Project

General

Profile

Download (18 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/*
3
 * system.php
4
 *
5
 * part of pfSense (https://www.pfsense.org)
6
 * Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
7
 * All rights reserved.
8
 *
9
 * originally based on m0n0wall (http://m0n0.ch/wall)
10
 * Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
11
 * All rights reserved.
12
 *
13
 * Licensed under the Apache License, Version 2.0 (the "License");
14
 * you may not use this file except in compliance with the License.
15
 * You may obtain a copy of the License at
16
 *
17
 * http://www.apache.org/licenses/LICENSE-2.0
18
 *
19
 * Unless required by applicable law or agreed to in writing, software
20
 * distributed under the License is distributed on an "AS IS" BASIS,
21
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22
 * See the License for the specific language governing permissions and
23
 * limitations under the License.
24
 */
25

    
26
##|+PRIV
27
##|*IDENT=page-system-generalsetup
28
##|*NAME=System: General Setup
29
##|*DESCR=Allow access to the 'System: General Setup' page.
30
##|*MATCH=system.php*
31
##|-PRIV
32

    
33
require_once("guiconfig.inc");
34
require_once("functions.inc");
35
require_once("filter.inc");
36
require_once("shaper.inc");
37
require_once("system.inc");
38

    
39
$pconfig['hostname'] = $config['system']['hostname'];
40
$pconfig['domain'] = $config['system']['domain'];
41
list($pconfig['dns1'], $pconfig['dns2'], $pconfig['dns3'], $pconfig['dns4']) = $config['system']['dnsserver'];
42

    
43
$arr_gateways = return_gateways_array();
44

    
45
// set default columns to two if unset
46
if (!isset($config['system']['webgui']['dashboardcolumns'])) {
47
	$config['system']['webgui']['dashboardcolumns'] = 2;
48
}
49

    
50
$pconfig['dns1gw'] = $config['system']['dns1gw'];
51
$pconfig['dns2gw'] = $config['system']['dns2gw'];
52
$pconfig['dns3gw'] = $config['system']['dns3gw'];
53
$pconfig['dns4gw'] = $config['system']['dns4gw'];
54

    
55
$pconfig['dnsallowoverride'] = isset($config['system']['dnsallowoverride']);
56
$pconfig['timezone'] = $config['system']['timezone'];
57
$pconfig['timeservers'] = $config['system']['timeservers'];
58
$pconfig['language'] = $config['system']['language'];
59
$pconfig['webguicss'] = $config['system']['webgui']['webguicss'];
60
$pconfig['webguifixedmenu'] = $config['system']['webgui']['webguifixedmenu'];
61
$pconfig['dashboardcolumns'] = $config['system']['webgui']['dashboardcolumns'];
62
$pconfig['webguileftcolumnhyper'] = isset($config['system']['webgui']['webguileftcolumnhyper']);
63
$pconfig['dashboardavailablewidgetspanel'] = isset($config['system']['webgui']['dashboardavailablewidgetspanel']);
64
$pconfig['systemlogsfilterpanel'] = isset($config['system']['webgui']['systemlogsfilterpanel']);
65
$pconfig['systemlogsmanagelogpanel'] = isset($config['system']['webgui']['systemlogsmanagelogpanel']);
66
$pconfig['statusmonitoringsettingspanel'] = isset($config['system']['webgui']['statusmonitoringsettingspanel']);
67
$pconfig['webguihostnamemenu'] = $config['system']['webgui']['webguihostnamemenu'];
68
$pconfig['dnslocalhost'] = isset($config['system']['dnslocalhost']);
69
$pconfig['dashboardperiod'] = isset($config['widgets']['period']) ? $config['widgets']['period']:"10";
70

    
71
if (!$pconfig['timezone']) {
72
	if (isset($g['default_timezone']) && !empty($g['default_timezone'])) {
73
		$pconfig['timezone'] = $g['default_timezone'];
74
	} else {
75
		$pconfig['timezone'] = "Etc/UTC";
76
	}
77
}
78

