/usr/local/www/firewall_aliases_edit.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_aliases_edit.php @ 48f1333b

1	d2cfb7a4	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			firewall_aliases_edit.php
5	2e9ab96b	Scott Ullrich	Copyright (C) 2004 Scott Ullrich
6	45818646	Phil Davis	Copyright (C) 2009 Ermal Luçi
7	fff3d2b9	jim-p	Copyright (C) 2010 Jim Pingle
8	2e9ab96b	Scott Ullrich	All rights reserved.
9
10			originially part of m0n0wall (http://m0n0.ch/wall)
11	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
12			All rights reserved.
13	d2cfb7a4	Scott Ullrich
14	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
15			modification, are permitted provided that the following conditions are met:
16	d2cfb7a4	Scott Ullrich
17	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
18			this list of conditions and the following disclaimer.
19	d2cfb7a4	Scott Ullrich
20	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
21			notice, this list of conditions and the following disclaimer in the
22			documentation and/or other materials provided with the distribution.
23	d2cfb7a4	Scott Ullrich
24	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
25			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
26			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
27			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
28			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33			POSSIBILITY OF SUCH DAMAGE.
34			*/
35	7ac5a4cb	Scott Ullrich	/*
36			pfSense_BUILDER_BINARIES: /bin/rm /bin/mkdir /usr/bin/fetch
37			pfSense_MODULE: aliases
38			*/
39	5b237745	Scott Ullrich
40	6b07c15a	Matthew Grooms	##\|+PRIV
41			##\|*IDENT=page-firewall-alias-edit
42			##\|*NAME=Firewall: Alias: Edit page
43			##\|*DESCR=Allow access to the 'Firewall: Alias: Edit' page.
44			##\|MATCH=firewall_aliases_edit.php
45			##\|-PRIV
46
47	5b237745	Scott Ullrich	require("guiconfig.inc");
48	7a927e67	Scott Ullrich	require_once("functions.inc");
49			require_once("filter.inc");
50			require_once("shaper.inc");
51	5b237745	Scott Ullrich
52	b13f7f80	Carlos Eduardo Ramos	$pgtitle = array(gettext("Firewall"),gettext("Aliases"),gettext("Edit"));
53
54	78b0e51e	Renato Botelho	// Keywords not allowed in names
55			$reserved_keywords = array("all", "pass", "block", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec");
56
57			// Add all Load balance names to resrved_keywords
58			if (is_array($config['load_balancer']['lbpool']))
59			foreach ($config['load_balancer']['lbpool'] as $lbpool)
60			$reserved_keywords[] = $lbpool['name'];
61
62	7c9d8d71	Ermal Lu?i	$reserved_ifs = get_configured_interface_list(false, true);
63	78b0e51e	Renato Botelho	$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs, $reserved_table_names);
64	7c9d8d71	Ermal Lu?i
65	5b237745	Scott Ullrich	if (!is_array($config['aliases']['alias']))
66			$config['aliases']['alias'] = array();
67			$a_aliases = &$config['aliases']['alias'];
68	f29109d0	Renato Botelho
69	ac7f1763	Renato Botelho	$tab = $_REQUEST['tab'];
70
71	ed0b7949	Scott Ullrich	if($_POST)
72			$origname = $_POST['origname'];
73
74			// Debugging
75	f5200c44	Scott Ullrich	if($debug)
76	7515fb4b	Ermal Lu?i	exec("rm -f {$g['tmp_path']}/alias_rename_log.txt");
77	ed0b7949	Scott Ullrich
78	5e34cdb2	Ermal Lu?i	function alias_same_type($name, $type) {
79			global $config;
80	f29109d0	Renato Botelho
81	5e34cdb2	Ermal Lu?i	foreach ($config['aliases']['alias'] as $alias) {
82			if ($name == $alias['name']) {
83	d6c9ab97	Ermal Lu?i	if (in_array($type, array("host", "network")) &&
84	5e34cdb2	Ermal Lu?i	in_array($alias['type'], array("host", "network")))
85			return true;
86			if ($type == $alias['type'])
87			return true;
88			else
89			return false;
90			}
91			}
92			return true;
93			}
94
95	5b237745	Scott Ullrich	$id = $_GET['id'];
96			if (isset($_POST['id']))
97			$id = $_POST['id'];
98
99			if (isset($id) && $a_aliases[$id]) {
100	ed0b7949	Scott Ullrich	$original_alias_name = $a_aliases[$id]['name'];
101	5b237745	Scott Ullrich	$pconfig['name'] = $a_aliases[$id]['name'];
102	ba393f6c	Scott Dale	$pconfig['detail'] = $a_aliases[$id]['detail'];
103			$pconfig['address'] = $a_aliases[$id]['address'];
104	b4deddce	Ermal Lu?i	$pconfig['type'] = $a_aliases[$id]['type'];
105	ba393f6c	Scott Dale	$pconfig['descr'] = html_entity_decode($a_aliases[$id]['descr']);
106	e47c266d	Scott Ullrich
107	9bc8788a	Erik Fonnesbeck	/* interface list */
108			$iflist = get_configured_interface_with_descr(false, true);
109	cbe3ea96	Ermal Luçi	foreach ($iflist as $if => $ifdesc)
110	f29109d0	Renato Botelho	if($ifdesc == $pconfig['descr'])
111	24148939	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("Sorry, an interface is already named %s."), $pconfig['descr']);
112	e47c266d	Scott Ullrich
113	c7de8be4	jim-p	if($a_aliases[$id]['type'] == "urltable") {
114			$pconfig['address'] = $a_aliases[$id]['url'];
115			$pconfig['updatefreq'] = $a_aliases[$id]['updatefreq'];
116			}
117	5a1eebc7	Scott Ullrich	if($a_aliases[$id]['aliasurl'] <> "") {
118			$pconfig['type'] = "url";
119	c5eaef8e	Renato Botelho	if(is_array($a_aliases[$id]['aliasurl']))
120			$pconfig['address'] = implode(" ", $a_aliases[$id]['aliasurl']);
121			else
122	5a1eebc7	Scott Ullrich	$pconfig['address'] = $a_aliases[$id]['aliasurl'];
