Project

General

Profile

Download (33.1 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/*
3
	guiconfig.inc
4
*/
5
/* ====================================================================
6
 *  Copyright (c)  2004-2015  Electric Sheep Fencing, LLC. All rights reserved. 
7
 *  Copyright (c)  2004, 2005 Scott Ullrich
8
 *
9
 *  Redistribution and use in source and binary forms, with or without modification, 
10
 *  are permitted provided that the following conditions are met: 
11
 *
12
 *  1. Redistributions of source code must retain the above copyright notice,
13
 *      this list of conditions and the following disclaimer.
14
 *
15
 *  2. Redistributions in binary form must reproduce the above copyright
16
 *      notice, this list of conditions and the following disclaimer in
17
 *      the documentation and/or other materials provided with the
18
 *      distribution. 
19
 *
20
 *  3. All advertising materials mentioning features or use of this software 
21
 *      must display the following acknowledgment:
22
 *      "This product includes software developed by the pfSense Project
23
 *       for use in the pfSense software distribution. (http://www.pfsense.org/). 
24
 *
25
 *  4. The names "pfSense" and "pfSense Project" must not be used to
26
 *       endorse or promote products derived from this software without
27
 *       prior written permission. For written permission, please contact
28
 *       coreteam@pfsense.org.
29
 *
30
 *  5. Products derived from this software may not be called "pfSense"
31
 *      nor may "pfSense" appear in their names without prior written
32
 *      permission of the Electric Sheep Fencing, LLC.
33
 *
34
 *  6. Redistributions of any form whatsoever must retain the following
35
 *      acknowledgment:
36
 *
37
 *  "This product includes software developed by the pfSense Project
38
 *  for use in the pfSense software distribution (http://www.pfsense.org/).
39
 *
40
 *  THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
41
 *  EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
 *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43
 *  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
44
 *  ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45
 *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46
 *  NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47
 *  LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
 *  HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49
 *  STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50
 *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51
 *  OF THE POSSIBILITY OF SUCH DAMAGE.
52
 *
53
 *  ====================================================================
54
 *
55
 */
56
/*
57
	pfSense_MODULE: base
58
*/
59

    
60
/* Include authentication routines */
61
/* THIS MUST BE ABOVE ALL OTHER CODE */
62
if (!$nocsrf) {
63
	function csrf_startup() {
64
		csrf_conf('rewrite-js', '/csrf/csrf-magic.js');
65
		$timeout_minutes = isset($config['system']['webgui']['session_timeout']) ? $config['system']['webgui']['session_timeout'] : 240;
66
		csrf_conf('expires', $timeout_minutes * 60);
67
	}
68
	require_once("csrf/csrf-magic.php");
69
}
70

    
71
/* make sure nothing is cached */
72
if (!$omit_nocacheheaders) {
73
	header("Expires: 0");
74
	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
75
	header("Cache-Control: no-cache, no-store, must-revalidate");
76
	header("Pragma: no-cache");
77
}
78

    
79
header("X-Frame-Options: SAMEORIGIN");
80
require_once("authgui.inc");
81

    
82
/* parse the configuration and include all configuration functions */
83
require_once("functions.inc");
84

    
85
/* Pull in all the gui related display classes) */
86
foreach (scandir("/usr/local/www/classes/") as $file) {
87
	if (substr($file, -4) == ".inc") {
88
		require_once("classes/{$file}");
89
	}
90
}
91

    
92
$g['theme'] = get_current_theme();
93

    
94
/* Set the default interface language */
95
if ($config['system']['language'] <> "") {
96
	$g['language'] = $config['system']['language'];
97
} elseif ($g['language'] == "") {
98
	$g['language'] = 'en_US';
99
}
100

    
101
set_language($g['language']);
102

    
103
/* used by progress bar */
104
$lastseen = "-1";
105

    
106
$navlevelsep = ": ";	/* navigation level separator string */
107
$mandfldhtml = "";		/* display this before mandatory input fields */
108
$mandfldhtmlspc = "";	/* same as above, but with spacing */
109

    
110
/* Some ajax scripts still need access to GUI */
111
if (!$ignorefirmwarelock) {
112
	if (is_subsystem_dirty('firmwarelock')) {
113
		if (!$d_isfwfile) {
114
			header("Location: system_firmware.php");
115
			exit;
116
		} else {
117
			return;
118
		}
119
	}
120
}
121

    
122
/* Reserved table names to avoid collision */
123
$reserved_table_names = array(
124
	"bogons",
125
	"bogonsv6",
126
	"negate_networks",
127
	"snort2c",
128
	"sshlockout",
129
	"tonatsubnets",
130
	"virusprot",
131
	"vpn_networks",
132
	"webConfiguratorlockout"
133
);
134

    
135
$firewall_rules_dscp_types = array(
136
	"af11",
137
	"af12",
138
	"af13",
139
	"af21",
140
	"af22",
141
	"af23",
142
	"af31",
143
	"af32",
144
	"af33",
145
	"af41",
146
	"af42",
147
	"af43",
148
	"VA",
149
	"EF",
150
	"cs1",
151
	"cs2",
152
	"cs3",
153
	"cs4",
154
	"cs5",
155
	"cs6",
156
	"cs7",
157
	"0x01",
158
	"0x02",
159
	"0x04");
160

    
161
$auth_server_types = array(
162
	'ldap' => "LDAP",
163
	'radius' => "Radius");
164

    
165
$ldap_urltypes = array(
166
	'TCP - Standard' => 389,
167
	'SSL - Encrypted' => 636);
168

    
169
$ldap_scopes = array(
170
	'one' => "One Level",
171
	'subtree' => "Entire Subtree");
172