    
79
if (!$pconfig['timeservers']) {
80
	$pconfig['timeservers'] = "pool.ntp.org";
81
}
82

    
83
$changedesc = gettext("System") . ": ";
84
$changecount = 0;
85

    
86
function is_timezone($elt) {
87
	return !preg_match("/\/$/", $elt);
88
}
89

    
90
if ($pconfig['timezone'] <> $_POST['timezone']) {
91
	filter_pflog_start(true);
92
}
93

    
94
$timezonelist = system_get_timezone_list();
95

    
96
$multiwan = false;
97
$interfaces = get_configured_interface_list();
98
foreach ($interfaces as $interface) {
99
	if (interface_has_gateway($interface)) {
100
		$multiwan = true;
101
	}
102
}
103

    
104
if ($_POST) {
105

    
106
	$changecount++;
107

    
108
	unset($input_errors);
109
	$pconfig = $_POST;
110

    
111
	/* input validation */
112
	$reqdfields = explode(" ", "hostname domain");
113
	$reqdfieldsn = array(gettext("Hostname"), gettext("Domain"));
114

    
115
	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
116

    
117
	if ($_POST['dashboardperiod']) {
118
		$config['widgets']['period'] = $_POST['dashboardperiod'];
119
	}
120

    
121
	if ($_POST['webguicss']) {
122
		$config['system']['webgui']['webguicss'] = $_POST['webguicss'];
123
	} else {
124
		unset($config['system']['webgui']['webguicss']);
125
	}
126

    
127
	if ($_POST['webguifixedmenu']) {
128
		$config['system']['webgui']['webguifixedmenu'] = $_POST['webguifixedmenu'];
129
	} else {
130
		unset($config['system']['webgui']['webguifixedmenu']);
131
	}
132

    
133
	if ($_POST['webguihostnamemenu']) {
134
		$config['system']['webgui']['webguihostnamemenu'] = $_POST['webguihostnamemenu'];
135
	} else {
136
		unset($config['system']['webgui']['webguihostnamemenu']);
137
	}
138

    
139
	if ($_POST['dashboardcolumns']) {
140
		$config['system']['webgui']['dashboardcolumns'] = $_POST['dashboardcolumns'];
141
	} else {
142
		unset($config['system']['webgui']['dashboardcolumns']);
143
	}
144

    
145
	if ($_POST['hostname']) {
146
		if (!is_hostname($_POST['hostname'])) {
147
			$input_errors[] = gettext("The hostname can only contain the characters A-Z, 0-9 and '-'. It may not start or end with '-'.");
148
		} else {
149
			if (!is_unqualified_hostname($_POST['hostname'])) {
150
				$input_errors[] = gettext("A valid hostname is specified, but the domain name part should be omitted");
151
			}
152
		}
153
	}
154
	if ($_POST['domain'] && !is_domain($_POST['domain'])) {
155
		$input_errors[] = gettext("The domain may only contain the characters a-z, 0-9, '-' and '.'.");
156
	}
157

    
158
	$dnslist = $ignore_posted_dnsgw = array();
159

    
160
	for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
161
		$dnsname="dns{$dnscounter}";
162
		$dnsgwname="dns{$dnscounter}gw";
163
		$dnslist[] = $_POST[$dnsname];
164

    
165
		if (($_POST[$dnsname] && !is_ipaddr($_POST[$dnsname]))) {
166
			$input_errors[] = sprintf(gettext("A valid IP address must be specified for DNS server %s."), $dnscounter);
167
		} else {
168
			if (($_POST[$dnsgwname] <> "") && ($_POST[$dnsgwname] <> "none")) {
169
				// A real gateway has been selected.
170
				if (is_ipaddr($_POST[$dnsname])) {
171
					if ((is_ipaddrv4($_POST[$dnsname])) && (validate_address_family($_POST[$dnsname], $_POST[$dnsgwname]) === false)) {
172
						$input_errors[] = sprintf(gettext('The IPv6 gateway "%1$s" can not be specified for IPv4 DNS server "%2$s".'), $_POST[$dnsgwname], $_POST[$dnsname]);
173
					}
174
					if ((is_ipaddrv6($_POST[$dnsname])) && (validate_address_family($_POST[$dnsname], $_POST[$dnsgwname]) === false)) {
175
						$input_errors[] = sprintf(gettext('The IPv4 gateway "%1$s" can not be specified for IPv6 DNS server "%2$s".'), $_POST[$dnsgwname], $_POST[$dnsname]);
176
					}
177
				} else {
178
					// The user selected a gateway but did not provide a DNS address. Be nice and set the gateway back to "none".
179
					$ignore_posted_dnsgw[$dnsgwname] = true;
180
				}
181
			}
182
		}
183
	}
184

