/usr/local/www/services_captiveportal.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/services_captiveportal.php @ 1f9921aa

1	a5c0b6c7	Scott Ullrich	<?php
2	5b237745	Scott Ullrich	/*
3			services_captiveportal.php
4			part of m0n0wall (http://m0n0.ch/wall)
5	a5c0b6c7	Scott Ullrich
6	0bd34ed6	Scott Ullrich	Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
7	5b237745	Scott Ullrich	All rights reserved.
8	a5c0b6c7	Scott Ullrich
9	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11	a5c0b6c7	Scott Ullrich
12	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14	a5c0b6c7	Scott Ullrich
15	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18	a5c0b6c7	Scott Ullrich
19	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30	1d333258	Scott Ullrich	/*
31			pfSense_MODULE: captiveportal
32			*/
33	5b237745	Scott Ullrich
34	6b07c15a	Matthew Grooms	##\|+PRIV
35			##\|*IDENT=page-services-captiveportal
36			##\|*NAME=Services: Captive portal page
37			##\|*DESCR=Allow access to the 'Services: Captive portal' page.
38			##\|MATCH=services_captiveportal.php
39			##\|-PRIV
40
41	5633ab30	jim-p	$statusurl = "status_captiveportal.php";
42			$logurl = "diag_logs_auth.php";
43
44	5b237745	Scott Ullrich	require("guiconfig.inc");
45	7ab2b688	Scott Ullrich	require("functions.inc");
46			require("filter.inc");
47			require("shaper.inc");
48			require("captiveportal.inc");
49	5b237745	Scott Ullrich
50	6fde5a1e	Carlos Eduardo Ramos	$pgtitle = array(gettext("Services"),gettext("Captive portal"));
51
52	5b237745	Scott Ullrich	if (!is_array($config['captiveportal'])) {
53			$config['captiveportal'] = array();
54			$config['captiveportal']['page'] = array();
55			$config['captiveportal']['timeout'] = 60;
56			}
57
58			if ($_GET['act'] == "viewhtml") {
59			echo base64_decode($config['captiveportal']['page']['htmltext']);
60			exit;
61			} else if ($_GET['act'] == "viewerrhtml") {
62			echo base64_decode($config['captiveportal']['page']['errtext']);
63			exit;
64	5b87b24e	Ermal	} else if ($_GET['act'] == "viewlogouthtml") {
65			echo base64_decode($config['captiveportal']['page']['logouttext']);
66			exit;
67	5b237745	Scott Ullrich	}
68
69			$pconfig['cinterface'] = $config['captiveportal']['interface'];
70	0bd34ed6	Scott Ullrich	$pconfig['maxproc'] = $config['captiveportal']['maxproc'];
71			$pconfig['maxprocperip'] = $config['captiveportal']['maxprocperip'];
72	5b237745	Scott Ullrich	$pconfig['timeout'] = $config['captiveportal']['timeout'];
73			$pconfig['idletimeout'] = $config['captiveportal']['idletimeout'];
74			$pconfig['enable'] = isset($config['captiveportal']['enable']);
75	7faeda46	Scott Ullrich	$pconfig['auth_method'] = $config['captiveportal']['auth_method'];
76	5b237745	Scott Ullrich	$pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']);
77	0bd34ed6	Scott Ullrich	$pconfig['radmac_enable'] = isset($config['captiveportal']['radmac_enable']);
78			$pconfig['radmac_secret'] = $config['captiveportal']['radmac_secret'];
79	c980716e	Scott Ullrich	$pconfig['reauthenticate'] = isset($config['captiveportal']['reauthenticate']);
80			$pconfig['reauthenticateacct'] = $config['captiveportal']['reauthenticateacct'];
81	5b237745	Scott Ullrich	$pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']);
82	1d622048	Scott Ullrich	$pconfig['httpsname'] = strtolower($config['captiveportal']['httpsname']);
83	5b237745	Scott Ullrich	$pconfig['cert'] = base64_decode($config['captiveportal']['certificate']);
84	c6e1b0f5	Ermal Lu?i	$pconfig['cacert'] = base64_decode($config['captiveportal']['cacertificate']);
85	5b237745	Scott Ullrich	$pconfig['key'] = base64_decode($config['captiveportal']['private-key']);
86			$pconfig['logoutwin_enable'] = isset($config['captiveportal']['logoutwin_enable']);
87	7e587bdb	Scott Ullrich	$pconfig['peruserbw'] = isset($config['captiveportal']['peruserbw']);
88			$pconfig['bwdefaultdn'] = $config['captiveportal']['bwdefaultdn'];
89			$pconfig['bwdefaultup'] = $config['captiveportal']['bwdefaultup'];
90	5b237745	Scott Ullrich	$pconfig['nomacfilter'] = isset($config['captiveportal']['nomacfilter']);
91	0bd34ed6	Scott Ullrich	$pconfig['noconcurrentlogins'] = isset($config['captiveportal']['noconcurrentlogins']);
92	5b237745	Scott Ullrich	$pconfig['redirurl'] = $config['captiveportal']['redirurl'];
93			$pconfig['radiusip'] = $config['captiveportal']['radiusip'];
94	0bd34ed6	Scott Ullrich	$pconfig['radiusip2'] = $config['captiveportal']['radiusip2'];
95	5b237745	Scott Ullrich	$pconfig['radiusport'] = $config['captiveportal']['radiusport'];
96	0bd34ed6	Scott Ullrich	$pconfig['radiusport2'] = $config['captiveportal']['radiusport2'];
97	5b237745	Scott Ullrich	$pconfig['radiusacctport'] = $config['captiveportal']['radiusacctport'];
98			$pconfig['radiuskey'] = $config['captiveportal']['radiuskey'];
99	0bd34ed6	Scott Ullrich	$pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2'];
100			$pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor'];
101	2342bfb0	Ermal Lu?i	$pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']);
102	822b687b	Ermal	$pconfig['radiussrcip_attribute'] = $config['captiveportal']['radiussrcip_attribute'];