123			}
124	5b237745	Scott Ullrich	}
125
126			if ($_POST) {
127			unset($input_errors);
128
129			/* input validation */
130	0cd7ed19	Scott Ullrich
131	69d2ad77	Erik Fonnesbeck	$reqdfields = explode(" ", "name");
132	bd413d76	Renato Botelho	$reqdfieldsn = array(gettext("Name"));
133	69d2ad77	Erik Fonnesbeck
134			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
135
136	0df6adf8	Bill Marquette	$x = is_validaliasname($_POST['name']);
137			if (!isset($x)) {
138	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("Reserved word used for alias name.");
139	3deb92f7	Renato Botelho	} else if ($_POST['type'] == "port" && (getservbyname($_POST['name'], "tcp") \|\| getservbyname($_POST['name'], "udp"))) {
140	bd413d76	Renato Botelho	$input_errors[] = gettext("Reserved word used for alias name.");
141	3deb92f7	Renato Botelho	} else {
142			if (is_validaliasname($_POST['name']) == false)
143	bac9941b	jim-p	$input_errors[] = gettext("The alias name must be less than 32 characters long and may only consist of the characters") . " a-z, A-Z, 0-9, _.";
144	3deb92f7	Renato Botelho	}
145	5b237745	Scott Ullrich	/* check for name conflicts */
146	6c33fb4b	Ermal	if (empty($a_aliases[$id])) {
147	6b487ec6	Ermal	foreach ($a_aliases as $alias) {
148			if ($alias['name'] == $_POST['name']) {
149	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("An alias with this name already exists.");
150	6b487ec6	Ermal	break;
151			}
152	5b237745	Scott Ullrich	}
153			}
154	5a1eebc7	Scott Ullrich
155	f76a479d	sullrich	/* Check for reserved keyword names */
156	f29109d0	Renato Botelho	foreach($reserved_keywords as $rk)
157	f76a479d	sullrich	if($rk == $_POST['name'])
158	24148939	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk);
159	f76a479d	sullrich
160	cfa466bb	Scott Ullrich	/* check for name interface description conflicts */
161			foreach($config['interfaces'] as $interface) {
162			if($interface['descr'] == $_POST['name']) {
163	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("An interface description with this name already exists.");
164	5a1eebc7	Scott Ullrich	break;
165	cfa466bb	Scott Ullrich	}
166	5a1eebc7	Scott Ullrich	}
167	f29109d0	Renato Botelho
168	ba393f6c	Scott Dale	$alias = array();
169	6c33fb4b	Ermal	$address = array();
170			$final_address_details = array();
171	ba393f6c	Scott Dale	$alias['name'] = $_POST['name'];
172	c7de8be4	jim-p
173			if ($_POST['type'] == "urltable") {
174			$address = "";
175			$isfirst = 0;
176
177			/* item is a url type */
178			if ($_POST['address0']) {
179			/* fetch down and add in */
180	fd86d829	Cristian Feldman	$_POST['address0'] = trim($_POST['address0']);
181	c7de8be4	jim-p	$isfirst = 0;
182	578c81b6	bcyrill	$address[] = $_POST['address0'];
183	c7de8be4	jim-p	$alias['url'] = $_POST['address0'];
184			$alias['updatefreq'] = $_POST['address_subnet0'] ? $_POST['address_subnet0'] : 7;
185			if (!is_URL($alias['url']) \|\| empty($alias['url'])) {
186	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("You must provide a valid URL.");
187	c7de8be4	jim-p	} elseif (! process_alias_urltable($alias['name'], $alias['url'], 0, true)) {
188	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("Unable to fetch usable data.");
189	c7de8be4	jim-p	}
190	0b9e4e8f	Renato Botelho	if ($_POST["detail0"] <> "")
191			$final_address_details[] = $_POST["detail0"];
192			else
193			$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
194	c7de8be4	jim-p	}
195			} elseif($_POST['type'] == "url") {
196	d2cfb7a4	Scott Ullrich	$isfirst = 0;
197	ba393f6c	Scott Dale	$address_count = 2;
198
199			/* item is a url type */
200	ae5f96c8	Renato Botelho	for($x=0; $x<4999; $x++) {
201	fd86d829	Cristian Feldman	$_POST['address' . $x] = trim($_POST['address' . $x]);
202	ba393f6c	Scott Dale	if($_POST['address' . $x]) {
203			/* fetch down and add in */
204			$isfirst = 0;
205	7c872d3b	Scott Ullrich	$temp_filename = tempnam("{$g['tmp_path']}/", "alias_import");
206	ba393f6c	Scott Dale	unlink($temp_filename);
207	7ac5a4cb	Scott Ullrich	mwexec("/bin/mkdir -p {$temp_filename}");
208	ba393f6c	Scott Dale	mwexec("/usr/bin/fetch -q -o \"{$temp_filename}/aliases\" \"" . $_POST['address' . $x] . "\"");
209			/* if the item is tar gzipped then extract */
210			if(stristr($_POST['address' . $x], ".tgz"))
211			process_alias_tgz($temp_filename);
212	810c6a96	Renato Botelho	else if(stristr($_POST['address' . $x], ".zip"))
213			process_alias_unzip($temp_filename);
214	ae5f96c8	Renato Botelho
215			if (!isset($alias['aliasurl']))
216			$alias['aliasurl'] = array();
217
218			$alias['aliasurl'][] = $_POST['address' . $x];
219			if ($_POST["detail{$x}"] <> "")
220			$final_address_details[] = $_POST["detail{$x}"];
221			else
222			$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
223
224	ba393f6c	Scott Dale	if(file_exists("{$temp_filename}/aliases")) {
225			$file_contents = file_get_contents("{$temp_filename}/aliases");
226			$file_contents = str_replace("#", "\n#", $file_contents);
227	cfbfd941	smos	$file_contents_split = explode("\n", $file_contents);
228	ba393f6c	Scott Dale	foreach($file_contents_split as $fc) {
229	c7de8be4	jim-p	// Stop at 3000 items, aliases larger than that tend to break both pf and the WebGUI.
