/src/usr/local/www/services_ntpd.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/services_ntpd.php @ 0cfd0083

1	cf180ccc	jim-p	<?php
2			/*
3	c5d81585	Renato Botelho	* services_ntpd.php
4			*
5			* part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	* Copyright (c) 2004-2013 BSD Perimeter
7			* Copyright (c) 2013-2016 Electric Sheep Fencing
8	8f585441	Luiz Souza	* Copyright (c) 2014-2021 Rubicon Communications, LLC (Netgate)
9	c5d81585	Renato Botelho	* Copyright (c) 2013 Dagorlad
10			* All rights reserved.
11			*
12	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
13			* you may not use this file except in compliance with the License.
14			* You may obtain a copy of the License at
15	c5d81585	Renato Botelho	*
16	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
17	c5d81585	Renato Botelho	*
18	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
19			* distributed under the License is distributed on an "AS IS" BASIS,
20			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21			* See the License for the specific language governing permissions and
22			* limitations under the License.
23	f4439c00	Stephen Beaver	*/
24	cf180ccc	jim-p
25			##\|+PRIV
26			##\|*IDENT=page-services-ntpd
27	448280c3	k-paulius	##\|*NAME=Services: NTP Settings
28			##\|*DESCR=Allow access to the 'Services: NTP Settings' page.
29	cf180ccc	jim-p	##\|MATCH=services_ntpd.php
30			##\|-PRIV
31
32	820562e8	NewEraCracker	define('NUMTIMESERVERS', 10); // The maximum number of configurable time servers
33	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
34	c1e68244	nagyrobi	require_once('rrd.inc');
35			require_once("shaper.inc");
36	cf180ccc	jim-p
37	0cfd0083	Viktor G	global $ntp_poll_min_default, $ntp_poll_max_default, $ntp_server_types;
38	8ef6844a	jim-p	$ntp_poll_values = system_ntp_poll_values();
39	27e1febb	Viktor G	$auto_pool_suffix = "pool.ntp.org";
40	9c2fcbf6	kiokoman	$max_candidate_peers = 25;
41	aef7d92a	kiokoman	$min_candidate_peers = 4;
42	8ef6844a	jim-p
43	7a6f0ebc	Phil Davis	if (!is_array($config['ntpd'])) {
44	08005d0a	Ermal	$config['ntpd'] = array();
45	7a6f0ebc	Phil Davis	}
46	08005d0a	Ermal
47			if (empty($config['ntpd']['interface'])) {
48			if (is_array($config['installedpackages']['openntpd']) && is_array($config['installedpackages']['openntpd']['config']) &&
49	20db3e1a	Phil Davis	is_array($config['installedpackages']['openntpd']['config'][0]) && !empty($config['installedpackages']['openntpd']['config'][0]['interface'])) {
50	46ca7f3d	jim-p	$pconfig['interface'] = explode(",", $config['installedpackages']['openntpd']['config'][0]['interface']);
51	cf180ccc	jim-p	unset($config['installedpackages']['openntpd']);
52	62725308	Viktor Gurov	write_config(gettext("Upgraded settings from openntpd"));
53	7a6f0ebc	Phil Davis	} else {
54	cf180ccc	jim-p	$pconfig['interface'] = array();
55	7a6f0ebc	Phil Davis	}
56			} else {
57	cf180ccc	jim-p	$pconfig['interface'] = explode(",", $config['ntpd']['interface']);
58	7a6f0ebc	Phil Davis	}
59	cf180ccc	jim-p
60	08d56bd1	sbeaver	if ($_POST) {
61	cf180ccc	jim-p	unset($input_errors);
62			$pconfig = $_POST;
63
64	bfcf5d7c	Viktor Gurov	if (!empty($_POST['ntpmaxpeers']) && (!is_numericint($_POST['ntpmaxpeers']) \|\|
65			($_POST['ntpmaxpeers'] < $min_candidate_peers) \|\| ($_POST['ntpmaxpeers'] > $max_candidate_peers))) {
66	b33465da	kiokoman	$input_errors[] = sprintf(gettext("Max candidate pool peers must be a number between %d and %d"), $min_candidate_peers, $max_candidate_peers);
67	38fcf2c5	kiokoman	}
68
69	531c3486	jim-p	if ((strlen($pconfig['ntporphan']) > 0) && (!is_numericint($pconfig['ntporphan']) \|\| ($pconfig['ntporphan'] < 1) \|\| ($pconfig['ntporphan'] > 15))) {
70			$input_errors[] = gettext("The supplied value for NTP Orphan Mode is invalid.");
71			}
72