103	6ce61a8f	Ermal	$pconfig['passthrumacadd'] = isset($config['captiveportal']['passthrumacadd']);
104	1c291e64	Ermal	$pconfig['passthrumacaddusername'] = isset($config['captiveportal']['passthrumacaddusername']);
105	d11c1f93	sullrich	$pconfig['radmac_format'] = $config['captiveportal']['radmac_format'];
106	5b237745	Scott Ullrich
107			if ($_POST) {
108
109			unset($input_errors);
110			$pconfig = $_POST;
111
112			/* input validation */
113			if ($_POST['enable']) {
114			$reqdfields = explode(" ", "cinterface");
115	6fde5a1e	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Interface"));
116	a5c0b6c7	Scott Ullrich
117	5b237745	Scott Ullrich	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
118	a5c0b6c7	Scott Ullrich
119	0bd34ed6	Scott Ullrich	/* make sure no interfaces are bridged */
120	3e4f5a33	jim-p	if (is_array($_POST['cinterface']))
121			foreach ($pconfig['cinterface'] as $cpbrif)
122			if (link_interface_to_bridge($cpbrif))
123			$input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is part of a bridge."), $cpbrif);
124	a5c0b6c7	Scott Ullrich
125	5b237745	Scott Ullrich	if ($_POST['httpslogin_enable']) {
126			if (!$_POST['cert'] \|\| !$_POST['key']) {
127	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("Certificate and key must be specified for HTTPS login.");
128	5b237745	Scott Ullrich	} else {
129			if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cert'], "END CERTIFICATE"))
130	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This certificate does not appear to be valid.");
131	c6e1b0f5	Ermal Lu?i	if (!strstr($_POST['cacert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cacert'], "END CERTIFICATE"))
132	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This intermmediate certificate does not appear to be valid.");
133	5b237745	Scott Ullrich	if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") \|\| !strstr($_POST['key'], "END RSA PRIVATE KEY"))
134	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This key does not appear to be valid.");
135	5b237745	Scott Ullrich	}
136	a5c0b6c7	Scott Ullrich
137	5b237745	Scott Ullrich	if (!$_POST['httpsname'] \|\| !is_domain($_POST['httpsname'])) {
138	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The HTTPS server name must be specified for HTTPS login.");
139	5b237745	Scott Ullrich	}
140			}
141			}
142	a5c0b6c7	Scott Ullrich
143	5b237745	Scott Ullrich	if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) \|\| ($_POST['timeout'] < 1))) {
144	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The timeout must be at least 1 minute.");
145	5b237745	Scott Ullrich	}
146			if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) \|\| ($_POST['idletimeout'] < 1))) {
147	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The idle timeout must be at least 1 minute.");
148	5b237745	Scott Ullrich	}
149			if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {
150	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip']);
151	5b237745	Scott Ullrich	}
152	0bd34ed6	Scott Ullrich	if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) {
153	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip2']);
154	0bd34ed6	Scott Ullrich	}
155	5b237745	Scott Ullrich	if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {
156	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport']);
157	5b237745	Scott Ullrich	}
158	0bd34ed6	Scott Ullrich	if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) {
159	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport2']);
160	0bd34ed6	Scott Ullrich	}
161	5b237745	Scott Ullrich	if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {
162	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusacctport']);
163	0bd34ed6	Scott Ullrich	}
164			if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) \|\| ($_POST['maxproc'] < 4) \|\| ($_POST['maxproc'] > 100))) {
165	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The total maximum number of concurrent connections must be between 4 and 100.");
166	0bd34ed6	Scott Ullrich	}
167			$mymaxproc = $_POST['maxproc'] ? $_POST['maxproc'] : 16;
168			if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) \|\| ($_POST['maxprocperip'] > $mymaxproc))) {
169	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The maximum number of concurrent connections per client IP address may not be larger than the global maximum.");
170	5b237745	Scott Ullrich	}
171
172			if (!$input_errors) {
173	3e4f5a33	jim-p	if (is_array($_POST['cinterface']))
174			$config['captiveportal']['interface'] = implode(",", $_POST['cinterface']);
175	0bd34ed6	Scott Ullrich	$config['captiveportal']['maxproc'] = $_POST['maxproc'];
176			$config['captiveportal']['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false;
177	5b237745	Scott Ullrich	$config['captiveportal']['timeout'] = $_POST['timeout'];
178			$config['captiveportal']['idletimeout'] = $_POST['idletimeout'];
179	0bd34ed6	Scott Ullrich	$config['captiveportal']['enable'] = $_POST['enable'] ? true : false;
180	7faeda46	Scott Ullrich	$config['captiveportal']['auth_method'] = $_POST['auth_method'];
181	0bd34ed6	Scott Ullrich	$config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false;