    
173
$ldap_protvers = array(
174
	2,
175
	3);
176

    
177
$ldap_templates = array(
178

    
179
	'open' => array(
180
		'desc' => "OpenLDAP",
181
		'attr_user' => "cn",
182
		'attr_group' => "cn",
183
		'attr_member' => "member"),
184

    
185
	'msad' => array(
186
		'desc' => "Microsoft AD",
187
		'attr_user' => "samAccountName",
188
		'attr_group' => "cn",
189
		'attr_member' => "memberOf"),
190

    
191
	'edir' => array(
192
		'desc' => "Novell eDirectory",
193
		'attr_user' => "cn",
194
		'attr_group' => "cn",
195
		'attr_member' => "uniqueMember"));
196

    
197
$radius_srvcs = array(
198
	'both' => "Authentication and Accounting",
199
	'auth' => "Authentication",
200
	'acct' => "Accounting");
201

    
202
$netbios_nodetypes = array(
203
	'0' => "none",
204
	'1' => "b-node",
205
	'2' => "p-node",
206
	'4' => "m-node",
207
	'8' => "h-node");
208

    
209
/* some well known ports */
210
$wkports = array(
211
	5999 => "CVSup",
212
	53 => "DNS",
213
	21 => "FTP",
214
	3000 => "HBCI",
215
	80 => "HTTP",
216
	443 => "HTTPS",
217
	5190 => "ICQ",
218
	113 => "IDENT/AUTH",
219
	143 => "IMAP",
220
	993 => "IMAP/S",
221
	4500 => "IPsec NAT-T",
222
	500 => "ISAKMP",
223
	1701 => "L2TP",
224
	389 => "LDAP",
225
	1755 => "MMS/TCP",
226
	7000 => "MMS/UDP",
227
	445 => "MS DS",
228
	3389 => "MS RDP",
229
	1512 => "MS WINS",
230
	1863 => "MSN",
231
	119 => "NNTP",
232
	123 => "NTP",
233
	138 => "NetBIOS-DGM",
234
	137 => "NetBIOS-NS",
235
	139 => "NetBIOS-SSN",
236
	1194 => "OpenVPN",
237
	110 => "POP3",
238
	995 => "POP3/S",
239
	1723 => "PPTP",
240
	1812 => "RADIUS",
241
	1813 => "RADIUS accounting",
242
	5004 => "RTP",
243
	5060 => "SIP",
244
	25 => "SMTP",
245
	465 => "SMTP/S",
246
	161 => "SNMP",
247
	162 => "SNMP-Trap",
248
	22 => "SSH",
249
	3478 => "STUN",
250
	587 => "SUBMISSION",
251
	3544 => "Teredo",
252
	23 => "Telnet",
253
	69 => "TFTP",
254
	5900 => "VNC");
255

    
256
/* TCP flags */
257
$tcpflags = array("fin", "syn", "rst", "psh", "ack", "urg", "ece", "cwr");
258

    
259
$specialnets = array("(self)" => "This Firewall", "pppoe" => "PPPoE clients", "l2tp" => "L2TP clients");
260

    
261
$spiflist = get_configured_interface_with_descr(false, true);
262
foreach ($spiflist as $ifgui => $ifdesc) {
263
	$specialnets[$ifgui] = $ifdesc . " net";
264
	$specialnets[$ifgui . 'ip'] = $ifdesc . " address";
265
}
266

    
267
$medias = array(
268
	"auto" => "autoselect",
269
	"100full" => "100BASE-TX full-duplex",
270
	"100half" => "100BASE-TX half-duplex",
271
	"10full" => "10BASE-T full-duplex",
272
	"10half" => "10BASE-T half-duplex");
273

    
274
$wlan_modes = array(
275
	"bss" => "Infrastructure (BSS)",
276
	"adhoc" => "Ad-hoc (IBSS)",
277
	"hostap" => "Access Point");
278

    
279
function do_input_validation($postdata, $reqdfields, $reqdfieldsn, &$input_errors) {
280

    
281
	/* check for bad control characters */
282
	foreach ($postdata as $pn => $pd) {
283
		if (is_string($pd) && preg_match("/[\\x00-\\x08\\x0b\\x0c\\x0e-\\x1f]/", $pd)) {
284
			$input_errors[] = sprintf(gettext("The field %s contains invalid characters."), $pn);
285
		}
286
	}
287

    
288
	for ($i = 0; $i < count($reqdfields); $i++) {
289
		if ($_POST[$reqdfields[$i]] == "" && $_REQUEST[$reqdfields[$i]] == "") {
290
			$input_errors[] = sprintf(gettext("The field %s is required."), $reqdfieldsn[$i]);
291
		}
292
	}
293
}
294

    
295
function print_input_errors($input_errors) {
296
	echo '<div class="alert alert-danger input-errors">';
297
	echo '<p>' . gettext('The following input errors were detected:') . '</p>';
298
	echo '<ul>';
299

    
300
	foreach ($input_errors as $ierr) {
301
		echo '<li>' . htmlspecialchars($ierr) . '</li>';
302
	}
303

    
304
	echo '</ul>';
305
	echo '</div>';
306
}
307

    
308
function verify_gzip_file($fname) {
309
	$returnvar = mwexec("/usr/bin/gzip -t " . escapeshellarg($fname));
310
	if ($returnvar != 0) {
311
		return 0;
312
	} else {
313
		return 1;
314
	}
315
}
316

    
317
function print_info_box_np($msg, $name="apply", $value="", $showapply=false, $class="alert-warning") {
318
	global $g;
319

    
320
	if (strpos($class, "alert-") !== 0)
321
		$class = 'alert-' . $class;
322

    
323
	if (empty($value)) {
324
		$value = gettext("Apply changes");
325
	}
326

    
327
	$msg = '<div class="pull-left">' . $msg . '</div>';
328

    
329
	if (stristr($msg, gettext("apply")) != false || stristr($msg, gettext("save")) != false || stristr($msg, gettext("create")) != false || $showapply) {
330
		$msg .= '<form method="post" class="pull-right"><button type="submit" class="btn btn-default" name="'. $name .'" value="'.$value.'">'.$name.'</button>';
331