230			if ($address_count >= 3000)
231			break;
232	ba393f6c	Scott Dale	$tmp = trim($fc);
233			if(stristr($fc, "#")) {
234	cfbfd941	smos	$tmp_split = explode("#", $tmp);
235	ba393f6c	Scott Dale	$tmp = trim($tmp_split[0]);
236	5a1eebc7	Scott Ullrich	}
237	74e861e3	jim-p	$tmp = trim($tmp);
238			if(!empty($tmp) && (is_ipaddr($tmp) \|\| is_subnet($tmp))) {
239	6c33fb4b	Ermal	$address[] = $tmp;
240	ae5f96c8	Renato Botelho	$isfirst = 1;
241	c7de8be4	jim-p	$address_count++;
242	5a1eebc7	Scott Ullrich	}
243	ba393f6c	Scott Dale	}
244			if($isfirst == 0) {
245			/* nothing was found */
246	7cbeade1	Renato Botelho	$input_errors[] = sprintf(gettext("You must provide a valid URL. Could not fetch usable data from '%s'."), $_POST['address' . $x]);
247	5a1eebc7	Scott Ullrich	}
248	ba393f6c	Scott Dale	mwexec("/bin/rm -rf {$temp_filename}");
249			} else {
250	7cbeade1	Renato Botelho	$input_errors[] = sprintf(gettext("URL '%s' is not valid."), $_POST['address' . $x]);
251	5a1eebc7	Scott Ullrich	}
252			}
253	ba393f6c	Scott Dale	}
254			} else {
255			/* item is a normal alias type */
256	8543a5bb	Renato Botelho	$used_for_routes = 0;
257			if (isset($config['staticroutes']['route']) && is_array($config['staticroutes']['route'])) {
258			foreach($config['staticroutes']['route'] as $route) {
259			if ($route['network'] == $_POST['origname']) {
260			$used_for_routes = 1;
261			break;
262			}
263			}
264			}
265	5e34cdb2	Ermal Lu?i	$wrongaliases = "";
266	42626418	Renato Botelho	$wrongaliases_fqdn = "";
267	a2d8d3dd	Ermal Luçi	for($x=0; $x<4999; $x++) {
268	b6f3005c	Ermal Luçi	if($_POST["address{$x}"] <> "") {
269	fd86d829	Cristian Feldman	$_POST["address{$x}"] = trim($_POST["address{$x}"]);
270	f71e0ac6	Ermal Lu?i	if (is_alias($_POST["address{$x}"])) {
271			if (!alias_same_type($_POST["address{$x}"], $_POST['type']))
272	ae660b3c	Evgeny Yurchenko	// But alias type network can include alias type urltable. Feature#1603.