182			$config['captiveportal']['reauthenticate'] = $_POST['reauthenticate'] ? true : false;
183			$config['captiveportal']['radmac_enable'] = $_POST['radmac_enable'] ? true : false;
184			$config['captiveportal']['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false;
185	c980716e	Scott Ullrich	$config['captiveportal']['reauthenticateacct'] = $_POST['reauthenticateacct'];
186	0bd34ed6	Scott Ullrich	$config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;
187	5b237745	Scott Ullrich	$config['captiveportal']['httpsname'] = $_POST['httpsname'];
188	7e587bdb	Scott Ullrich	$config['captiveportal']['peruserbw'] = $_POST['peruserbw'] ? true : false;
189			$config['captiveportal']['bwdefaultdn'] = $_POST['bwdefaultdn'];
190			$config['captiveportal']['bwdefaultup'] = $_POST['bwdefaultup'];
191	5b237745	Scott Ullrich	$config['captiveportal']['certificate'] = base64_encode($_POST['cert']);
192	c6e1b0f5	Ermal Lu?i	$config['captiveportal']['cacertificate'] = base64_encode($_POST['cacert']);
193	5b237745	Scott Ullrich	$config['captiveportal']['private-key'] = base64_encode($_POST['key']);
194	0bd34ed6	Scott Ullrich	$config['captiveportal']['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;
195			$config['captiveportal']['nomacfilter'] = $_POST['nomacfilter'] ? true : false;
196			$config['captiveportal']['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false;
197	5b237745	Scott Ullrich	$config['captiveportal']['redirurl'] = $_POST['redirurl'];
198			$config['captiveportal']['radiusip'] = $_POST['radiusip'];
199	0bd34ed6	Scott Ullrich	$config['captiveportal']['radiusip2'] = $_POST['radiusip2'];
200	5b237745	Scott Ullrich	$config['captiveportal']['radiusport'] = $_POST['radiusport'];
201	0bd34ed6	Scott Ullrich	$config['captiveportal']['radiusport2'] = $_POST['radiusport2'];
202	5b237745	Scott Ullrich	$config['captiveportal']['radiusacctport'] = $_POST['radiusacctport'];
203			$config['captiveportal']['radiuskey'] = $_POST['radiuskey'];
204	0bd34ed6	Scott Ullrich	$config['captiveportal']['radiuskey2'] = $_POST['radiuskey2'];
205			$config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false;
206	2342bfb0	Ermal Lu?i	$config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false;
207	8aede55b	Ermal	$config['captiveportal']['radiussrcip_attribute'] = $_POST['radiussrcip_attribute'];
208	6ce61a8f	Ermal	$config['captiveportal']['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false;
209	1c291e64	Ermal	$config['captiveportal']['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false;
210	6ce61a8f	Ermal	$config['captiveportal']['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false;
211	a5c0b6c7	Scott Ullrich
212	5b237745	Scott Ullrich	/* file upload? */
213			if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))
214			$config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));
215	c980716e	Scott Ullrich	if (is_uploaded_file($_FILES['errfile']['tmp_name']))
216	5b237745	Scott Ullrich	$config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));
217	5b87b24e	Ermal	if (is_uploaded_file($_FILES['logoutfile']['tmp_name']))
218			$config['captiveportal']['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name']));
219	a5c0b6c7	Scott Ullrich
220	5b237745	Scott Ullrich	write_config();
221	a5c0b6c7	Scott Ullrich
222	5b237745	Scott Ullrich	$retval = 0;
223	ea1eac37	Scott Ullrich	$retval = captiveportal_configure();
224
225	5b237745	Scott Ullrich	$savemsg = get_std_save_message($retval);
226	f8b11310	Ermal Lu?i
227	3e4f5a33	jim-p	if (is_array($_POST['cinterface']))
228			$pconfig['cinterface'] = implode(",", $_POST['cinterface']);
229	5b237745	Scott Ullrich	}
230			}
231	3d4bd975	Scott Ullrich	include("head.inc");
232	5b237745	Scott Ullrich	?>
233	9699028a	Scott Ullrich	<?php include("fbegin.inc"); ?>
234	5b237745	Scott Ullrich	<script language="JavaScript">
235			<!--
236			function enable_change(enable_change) {
237	0bd34ed6	Scott Ullrich	var endis, radius_endis;
238	07bd3f83	Scott Ullrich	endis = !(document.iform.enable.checked \|\| enable_change);
239	0bd34ed6	Scott Ullrich	radius_endis = !((!endis && document.iform.auth_method[2].checked) \|\| enable_change);
240	a5c0b6c7	Scott Ullrich
241	07bd3f83	Scott Ullrich	document.iform.cinterface.disabled = endis;
242	54611f24	Scott Ullrich	//document.iform.maxproc.disabled = endis;
243	422d57b4	Scott Ullrich	document.iform.maxprocperip.disabled = endis;
244	07bd3f83	Scott Ullrich	document.iform.idletimeout.disabled = endis;
245			document.iform.timeout.disabled = endis;
246			document.iform.redirurl.disabled = endis;
247	0bd34ed6	Scott Ullrich	document.iform.radiusip.disabled = radius_endis;
248			document.iform.radiusip2.disabled = radius_endis;
249			document.iform.radiusport.disabled = radius_endis;
250			document.iform.radiusport2.disabled = radius_endis;
251			document.iform.radiuskey.disabled = radius_endis;
252			document.iform.radiuskey2.disabled = radius_endis;
253	856e58a6	Scott Ullrich	document.iform.radacct_enable.disabled = radius_endis;
254	f5fa7d5e	Ermal Luçi	document.iform.peruserbw.disabled = endis;
255			document.iform.bwdefaultdn.disabled = endis;
256			document.iform.bwdefaultup.disabled = endis;