    
332
		if ($_POST['if'])
333
			$msg .= "<input type=\"hidden\" name=\"if\" value=\"" . htmlspecialchars($_POST['if']) . "\" />";
334

    
335
		$msg .= '</form>';
336
	} else
337
		$msg = '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>'. $msg;
338

    
339
	echo '<div class="alert ' . $class . ' clearfix" role="alert">'.$msg.'</div>';
340
}
341

    
342
function print_info_box_np_undo($msg, $name = "apply", $value = "Apply changes", $undo) {
343
	global $g;
344

    
345
	if (stristr($msg, "apply") != false || stristr($msg, "save") != false || stristr($msg, "create") != false) {
346
		$savebutton = "<td class=\"infoboxsave nowrap\">";
347
		$savebutton .= "<input type=\"button\" value=\"". gettext("Undo") . "\" onclick=\"document.location='{$undo}'\" />";
348
		$savebutton .= "<input name=\"{$name}\" type=\"submit\" class=\"formbtn\" id=\"${name}\" value=\"{$value}\" />";
349
		$savebutton .= "</td>";
350
		if ($_POST['if']) {
351
			$savebutton .= "<input type=\"hidden\" name=\"if\" value=\"" . htmlspecialchars($_POST['if']) . "\" />";
352
		}
353
	}
354
	$nifty_redbox = "#990000";
355
	$nifty_blackbox = "#000000";
356

    
357
	$themename = $g['theme'];
358

    
359
	if (file_exists("/usr/local/www/themes/{$themename}/tabcontrols.php")) {
360
		$toeval = file_get_contents("/usr/local/www/themes/{$themename}/tabcontrols.php");
361
		eval($toeval);
362
	}
363

    
364
	if (file_exists("/usr/local/www/themes/{$themename}/infobox.php")) {
365
		$toeval = file_get_contents("/usr/local/www/themes/{$themename}/infobox.php");
366
		eval($toeval);
367
	}
368

    
369

    
370
	if (!$savebutton) {
371
		$savebutton = "<td class=\"infoboxsave\"><input value=\"" . gettext("Close") . "\" type=\"button\" onclick=\"jQuery(this).parents('table[id=redboxtable]').hide();\" /></td>";
372
	}
373

    
374
	echo <<<EOFnp
375
	<table class="infobox" id="redboxtable" summary="red box table">
376
		<tr>
377
			<td>
378
				<div class="infoboxnp" id="redbox">
379
					<table class="infoboxnptable2" summary="message">
380
						<tr>
381
							<td class="infoboxnptd">
382
								&nbsp;&nbsp;&nbsp;<img class="infoboxnpimg" src="/themes/{$g['theme']}/images/icons/icon_exclam.gif" alt="exclamation" />
383
							</td>
384
							<td class="infoboxnptd2">
385
								<b>{$msg}</b>
386
							</td>
387
							{$savebutton}
388
							{$undobutton}
389
						</tr>
390
					</table>
391
				</div>
392
				<div>
393
					<p>&nbsp;</p>
394
				</div>
395
			</td>
396
		</tr>
397
	</table>
398
	<script type="text/javascript">
399
	//<![CDATA[
400
		NiftyCheck();
401
		Rounded("div#redbox","all","#FFF","{$nifty_redbox}","smooth");
402
		Rounded("td#blackbox","all","#FFF","{$nifty_blackbox}","smooth");
403
	//]]>
404
	</script>
405
EOFnp;
406

    
407
}
408

    
409
function print_info_box($msg, $class="alert-warning") {
410
	print_info_box_np($msg, null, null, false, $class);
411

    
412
}
413

    
414
function get_std_save_message($ok) {
415
	global $d_sysrebootreqd_path;
416
	$filter_related = false;
417
	$filter_pages = array("nat", "filter");
418
	$to_return = gettext("The changes have been applied successfully.");
419
	foreach ($filter_pages as $fp) {
420
		if (stristr($_SERVER['SCRIPT_FILENAME'], $fp)) {
421
			$filter_related = true;
422
		}
423
	}
424
	if ($filter_related) {
425
		$to_return .= "<br />" . gettext("You can also <a href=\"status_filter_reload.php\">monitor</a> the filter reload progress.");
426
	}
427
	return $to_return;
428
}
429

    
430
function pprint_address($adr) {
431
	global $specialnets;
432

    
433
	if (isset($adr['any'])) {
434
		$padr = "*";
435
	} else if ($adr['network']) {
436
		$padr = $specialnets[$adr['network']];
437
	} else {
438
		$padr = $adr['address'];
439
	}
440

    
441
	if (isset($adr['not'])) {
442
		$padr = "! " . $padr;
443
	}
444

    
445
	return $padr;
446
}
447

    
448
function pprint_port($port) {
449
	global $wkports;
450

    
451
	$pport = "";
452

    
453
	if (!$port) {
454
		return "*";
455
	} else {
456
		$srcport = explode("-", $port);
457
		if ((!$srcport[1]) || ($srcport[0] == $srcport[1])) {
458
			$pport = $srcport[0];
459
			if ($wkports[$srcport[0]]) {
460
				$pport .= " (" . $wkports[$srcport[0]] . ")";
461
			}
462
		} else {
463
			$pport .= $srcport[0] . " - " . $srcport[1];
464
		}
465
	}
466