    
185
	if (count(array_filter($dnslist)) != count(array_unique(array_filter($dnslist)))) {
186
		$input_errors[] = gettext('Each configured DNS server must have a unique IP address. Remove the duplicated IP.');
187
	}
188

    
189
	$direct_networks_list = explode(" ", filter_get_direct_networks_list());
190
	for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
191
		$dnsitem = "dns{$dnscounter}";
192
		$dnsgwitem = "dns{$dnscounter}gw";
193
		if ($_POST[$dnsgwitem]) {
194
			if (interface_has_gateway($_POST[$dnsgwitem])) {
195
				foreach ($direct_networks_list as $direct_network) {
196
					if (ip_in_subnet($_POST[$dnsitem], $direct_network)) {
197
						$input_errors[] = sprintf(gettext("A gateway can not be assigned to DNS '%s' server which is on a directly connected network."), $_POST[$dnsitem]);
198
					}
199
				}
200
			}
201
		}
202
	}
203

    
204
	# it's easy to have a little too much whitespace in the field, clean it up for the user before processing.
205
	$_POST['timeservers'] = preg_replace('/[[:blank:]]+/', ' ', $_POST['timeservers']);
206
	$_POST['timeservers'] = trim($_POST['timeservers']);
207
	foreach (explode(' ', $_POST['timeservers']) as $ts) {
208
		if (!is_domain($ts)) {
209
			$input_errors[] = gettext("A NTP Time Server name may only contain the characters a-z, 0-9, '-' and '.'.");
210
		}
211
	}
212

    
213
	if (!$input_errors) {
214
		update_if_changed("hostname", $config['system']['hostname'], $_POST['hostname']);
215
		update_if_changed("domain", $config['system']['domain'], $_POST['domain']);
216
		update_if_changed("timezone", $config['system']['timezone'], $_POST['timezone']);
217
		update_if_changed("NTP servers", $config['system']['timeservers'], strtolower($_POST['timeservers']));
218

    
219
		if ($_POST['language'] && $_POST['language'] != $config['system']['language']) {
220
			$config['system']['language'] = $_POST['language'];
221
			set_language();
222
		}
223

    
224
		unset($config['system']['webgui']['webguileftcolumnhyper']);
225
		$config['system']['webgui']['webguileftcolumnhyper'] = $_POST['webguileftcolumnhyper'] ? true : false;
226

    
227
		unset($config['system']['webgui']['dashboardavailablewidgetspanel']);
228
		$config['system']['webgui']['dashboardavailablewidgetspanel'] = $_POST['dashboardavailablewidgetspanel'] ? true : false;
229

    
230
		unset($config['system']['webgui']['systemlogsfilterpanel']);
231
		$config['system']['webgui']['systemlogsfilterpanel'] = $_POST['systemlogsfilterpanel'] ? true : false;
232

    
233
		unset($config['system']['webgui']['systemlogsmanagelogpanel']);
234
		$config['system']['webgui']['systemlogsmanagelogpanel'] = $_POST['systemlogsmanagelogpanel'] ? true : false;
235

    
236
		unset($config['system']['webgui']['statusmonitoringsettingspanel']);
237
		$config['system']['webgui']['statusmonitoringsettingspanel'] = $_POST['statusmonitoringsettingspanel'] ? true : false;
238