257	856e58a6	Scott Ullrich	document.iform.reauthenticate.disabled = radius_endis;
258	7faeda46	Scott Ullrich	document.iform.auth_method[0].disabled = endis;
259			document.iform.auth_method[1].disabled = endis;
260			document.iform.auth_method[2].disabled = endis;
261	0bd34ed6	Scott Ullrich	document.iform.radmac_enable.disabled = radius_endis;
262	07bd3f83	Scott Ullrich	document.iform.httpslogin_enable.disabled = endis;
263	d11c1f93	sullrich	document.iform.radmac_format.disabled = radius_endis;
264	07bd3f83	Scott Ullrich	document.iform.httpsname.disabled = endis;
265			document.iform.cert.disabled = endis;
266			document.iform.key.disabled = endis;
267			document.iform.logoutwin_enable.disabled = endis;
268	c980716e	Scott Ullrich	document.iform.nomacfilter.disabled = endis;
269	0bd34ed6	Scott Ullrich	document.iform.noconcurrentlogins.disabled = endis;
270			document.iform.radiusvendor.disabled = radius_endis;
271	2342bfb0	Ermal Lu?i	document.iform.radiussession_timeout.disabled = radius_endis;
272	822b687b	Ermal	document.iform.radiussrcip_attribute.disabled = radius_endis;
273	07bd3f83	Scott Ullrich	document.iform.htmlfile.disabled = endis;
274			document.iform.errfile.disabled = endis;
275	5b87b24e	Ermal	document.iform.logoutfile.disabled = endis;
276	a5c0b6c7	Scott Ullrich
277	856e58a6	Scott Ullrich	document.iform.radiusacctport.disabled = (radius_endis \|\| !document.iform.radacct_enable.checked) && !enable_change;
278	a5c0b6c7	Scott Ullrich
279	856e58a6	Scott Ullrich	document.iform.radmac_secret.disabled = (radius_endis \|\| !document.iform.radmac_enable.checked) && !enable_change;
280	a5c0b6c7	Scott Ullrich
281	0bd34ed6	Scott Ullrich	var reauthenticate_dis = (radius_endis \|\| !document.iform.reauthenticate.checked) && !enable_change;
282	856e58a6	Scott Ullrich	document.iform.reauthenticateacct[0].disabled = reauthenticate_dis;
283			document.iform.reauthenticateacct[1].disabled = reauthenticate_dis;
284			document.iform.reauthenticateacct[2].disabled = reauthenticate_dis;
285	5b237745	Scott Ullrich	}
286			//-->
287			</script>
288	93588e1a	Scott Dale	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
289	5b237745	Scott Ullrich	<?php if ($input_errors) print_input_errors($input_errors); ?>
290			<?php if ($savemsg) print_info_box($savemsg); ?>
291			<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
292			<table width="100%" border="0" cellpadding="0" cellspacing="0">
293	9699028a	Scott Ullrich	<tr><td class="tabnavtbl">
294	64b85ffe	Scott Ullrich	<?php
295			$tab_array = array();
296	6fde5a1e	Carlos Eduardo Ramos	$tab_array[] = array(gettext("Captive portal"), true, "services_captiveportal.php");
297			$tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php");
298			$tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php");
299			$tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php");
300			$tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php");
301	64b85ffe	Scott Ullrich	display_top_tabs($tab_array);
302	0bd34ed6	Scott Ullrich	?> </td></tr>
303	5b237745	Scott Ullrich	<tr>
304	c980716e	Scott Ullrich	<td class="tabcont">
305			<table width="100%" border="0" cellpadding="6" cellspacing="0">
306	a5c0b6c7	Scott Ullrich	<tr>
307	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
308			<td width="78%" class="vtable">
309			<input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
310	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable captive portal"); ?> </strong></td>
311	5b237745	Scott Ullrich	</tr>
312	a5c0b6c7	Scott Ullrich	<tr>
313	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interfaces"); ?></td>
314	5b237745	Scott Ullrich	<td width="78%" class="vtable">
315	d823b81c	sullrich	<select name="cinterface[]" multiple="true" size="<?php echo count($config['interfaces']); ?>" class="formselect" id="cinterface">
316	af98cced	Scott Ullrich	<?php
317	fbb45bb0	Ermal Luçi	$interfaces = get_configured_interface_with_descr();
318	c980716e	Scott Ullrich	foreach ($interfaces as $iface => $ifacename): ?>
319	f8b11310	Ermal Lu?i	<option value="<?=$iface;?>" <?php if (stristr($pconfig['cinterface'], $iface)) echo "selected"; ?>>
320	5b237745	Scott Ullrich	<?=htmlspecialchars($ifacename);?>
321			</option>
322			<?php endforeach; ?>
323			</select> <br>
324	16457bdd	Renato Botelho	<span class="vexpl"><?=gettext("Select the interface(s) to enable for captive portal."); ?></span></td>
325	5b237745	Scott Ullrich	</tr>
326	4362e48a	Scott Ullrich	<tr>
327	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Maximum concurrent connections"); ?></td>
328	4362e48a	Scott Ullrich	<td class="vtable">
329			<table cellpadding="0" cellspacing="0">
330			<tr>
331	b5c78501	Seth Mos	<td><input name="maxprocperip" type="text" class="formfld unknown" id="maxprocperip" size="5"
332	6fde5a1e	Carlos Eduardo Ramos	value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client IP address (0 = no limit)"); ?></td>
333	4362e48a	Scott Ullrich	</tr>
334			</table>
335	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in " .
336			"to the captive portal, but rather how many users can load the portal page or authenticate at the same time! " .