273			if (!($_POST['type'] == 'network' &&
274	5ffa3389	Ermal	alias_get_type($_POST["address{$x}"]) == 'urltable'))
275	ae660b3c	Evgeny Yurchenko	$wrongaliases .= " " . $_POST["address{$x}"];
276	42626418	Renato Botelho	if ($used_for_routes === 1) {
277			foreach (filter_expand_alias_array($_POST["address{$x}"], true) as $tgt) {
278			if (is_ipaddrv4($tgt))
279			$tgt .= "/32";
280			if (is_ipaddrv6($tgt))
281			$tgt .= "/128";
282			if (!is_subnet($tgt) && is_fqdn($tgt)) {
283			$wrongaliases_fqdn .= " " . $_POST["address{$x}"];
284			break;
285			}
286			}
287			}
288	f71e0ac6	Ermal Lu?i	} else if ($_POST['type'] == "port") {
289	231e0606	Ermal Lu?i	if (!is_port($_POST["address{$x}"]))
290	24148939	Carlos Eduardo Ramos	$input_errors[] = $_POST["address{$x}"] . " " . gettext("is not a valid port or alias.");
291	f71e0ac6	Ermal Lu?i	} else if ($_POST['type'] == "host" \|\| $_POST['type'] == "network") {
292	ecd1f2d9	jim-p	if (!is_ipaddr($_POST["address{$x}"])
293			&& !is_hostname($_POST["address{$x}"])
294			&& !is_iprange($_POST["address{$x}"]))
295	ddc55e12	Erik Fonnesbeck	$input_errors[] = sprintf(gettext('%1$s is not a valid %2$s alias.'), $_POST["address{$x}"], $_POST['type']);
296	8543a5bb	Renato Botelho	if (($used_for_routes === 1)
297			&& !is_ipaddr($_POST["address{$x}"])
298			&& !is_iprange($_POST["address{$x}"])
299			&& is_hostname($_POST["address{$x}"]))
300			$input_errors[] = gettext('This alias is used on a static route and cannot contain FQDNs.');
301	f71e0ac6	Ermal Lu?i	}
302	6c33fb4b	Ermal	if (is_iprange($_POST["address{$x}"])) {
303			list($startip, $endip) = explode('-', $_POST["address{$x}"]);
304			$rangesubnets = ip_range_to_subnet_array($startip, $endip);
305	9ae9a7fc	Ermal	$address = array_merge($address, $rangesubnets);
306	6c33fb4b	Ermal	} else {
307			$tmpaddress = $_POST["address{$x}"];
308	6775c54e	Ermal	if(is_ipaddr($_POST["address{$x}"]) && $_POST["address_subnet{$x}"] <> "")
309	6c33fb4b	Ermal	$tmpaddress .= "/" . $_POST["address_subnet{$x}"];
310			$address[] = $tmpaddress;
311			}
312			if ($_POST["detail{$x}"] <> "")
313			$final_address_details[] = $_POST["detail{$x}"];
314			else
315	24148939	Carlos Eduardo Ramos	$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
316	5e34cdb2	Ermal Lu?i	}
317	d2cfb7a4	Scott Ullrich	}
318	5e34cdb2	Ermal Lu?i	if ($wrongaliases <> "")
319	bcc8d8a3	Erik Fonnesbeck	$input_errors[] = sprintf(gettext('The alias(es): %s cannot be nested because they are not of the same type.'), $wrongaliases);
320	42626418	Renato Botelho	if ($wrongaliases_fqdn <> "")
321			$input_errors[] = sprintf(gettext('The alias(es): %s cannot be nested because they contain FQDNs and this alias is used on at least one static route.'), $wrongaliases_fqdn);
322	ba393f6c	Scott Dale	}
323	d2cfb7a4	Scott Ullrich
324	f29109d0	Renato Botelho	// Allow extending of the firewall edit page and include custom input validation
325	439cc13f	Scott Ullrich	pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/input_validation");
326
327	ba393f6c	Scott Dale	if (!$input_errors) {
328	c7de8be4	jim-p	$alias['address'] = is_array($address) ? implode(" ", $address) : $address;
329	d865241e	jim-p	$alias['descr'] = $_POST['descr'];
330	ba393f6c	Scott Dale	$alias['type'] = $_POST['type'];
331	6c33fb4b	Ermal	$alias['detail'] = implode("\|\|", $final_address_details);
332	d2cfb7a4	Scott Ullrich
333	ed0b7949	Scott Ullrich	/* Check to see if alias name needs to be
334			* renamed on referenced rules and such
335			*/
336			if ($_POST['name'] <> $_POST['origname']) {
337			// Firewall rules
338	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('filter', 'rule'), array('source', 'address'), $_POST['name'], $origname);
339			update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
340			update_alias_names_upon_change(array('filter', 'rule'), array('source', 'port'), $_POST['name'], $origname);
341			update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'port'), $_POST['name'], $origname);
342	ed0b7949	Scott Ullrich	// NAT Rules
343	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'rule'), array('source', 'address'), $_POST['name'], $origname);
344			update_alias_names_upon_change(array('nat', 'rule'), array('source', 'port'), $_POST['name'], $origname);
345			update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
346			update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'port'), $_POST['name'], $origname);
347			update_alias_names_upon_change(array('nat', 'rule'), array('target'), $_POST['name'], $origname);
348			update_alias_names_upon_change(array('nat', 'rule'), array('local-port'), $_POST['name'], $origname);
349	b43b7613	Erik Fonnesbeck	// NAT 1:1 Rules
350			//update_alias_names_upon_change(array('nat', 'onetoone'), array('external'), $_POST['name'], $origname);
351			//update_alias_names_upon_change(array('nat', 'onetoone'), array('source', 'address'), $_POST['name'], $origname);