    
467
	return $pport;
468
}
469

    
470
function firewall_check_for_advanced_options(&$item) {
471
	$item_set = "";
472
	if ($item['os']) {
473
			$item_set .= "os {$item['os']} ";
474
	}
475
	if ($item['dscp']) {
476
		$item_set .= "dscp {$item['dscp']} ";
477
	}
478
	if ($item['max']) {
479
		$item_set .= "max {$item['max']} ";
480
	}
481
	if ($item['max-src-nodes']) {
482
		$item_set .= "max-src-nodes {$item['max-src-nodes']} ";
483
	}
484
	if ($item['max-src-conn']) {
485
		$item_set .= "max-src-conn {$item['max-src-conn']} ";
486
	}
487
	if ($item['max-src-states']) {
488
		$item_set .= "max-src-states {$item['max-src-states']} ";
489
	}
490
	if (isset($item['nopfsync'])) {
491
		$item_set .= "nopfsync ";
492
	}
493
	if ($item['statetype'] != "keep state" && $item['statetype'] != "") {
494
		$item_set .= "statetype {$item['statetype']} ";
495
	}
496
	if ($item['statetimeout']) {
497
		$item_set .= "statetimeout {$item['statetimeout']} ";
498
	}
499
	if (isset($item['nosync'])) {
500
		$item_set .= "no XMLRPC Sync ";
501
	}
502
	if ($item['max-src-conn-rate']) {
503
		$item_set .= "max-src-conn-rate {$item['max-src-conn-rate']} ";
504
	}
505
	if ($item['max-src-conn-rates']) {
506
		$item_set .= "max-src-conn-rates {$item['max-src-conn-rates']} ";
507
	}
508
	if ($item['vlanprio']) {
509
		$item_set .= "vlanprio {$item['vlanprio']} ";
510
	}
511
	if ($item['vlanprioset']) {
512
		$item_set .= "vlanprioset {$item['vlanprioset']} ";
513
	}
514
	if ($item['gateway']) {
515
		$item_set .= "gateway {$item['gateway']} ";
516
	}
517
	if ($item['dnpipe']) {
518
		$item_set .= "limiter {$item['dnpipe']} ";
519
	}
520
	if ($item['pdnpipe']) {
521
		$item_set .= "limiter {$item['pdnpipe']} ";
522
	}
523
	if ($item['ackqueue']) {
524
		$item_set .= "ackqueue {$item['ackqueue']} ";
525
	}
526
	if ($item['defaultqueue']) {
527
		$item_set .= "defaultqueue {$item['defaultqueue']} ";
528
	}
529
	if ($item['l7container']) {
530
		$item_set .= "layer7 {$item['l7container']} ";
531
	}
532
	if ($item['tag']) {
533
		$item_set .= "tag {$item['tag']} ";
534
	}
535
	if ($item['tagged']) {
536
		$item_set .= "tagged {$item['tagged']} ";
537
	}
538
	if (isset($item['allowopts'])) {
539
		$item_set .= "allowopts ";
540
	}
541
	if (isset($item['disablereplyto'])) {
542
		$item_set .= "disable reply-to ";
543
	}
544
	if ($item['tcpflags_any'] || $item['tcpflags1'] || $item['tcpflags2']) {
545
		$item_set .= "tcpflags set";
546
	}
547

    
548
	return $item_set;
549
}
550

    
551
function gentitle($title) {
552
	global $navlevelsep;
553
	if (!is_array($title)) {
554
		return $title;
555
	} else {
556
		return join($navlevelsep, $title);
557
	}
558
}
559

    
560
function genhtmltitle($title) {
561
	if (!is_array($title))
562
		return '<h1 class="page-header">' . $title . '</h1>';
563

    
564
	$heading = '<h1 class="page-header">' . end($title) . '</h1>';
565

    
566
	$bc = '<ol class="breadcrumb">';
567

    
568
	foreach ($title as $el)
569
		$bc .= '<li>'.$el.'</li>';
570

    
571
	$bc .= '</ol>';
572

    
573
	return $heading . $bc;
574
}
575

    
576
/* update the changedesc and changecount(er) variables */
577
function update_changedesc($update) {
578
	global $changedesc;
579
	global $changecount;
580

    
581
	$changedesc .= " {$update}";
582
	$changecount++;
583
}
584

    
585
function clear_log_file($logfile = "/var/log/system.log", $restart_syslogd = true) {
586
	global $config, $g;
587
	if ($restart_syslogd) {
588
		exec("/usr/bin/killall syslogd");
589
	}
590
	if (isset($config['system']['disablesyslogclog'])) {
591
		unlink($logfile);
592
		touch($logfile);
593
	} else {
594
		$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : "511488";
595
		if (isset($config['system']['usefifolog'])) {
596
			exec("/usr/sbin/fifolog_create -s {$log_size} " . escapeshellarg($logfile));
597
		} else {
598
			exec("/usr/local/sbin/clog -i -s {$log_size} " . escapeshellarg($logfile));
599
		}
600
	}
601
	if ($restart_syslogd) {
602
		system_syslogd_start();
603
	}
604
}
605

    
606
function clear_all_log_files() {
607
	global $g;
608
	exec("/usr/bin/killall syslogd");
609

    
610
	$log_files = array("system", "filter", "dhcpd", "vpn", "pptps", "poes", "l2tps", "openvpn", "portalauth", "ipsec", "ppp", "relayd", "wireless", "lighttpd", "ntpd", "gateways", "resolver", "routing");
611
	foreach ($log_files as $lfile) {
612
		clear_log_file("{$g['varlog_path']}/{$lfile}.log", false);
613
	}
614

    
615
	system_syslogd_start();
616
	killbyname("dhcpd");
617
	services_dhcpd_configure();
618
	return;
619
}
620