73	8ef6844a	jim-p	if (!array_key_exists($pconfig['ntpminpoll'], $ntp_poll_values)) {
74			$input_errors[] = gettext("The supplied value for Minimum Poll Interval is invalid.");
75			}
76
77			if (!array_key_exists($pconfig['ntpmaxpoll'], $ntp_poll_values)) {
78			$input_errors[] = gettext("The supplied value for Maximum Poll Interval is invalid.");
79			}
80
81	27e1febb	Viktor G	for ($i = 0; $i < NUMTIMESERVERS; $i++) {
82	0cfd0083	Viktor G	if (isset($pconfig["servselect{$i}"]) && (($pconfig["servistype{$i}"] == 'pool') \|\|
83	27e1febb	Viktor G	(substr_compare($pconfig["server{$i}"], $auto_pool_suffix, strlen($pconfig["server{$i}"]) - strlen($auto_pool_suffix), strlen($auto_pool_suffix)) === 0))) {
84			$input_errors[] = gettext("It is not possible to use 'No Select' for pools.");
85			}
86	cb92c086	Viktor Gurov	if (!empty($pconfig["server{$i}"]) && !is_domain($pconfig["server{$i}"]) &&
87			!is_ipaddr($pconfig["server{$i}"])) {
88			$input_errors[] = gettext("NTP Time Server names must be valid domain names, IPv4 addresses, or IPv6 addresses");
89			}
90	27e1febb	Viktor G	}
91
92	8ef6844a	jim-p	if (is_numericint($pconfig['ntpminpoll']) &&
93			is_numericint($pconfig['ntpmaxpoll']) &&
94			($pconfig['ntpmaxpoll'] < $pconfig['ntpminpoll'])) {
95			$input_errors[] = gettext("The supplied value for Minimum Poll Interval is higher than NTP Maximum Poll Interval.");
96			}
97
98	9108d083	Viktor G	if (isset($pconfig['serverauth'])) {
99			if (empty($pconfig['serverauthkey'])) {
100			$input_errors[] = gettext("The supplied value for NTP Authentication key can't be empty.");
101	a69f79bd	Viktor G	} elseif (($pconfig['serverauthalgo'] == 'md5') && ((strlen($pconfig['serverauthkey']) > 20) \|\|
102			!ctype_print($pconfig['serverauthkey']))) {
103			$input_errors[] = gettext("The supplied value for NTP Authentication key for MD5 digest must be from 1 to 20 printable characters.");
104			} elseif (($pconfig['serverauthalgo'] == 'sha1') && ((strlen($pconfig['serverauthkey']) != 40) \|\|
105	9108d083	Viktor G	!ctype_xdigit($pconfig['serverauthkey']))) {
106			$input_errors[] = gettext("The supplied value for NTP Authentication key for SHA1 digest must be hex-encoded string of 40 characters.");
107	1d7ae980	Viktor G	} elseif (($pconfig['serverauthalgo'] == 'sha256') && ((strlen($pconfig['serverauthkey']) != 64) \|\|
108			!ctype_xdigit($pconfig['serverauthkey']))) {
109			$input_errors[] = gettext("The supplied value for NTP Authentication key for SHA256 digest must be hex-encoded string of 64 characters.");
110	9108d083	Viktor G	}
111			}
112
113	cf180ccc	jim-p	if (!$input_errors) {
114	c62e31f2	Viktor Gurov	$config['ntpd']['enable'] = isset($_POST['enable']) ? 'enabled' : 'disabled';
115	7a6f0ebc	Phil Davis	if (is_array($_POST['interface'])) {
116	58168f4e	jim-p	$config['ntpd']['interface'] = implode(",", $_POST['interface']);
117	7a6f0ebc	Phil Davis	} elseif (isset($config['ntpd']['interface'])) {
118	58168f4e	jim-p	unset($config['ntpd']['interface']);
119	7a6f0ebc	Phil Davis	}
120	cf180ccc	jim-p
121	c1e68244	nagyrobi	unset($config['ntpd']['prefer']);
122			unset($config['ntpd']['noselect']);
123	fbb652ed	jim-p	unset($config['ntpd']['ispool']);
124	0cfd0083	Viktor G	unset($config['ntpd']['ispeer']);
125	c1e68244	nagyrobi	$timeservers = '';
126	08d56bd1	sbeaver
127	83b9d03e	Phil Davis	for ($i = 0; $i < NUMTIMESERVERS; $i++) {
128	08005d0a	Ermal	$tserver = trim($_POST["server{$i}"]);
129	c1e68244	nagyrobi	if (!empty($tserver)) {
130			$timeservers .= "{$tserver} ";
131	27e1febb	Viktor G	if (isset($_POST["servprefer{$i}"])) {
132	7a6f0ebc	Phil Davis	$config['ntpd']['prefer'] .= "{$tserver} ";
133			}
134	27e1febb	Viktor G	if (isset($_POST["servselect{$i}"])) {
135	7a6f0ebc	Phil Davis	$config['ntpd']['noselect'] .= "{$tserver} ";
136			}