    
239
		/* XXX - billm: these still need updating after figuring out how to check if they actually changed */
240
		$olddnsservers = $config['system']['dnsserver'];
241
		unset($config['system']['dnsserver']);
242
		if ($_POST['dns1']) {
243
			$config['system']['dnsserver'][] = $_POST['dns1'];
244
		}
245
		if ($_POST['dns2']) {
246
			$config['system']['dnsserver'][] = $_POST['dns2'];
247
		}
248
		if ($_POST['dns3']) {
249
			$config['system']['dnsserver'][] = $_POST['dns3'];
250
		}
251
		if ($_POST['dns4']) {
252
			$config['system']['dnsserver'][] = $_POST['dns4'];
253
		}
254

    
255
		$olddnsallowoverride = $config['system']['dnsallowoverride'];
256

    
257
		unset($config['system']['dnsallowoverride']);
258
		$config['system']['dnsallowoverride'] = $_POST['dnsallowoverride'] ? true : false;
259

    
260
		if ($_POST['dnslocalhost'] == "yes") {
261
			$config['system']['dnslocalhost'] = true;
262
		} else {
263
			unset($config['system']['dnslocalhost']);
264
		}
265

    
266
		/* which interface should the dns servers resolve through? */
267
		$outdnscounter = 0;
268
		for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
269
			$dnsname="dns{$dnscounter}";
270
			$dnsgwname="dns{$dnscounter}gw";
271
			$olddnsgwname = $config['system'][$dnsgwname];
272

    
273
			if ($ignore_posted_dnsgw[$dnsgwname]) {
274
				$thisdnsgwname = "none";
275
			} else {
276
				$thisdnsgwname = $pconfig[$dnsgwname];
277
			}
278

    
279
			// "Blank" out the settings for this index, then we set them below using the "outdnscounter" index.
280
			$config['system'][$dnsgwname] = "none";
281
			$pconfig[$dnsgwname] = "none";
282
			$pconfig[$dnsname] = "";
283

    
284
			if ($_POST[$dnsname]) {
285
				// Only the non-blank DNS servers were put into the config above.
286
				// So we similarly only add the corresponding gateways sequentially to the config (and to pconfig), as we find non-blank DNS servers.
287
				// This keeps the DNS server IP and corresponding gateway "lined up" when the user blanks out a DNS server IP in the middle of the list.
288
				$outdnscounter++;
289
				$outdnsname="dns{$outdnscounter}";
290
				$outdnsgwname="dns{$outdnscounter}gw";
291
				$pconfig[$outdnsname] = $_POST[$dnsname];
292
				if ($_POST[$dnsgwname]) {
293
					$config['system'][$outdnsgwname] = $thisdnsgwname;
294
					$pconfig[$outdnsgwname] = $thisdnsgwname;
295
				} else {
296
					// Note: when no DNS GW name is chosen, the entry is set to "none", so actually this case never happens.
297
					unset($config['system'][$outdnsgwname]);
298
					$pconfig[$outdnsgwname] = "";
299
				}
300
			}
301
			if (($olddnsgwname != "") && ($olddnsgwname != "none") && (($olddnsgwname != $thisdnsgwname) || ($olddnsservers[$dnscounter-1] != $_POST[$dnsname]))) {
302
				// A previous DNS GW name was specified. It has now gone or changed, or the DNS server address has changed.
303
				// Remove the route. Later calls will add the correct new route if needed.
304
				if (is_ipaddrv4($olddnsservers[$dnscounter-1])) {
305
					mwexec("/sbin/route delete " . escapeshellarg($olddnsservers[$dnscounter-1]));
306
				} else if (is_ipaddrv6($olddnsservers[$dnscounter-1])) {
307
					mwexec("/sbin/route delete -inet6 " . escapeshellarg($olddnsservers[$dnscounter-1]));
308
				}
309
			}
310
		}
311