    
621
// This version of dump_clog() does not output <td></td> or any other table elements. It can be renamed
622
// and the dump_clog() removed once all of the diag_log*.php files have been converted to Bootstrap
623
function dump_clog_no_table($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert = "") {
624
	global $g, $config;
625
	$sor = isset($config['syslog']['reverse']) ? "-r" : "";
626
	$logarr = "";
627
	$grepline = "  ";
628
	if (is_array($grepfor))
629
		$grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor));
630
	if (is_array($grepinvert))
631
		$grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert));
632
	if (is_dir($logfile)) {
633
		$logarr = array("File $logfile is a directory.");
634
	} elseif (file_exists($logfile) && filesize($logfile) == 0) {
635
		$logarr = array("Log file started.");
636
	} else {
637
		if ($config['system']['disablesyslogclog']) {
638
			exec("cat " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
639
		} else {
640
			if (isset($config['system']['usefifolog']))
641
				exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
642
			else
643
				exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . "{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
644
		}
645
	}
646
	echo "\n";
647

    
648
	$rows = 0;
649
	foreach ($logarr as $logent) {
650
		$rows++;
651
		$logent = preg_split("/\s+/", $logent, 6);
652

    
653
		if ($withorig) {
654
				if (isset($config['system']['usefifolog'])) {
655
					$entry_date_time = htmlspecialchars(date("F j, Y, g:i a","" . $logent[1] . ""));
656
					$entry_text = htmlspecialchars($logent[5]);
657
				} else {
658
					$entry_date_time = htmlspecialchars(join(" ", array_slice($logent, 0, 3)));
659
					$entry_text = ($logent[3] ==  $config['system']['hostname']) ? "" : $logent[3] . " ";
660
					$entry_text .= htmlspecialchars($logent[4] . " " . $logent[5]);
661
				}
662
				echo "{$entry_date_time}";
663
				echo " " . "{$entry_text}"	. "\n";
664
		} else {
665
				echo htmlspecialchars($logent[5]) . "\n";
666
		}
667

    
668
	}
669
	return($rows);
670
}
671

    
672
function dump_clog($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert = "") {
673
	global $g, $config;
674
	$sor = isset($config['syslog']['reverse']) ? "-r" : "";
675
	$logarr = "";
676
	$grepline = "  ";
677
	if (is_array($grepfor)) {
678
		$grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor));
679
	}
680
	if (is_array($grepinvert)) {
681
		$grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert));
682
	}
683
	if (is_dir($logfile)) {
684
		$logarr = array("File $logfile is a directory.");
685
	} elseif (file_exists($logfile) && filesize($logfile) == 0) {
686
		$logarr = array("Log file started.");
687
	} else {
688
		if ($config['system']['disablesyslogclog']) {
689
			exec("cat " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
690
		} else {
691
			if (isset($config['system']['usefifolog'])) {
692
				exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
693
			} else {
694
				exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . "{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
695
			}
696
		}
697
	}
698
	foreach ($logarr as $logent) {
699
		$logent = preg_split("/\s+/", $logent, 6);
700
		echo "<tr valign=\"top\">\n";
701
		if ($withorig) {
702
			if (isset($config['system']['usefifolog'])) {
703
				$entry_date_time = htmlspecialchars(date("F j, Y, g:i a", "" . $logent[1] . ""));
704
				$entry_text = htmlspecialchars($logent[5]);
705
			} else {
706
				$entry_date_time = htmlspecialchars(join(" ", array_slice($logent, 0, 3)));
707
				$entry_text = ($logent[3] == $config['system']['hostname']) ? "" : $logent[3] . " ";
708
				$entry_text .= htmlspecialchars($logent[4] . " " . $logent[5]);
709
			}
710
			echo "<td class=\"listlr nowrap\">{$entry_date_time}</td>\n";
711
			echo "<td class=\"listr\">{$entry_text}</td>\n";
712
		} else {
713
				echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
714
		}
715
		echo "</tr>\n";
716
	}
717
}
718

    
719
function return_clog($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert = "", $grepreverse = false) {
720
	global $g, $config;
721
	$sor = (isset($config['syslog']['reverse']) || $grepreverse) ? "-r" : "";
722
	$logarr = "";
723
	$grepline = "  ";
724
	if (is_array($grepfor)) {
725
		$grepline .= " | /usr/bin/egrep " . escapeshellarg(implode("|", $grepfor));
726
	}
727
	if (is_array($grepinvert)) {
728
		$grepline .= " | /usr/bin/egrep -v " . escapeshellarg(implode("|", $grepinvert));
729
	}
730
	if ($config['system']['disablesyslogclog']) {
731
		exec("cat " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
732
	} else {
733
		if (isset($config['system']['usefifolog'])) {
734
			exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . "{$grepline} | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
735
		} else {
736
			exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . "{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n " . escapeshellarg($tail), $logarr);
737
		}
738
	}
739
	return($logarr);
740
}
741

    
742
/* Check if variable has changed, update and log if it has
743
 * returns true if var changed
744
 * varname = variable name in plain text
745
 * orig = original value
746
 * new = new value
747
 */
748
function update_if_changed($varname, & $orig, $new) {
749
	if (is_array($orig) && is_array($new)) {
750
		$a_diff = array_diff($orig, $new);
751
		foreach ($a_diff as $diff) {
752
			update_changedesc("removed {$varname}: \"{$diff}\"");
753
		}
754
		$a_diff = array_diff($new, $orig);
755
		foreach ($a_diff as $diff) {
756
			update_changedesc("added {$varname}: \"{$diff}\"");
757
		}
758
		$orig = $new;
759
		return true;
760

    
761
	} else {
762
		if ($orig != $new) {
763
			update_changedesc("{$varname}: \"{$orig}\" -> \"{$new}\"");
764
			$orig = $new;
765
			return true;
766
		}
767
	}
768
	return false;
769
}
770