352			update_alias_names_upon_change(array('nat', 'onetoone'), array('destination', 'address'), $_POST['name'], $origname);
353			// NAT Outbound Rules
354			update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('source', 'network'), $_POST['name'], $origname);
355	ca640261	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('sourceport'), $_POST['name'], $origname);
356	b43b7613	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
357	ca640261	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('dstport'), $_POST['name'], $origname);
358	b43b7613	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('target'), $_POST['name'], $origname);
359	f43ba926	Scott Ullrich	// Alias in an alias
360	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $_POST['name'], $origname);
361	ed0b7949	Scott Ullrich	}
362
363	b22bf161	Scott Ullrich	pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/pre_write_config");
364
365	171aa30d	Ermal Lu?i	if (isset($id) && $a_aliases[$id]) {
366			if ($a_aliases[$id]['name'] <> $alias['name']) {
367			foreach ($a_aliases as $aliasid => $aliasd) {
368	16f78ff0	Ermal Lu?i	if ($aliasd['address'] <> "") {
369	96b4269c	Ermal Lu?i	$tmpdirty = false;
370	16f78ff0	Ermal Lu?i	$tmpaddr = explode(" ", $aliasd['address']);
371			foreach ($tmpaddr as $tmpidx => $tmpalias) {
372	96b4269c	Ermal Lu?i	if ($tmpalias == $a_aliases[$id]['name']) {
373	16f78ff0	Ermal Lu?i	$tmpaddr[$tmpidx] = $alias['name'];
374	96b4269c	Ermal Lu?i	$tmpdirty = true;
375			}
376	16f78ff0	Ermal Lu?i	}
377	96b4269c	Ermal Lu?i	if ($tmpdirty == true)
378			$a_aliases[$aliasid]['address'] = implode(" ", $tmpaddr);
379	16f78ff0	Ermal Lu?i	}
380	171aa30d	Ermal Lu?i	}
381			}
382	ba393f6c	Scott Dale	$a_aliases[$id] = $alias;
383	171aa30d	Ermal Lu?i	} else
384	ba393f6c	Scott Dale	$a_aliases[] = $alias;
385	a18b6b97	Scott Ullrich
386	974cbfe0	Ermal Lu?i	// Sort list
387			$a_aliases = msort($a_aliases, "name");
388
389	3a343d73	jim-p	if (write_config())
390			mark_subsystem_dirty('aliases');
391	d2cfb7a4	Scott Ullrich
392	ac7f1763	Renato Botelho	if(!empty($tab))
393			header("Location: firewall_aliases.php?tab=" . htmlspecialchars ($tab));
394	a5416de2	Warren Baker	else
395			header("Location: firewall_aliases.php");
396			exit;
397	ba393f6c	Scott Dale	}
398			//we received input errors, copy data to prevent retype
399			else
400			{
401	c7de8be4	jim-p	$pconfig['name'] = $_POST['name'];
402	d865241e	jim-p	$pconfig['descr'] = $_POST['descr'];
403	6a45942f	Renato Botelho	if ($_POST['type'] == 'url')
404			$pconfig['address'] = implode(" ", $alias['aliasurl']);
405			else
406			$pconfig['address'] = implode(" ", $address);
407	ba393f6c	Scott Dale	$pconfig['type'] = $_POST['type'];
408	6c33fb4b	Ermal	$pconfig['detail'] = implode("\|\|", $final_address_details);
409	5b237745	Scott Ullrich	}
410			}
411	da7ae7ef	Bill Marquette
412			include("head.inc");
413
414	5a1eebc7	Scott Ullrich	$jscriptstr = <<<EOD
415	da7ae7ef	Bill Marquette
416	5a1eebc7	Scott Ullrich	<script type="text/javascript">
417	709e62f0	Colin Fleming	//<![CDATA[
418	0cea9a23	Ermal Lu?i	var objAlias = new Array(4999);
419	5b237745	Scott Ullrich	function typesel_change() {
420	53523624	Renato Botelho	var field_disabled = 0;
421			var field_value = "";
422			var set_value = false;
423	5b237745	Scott Ullrich	switch (document.iform.type.selectedIndex) {
424			case 0: /* host */
425	53523624	Renato Botelho	field_disabled = 1;
426			field_value = "";
427			set_value = true;
428	5b237745	Scott Ullrich	break;
429			case 1: /* network */
430	53523624	Renato Botelho	field_disabled = 0;
431	5b237745	Scott Ullrich	break;
432	4d6b6263	Scott Ullrich	case 2: /* port */
433	53523624	Renato Botelho	field_disabled = 1;
434			field_value = "128";
435			set_value = true;
436	4d6b6263	Scott Ullrich	break;
437	aa11af07	jim-p	case 3: /* url */
438	53523624	Renato Botelho	field_disabled = 1;
439	6e7e1814	Scott Ullrich	break;
440	c7de8be4	jim-p
441	aa11af07	jim-p	case 4: /* urltable */
442	53523624	Renato Botelho	field_disabled = 0;
443	c7de8be4	jim-p	break;
444	5b237745	Scott Ullrich	}
445	53523624	Renato Botelho
446			jQuery("select[id^='address_subnet']").prop("disabled", field_disabled);
447			if (set_value == true);
448			jQuery("select[id^='address_subnet']").prop("value", field_value);
449	5b237745	Scott Ullrich	}
450	d2cfb7a4	Scott Ullrich
451	0cea9a23	Ermal Lu?i	function add_alias_control() {
452			var name = "address" + (totalrows - 1);
453			obj = document.getElementById(name);
454			obj.setAttribute('class', 'formfldalias');
455			obj.setAttribute('autocomplete', 'off');
456			objAlias[totalrows - 1] = new AutoSuggestControl(obj, new StateSuggestions(addressarray));
457			}
458	5a1eebc7	Scott Ullrich	EOD;
459
460			$network_str = gettext("Network");
461			$networks_str = gettext("Network(s)");
462			$cidr_str = gettext("CIDR");
463			$description_str = gettext("Description");
464			$hosts_str = gettext("Host(s)");
465			$ip_str = gettext("IP");