337	16457bdd	Renato Botelho	"Default is 4 connections per client IP address, with a total maximum of 16 connections."); ?></td>
338	4362e48a	Scott Ullrich	</tr>
339	5b237745	Scott Ullrich	<tr>
340	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Idle timeout"); ?></td>
341	5b237745	Scott Ullrich	<td class="vtable">
342	b5c78501	Seth Mos	<input name="idletimeout" type="text" class="formfld unknown" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">
343	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("minutes"); ?><br>
344	16457bdd	Renato Botelho	<?=gettext("Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout."); ?></td>
345	5b237745	Scott Ullrich	</tr>
346	a5c0b6c7	Scott Ullrich	<tr>
347	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Hard timeout"); ?></td>
348	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
349	b5c78501	Seth Mos	<input name="timeout" type="text" class="formfld unknown" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>">
350	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("minutes"); ?><br>
351	16457bdd	Renato Botelho	<?=gettext("Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set)."); ?></td>
352	5b237745	Scott Ullrich	</tr>
353	a5c0b6c7	Scott Ullrich	<tr>
354	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Logout popup window"); ?></td>
355	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
356	5b237745	Scott Ullrich	<input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>
357	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable logout popup window"); ?></strong><br>
358	16457bdd	Renato Botelho	<?=gettext("If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs."); ?></td>
359	5b237745	Scott Ullrich	</tr>
360			<tr>
361	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Redirection URL"); ?></td>
362	5b237745	Scott Ullrich	<td class="vtable">
363	b5c78501	Seth Mos	<input name="redirurl" type="text" class="formfld url" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">
364	5b237745	Scott Ullrich	<br>
365	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried " .
366	16457bdd	Renato Botelho	"to access after they've authenticated."); ?></td>
367	5b237745	Scott Ullrich	</tr>
368			<tr>
369	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Concurrent user logins"); ?></td>
370	0bd34ed6	Scott Ullrich	<td class="vtable">
371			<input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked"; ?>>
372	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Disable concurrent logins"); ?></strong><br>
373	16457bdd	Renato Botelho	<?=gettext("If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected."); ?></td>
374	0bd34ed6	Scott Ullrich	</tr>
375			<tr>
376	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("MAC filtering"); ?> </td>
377	c980716e	Scott Ullrich	<td class="vtable">
378			<input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked"; ?>>
379	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Disable MAC filtering"); ?></strong><br>
380			<?=gettext("If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in." .
381	16457bdd	Renato Botelho	"This is required when the MAC address of the client cannot be determined (usually because there are routers between"); ?> <?php echo $g['product_name'] ?> <?=gettext("and the clients)."); ?>
382			<?=gettext("If this is enabled, RADIUS MAC authentication cannot be used."); ?></td>
383	7e587bdb	Scott Ullrich	</tr>
384			<tr>
385	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Pass-through MAC Auto Entry"); ?></td>
386	6ce61a8f	Ermal	<td class="vtable">
387			<input name="passthrumacadd" type="checkbox" class="formfld" id="passthrumacadd" value="yes" <?php if ($pconfig['passthrumacadd']) echo "checked"; ?>>
388	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable Pass-through MAC automatic additions"); ?></strong><br>
389	16457bdd	Renato Botelho	<?=gettext("If this option is set, a MAC passthrough entry is automatically added after the user has successfully authenticated. Users of that MAC address will never have to authenticate again."); ?>
390			<?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("Pass-through MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?>
391			<?=gettext("If this is enabled, RADIUS MAC authentication cannot be used. Also, the logout window will not be shown."); ?>
392	1c291e64	Ermal	<br/><br/>
393			<input name="passthrumacaddusername" type="checkbox" class="formfld" id="passthrumacaddusername" value="yes" <?php if ($pconfig['passthrumacaddusername']) echo "checked"; ?>>
394	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable Pass-through MAC automatic addition with username"); ?></strong><br>
395	16457bdd	Renato Botelho	<?=gettext("If this option is set, with the automatically MAC passthrough entry created the username, used during authentication, will be saved."); ?>
396			<?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("Pass-through MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?>
397	1c291e64	Ermal	</td>
398	6ce61a8f	Ermal	</tr>
399			<tr>
400	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Per-user bandwidth restriction"); ?></td>
401	7e587bdb	Scott Ullrich	<td class="vtable">
402			<input name="peruserbw" type="checkbox" class="formfld" id="peruserbw" value="yes" <?php if ($pconfig['peruserbw']) echo "checked"; ?>>
403	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable per-user bandwidth restriction"); ?></strong><br><br>
404	7e587bdb	Scott Ullrich	<table cellpadding="0" cellspacing="0">
405			<tr>
406	6fde5a1e	Carlos Eduardo Ramos	<td><?=gettext("Default download"); ?></td>
407			<td><input type="text" class="formfld unknown" name="bwdefaultdn" id="bwdefaultdn" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultdn']);?>"> <?=gettext("Kbit/s"); ?></td>
408	7e587bdb	Scott Ullrich	</tr>
409			<tr>
410	6fde5a1e	Carlos Eduardo Ramos	<td><?=gettext("Default upload"); ?></td>
411			<td><input type="text" class="formfld unknown" name="bwdefaultup" id="bwdefaultup" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultup']);?>"> <?=gettext("Kbit/s"); ?></td>
412	7e587bdb	Scott Ullrich	</tr></table>
413			<br>
414	16457bdd	Renato Botelho	<?=gettext("If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth. RADIUS can override the default settings. Leave empty or set to 0 for no limit."); ?> </td>
415	7e587bdb	Scott Ullrich	</tr>
416	a5c0b6c7	Scott Ullrich	<tr>