    
771
function address_to_pconfig($adr, &$padr, &$pmask, &$pnot, &$pbeginport, &$pendport) {
772
	if (isset($adr['any'])) {
773
		$padr = "any";
774
	} else if ($adr['network']) {
775
		$padr = $adr['network'];
776
	} else if ($adr['address']) {
777
		list($padr, $pmask) = explode("/", $adr['address']);
778
		if (!$pmask) {
779
			if (is_ipaddrv6($padr)) {
780
				$pmask = 128;
781
			} else {
782
				$pmask = 32;
783
			}
784
		}
785
	}
786

    
787
	if (isset($adr['not'])) {
788
		$pnot = 1;
789
	} else {
790
		$pnot = 0;
791
	}
792

    
793
	if ($adr['port']) {
794
		list($pbeginport, $pendport) = explode("-", $adr['port']);
795
		if (!$pendport) {
796
			$pendport = $pbeginport;
797
		}
798
	} else if (!is_alias($pbeginport) && !is_alias($pendport)) {
799
		$pbeginport = "any";
800
		$pendport = "any";
801
	}
802
}
803

    
804
function pconfig_to_address(&$adr, $padr, $pmask, $pnot = false, $pbeginport = 0, $pendport = 0) {
805
	$adr = array();
806

    
807
	if ($padr == "any") {
808
		$adr['any'] = true;
809
	} else if (is_specialnet($padr)) {
810
		$adr['network'] = $padr;
811
	} else {
812
		$adr['address'] = $padr;
813
		if (is_ipaddrv6($padr)) {
814
			if ($pmask != 128) {
815
				$adr['address'] .= "/" . $pmask;
816
			}
817
		} else {
818
			if ($pmask != 32) {
819
				$adr['address'] .= "/" . $pmask;
820
			}
821
		}
822
	}
823

    
824
	if ($pnot) {
825
		$adr['not'] = true;
826
	} else {
827
		unset($adr['not']);
828
	}
829

    
830
	if (($pbeginport != 0) && ($pbeginport != "any")) {
831
		if ($pbeginport != $pendport) {
832
			$adr['port'] = $pbeginport . "-" . $pendport;
833
		} else {
834
			$adr['port'] = $pbeginport;
835
		}
836
	}
837

    
838
	if (is_alias($pbeginport)) {
839
		$adr['port'] = $pbeginport;
840
	}
841
}
842

    
843
function is_specialnet($net) {
844
	global $specialsrcdst;
845

    
846
	if (!$net) {
847
		return false;
848
	}
849
	if (in_array($net, $specialsrcdst)) {
850
		return true;
851
	} else {
852
		return false;
853
	}
854
}
855

    
856
//function to create widget tabs when called
857
function display_widget_tabs(& $tab_array) {
858
	echo "<div id=\"tabs\">";
859
	$tabscounter = 0;
860
	foreach ($tab_array as $ta) {
861
		$dashpos = strpos($ta[2], '-');
862
		$tabname = $ta[2] . "-tab";
863
		$tabclass = substr($ta[2], 0, $dashpos);
864
		$tabclass = $tabclass . "-class";
865
		if ($ta[1] == true) {
866
			$tabActive = "table-cell";
867
			$tabNonActive = "none";
868
		} else {
869
			$tabActive = "none";
870
			$tabNonActive = "table-cell";
871
		}
872
		echo "<div id=\"{$ta[2]}-active\" class=\"{$tabclass}-tabactive\" style=\"display:{$tabActive}; background-color:#EEEEEE; color:black;\">";
873
		echo "<b>&nbsp;&nbsp;&nbsp;{$ta[0]}";
874
		echo "&nbsp;&nbsp;&nbsp;</b>";
875
		echo "</div>";
876

    
877
		echo "<div id=\"{$ta[2]}-deactive\" class=\"{$tabclass}-tabdeactive\" style=\"display:{$tabNonActive}; background-color:#777777; color:white; cursor: pointer;\" onclick=\"return changeTabDIV('{$ta[2]}')\">";
878
		echo "<b>&nbsp;&nbsp;&nbsp;{$ta[0]}";
879
		echo "&nbsp;&nbsp;&nbsp;</b>";
880
		echo "</div>";
881
	}
882

    
883
	echo "<script type=\"text/javascript\">";
884
	echo "\n//<![CDATA[\n";
885
	echo "NiftyCheck();\n";
886
	echo "Rounded(\"div.{$tabclass}-tabactive\",\"top\",\"#CCCCCC\",\"#EEEEEE\",\"smooth\");\n";
887
	echo "Rounded(\"div.{$tabclass}-tabdeactive\",\"top\",\"#CCCCCC\",\"#777777\",\"smooth\");\n";
888
	echo "//]]>\n";
889
	echo "</script>";
890
	echo "</div>";
891
}
892

    
893

    
894
// Return inline javascript file or CSS to minimize
895
// request count going back to server.
896
function outputJavaScriptFileInline($javascript) {
897
	if (file_exists($javascript)) {
898
		echo "\n<script type=\"text/javascript\">\n";
899
		include($javascript);
900
		echo "\n</script>\n";
901
	} else {
902
		echo "\n\n<!-- Could not locate file:  {$javascript} -->\n\n";
903
	}
904
}
905

    
906

    
907

    
908
function outputCSSPrintFileInline($css) {
909
	if (file_exists($css)) {
910
		echo "\n<style media=\"print\" type=\"text/css\">\n";
911
		include($css);
912
		echo "\n</style>\n";
913
	} else {
914
		echo "\n\n<!-- Could not locate file:  {$css} -->\n\n";
915
	}
916
}
917

    
918

    
919
function outputCSSFileInline($css) {
920
	if (file_exists($css)) {
921
		echo "\n<style type=\"text/css\">\n";
922
		include($css);
923
		echo "\n</style>\n";
924
	} else {
925
		echo "\n\n<!-- Could not locate file:  {$css} -->\n\n";
926
	}
927
}
928