137	0cfd0083	Viktor G	if ($_POST["servistype{$i}"] == 'pool') {
138	fbb652ed	jim-p	$config['ntpd']['ispool'] .= "{$tserver} ";
139	0cfd0083	Viktor G	} elseif ($_POST["servistype{$i}"] == 'peer') {
140			$config['ntpd']['ispeer'] .= "{$tserver} ";
141	fbb652ed	jim-p	}
142	c1e68244	nagyrobi	}
143			}
144	7a6f0ebc	Phil Davis	if (trim($timeservers) == "") {
145	4e6b0a0e	nagyrobi	$timeservers = "pool.ntp.org";
146	7a6f0ebc	Phil Davis	}
147	c1e68244	nagyrobi	$config['system']['timeservers'] = trim($timeservers);
148
149	bfcf5d7c	Viktor Gurov	if (!empty($pconfig['ntpmaxpeers'])) {
150			$config['ntpd']['ntpmaxpeers'] = $pconfig['ntpmaxpeers'];
151			} else {
152			unset($config['ntpd']['ntpmaxpeers']);
153			}
154	531c3486	jim-p	$config['ntpd']['orphan'] = trim($pconfig['ntporphan']);
155	8ef6844a	jim-p	$config['ntpd']['ntpminpoll'] = $pconfig['ntpminpoll'];
156			$config['ntpd']['ntpmaxpoll'] = $pconfig['ntpmaxpoll'];
157	bdb26b26	Viktor G	$config['ntpd']['dnsresolv'] = $pconfig['dnsresolv'];
158	c1e68244	nagyrobi
159	7a6f0ebc	Phil Davis	if (!empty($_POST['logpeer'])) {
160	c1e68244	nagyrobi	$config['ntpd']['logpeer'] = $_POST['logpeer'];
161	7a6f0ebc	Phil Davis	} elseif (isset($config['ntpd']['logpeer'])) {
162	c1e68244	nagyrobi	unset($config['ntpd']['logpeer']);
163	7a6f0ebc	Phil Davis	}
164	c1e68244	nagyrobi
165	7a6f0ebc	Phil Davis	if (!empty($_POST['logsys'])) {
166	c1e68244	nagyrobi	$config['ntpd']['logsys'] = $_POST['logsys'];
167	7a6f0ebc	Phil Davis	} elseif (isset($config['ntpd']['logsys'])) {
168	c1e68244	nagyrobi	unset($config['ntpd']['logsys']);
169	7a6f0ebc	Phil Davis	}
170	c1e68244	nagyrobi
171	7a6f0ebc	Phil Davis	if (!empty($_POST['clockstats'])) {
172	c1e68244	nagyrobi	$config['ntpd']['clockstats'] = $_POST['clockstats'];
173	7a6f0ebc	Phil Davis	} elseif (isset($config['ntpd']['clockstats'])) {
174	c1e68244	nagyrobi	unset($config['ntpd']['clockstats']);
175	7a6f0ebc	Phil Davis	}
176	c1e68244	nagyrobi
177	7a6f0ebc	Phil Davis	if (!empty($_POST['loopstats'])) {
178	c1e68244	nagyrobi	$config['ntpd']['loopstats'] = $_POST['loopstats'];
179	7a6f0ebc	Phil Davis	} elseif (isset($config['ntpd']['loopstats'])) {
180	c1e68244	nagyrobi	unset($config['ntpd']['loopstats']);
181	7a6f0ebc	Phil Davis	}
182	c1e68244	nagyrobi
183	7a6f0ebc	Phil Davis	if (!empty($_POST['peerstats'])) {
184	c1e68244	nagyrobi	$config['ntpd']['peerstats'] = $_POST['peerstats'];
185	7a6f0ebc	Phil Davis	} elseif (isset($config['ntpd']['peerstats'])) {
186	c1e68244	nagyrobi	unset($config['ntpd']['peerstats']);
187	7a6f0ebc	Phil Davis	}
188	c1e68244	nagyrobi
189	7a6f0ebc	Phil Davis	if ((empty($_POST['statsgraph'])) == (isset($config['ntpd']['statsgraph']))) {
190	e2caaee8	k-paulius	$enable_rrd_graphing = true;
191	7a6f0ebc	Phil Davis	}
192			if (!empty($_POST['statsgraph'])) {
193	c1e68244	nagyrobi	$config['ntpd']['statsgraph'] = $_POST['statsgraph'];
194	7a6f0ebc	Phil Davis	} elseif (isset($config['ntpd']['statsgraph'])) {
195	c1e68244	nagyrobi	unset($config['ntpd']['statsgraph']);
196	7a6f0ebc	Phil Davis	}
197			if (isset($enable_rrd_graphing)) {
198	e2caaee8	k-paulius	enable_rrd_graphing();
199	7a6f0ebc	Phil Davis	}
200	c1e68244	nagyrobi
201	f99f8a67	Phil Davis	if (!empty($_POST['leaptext'])) {
202			$config['ntpd']['leapsec'] = base64_encode($_POST['leaptext']);
203	7a6f0ebc	Phil Davis	} elseif (isset($config['ntpd']['leapsec'])) {
204	c1e68244	nagyrobi	unset($config['ntpd']['leapsec']);
205	7a6f0ebc	Phil Davis	}
206	c1e68244	nagyrobi
207	7a6f0ebc	Phil Davis	if (is_uploaded_file($_FILES['leapfile']['tmp_name'])) {
208	c1e68244	nagyrobi	$config['ntpd']['leapsec'] = base64_encode(file_get_contents($_FILES['leapfile']['tmp_name']));
209	7a6f0ebc	Phil Davis	}
210	c1e68244	nagyrobi
211	9108d083	Viktor G	if (!empty($_POST['serverauth'])) {
212			$config['ntpd']['serverauth'] = $_POST['serverauth'];