466			$ports_str = gettext("Port(s)");
467			$port_str = gettext("Port");
468			$url_str = gettext("URL");
469	c7de8be4	jim-p	$urltable_str = gettext("URL Table");
470	f144493c	Renato Botelho	$update_freq_str = gettext("Update Freq. (days)");
471	5a1eebc7	Scott Ullrich
472	2936a57e	Seth Mos	$networks_help = gettext("Networks are specified in CIDR format. Select the CIDR mask that pertains to each entry. /32 specifies a single IPv4 host, /128 specifies a single IPv6 host, /24 specifies 255.255.255.0, /64 specifies a normal IPv6 network, etc. Hostnames (FQDNs) may also be specified, using a /32 mask for IPv4 or /128 for IPv6. You may also enter an IP range such as 192.168.1.1-192.168.1.254 and a list of CIDR networks will be derived to fill the range.");
473	e8e2ffbd	jim-p	$hosts_help = gettext("Enter as many hosts as you would like. Hosts must be specified by their IP address or fully qualified domain name (FQDN). FQDN hostnames are periodically re-resolved and updated. If multiple IPs are returned by a DNS query, all are used.");
474	eab652e4	Renato Botelho	$ports_help = gettext("Enter as many ports as you wish. Port ranges can be expressed by separating with a colon.");
475	24148939	Carlos Eduardo Ramos	$url_help = sprintf(gettext("Enter as many URLs as you wish. After saving %s will download the URL and import the items into the alias. Use only with small sets of IP addresses (less than 3000)."), $g['product_name']);
476			$urltable_help = sprintf(gettext("Enter a single URL containing a large number of IPs and/or Subnets. After saving %s will download the URL and create a table file containing these addresses. This will work with large numbers of addresses (30,000+) or small numbers."), $g['product_name']);
477	5a1eebc7	Scott Ullrich
478	3ebd97eb	Scott Ullrich	$openvpn_str = gettext("Username");
479			$openvpn_user_str = gettext("OpenVPN Users");
480			$openvpn_help = gettext("Enter as many usernames as you wish.");
481	bd413d76	Renato Botelho	$openvpn_freq = "";
482	3ebd97eb	Scott Ullrich
483	5a1eebc7	Scott Ullrich	$jscriptstr .= <<<EOD
484
485	d2cfb7a4	Scott Ullrich	function update_box_type() {
486			var indexNum = document.forms[0].type.selectedIndex;
487			var selected = document.forms[0].type.options[indexNum].text;
488	5a1eebc7	Scott Ullrich	if(selected == '{$networks_str}') {
489			document.getElementById ("addressnetworkport").firstChild.data = "{$networks_str}";
490			document.getElementById ("onecolumn").firstChild.data = "{$network_str}";
491			document.getElementById ("twocolumn").firstChild.data = "{$cidr_str}";
492			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
493			document.getElementById ("itemhelp").firstChild.data = "{$networks_help}";
494	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
495	5a1eebc7	Scott Ullrich	} else if(selected == '{$hosts_str}') {
496			document.getElementById ("addressnetworkport").firstChild.data = "{$hosts_str}";
497			document.getElementById ("onecolumn").firstChild.data = "{$ip_str}";
498			document.getElementById ("twocolumn").firstChild.data = "";
499			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
500			document.getElementById ("itemhelp").firstChild.data = "{$hosts_help}";
501	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
502	5a1eebc7	Scott Ullrich	} else if(selected == '{$ports_str}') {
503			document.getElementById ("addressnetworkport").firstChild.data = "{$ports_str}";
504			document.getElementById ("onecolumn").firstChild.data = "{$port_str}";
505			document.getElementById ("twocolumn").firstChild.data = "";
506			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
507			document.getElementById ("itemhelp").firstChild.data = "{$ports_help}";
508	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
509	5a1eebc7	Scott Ullrich	} else if(selected == '{$url_str}') {
510			document.getElementById ("addressnetworkport").firstChild.data = "{$url_str}";
511			document.getElementById ("onecolumn").firstChild.data = "{$url_str}";
512	a0fc25ae	Scott Ullrich	document.getElementById ("twocolumn").firstChild.data = "";
513	5a1eebc7	Scott Ullrich	document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
514			document.getElementById ("itemhelp").firstChild.data = "{$url_help}";
515	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
516	6e7e1814	Scott Ullrich	} else if(selected == '{$openvpn_user_str}') {
517			document.getElementById ("addressnetworkport").firstChild.data = "{$openvpn_user_str}";
518	3ebd97eb	Scott Ullrich	document.getElementById ("onecolumn").firstChild.data = "{$openvpn_str}";
519	4c743413	Scott Ullrich	document.getElementById ("twocolumn").firstChild.data = "{$openvpn_freq}";
520	6e7e1814	Scott Ullrich	document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
521	3ebd97eb	Scott Ullrich	document.getElementById ("itemhelp").firstChild.data = "{$openvpn_help}";
522	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