    
929
$rfc2616 = array(
930
	100 => "100 Continue",
931
	101 => "101 Switching Protocols",
932
	200 => "200 OK",
933
	201 => "201 Created",
934
	202 => "202 Accepted",
935
	203 => "203 Non-Authoritative Information",
936
	204 => "204 No Content",
937
	205 => "205 Reset Content",
938
	206 => "206 Partial Content",
939
	300 => "300 Multiple Choices",
940
	301 => "301 Moved Permanently",
941
	302 => "302 Found",
942
	303 => "303 See Other",
943
	304 => "304 Not Modified",
944
	305 => "305 Use Proxy",
945
	306 => "306 (Unused)",
946
	307 => "307 Temporary Redirect",
947
	400 => "400 Bad Request",
948
	401 => "401 Unauthorized",
949
	402 => "402 Payment Required",
950
	403 => "403 Forbidden",
951
	404 => "404 Not Found",
952
	405 => "405 Method Not Allowed",
953
	406 => "406 Not Acceptable",
954
	407 => "407 Proxy Authentication Required",
955
	408 => "408 Request Timeout",
956
	409 => "409 Conflict",
957
	410 => "410 Gone",
958
	411 => "411 Length Required",
959
	412 => "412 Precondition Failed",
960
	413 => "413 Request Entity Too Large",
961
	414 => "414 Request-URI Too Long",
962
	415 => "415 Unsupported Media Type",
963
	416 => "416 Requested Range Not Satisfiable",
964
	417 => "417 Expectation Failed",
965
	500 => "500 Internal Server Error",
966
	501 => "501 Not Implemented",
967
	502 => "502 Bad Gateway",
968
	503 => "503 Service Unavailable",
969
	504 => "504 Gateway Timeout",
970
	505 => "505 HTTP Version Not Supported"
971
);
972

    
973
function is_rfc2616_code($code) {
974
	global $rfc2616;
975
	if (isset($rfc2616[$code])) {
976
		return true;
977
	} else {
978
		return false;
979
	}
980
}
981

    
982
function print_rfc2616_select($tag, $current) {
983
	global $rfc2616;
984

    
985
	/* Default to 200 OK if not set */
986
	if ($current == "") {
987
		$current = 200;
988
	}
989

    
990
	echo "<select id=\"{$tag}\" name=\"{$tag}\">\n";
991
	foreach ($rfc2616 as $code => $message) {
992
		if ($code == $current) {
993
			$sel = " selected=\"selected\"";
994
		} else {
995
			$sel = "";
996
		}
997
		echo "<option value=\"{$code}\"{$sel}>{$message}</option>\n";
998
	}
999
	echo "</select>\n";
1000
}
1001

    
1002
// Useful debugging function, much cleaner than print_r
1003
function echo_array($array, $return_me = false) {
1004
	if (is_array($array) == false) {
1005
		$return = "The provided variable is not an array.";
1006
	} else {
1007
		foreach ($array as $name=>$value) {
1008
			if (is_array($value)) {
1009
				$return .= "";
1010
				$return .= "['<b>$name</b>'] {<div style=\"margin-left:10px;\">\n";
1011
				$return .= echo_array($value, true);
1012
				$return .= "</div>}";
1013
				$return .= "\n\n";
1014
			} else {
1015
				if (is_string($value)) {
1016
					$value = "\"$value\"";
1017
				}
1018
				$return .= "['<b>$name</b>'] = $value\n\n";
1019
			}
1020
		}
1021
	}
1022
	if ($return_me == true) {
1023
		return $return;
1024
	} else {
1025
		echo "<pre>".$return."</pre>";
1026
	}
1027
}
1028

    
1029
/****f* pfsense-utils/display_top_tabs
1030
 * NAME
1031
 *	 display_top_tabs - display tabs with rounded edges
1032
 * INPUTS
1033
 *	 $text	  - array of tabs
1034
 * RESULT
1035
 *	 null
1036
 ******/
1037
function display_top_tabs(& $tab_array, $no_drop_down = false, $type = 'pills') {
1038
	global $config;
1039
	global $g;
1040
	global $tab_array_indent;
1041
	global $tab_array_space;
1042
	global $tab_array_char_limit;
1043

    
1044
	/*	does the user have access to this tab?
1045
	 *	master user has access to everything.
1046
	 *	if the user does not have access, simply
1047
	 *	unset the tab item.
1048
	 */
1049

    
1050
	/* empty string code */
1051
	if ($tab_array_indent == '') {
1052
		$tab_array_indent = 0;
1053
	}
1054

    
1055
	if ($tab_array_space == '') {
1056
		$tab_array_space = 1;
1057
	}
1058

    
1059
	if ($tab_array_char_limit == '') {
1060
		$tab_array_char_limit = 92;
1061
	}
1062

    
1063
	foreach ($tab_array as $tab_id => $ta) {
1064
		if (!isAllowedPage($ta[2])) {
1065
			unset ($tab_array[$tab_id]);
1066
		}
1067
	}
1068

    
1069
	$tab_active_bg	 = "#EEEEEE";
1070
	$tab_inactive_bg = "#777777";
1071
	$nifty_tabs_corners = "#FFF";
1072
	$font_color = "white";
1073

    
1074
	$tabcharcount = 0;
1075
	foreach ($tab_array as $ta)
1076
		$tabcharcount = $tabcharcount + strlen($ta[0]);
1077

    
1078
	if ($no_drop_down == true) {
1079
		$tabcharcount = 0;
1080
		unset($tab_array_char_limit);
1081
	}
1082

