eebc7	Scott Ullrich
661	f29109d0	Renato Botelho	}
662			$item4 = $item3[$counter];
663			$tracker = $counter;
664			?>
665			<tr>
666			<td>
667			<input autocomplete="off" name="address<?php echo $tracker; ?>" type="text" class="formfldalias ipv4v6" id="address<?php echo $tracker; ?>" size="30" value="<?=htmlspecialchars($address);?>" />
668			</td>
669			<td>
670			<select name="address_subnet<?php echo $tracker; ?>" class="formselect ipv4v6" id="address_subnet<?php echo $tracker; ?>">
671			<option></option>
672			<?php for ($i = 128; $i >= 1; $i--): ?>
673			<option value="<?=$i;?>" <?php if (($i == $address_subnet) \|\| ($i == $pconfig['updatefreq'])) echo "selected"; ?>><?=$i;?></option>
674			<?php endfor; ?>
675			</select>
676			</td>
677			<td>
678			<input name="detail<?php echo $tracker; ?>" type="text" class="formfld unknown" id="detail<?php echo $tracker; ?>" size="50" value="<?=$item4;?>" />
679			</td>
680			<td>
681			<a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" alt="" title="<?=gettext("remove this entry"); ?>" /></a>
682			</td>
683			</tr>
684			<?php
685			$counter++;
686
687			} // end foreach
688			} // end if
689			?>
690			</tbody>
691			<tfoot>
692
693			</tfoot>
694			</table>
695			<div id="addrowbutton">
696			<a onclick="javascript:addRowTo('maintable', 'formfldalias'); typesel_change(); add_alias_control(this); return false;" href="#">
697			<img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="<?=gettext("add another entry"); ?>" />
698			</a>
699			</div>
700			</td>
701			</tr>
702			<tr>
703			<td width="22%" valign="top"> </td>
704			<td width="78%">
705			<input id="submit" name="submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
706			<a href="firewall_aliases.php"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" /></a>
707	5a1eebc7	Scott Ullrich	</td>
708	f29109d0	Renato Botelho	</tr>
709	5a1eebc7	Scott Ullrich	</table>
710	5b237745	Scott Ullrich	</form>
711	5a1eebc7	Scott Ullrich
712			<script type="text/javascript">
713	4dfd930e	Darren Embry	//<![CDATA[
714	5a1eebc7	Scott Ullrich	field_counter_js = 3;
715			rows = 1;
716			totalrows = <?php echo $counter; ?>;
717			loaded = <?php echo $counter; ?>;
718			typesel_change();
719			update_box_type();
720	0cea9a23	Ermal Lu?i
721	dd760cfc	r-duran	var addressarray = <?= json_encode(array_exclude($pconfig['name'], get_alias_list($pconfig['type']))) ?>;
722	0cea9a23	Ermal Lu?i
723	4dfd930e	Darren Embry	function createAutoSuggest() {
724	f29109d0	Renato Botelho	<?php
725	4dfd930e	Darren Embry	for ($jv = 0; $jv < $counter; $jv++)
726			echo "objAlias[{$jv}] = new AutoSuggestControl(document.getElementById(\"address{$jv}\"), new StateSuggestions(addressarray));\n";
727			?>
728			}
729	0cea9a23	Ermal Lu?i
730	4dfd930e	Darren Embry	setTimeout("createAutoSuggest();", 500);
731			//]]>
732	5b237745	Scott Ullrich	</script>
733	5a1eebc7	Scott Ullrich
734	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
735			</body>
736			</html>

Project

General

Profile

pfSense