213			$config['ntpd']['serverauthkey'] = base64_encode(trim($_POST['serverauthkey']));
214			$config['ntpd']['serverauthalgo'] = $_POST['serverauthalgo'];
215			} elseif (isset($config['ntpd']['serverauth'])) {
216			unset($config['ntpd']['serverauth']);
217			unset($config['ntpd']['serverauthkey']);
218			unset($config['ntpd']['serverauthalgo']);
219			}
220
221	cf180ccc	jim-p	write_config("Updated NTP Server Settings");
222
223	44c42356	Phil Davis	$changes_applied = true;
224	cf180ccc	jim-p	$retval = 0;
225	44c42356	Phil Davis	$retval \|= system_ntp_configure();
226	08d56bd1	sbeaver	}
227			}
228
229			function build_interface_list() {
230			global $pconfig;
231
232			$iflist = array('options' => array(), 'selected' => array());
233
234			$interfaces = get_configured_interface_with_descr();
235	62725308	Viktor Gurov	$interfaces['lo0'] = "Localhost";
236
237	08d56bd1	sbeaver	foreach ($interfaces as $iface => $ifacename) {
238	2a5960b0	Luiz Otavio O Souza	if (!is_ipaddr(get_interface_ip($iface)) &&
239			!is_ipaddrv6(get_interface_ipv6($iface))) {
240	08d56bd1	sbeaver	continue;
241	1fe07ba8	Chris Buechler	}
242	08d56bd1	sbeaver
243	d05950fb	Stephen Beaver	$iflist['options'][$iface] = $ifacename;
244	08d56bd1	sbeaver
245	1fe07ba8	Chris Buechler	if (in_array($iface, $pconfig['interface'])) {
246			array_push($iflist['selected'], $iface);
247			}
248	cf180ccc	jim-p	}
249	08d56bd1	sbeaver
250			return($iflist);
251	cf180ccc	jim-p	}
252	08d56bd1	sbeaver
253	c6c398c6	jim-p	init_config_arr(array('ntpd'));
254	c1e68244	nagyrobi	$pconfig = &$config['ntpd'];
255	0b5b700d	Viktor G	$pconfig['enable'] = ($config['ntpd']['enable'] != 'disabled') ? 'enabled' : 'disabled';
256	7a6f0ebc	Phil Davis	if (empty($pconfig['interface'])) {
257	63d5a5e0	Jean Cyr	$pconfig['interface'] = array();
258	7a6f0ebc	Phil Davis	} else {
259	63d5a5e0	Jean Cyr	$pconfig['interface'] = explode(",", $pconfig['interface']);
260	7a6f0ebc	Phil Davis	}
261	448280c3	k-paulius	$pgtitle = array(gettext("Services"), gettext("NTP"), gettext("Settings"));
262	edcd7535	Phil Davis	$pglinks = array("", "@self", "@self");
263	b32dd0a6	jim-p	$shortcut_section = "ntp";
264	cf180ccc	jim-p	include("head.inc");
265
266	20db3e1a	Phil Davis	if ($input_errors) {
267	08d56bd1	sbeaver	print_input_errors($input_errors);
268	20db3e1a	Phil Davis	}
269	44c42356	Phil Davis
270			if ($changes_applied) {
271			print_apply_result_box($retval);
272	20db3e1a	Phil Davis	}
273	08d56bd1	sbeaver
274			$tab_array = array();
275	448280c3	k-paulius	$tab_array[] = array(gettext("Settings"), true, "services_ntpd.php");
276	31b15180	jim-p	$tab_array[] = array(gettext("ACLs"), false, "services_ntpd_acls.php");
277	08d56bd1	sbeaver	$tab_array[] = array(gettext("Serial GPS"), false, "services_ntpd_gps.php");
278			$tab_array[] = array(gettext("PPS"), false, "services_ntpd_pps.php");
279			display_top_tabs($tab_array);
280
281			$form = new Form;
282	76763c4c	Phil Davis	$form->setMultipartEncoding(); // Allow file uploads
283	08d56bd1	sbeaver
284	70dc5cd6	Phil Davis	$section = new Form_Section('NTP Server Configuration');
285	08d56bd1	sbeaver
286	b5d5da0c	Viktor Gurov	$section->addInput(new Form_Checkbox(
287			'enable',
288			'Enable',
289			'Enable NTP Server',
290	c62e31f2	Viktor Gurov	($pconfig['enable'] == 'enabled')
291	c67c74dd	Steve Beaver	))->setHelp('You may need to disable NTP if %1$s is running in a virtual machine and the host is responsible for the clock.', $g['product_label']);
292	b5d5da0c	Viktor Gurov
293	08d56bd1	sbeaver	$iflist = build_interface_list();
294
295			$section->addInput(new Form_Select(
296			'interface',
297			'Interface',
298			$iflist['selected'],
299			$iflist['options'],
300			true
301	3fd41815	Phil Davis	))->setHelp('Interfaces without an IP address will not be shown.%1$s' .