523			} else if(selected == '{$urltable_str}') {
524			if ((typeof(totalrows) == "undefined") \|\| (totalrows < 1)) {
525			addRowTo('maintable', 'formfldalias');
526			typesel_change();
527			add_alias_control(this);
528			}
529			document.getElementById ("addressnetworkport").firstChild.data = "{$url_str}";
530			document.getElementById ("onecolumn").firstChild.data = "{$url_str}";
531			document.getElementById ("twocolumn").firstChild.data = "{$update_freq_str}";
532			document.getElementById ("threecolumn").firstChild.data = "";
533			document.getElementById ("threecolumn").style.display = 'none';
534			document.getElementById ("itemhelp").firstChild.data = "{$urltable_help}";
535			document.getElementById ("addrowbutton").style.display = 'none';
536	d2cfb7a4	Scott Ullrich	}
537			}
538	709e62f0	Colin Fleming	//]]>
539	5b237745	Scott Ullrich	</script>
540
541	66138bf6	Scott Dale	EOD;
542	d2cfb7a4	Scott Ullrich
543	5a1eebc7	Scott Ullrich	?>
544	d2cfb7a4	Scott Ullrich
545	5a1eebc7	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
546			<?php
547			include("fbegin.inc");
548			echo $jscriptstr;
549			?>
550
551	709e62f0	Colin Fleming	<script type="text/javascript" src="/javascript/jquery.ipv4v6ify.js"></script>
552			<script type="text/javascript" src="/javascript/row_helper.js"></script>
553			<script type="text/javascript" src="/javascript/autosuggest.js"></script>
554			<script type="text/javascript" src="/javascript/suggestions.js"></script>
555	d2cfb7a4	Scott Ullrich
556	5a1eebc7	Scott Ullrich	<input type='hidden' name='address_type' value='textbox' />
557			<input type='hidden' name='address_subnet_type' value='select' />
558	d2cfb7a4	Scott Ullrich
559	5a1eebc7	Scott Ullrich	<script type="text/javascript">
560	709e62f0	Colin Fleming	//<![CDATA[
561	5a1eebc7	Scott Ullrich	rowname[0] = "address";
562	a8fe61f1	Darren Embry	rowtype[0] = "textbox,ipv4v6";
563	5a1eebc7	Scott Ullrich	rowsize[0] = "30";
564	d2cfb7a4	Scott Ullrich
565	5a1eebc7	Scott Ullrich	rowname[1] = "address_subnet";
566	a8fe61f1	Darren Embry	rowtype[1] = "select,ipv4v6";
567	5a1eebc7	Scott Ullrich	rowsize[1] = "1";
568	d2cfb7a4	Scott Ullrich
569	5a1eebc7	Scott Ullrich	rowname[2] = "detail";
570			rowtype[2] = "textbox";
571	b6f3005c	Ermal Luçi	rowsize[2] = "50";
572	709e62f0	Colin Fleming	//]]>
573	d2cfb7a4	Scott Ullrich	</script>
574
575	193716d0	Scott Ullrich	<?php pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/pre_input_errors"); ?>
576	5b237745	Scott Ullrich	<?php if ($input_errors) print_input_errors($input_errors); ?>
577	5a1eebc7	Scott Ullrich	<div id="inputerrors"></div>
578
579			<form action="firewall_aliases_edit.php" method="post" name="iform" id="iform">
580	ac7f1763	Renato Botelho	<?php
581			if (empty($tab)) {
582			if ($pconfig['type'] == 'urltable')
583			$tab = 'url';
584			else if ($pconfig['type'] == 'host')
585			$tab = 'ip';
586			else
587			$tab = $pconfig['type'];
588			}
589			?>
590			<input name="tab" type="hidden" id="tab" value="<?=htmlspecialchars($tab);?>" />
591	709e62f0	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0" summary="firewall aliases edit">
592	f29109d0	Renato Botelho	<tr>
593			<td colspan="2" valign="top" class="listtopic"><?=gettext("Alias Edit"); ?></td>
594			</tr>
595			<tr>
596			<td valign="top" class="vncellreq"><?=gettext("Name"); ?></td>
597			<td class="vtable">
598			<input name="origname" type="hidden" id="origname" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
599			<input name="name" type="text" id="name" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
600			<?php if (isset($id) && $a_aliases[$id]): ?>
601			<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
602			<?php endif; ?>
603			<br />
604			<span class="vexpl">
605			<?=gettext("The name of the alias may only consist of the characters \"a-z, A-Z, 0-9 and _\"."); ?>
606			</span>
607			</td>
608			</tr>
609			<?php pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/after_first_tr"); ?>
610			<tr>
611			<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
612			<td width="78%" class="vtable">
613			<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" />
614			<br />
615			<span class="vexpl">
616			<?=gettext("You may enter a description here for your reference (not parsed)."); ?>
617			</span>
618			</td>
619			</tr>
620			<tr>
621			<td valign="top" class="vncellreq"><?=gettext("Type"); ?></td>
622			<td class="vtable">
623			<select name="type" class="formselect" id="type" onchange="update_box_type(); typesel_change();">
624	709e62f0	Colin Fleming	<option value="host" <?php if ($pconfig['type'] == "host") echo "selected=\"selected\""; ?>><?=gettext("Host(s)"); ?></option>
625			<option value="network" <?php if ($pconfig['type'] == "network") echo "selected=\"selected\""; ?>><?=gettext("Network(s)"); ?></option>
626	45818646	Phil Davis	<option value="port" <?php if (($pconfig['type'] == "port") \|\| (empty($pconfig['type']) && ($tab == "port"))) echo "selected=\"selected\""; ?>><?=gettext("Port(s)"); ?></option>