    
1083
	// If the character count of the tab names is > 670
1084
	// then show a select item dropdown menubox.
1085
	if ($tabcharcount > $tab_array_char_limit): ?>
1086
		echo gettext("Currently viewing: ");
1087
		echo "<select name=\"TabSelect\" onchange=\"tabs_will_go(this)\">\n";
1088
		foreach ($tab_array as $ta) {
1089
			if ($ta[1] == "true")
1090
				$selected = " selected=\"selected\"";
1091
			else
1092
				$selected = "";
1093
			// Onclick in option will not work in some browser
1094
			// echo "<option onclick=\"document.location='{$ta[2]}';\"{$selected}>{$ta['0']}</option>\n";
1095
			echo "<option value=\"{$ta[2]}\"{$selected}>{$ta['0']}</option>\n";
1096
		}
1097
		echo "</select>\n<p>&nbsp;</p>";
1098
		echo "<script type=\"text/javascript\">";
1099
		echo "\n//<![CDATA[\n";
1100
		echo " function tabs_will_go(obj){ document.location = obj.value; }\n";
1101
		echo "//]]>\n";
1102
		echo "</script>";
1103
<? else: ?>
1104
	<ul class="nav nav-<?= $type ?>">
1105
		<?php foreach ($tab_array as $ta): ?>
1106
			<li role="presentation"<?=($ta[1] ? ' class="active"' : '')?>><a href="<?=$ta[2]?>"><?=$ta[0]?></a></li>
1107
		<?php endforeach; ?>
1108
	</ul>
1109
<?php endif;
1110
}
1111

    
1112
function add_package_tabs($pkgname, &$tab_array) {
1113
	global $config, $g;
1114

    
1115
//	$pkg = get_pkg_data($pkgname);
1116

    
1117
	if (!isset($pkg['configurationfile']) || !file_exists('/usr/local/pkg/' . $pkg['configurationfile'])) {
1118
		return;
1119
	}
1120

    
1121
	$pkg_config = parse_xml_config_pkg('/usr/local/pkg/' . $pkg['configurationfile'], "packagegui");
1122

    
1123
	if (!isset($pkg_config['tabs']['tab'])) {
1124
		return;
1125
	}
1126

    
1127
	foreach ($pkg_config['tabs']['tab'] as $tab) {
1128
		$tab_entry = array();
1129
		if ($tab['name']) {
1130
			$tab_entry[] = $tab['name'];
1131
			$tab_entry[] = false;
1132
			$tab_entry[] = $tab['url'];
1133
			$tab_array[] = $tab_entry;
1134
		}
1135
	}
1136
}
1137

    
1138
function alias_info_popup($alias_id) {
1139
	global $config;
1140

    
1141
	if (!is_array($config['aliases']['alias'][$alias_id]))
1142
		return;
1143

    
1144
	$maxlength = 60;
1145
	$alias = $config['aliases']['alias'][$alias_id];
1146
	$content = "";
1147

    
1148
	if ($alias['url'])
1149
	{
1150
		// TODO: Change it when pf supports tables with ports
1151
		if ($alias['type'] == "urltable") {
1152
			exec("/sbin/pfctl -t {$alias['name']} -T show | wc -l", $total_entries);
1153
			$counter=preg_replace("/\D/","",$total_entries[0]);
1154
			exec("/sbin/pfctl -t {$alias['name']} -T show | head -10002", $alias_addresses);
1155
		} else {
1156
			$urlfn = alias_expand_urltable($alias['name']);
1157
			$alias_addresses = explode("\n", file_get_contents($urlfn));
1158
			$counter = count($alias_addresses);
1159
		}
1160

    
1161
		$content .= '<h5>'. $alias['url'] .'</h5><ul><li>'. implode('</li><li>', $alias_ports_address) .'</li></ul>';
1162

    
1163
		if ($counter > 10002)
1164
			$content .= '<i>'. gettext("listing only first 10k items") .'</i>';
1165
	}
1166
	else
1167
	{
1168
		$alias_addresses = explode (" ", $alias['address']);
1169
		$alias_details = explode ("||", $alias['detail']);
1170

    
1171
		$content .= '<ul><li>'. implode('</li><li>', $alias_addresses) .'</li></ul>';
1172
	}
1173

    
1174
	if (strlen($alias['descr']) >= $maxlength)
1175
		$alias['descr'] = substr($alias['descr'], 0, $maxlength) . '&hellip;';
1176

    
1177
	return $content;
1178
}
1179

    
1180
function rule_columns_with_alias($src, $srcport, $dst, $dstport) {
1181
	global $config;
1182

    
1183
	if ($config['aliases']['alias'] == "" || !is_array($config['aliases']['alias']))
1184
		return;
1185

    
1186
	$columns = array();
1187
	foreach ($config['aliases']['alias'] as $alias_id => $alias_name) {
1188
		if ($alias_name['name'] == $src)
1189
			$columns['src'] = $alias_id;
1190
		elseif ($alias_name['name'] == $srcport)
1191
			$columns['srcport'] = $alias_id;
1192
		elseif ($alias_name['name'] == $dst )
1193
			$columns['dst'] = $alias_id;
1194
		elseif ($alias_name['name'] == $dstport)
1195
			$columns['dstport'] = $alias_id;
1196

    
1197
		return $columns;
1198
	}
1199
}
1200

    
1201
function form_output_row($name, $label, $content) {
1202
var_dump($content);die;
1203
?>
1204
<div class="form-group">
1205
	<label for="<?=$name?>" class="col-sm-2 control-label"><?=gettext($label); ?></label>
1206
	<div class="col-sm-10">
1207
		<?=$content?>
1208
	</div>
1209
</div>
1210
<?php
1211
}
1212

    
1213
$timezone = $config['system']['timezone'];
1214
if (!$timezone) {
1215
	$timezone = "Etc/UTC";
1216
}
1217

    
1218
date_default_timezone_set($timezone);
1219

    
1220
?>
(77-77/235)