417	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?></td>
418	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
419	c980716e	Scott Ullrich	<table cellpadding="0" cellspacing="0">
420			<tr>
421	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onClick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked"; ?>>
422	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("No Authentication"); ?></td>
423	c980716e	Scott Ullrich	</tr>
424			<tr>
425	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked"; ?>>
426	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Local"); ?> <a href="system_usermanager.php"><?=gettext("User Manager"); ?></a></td>
427	c980716e	Scott Ullrich	</tr>
428			<tr>
429	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?>>
430	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("RADIUS Authentication"); ?></td>
431	c980716e	Scott Ullrich	</tr><tr>
432			<td> </td>
433			<td> </td>
434			</tr>
435			</table>
436	0bd34ed6	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0">
437	a5c0b6c7	Scott Ullrich	<tr>
438	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Primary RADIUS server"); ?></td>
439	0bd34ed6	Scott Ullrich	</tr>
440			<tr>
441	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
442	b5c78501	Seth Mos	<td class="vtable"><input name="radiusip" type="text" class="formfld unknown" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"><br>
443	16457bdd	Renato Botelho	<?=gettext("Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against."); ?></td>
444	0bd34ed6	Scott Ullrich	</tr>
445			<tr>
446	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
447	b5c78501	Seth Mos	<td class="vtable"><input name="radiusport" type="text" class="formfld unknown" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"><br>
448	16457bdd	Renato Botelho	<?=gettext("Leave this field blank to use the default port (1812)."); ?></td>
449	0bd34ed6	Scott Ullrich	</tr>
450			<tr>
451	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
452	b5c78501	Seth Mos	<td class="vtable"><input name="radiuskey" type="text" class="formfld unknown" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"><br>
453	16457bdd	Renato Botelho	<?=gettext("Leave this field blank to not use a RADIUS shared secret (not recommended)."); ?></td>
454	0bd34ed6	Scott Ullrich	</tr>
455	a5c0b6c7	Scott Ullrich	<tr>
456	0bd34ed6	Scott Ullrich	<td colspan="2" class="list" height="12"></td>
457			</tr>
458			<tr>
459	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Secondary RADIUS server"); ?></td>
460	0bd34ed6	Scott Ullrich	</tr>
461			<tr>
462	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
463	b5c78501	Seth Mos	<td class="vtable"><input name="radiusip2" type="text" class="formfld unknown" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>"><br>
464	16457bdd	Renato Botelho	<?=gettext("If you have a second RADIUS server, you can activate it by entering its IP address here."); ?></td>
465	0bd34ed6	Scott Ullrich	</tr>
466			<tr>
467	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
468	b5c78501	Seth Mos	<td class="vtable"><input name="radiusport2" type="text" class="formfld unknown" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>"></td>
469	0bd34ed6	Scott Ullrich	</tr>
470			<tr>
471	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
472	b5c78501	Seth Mos	<td class="vtable"><input name="radiuskey2" type="text" class="formfld unknown" id="radiuskey2" size="16"
473			value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td>
474	0bd34ed6	Scott Ullrich	</tr>
475			<tr>
476			<td colspan="2" class="list" height="12"></td>
477			</tr>
478	856e58a6	Scott Ullrich	<tr>
479	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Accounting"); ?></td>
480	856e58a6	Scott Ullrich	</tr>
481			<tr>
482			<td class="vncell"> </td>
483			<td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked"; ?>>
484	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("send RADIUS accounting packets"); ?></strong><br>
485	16457bdd	Renato Botelho	<?=gettext("If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server."); ?></td>
486	856e58a6	Scott Ullrich	</tr>
487			<tr>
488	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Accounting port"); ?></td>
489	b5c78501	Seth Mos	<td class="vtable"><input name="radiusacctport" type="text" class="formfld unknown" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"><br>
490	16457bdd	Renato Botelho	<?=gettext("Leave blank to use the default port (1813)."); ?></td>
491	856e58a6	Scott Ullrich	</tr>
492			<tr>
493			<td colspan="2" class="list" height="12"></td>
494			</tr>
495			<tr>
496	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Reauthentication"); ?></td>
497	856e58a6	Scott Ullrich	</tr>
498			<tr>
499			<td class="vncell"> </td>
500			<td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onClick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked"; ?>>
501	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Reauthenticate connected users every minute"); ?></strong><br>
502			<?=gettext("If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is " .
503	16457bdd	Renato Botelho	"logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately."); ?></td>
504	856e58a6	Scott Ullrich	</tr>
505			<tr>
506	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Accounting updates"); ?></td>
507	856e58a6	Scott Ullrich	<td class="vtable">
508	6fde5a1e	Carlos Eduardo Ramos	<input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked"; ?>> <?=gettext("no accounting updates"); ?><br>
509			<input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked"; ?>> <?=gettext("stop/start accounting"); ?><br>
510			<input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked"; ?>> <?=gettext("interim update"); ?>
511	856e58a6	Scott Ullrich	</td>
512			</tr>
513			<tr>
514			<td colspan="2" class="list" height="12"></td>
515			</tr>
516	0bd34ed6	Scott Ullrich	<tr>
517	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("RADIUS MAC authentication"); ?></td>
518	0bd34ed6	Scott Ullrich	</tr>
519			<tr>
520			<td class="vncell"> </td>
521			<td class="vtable">
522	6fde5a1e	Carlos Eduardo Ramos	<input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onClick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked"; ?>><strong><?=gettext("Enable RADIUS MAC authentication"); ?></strong><br>
523			<?=gettext("If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password " .