302			'Selecting no interfaces will listen on all interfaces with a wildcard.%1$s' .
303			'Selecting all interfaces will explicitly listen on only the interfaces/IPs specified.', '<br />');
304	08d56bd1	sbeaver
305	20db3e1a	Phil Davis	$timeservers = explode(' ', $config['system']['timeservers']);
306	83b9d03e	Phil Davis	$maxrows = max(count($timeservers), 1);
307	f4439c00	Stephen Beaver	for ($counter=0; $counter < $maxrows; $counter++) {
308	ff8e3635	jim-p	$group = new Form_Group($counter == 0 ? 'Time Servers':'');
309	c18d0d12	jskyboo	$group->addClass('repeatable');
310			$group->setAttribute('max_repeats', NUMTIMESERVERS);
311			$group->setAttribute('max_repeats_alert', sprintf(gettext('%d is the maximum number of configured servers.'), NUMTIMESERVERS));
312	08d56bd1	sbeaver
313			$group->add(new Form_Input(
314	f4439c00	Stephen Beaver	'server' . $counter,
315	08d56bd1	sbeaver	null,
316			'text',
317	f4439c00	Stephen Beaver	$timeservers[$counter],
318			['placeholder' => 'Hostname']
319			))->setWidth(3);
320	08d56bd1	sbeaver
321			$group->add(new Form_Checkbox(
322	f4439c00	Stephen Beaver	'servprefer' . $counter,
323	08d56bd1	sbeaver	null,
324	f4439c00	Stephen Beaver	null,
325			isset($config['ntpd']['prefer']) && isset($timeservers[$counter]) && substr_count($config['ntpd']['prefer'], $timeservers[$counter])
326			))->sethelp('Prefer');
327	08d56bd1	sbeaver
328			$group->add(new Form_Checkbox(
329	f4439c00	Stephen Beaver	'servselect' . $counter,
330			null,
331	08d56bd1	sbeaver	null,
332	f4439c00	Stephen Beaver	isset($config['ntpd']['noselect']) && isset($timeservers[$counter]) && substr_count($config['ntpd']['noselect'], $timeservers[$counter])
333			))->sethelp('No Select');
334
335	0cfd0083	Viktor G	if ((substr_compare($timeservers[$counter], $auto_pool_suffix, strlen($timeservers[$counter]) - strlen($auto_pool_suffix), strlen($auto_pool_suffix)) === 0) \|\| (isset($config['ntpd']['ispool']) && isset($timeservers[$counter]) && substr_count($config['ntpd']['ispool'], $timeservers[$counter]))) {
336			$servertype = 'pool';
337			} elseif (isset($config['ntpd']['ispeer']) && isset($timeservers[$counter]) && substr_count($config['ntpd']['ispeer'], $timeservers[$counter])) {
338			$servertype = 'peer';
339			} else {
340			$servertype = 'server';
341			}
342
343			$group->add(new Form_Select(
344			'servistype' . $counter,
345	fbb652ed	jim-p	null,
346	0cfd0083	Viktor G	$servertype,
347			$ntp_server_types
348			))->sethelp('Type')->setWidth(2);
349	fbb652ed	jim-p
350	f4439c00	Stephen Beaver	$group->add(new Form_Button(
351			'deleterow' . $counter,
352	faab522f	Renato Botelho	'Delete',
353	cd7ddae6	jim-p	null,
354			'fa-trash'
355			))->addClass('btn-warning');
356	08d56bd1	sbeaver
357			$section->add($group);
358			}
359
360	f4439c00	Stephen Beaver	$section->addInput(new Form_Button(
361			'addrow',
362	faab522f	Renato Botelho	'Add',
363	cd7ddae6	jim-p	null,
364			'fa-plus'
365			))->addClass('btn-success');
366	08d56bd1	sbeaver
367			$section->addInput(new Form_StaticText(
368			null,
369			$btnaddrow
370	239b15fb	stilez	))->setHelp(
371			'NTP will only sync if a majority of the servers agree on the time. For best results you should configure between 3 and 5 servers ' .