    
312
		if ($changecount > 0) {
313
			write_config($changedesc);
314
		}
315

    
316
		$retval = 0;
317
		$retval = system_hostname_configure();
318
		$retval |= system_hosts_generate();
319
		$retval |= system_resolvconf_generate();
320
		if (isset($config['dnsmasq']['enable'])) {
321
			$retval |= services_dnsmasq_configure();
322
		} elseif (isset($config['unbound']['enable'])) {
323
			$retval |= services_unbound_configure();
324
		}
325
		$retval |= system_timezone_configure();
326
		$retval |= system_ntp_configure();
327

    
328
		if ($olddnsallowoverride != $config['system']['dnsallowoverride']) {
329
			$retval |= send_event("service reload dns");
330
		}
331

    
332
		// Reload the filter - plugins might need to be run.
333
		$retval |= filter_configure();
334

    
335
		$savemsg = get_std_save_message($retval);
336
	}
337

    
338
	unset($ignore_posted_dnsgw);
339
}
340

    
341
$pgtitle = array(gettext("System"), gettext("General Setup"));
342
include("head.inc");
343

    
344
if ($input_errors) {
345
	print_input_errors($input_errors);
346
}
347

    
348
if ($savemsg) {
349
	print_info_box($savemsg, 'success');
350
}
351
?>
352
<div id="container">
353
<?php
354

    
355
$form = new Form;
356
$section = new Form_Section('System');
357
$section->addInput(new Form_Input(
358
	'hostname',
359
	'Hostname',
360
	'text',
361
	$pconfig['hostname'],
362
	['placeholder' => 'pfSense']
363
))->setHelp('Name of the firewall host, without domain part');
364

    
365
$section->addInput(new Form_Input(
366
	'domain',
367
	'Domain',
368
	'text',
369
	$pconfig['domain'],
370
	['placeholder' => 'mycorp.com, home, office, private, etc.']
371
))->setHelp('Do not use \'local\' as a domain name. It will cause local '.
372
	'hosts running mDNS (avahi, bonjour, etc.) to be unable to resolve '.
373
	'local hosts not running mDNS.');
374

    
375
$form->add($section);
376

    
377
$section = new Form_Section('DNS Server Settings');
378

    
379
for ($i=1; $i<5; $i++) {
380
//	if (!isset($pconfig['dns'.$i]))
381
//		continue;
382

    
383
	$group = new Form_Group('DNS Server ' . $i);
384

    
385
	$group->add(new Form_Input(
386
		'dns' . $i,
387
		'DNS Server',
388
		'text',
389
		$pconfig['dns'. $i]
390
	))->setHelp(($i == 4) ? 'Address':null);
391

    
392
	$help = "Enter IP addresses to be used by the system for DNS resolution. " .
393
		"These are also used for the DHCP service, DNS forwarder and for PPTP VPN clients.";
394

    
395
	if ($multiwan)	{
396
		$options = array('none' => 'none');
397

    
398
		foreach ($arr_gateways as $gwname => $gwitem) {
399
			if ((is_ipaddrv4(lookup_gateway_ip_by_name($pconfig[$dnsgw])) && (is_ipaddrv6($gwitem['gateway'])))) {
400
				continue;
401
			}
402

    
403
			if ((is_ipaddrv6(lookup_gateway_ip_by_name($pconfig[$dnsgw])) && (is_ipaddrv4($gwitem['gateway'])))) {
404
				continue;
405
			}
406

    
407
			$options[$gwname] = $gwname.' - '.$gwitem['friendlyiface'].' - '.$gwitem['gateway'];
408
		}
409

    
410
		$group->add(new Form_Select(
411
			'dns' . $i . 'gw',
412
			'Gateway',
413
			$pconfig['dns' . $i . 'gw'],
414
			$options
415
		))->setHelp(($i == 4) ? 'Gateway':null);;
416

    
417
		$help .= '<br/>'. "In addition, optionally select the gateway for each DNS server. " .
418
			"When using multiple WAN connections there should be at least one unique DNS server per gateway.";
419
	}
420