524	16457bdd	Renato Botelho	"entered below to the RADIUS server."); ?></td>
525	0bd34ed6	Scott Ullrich	</tr>
526			<tr>
527	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell"><?=gettext("Shared secret"); ?></td>
528	b5c78501	Seth Mos	<td class="vtable"><input name="radmac_secret" type="text" class="formfld unknown" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>"></td>
529	0bd34ed6	Scott Ullrich	</tr>
530			<tr>
531			<td colspan="2" class="list" height="12"></td>
532			</tr>
533			<tr>
534	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("RADIUS options"); ?></td>
535	0bd34ed6	Scott Ullrich	</tr>
536	cf0542ac	Scott Ullrich
537	822b687b	Ermal	<tr>
538	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Radius ip attribute"); ?></td>
539	822b687b	Ermal	<td>
540			<select name="radiussrcip_attribute" id="radiussrcip_attribute">
541			<?php $iflist = get_configured_interface_with_descr();
542			foreach ($iflist as $ifdesc => $ifdescr) {
543			$ipaddr = get_interface_ip($ifdesc);
544			if (is_ipaddr($ipaddr)) {
545			$selected = "";
546			if ($ipaddr == $pconfig['radiussrcip_attribute'])
547			$ifdesc = "selected";
548			echo "<option value='{$ifdesc}' {$selected}>{$ifdescr} - {$ipaddr}</option>\n";
549			}
550			}
551	34e9ca60	Ermal	if (is_array($config['virtualip']['vip'])) {
552			foreach ($config['virtualip']['vip'] as $sn) {
553			if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") {
554			$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
555			$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
556			$len = $end - $start;
557
558			for ($i = 0; $i <= $len; $i++) {
559			$snip = long2ip32($start+$i);
560			echo "<option value='{$snip}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$snip}") . "></option>\n";
561			}
562			} else
563			echo "<option value='{$sn['subnet']}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$sn['subnet']}") . "></option>\n";
564			}
565			}
566	822b687b	Ermal	?>
567			</select><br/>
568	16457bdd	Renato Botelho	<?=gettext("Choose the ip to use for calling station attribute."); ?>
569	822b687b	Ermal	</td>
570			</tr>
571
572	0bd34ed6	Scott Ullrich	<tr>
573	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Session-Timeout"); ?></td>
574			<td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong><?=gettext("Use RADIUS Session-Timeout attributes"); ?></strong><br>
575	16457bdd	Renato Botelho	<?=gettext("When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute."); ?></td>
576	0bd34ed6	Scott Ullrich	</tr>
577	cf0542ac	Scott Ullrich
578	0bd34ed6	Scott Ullrich	<tr>
579	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Type"); ?></td>
580	0bd34ed6	Scott Ullrich	<td class="vtable"><select name="radiusvendor" id="radiusvendor">
581	6fde5a1e	Carlos Eduardo Ramos	<option><?=gettext("default"); ?></option>
582	a5c0b6c7	Scott Ullrich	<?php
583	0bd34ed6	Scott Ullrich	$radiusvendors = array("cisco");
584			foreach ($radiusvendors as $radiusvendor){
585			if ($pconfig['radiusvendor'] == $radiusvendor)
586			echo "<option selected value=\"$radiusvendor\">$radiusvendor</option>\n";
587			else
588			echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n";
589			}
590			?></select><br>
591	3b7f0f53	Erik Fonnesbeck	<?php printf(gettext("If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and " .
592			"the Called-Station-Id to the client's MAC address. Default behavior is Calling-Station-Id = client's MAC address and Called-Station-Id = %s's WAN IP address."),
593	16457bdd	Renato Botelho	$g['product_name']);?></td>
594	0bd34ed6	Scott Ullrich	</tr>
595			</table>
596	5b237745	Scott Ullrich	</tr>
597	d11c1f93	sullrich	<tr>
598	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("MAC address format"); ?></td>
599	d11c1f93	sullrich	<td class="vtable">
600			<select name="radmac_format" id="radmac_format">
601	6fde5a1e	Carlos Eduardo Ramos	<option><?=gettext("default"); ?></option>
602	d11c1f93	sullrich	<?php
603	6fde5a1e	Carlos Eduardo Ramos	$macformats = array(gettext("singledash"),gettext("ietf"),gettext("cisco"),gettext("unformatted"));
604	d11c1f93	sullrich	foreach ($macformats as $macformat) {
605			if ($pconfig['radmac_format'] == $macformat)
606			echo "<option selected value=\"$macformat\">$macformat</option>\n";
607			else
608			echo "<option value=\"$macformat\">$macformat</option>\n";
609			}
610			?>
611			</select></br>
612	60f13e63	Carlos Eduardo Ramos	<?=gettext("This option changes the MAC address format used in the whole RADIUS system. Change this if you also"); ?>
613	16457bdd	Renato Botelho	<?=gettext("need to change the username format for RADIUS MAC authentication."); ?><br>
614			<?=gettext("default:"); ?> 00:11:22:33:44:55<br>
615			<?=gettext("singledash:"); ?> 001122-334455<br>
616			<?=gettext("ietf:"); ?> 00-11-22-33-44-55<br>
617			<?=gettext("cisco:"); ?> 0011.2233.4455<br>
618			<?=gettext("unformatted:"); ?> 001122334455
619	d11c1f93	sullrich	</tr>
620	5b237745	Scott Ullrich	<tr>
621	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS login"); ?></td>
622	5b237745	Scott Ullrich	<td class="vtable">
623	c980716e	Scott Ullrich	<input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>>
624	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable HTTPS login"); ?></strong><br>
625	16457bdd	Renato Botelho	<?=gettext("If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below."); ?></td>
626	5b237745	Scott Ullrich	</tr>
627			<tr>
628	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS server name"); ?> </td>
629	5b237745	Scott Ullrich	<td class="vtable">
630	b5c78501	Seth Mos	<input name="httpsname" type="text" class="formfld unknown" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>