372			'(%4$sNTP support pages recommend at least 4 or 5%5$s), or a pool. If only one server is configured, it %2$swill%3$s be believed, and if 2 servers ' .
373			'are configured and they disagree, %2$sneither%3$s will be believed. Options:%1$s' .
374			'%2$sPrefer%3$s - NTP should favor the use of this server more than all others.%1$s' .
375			'%2$sNo Select%3$s - NTP should not use this server for time, but stats for this server will be collected and displayed.%1$s' .
376	0cfd0083	Viktor G	'%2$sType%3$s - Server, Peer or a Pool of NTP servers and not a single address. This is assumed for *.pool.ntp.org.',
377	179377b0	robjarsen	'<br />',
378			'<b>',
379			'</b>',
380			'<a target="_blank" href="https://support.ntp.org/bin/view/Support/ConfiguringNTP">',
381	239b15fb	stilez	'</a>'
382			);
383	08d56bd1	sbeaver
384	38fcf2c5	kiokoman	$section->addInput(new Form_Input(
385			'ntpmaxpeers',
386	9c2fcbf6	kiokoman	'Max candidate pool peers',
387	38fcf2c5	kiokoman	'number',
388			$pconfig['ntpmaxpeers'],
389	aef7d92a	kiokoman	['min' => $min_candidate_peers, 'max' => $max_candidate_peers]
390	b33465da	kiokoman	))->setHelp('Maximum number of candidate peers in the NTP pool. This value should be set low enough to provide sufficient alternate sources ' .
391			'while not contacting an excessively large number of peers. ' .
392			'Many servers inside public pools are provided by volunteers, ' .
393			'and a large candidate pool places unnecessary extra load ' .
394			'on the volunteer time servers for little to no added benefit. (Default: 5).');
395	38fcf2c5	kiokoman
396	08d56bd1	sbeaver	$section->addInput(new Form_Input(
397			'ntporphan',
398	ff8e3635	jim-p	'Orphan Mode',
399	08d56bd1	sbeaver	'text',
400	d0db0f9b	jim-p	$pconfig['orphan'],
401			['placeholder' => "12"]
402	08d56bd1	sbeaver	))->setHelp('Orphan mode allows the system clock to be used when no other clocks are available. ' .
403			'The number here specifies the stratum reported during orphan mode and should normally be set to a number high enough ' .
404	bb80af58	NOYB	'to insure that any other servers available to clients are preferred over this server (default: 12).');
405	08d56bd1	sbeaver
406	8ef6844a	jim-p	$section->addInput(new Form_Select(
407			'ntpminpoll',
408			'Minimum Poll Interval',
409			$pconfig['ntpminpoll'],
410	4bdbb898	jim-p	$ntp_poll_values
411	8ef6844a	jim-p	))->setHelp('Minimum poll interval for NTP messages. If set, must be less than or equal to Maximum Poll Interval.');
412
413			$section->addInput(new Form_Select(
414			'ntpmaxpoll',
415			'Maximum Poll Interval',
416			$pconfig['ntpmaxpoll'],
417	4bdbb898	jim-p	$ntp_poll_values
418	8ef6844a	jim-p	))->setHelp('Maximum poll interval for NTP messages. If set, must be greater than or equal to Minimum Poll Interval.');
419
420	08d56bd1	sbeaver	$section->addInput(new Form_Checkbox(
421			'statsgraph',
422			'NTP Graphs',
423			'Enable RRD graphs of NTP statistics (default: disabled).',
424			$pconfig['statsgraph']
425			));
426
427			$section->addInput(new Form_Checkbox(
428			'logpeer',
429	ff8e3635	jim-p	'Logging',
430			'Log peer messages (default: disabled).',
431	08d56bd1	sbeaver	$pconfig['logpeer']
432			));
433
434			$section->addInput(new Form_Checkbox(
435			'logsys',
436			null,
437	ff8e3635	jim-p	'Log system messages (default: disabled).',
438	08d56bd1	sbeaver	$pconfig['logsys']
439	3fd41815	Phil Davis	))->setHelp('These options enable additional messages from NTP to be written to the System Log %1$sStatus > System Logs > NTP%2$s',
440			'<a href="status_logs.php?logfile=ntpd">', '</a>.');
441	08d56bd1	sbeaver
442			// Statistics logging section
443	c0d1ceda	Phil Davis	$btnadv = new Form_Button(
444	08d56bd1	sbeaver	'btnadvstats',
445	c0d1ceda	Phil Davis	'Display Advanced',
446	3314e626	jim-p	null,
447			'fa-cog'
448	08d56bd1	sbeaver	);
449
450	347c0214	Phil Davis	$btnadv->setAttribute('type','button')->addClass('btn-info btn-sm');