627	709e62f0	Colin Fleming	<!--<option value="openvpn" <?php if ($pconfig['type'] == "openvpn") echo "selected=\"selected\""; ?>><?=gettext("OpenVPN Users"); ?></option> -->
628	45818646	Phil Davis	<option value="url" <?php if (($pconfig['type'] == "url") \|\| (empty($pconfig['type']) && ($tab == "url"))) echo "selected=\"selected\""; ?>><?=gettext("URL");?></option>
629	709e62f0	Colin Fleming	<option value="urltable" <?php if ($pconfig['type'] == "urltable") echo "selected=\"selected\""; ?>><?=gettext("URL Table"); ?></option>
630	f29109d0	Renato Botelho	</select>
631			</td>
632			</tr>
633			<tr>
634			<td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport"><?=gettext("Host(s)"); ?></div></td>
635			<td width="78%" class="vtable">
636	709e62f0	Colin Fleming	<table id="maintable" summary="maintable">
637	f29109d0	Renato Botelho	<tbody>
638			<tr>
639			<td colspan="4">
640			<div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp"><?=gettext("Item information"); ?></div>
641			</td>
642			</tr>
643			<tr>
644			<td><div id="onecolumn"><?=gettext("Network"); ?></div></td>
645			<td><div id="twocolumn">CIDR</div></td>
646			<td><div id="threecolumn"><?=gettext("Description"); ?></div></td>
647			</tr>
648
649			<?php
650			$counter = 0;
651	2db5f9c2	Renato Botelho	if ($pconfig['address'] <> ""):
652			$addresses = explode(" ", $pconfig['address']);
653			$details = explode("\|\|", $pconfig['detail']);
654			while ($counter < count($addresses)):
655			if (is_subnet($addresses[$counter])) {
656			list($address, $address_subnet) = explode("/", $addresses[$counter]);
657			} else {
658			$address = $addresses[$counter];
659			$address_subnet = "";
660	f29109d0	Renato Botelho	}
661			?>
662			<tr>
663			<td>
664	2db5f9c2	Renato Botelho	<input autocomplete="off" name="address<?php echo $counter; ?>" type="text" class="formfldalias ipv4v6" id="address<?php echo $counter; ?>" size="30" value="<?=htmlspecialchars($address);?>" />
665	f29109d0	Renato Botelho	</td>
666			<td>
667	2db5f9c2	Renato Botelho	<select name="address_subnet<?php echo $counter; ?>" class="formselect ipv4v6" id="address_subnet<?php echo $counter; ?>">
668	f29109d0	Renato Botelho	<option></option>
669			<?php for ($i = 128; $i >= 1; $i--): ?>
670	709e62f0	Colin Fleming	<option value="<?=$i;?>" <?php if (($i == $address_subnet) \|\| ($i == $pconfig['updatefreq'])) echo "selected=\"selected\""; ?>><?=$i;?></option>
671	f29109d0	Renato Botelho	<?php endfor; ?>
672			</select>
673			</td>
674			<td>
675	6666ef48	Renato Botelho	<input name="detail<?php echo $counter; ?>" type="text" class="formfld unknown" id="detail<?php echo $counter; ?>" size="50" value="<?=$details[$counter];?>" />
676	f29109d0	Renato Botelho	</td>
677			<td>
678			<a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" alt="" title="<?=gettext("remove this entry"); ?>" /></a>
679			</td>
680			</tr>
681			<?php
682			$counter++;
683
684	2db5f9c2	Renato Botelho	endwhile;
685			endif;
686	f29109d0	Renato Botelho	?>
687			</tbody>
688			</table>
689			<div id="addrowbutton">
690			<a onclick="javascript:addRowTo('maintable', 'formfldalias'); typesel_change(); add_alias_control(this); return false;" href="#">
691			<img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="<?=gettext("add another entry"); ?>" />
692			</a>
693			</div>
694			</td>
695			</tr>
696			<tr>
697			<td width="22%" valign="top"> </td>
698			<td width="78%">
699			<input id="submit" name="submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
700	5a815dc7	Renato Botelho	<a href="firewall_aliases.php?tab=<?=$tab;?>"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" /></a>
701	5a1eebc7	Scott Ullrich	</td>
702	f29109d0	Renato Botelho	</tr>
703	5a1eebc7	Scott Ullrich	</table>
704	5b237745	Scott Ullrich	</form>
705	5a1eebc7	Scott Ullrich
706			<script type="text/javascript">
707	4dfd930e	Darren Embry	//<![CDATA[
708	5a1eebc7	Scott Ullrich	field_counter_js = 3;
709			rows = 1;
710			totalrows = <?php echo $counter; ?>;
711			loaded = <?php echo $counter; ?>;
712			typesel_change();
713			update_box_type();
714	0cea9a23	Ermal Lu?i
715	dd760cfc	r-duran	var addressarray = <?= json_encode(array_exclude($pconfig['name'], get_alias_list($pconfig['type']))) ?>;
716	0cea9a23	Ermal Lu?i
717	4dfd930e	Darren Embry	function createAutoSuggest() {
718	f29109d0	Renato Botelho	<?php
719	4dfd930e	Darren Embry	for ($jv = 0; $jv < $counter; $jv++)
720			echo "objAlias[{$jv}] = new AutoSuggestControl(document.getElementById(\"address{$jv}\"), new StateSuggestions(addressarray));\n";
721			?>
722			}
723	0cea9a23	Ermal Lu?i
724	4dfd930e	Darren Embry	setTimeout("createAutoSuggest();", 500);
725			//]]>
726	5b237745	Scott Ullrich	</script>
727	5a1eebc7	Scott Ullrich
728	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
729			</body>
730			</html>

Project

General

Profile

pfSense