    
421
	if ($i == 4) {
422
		$group->setHelp($help);
423
	}
424

    
425
	$section->add($group);
426
}
427

    
428
$section->addInput(new Form_Checkbox(
429
	'dnsallowoverride',
430
	'DNS Server Override',
431
	'Allow DNS server list to be overridden by DHCP/PPP on WAN',
432
	$pconfig['dnsallowoverride']
433
))->setHelp(sprintf(gettext('If this option is set, %s will use DNS servers '.
434
	'assigned by a DHCP/PPP server on WAN for its own purposes (including '.
435
	'the DNS forwarder). However, they will not be assigned to DHCP and PPTP '.
436
	'VPN clients.'), $g['product_name']));
437

    
438
$section->addInput(new Form_Checkbox(
439
	'dnslocalhost',
440
	'Disable DNS Forwarder',
441
	'Do not use the DNS Forwarder as a DNS server for the firewall',
442
	$pconfig['dnslocalhost']
443
))->setHelp('By default localhost (127.0.0.1) will be used as the first DNS '.
444
	'server where the DNS Forwarder or DNS Resolver is enabled and set to '.
445
	'listen on Localhost, so system can use the local DNS service to perform '.
446
	'lookups. Checking this box omits localhost from the list of DNS servers.');
447

    
448
$form->add($section);
449

    
450
$section = new Form_Section('Localization');
451

    
452
$section->addInput(new Form_Select(
453
	'timezone',
454
	'Timezone',
455
	$pconfig['timezone'],
456
	array_combine($timezonelist, $timezonelist)
457
))->setHelp('Select the timezone or location within the timezone to be used by this system.');
458

    
459
$section->addInput(new Form_Input(
460
	'timeservers',
461
	'Timeservers',
462
	'text',
463
	$pconfig['timeservers']
464
))->setHelp('Use a space to separate multiple hosts (only one required). '.
465
	'Remember to set up at least one DNS server if a host name is entered here!');
466

    
467
$section->addInput(new Form_Select(
468
	'language',
469
	'Language',
470
	$pconfig['language'],
471
	get_locale_list()
472
))->setHelp('Choose a language for the webConfigurator');
473

    
474
$form->add($section);
475

    
476
$section = new Form_Section('webConfigurator');
477

    
478
gen_webguicss_field($section, $pconfig['webguicss']);
479
gen_webguifixedmenu_field($section, $pconfig['webguifixedmenu']);
480
gen_webguihostnamemenu_field($section, $pconfig['webguihostnamemenu']);
481
gen_dashboardcolumns_field($section, $pconfig['dashboardcolumns']);
482
gen_associatedpanels_fields(
483
	$section,
484
	$pconfig['dashboardavailablewidgetspanel'],
485
	$pconfig['systemlogsfilterpanel'],
486
	$pconfig['systemlogsmanagelogpanel'],
487
	$pconfig['statusmonitoringsettingspanel']);
488
gen_webguileftcolumnhyper_field($section, $pconfig['webguileftcolumnhyper']);
489

    
490
$section->addInput(new Form_Input(
491
	'dashboardperiod',
492
	'Dashboard update period',
493
	'number',
494
	$pconfig['dashboardperiod'],
495
	['min' => '5', 'max' => '600']
496
))->setHelp('Time in seconds between dashboard widget updates. Small values cause ' .
497
			'more frequent updates but increase the load on the web server. ' .
498
			'Minimum is 5 seconds, maximum 600 seconds');
499

    
500
$form->add($section);
501

    
502
print $form;
503

    
504
$csswarning = sprintf(gettext("%sUser-created themes are unsupported, use at your own risk."), "<br />");
505

    
506
?>
507
</div>
508

    
509
<script>
510
//<![CDATA[
511
events.push(function() {
512

    
513
	function setThemeWarning() {
514
		if ($('#webguicss').val().startsWith("pfSense")) {
515
			$('#csstxt').html("").addClass("text-default");
516
		} else {
517
			$('#csstxt').html("<?=$csswarning?>").addClass("text-danger");
518
		}
519
	}
520

    
521
	$('#webguicss').change(function() {
522
		setThemeWarning();
523
	});
524

    
525
	setThemeWarning();
526
});
527
//]]>
528
</script>
529

    
530
<?php
531
include("foot.inc");
532
?>
(185-185/226)