451	08d56bd1	sbeaver
452			$section->addInput(new Form_StaticText(
453	ff8e3635	jim-p	'Statistics Logging',
454	c0d1ceda	Phil Davis	$btnadv
455	1f1cd32f	Chris Buechler	))->setHelp('Warning: These options will create persistent daily log files in /var/log/ntp.');
456	08d56bd1	sbeaver
457			$section->addInput(new Form_Checkbox(
458			'clockstats',
459			null,
460	ff8e3635	jim-p	'Log reference clock statistics (default: disabled).',
461	08d56bd1	sbeaver	$pconfig['clockstats']
462			));
463
464			$section->addInput(new Form_Checkbox(
465			'loopstats',
466			null,
467	ff8e3635	jim-p	'Log clock discipline statistics (default: disabled).',
468	08d56bd1	sbeaver	$pconfig['loopstats']
469			));
470
471			$section->addInput(new Form_Checkbox(
472			'peerstats',
473			null,
474	ff8e3635	jim-p	'Log NTP peer statistics (default: disabled).',
475	08d56bd1	sbeaver	$pconfig['peerstats']
476			));
477
478			// Leap seconds section
479	c0d1ceda	Phil Davis	$btnadv = new Form_Button(
480			'btnadvleap',
481			'Display Advanced',
482	3314e626	jim-p	null,
483			'fa-cog'
484	08d56bd1	sbeaver	);
485
486	347c0214	Phil Davis	$btnadv->setAttribute('type','button')->addClass('btn-info btn-sm');
487	08d56bd1	sbeaver
488			$section->addInput(new Form_StaticText(
489			'Leap seconds',
490	c0d1ceda	Phil Davis	$btnadv
491	239b15fb	stilez	))->setHelp(
492			'Leap seconds may be added or subtracted at the end of June or December. Leap seconds are administered by the ' .
493			'%1$sIERS%2$s, who publish them in their Bulletin C approximately 6 - 12 months in advance. Normally this correction ' .
494			'should only be needed if the server is a stratum 1 NTP server, but many NTP servers do not advertise an upcoming leap ' .
495			'second when other NTP servers synchronise to them.%3$s%4$sIf the leap second is important to your network services, ' .
496			'it is %6$sgood practice%2$s to download and add the leap second file at least a day in advance of any time correction%5$s.%3$s ' .
497			'More information and files for downloading can be found on their %1$swebsite%2$s, and also on the %7$NIST%2$s and %8$sNTP%2$s websites.',
498			'<a target="_blank" href="https://www.iers.org">',
499			'</a>',
500			'<br />',
501			'<b>',
502			'</b>',
503			'<a target="_blank" href="https://support.ntp.org/bin/view/Support/ConfiguringNTP">',
504			'<a target="_blank" href="https://www.nist.gov">',
505			'<a target="_blank" href="https://www.ntp.org">'
506			);
507	08d56bd1	sbeaver
508			$section->addInput(new Form_Textarea(
509			'leaptext',
510			null,
511			base64_decode(chunk_split($pconfig['leapsec']))
512	e78ecb96	NOYB	))->setHelp('Enter Leap second configuration as text OR select a file to upload.');
513	08d56bd1	sbeaver
514			$section->addInput(new Form_Input(
515			'leapfile',
516			null,
517			'file'
518			))->addClass('btn-default');
519
520	bdb26b26	Viktor G	$section->addInput(new Form_Select(
521			'dnsresolv',
522			'DNS Resolution',
523			$pconfig['dnsresolv'],
524			array(
525			'auto' => 'Auto',
526			'inet' => 'IPv4',
527			'inet6' => 'IPv6',
528			)
529			))->setHelp('Force NTP peers DNS resolution IP protocol. Do not affect pools.');
530
531	9108d083	Viktor G	$section->addInput(new Form_Checkbox(
532			'serverauth',
533			'Enable NTP Server Authentication',
534			'Enable NTPv3 authentication (RFC 1305)',
535			$pconfig['serverauth']
536			))->setHelp('Authentication allows the NTP client to confirm it is communicating with the intended server, ' .
537			'which protects against man-in-the-middle attacks.');
538
539			$group = new Form_Group('Authentication key');
540			$group->addClass('ntpserverauth');
541
542			$group->add(new Form_IpAddress(
543			'serverauthkey',
544			'NTP Authentication key',
545			base64_decode($pconfig['serverauthkey']),
546			['placeholder' => 'NTP Authentication key']
547			))->setHelp(
548	a69f79bd	Viktor G	'Key format: %1$s MD5 - The key is 1 to 20 printable characters %1$s' .