631	3b7f0f53	Erik Fonnesbeck	<?php printf(gettext("This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS and verify on the client that the IP resolves to the correct interface IP on %s."), $g['product_name']);?> </td>
632	5b237745	Scott Ullrich	</tr>
633			<tr>
634	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS certificate"); ?></td>
635	5b237745	Scott Ullrich	<td class="vtable">
636			<textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>
637			<br>
638	16457bdd	Renato Botelho	<?=gettext("Paste a signed certificate in X.509 PEM format here."); ?></td>
639	5b237745	Scott Ullrich	</tr>
640			<tr>
641	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS private key"); ?></td>
642	5b237745	Scott Ullrich	<td class="vtable">
643			<textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>
644			<br>
645	16457bdd	Renato Botelho	<?=gettext("Paste an RSA private key in PEM format here."); ?></td>
646	5b237745	Scott Ullrich	</tr>
647	c6e1b0f5	Ermal Lu?i	<tr>
648	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS intermediate certificate"); ?></td>
649	c6e1b0f5	Ermal Lu?i	<td class="vtable">
650			<textarea name="cacert" cols="65" rows="7" id="cacert" class="formpre"><?=htmlspecialchars($pconfig['cacert']);?></textarea>
651			<br>
652	16457bdd	Renato Botelho	<?=gettext("Paste a certificate in X.509 PEM format here."); ?></td>
653	c6e1b0f5	Ermal Lu?i	</tr>
654	a5c0b6c7	Scott Ullrich	<tr>
655	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Portal page contents"); ?></td>
656	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
657	b5c78501	Seth Mos	<?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile"><br>
658	16f5fe76	Scott Ullrich	<?php
659			list($host) = explode(":", $_SERVER['HTTP_HOST']);
660			if(isset($config['captiveportal']['httpslogin'])) {
661			$href = "https://$host:8001";
662			} else {
663			$href = "http://$host:8000";
664	a5c0b6c7	Scott Ullrich	}
665	16f5fe76	Scott Ullrich	?>
666	5b237745	Scott Ullrich	<?php if ($config['captiveportal']['page']['htmltext']): ?>
667	6fde5a1e	Carlos Eduardo Ramos	<a href="<?=$href?>" target="_new"><?=gettext("View current page"); ?></a>
668	5b237745	Scott Ullrich	<br>
669			<br>
670			<?php endif; ?>
671	3b7f0f53	Erik Fonnesbeck	<?php
672	16457bdd	Renato Botelho	printf(
673	3b7f0f53	Erik Fonnesbeck	gettext('Upload an HTML/PHP file for the portal page here (leave blank to keep the current one). ' .
674			'Make sure to include a form (POST to %1$s) with a submit button (%2$s) and a hidden field with %3$s and %4$s. ' .
675			'Include the %5$s and %6$s and/or %7$s input fields if authentication is enabled, otherwise it will always fail.'),
676	16457bdd	Renato Botelho	""{$PORTAL_ACTION}"",
677			"name="accept"",
678			"name="redirurl"",
679			"value="{$PORTAL_REDIRURL}"",
680			""auth_user"",
681			""auth_pass"",
682			""auth_voucher"");
683			?>
684			<?=gettext("Example code for the form:"); ?><br>
685	5b237745	Scott Ullrich	<br>
686			<tt><form method="post" action="$PORTAL_ACTION$"><br>
687			<input name="auth_user" type="text"><br>
688			<input name="auth_pass" type="password"><br>
689	336e3c1c	Charlie	<input name="auth_voucher" type="text"><br>
690	5b237745	Scott Ullrich	<input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br>
691			<input name="accept" type="submit" value="Continue"><br>
692			</form></tt></td>
693			</tr>
694			<tr>
695	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?><br>
696			<?=gettext("error page"); ?><br>
697			<?=gettext("contents"); ?></td>
698	5b237745	Scott Ullrich	<td class="vtable">
699	b5c78501	Seth Mos	<input name="errfile" type="file" class="formfld file" id="errfile"><br>
700	5b237745	Scott Ullrich	<?php if ($config['captiveportal']['page']['errtext']): ?>
701	6fde5a1e	Carlos Eduardo Ramos	<a href="?act=viewerrhtml" target="_blank"><?=gettext("View current page"); ?></a>
702	5b237745	Scott Ullrich	<br>
703			<br>
704			<?php endif; ?>
705	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. " .
706	16457bdd	Renato Botelho	"You may include"); ?> "$PORTAL_MESSAGE$", <?=gettext("which will be replaced by the error or reply messages from the RADIUS server, if any."); ?></td>
707	5b87b24e	Ermal	</tr>
708			<tr>
709	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Logout"); ?><br>
710			<?=gettext("page"); ?><br>
711			<?=gettext("contents"); ?></td>
712	5b87b24e	Ermal	<td class="vtable">
713			<input name="logoutfile" type="file" class="formfld file" id="logoutfile"><br>
714			<?php if ($config['captiveportal']['page']['logouttext']): ?>
715	6fde5a1e	Carlos Eduardo Ramos	<a href="?act=viewlogouthtml" target="_blank"><?=gettext("View current page"); ?></a>
716	5b87b24e	Ermal	<br>
717			<br>
718			<?php endif; ?>
719	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. " .
720	16457bdd	Renato Botelho	"You may include"); ?> "$PORTAL_MESSAGE$", <?=gettext("which will be replaced by the error or reply messages from the RADIUS server, if any."); ?></td>
721	5b237745	Scott Ullrich	</tr>
722	a5c0b6c7	Scott Ullrich	<tr>
723	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
724	a5c0b6c7	Scott Ullrich	<td width="78%">
725	6fde5a1e	Carlos Eduardo Ramos	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onClick="enable_change(true)">
726	5b237745	Scott Ullrich	</td>
727			</tr>
728	a5c0b6c7	Scott Ullrich	<tr>
729	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
730	16457bdd	Renato Botelho	<td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br>
731			</strong></span><?=gettext("Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work."); ?> </span></td>
732	5b237745	Scott Ullrich	</tr>
733			</table>
734			</td>
735			</tr>
736			</table>
737			</form>
738			<script language="JavaScript">
739			<!--
740			enable_change(false);
741			//-->
742			</script>
743			<?php include("fend.inc"); ?>
744	93588e1a	Scott Dale	</body>
745			</html>

Project

General

Profile

pfSense