549	1d7ae980	Viktor G	'SHA1 - The key is a hex-encoded ASCII string of 40 characters %1$s' .
550			'SHA256 - The key is a hex-encoded ASCII string of 64 characters',
551	9108d083	Viktor G	'<br />'
552			);
553
554			$group->add(new Form_Select(
555			'serverauthalgo',
556			null,
557			$pconfig['serverauthalgo'],
558			$ntp_auth_halgos
559			))->setWidth(3)->setHelp('Digest algorithm');
560
561			$section->add($group);
562
563	08d56bd1	sbeaver	$form->add($section);
564	31b15180	jim-p
565	08d56bd1	sbeaver	print($form);
566
567	cf180ccc	jim-p	?>
568
569	8fd9052f	Colin Fleming	<script type="text/javascript">
570			//<![CDATA[
571	08ec2d99	Stephen Beaver	// If this variable is declared, any help text will not be deleted when rows are added
572			// IOW the help text will appear on every row
573			retainhelp = true;
574			</script>
575
576	8fd9052f	Colin Fleming	<script type="text/javascript">
577	d9555fc5	Colin Fleming	//<![CDATA[
578	20db3e1a	Phil Davis	events.push(function() {
579	08d56bd1	sbeaver
580	c0d1ceda	Phil Davis	// Show advanced stats options ============================================
581			var showadvstats = false;
582	08d56bd1	sbeaver
583	c0d1ceda	Phil Davis	function show_advstats(ispageload) {
584			var text;
585			// On page load decide the initial state based on the data.
586			if (ispageload) {
587			<?php
588			if (!$pconfig['clockstats'] && !$pconfig['loopstats'] && !$pconfig['peerstats']) {
589			$showadv = false;
590			} else {
591			$showadv = true;
592			}
593			?>
594			showadvstats = <?php if ($showadv) {echo 'true';} else {echo 'false';} ?>;
595			} else {
596			// It was a click, swap the state.
597			showadvstats = !showadvstats;
598			}
599
600			hideCheckbox('clockstats', !showadvstats);
601			hideCheckbox('loopstats', !showadvstats);
602			hideCheckbox('peerstats', !showadvstats);
603
604			if (showadvstats) {
605			text = "<?=gettext('Hide Advanced');?>";
606			} else {
607			text = "<?=gettext('Display Advanced');?>";
608			}
609			$('#btnadvstats').html('<i class="fa fa-cog"></i> ' + text);
610			}
611
612			$('#btnadvstats').click(function(event) {
613			show_advstats();
614	08d56bd1	sbeaver	});
615
616	c0d1ceda	Phil Davis	// Show advanced leap second options ======================================
617			var showadvleap = false;
618
619			function show_advleap(ispageload) {
620			var text;
621			// On page load decide the initial state based on the data.
622			if (ispageload) {
623			<?php
624			// Note: leapfile is not a field saved in the config, so no need to test for it here.
625			// leapsec is the encoded text in the config, leaptext is not a pconfig[] key.
626			if (empty($pconfig['leapsec'])) {
627			$showadv = false;
628			} else {
629			$showadv = true;
630			}
631			?>
632			showadvleap = <?php if ($showadv) {echo 'true';} else {echo 'false';} ?>;
633			} else {
634			// It was a click, swap the state.
635			showadvleap = !showadvleap;
636			}
637
638			hideInput('leaptext', !showadvleap);
639			hideInput('leapfile', !showadvleap);
640
641			if (showadvleap) {
642			text = "<?=gettext('Hide Advanced');?>";
643			} else {
644			text = "<?=gettext('Display Advanced');?>";
645			}
646			$('#btnadvleap').html('<i class="fa fa-cog"></i> ' + text);
647			}
648	08d56bd1	sbeaver
649	9108d083	Viktor G	function change_serverauth() {
650			hideClass('ntpserverauth', !($('#serverauth').prop('checked')));
651			}
652
653	c0d1ceda	Phil Davis	$('#btnadvleap').click(function(event) {
654			show_advleap();
655	08d56bd1	sbeaver	});
656
657	9108d083	Viktor G	$('#serverauth').change(function () {
658			change_serverauth();
659			});
660
661	c0d1ceda	Phil Davis	// Set initial states
662			show_advstats(true);
663			show_advleap(true);
664	9108d083	Viktor G	change_serverauth();
665	0bc61baa	Stephen Beaver
666			// Suppress "Delete row" button if there are fewer than two rows
667			checkLastRow();
668	08d56bd1	sbeaver	});
669	d9555fc5	Colin Fleming	//]]>
670	c1e68244	nagyrobi	</script>
671	cf180ccc	jim-p
672	c10cb196	Stephen Beaver	<?php include("foot.inc");

Project

General

Profile

pfSense