|
1
|
<?php
|
|
2
|
/* $Id$ */
|
|
3
|
/*
|
|
4
|
diag_logs_settings.php
|
|
5
|
Copyright (C) 2004-2009 Scott Ullrich
|
|
6
|
Copyright (C) 2013-2015 Electric Sheep Fencing, LP
|
|
7
|
All rights reserved.
|
|
8
|
|
|
9
|
originally part of m0n0wall (http://m0n0.ch/wall)
|
|
10
|
Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
|
|
11
|
All rights reserved.
|
|
12
|
|
|
13
|
Redistribution and use in source and binary forms, with or without
|
|
14
|
modification, are permitted provided that the following conditions are met:
|
|
15
|
|
|
16
|
1. Redistributions of source code must retain the above copyright notice,
|
|
17
|
this list of conditions and the following disclaimer.
|
|
18
|
|
|
19
|
2. Redistributions in binary form must reproduce the above copyright
|
|
20
|
notice, this list of conditions and the following disclaimer in the
|
|
21
|
documentation and/or other materials provided with the distribution.
|
|
22
|
|
|
23
|
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
|
24
|
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
|
25
|
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
26
|
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
|
27
|
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
28
|
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
29
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
30
|
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
31
|
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
32
|
POSSIBILITY OF SUCH DAMAGE.
|
|
33
|
*/
|
|
34
|
|
|
35
|
/*
|
|
36
|
pfSense_MODULE: system
|
|
37
|
*/
|
|
38
|
|
|
39
|
##|+PRIV
|
|
40
|
##|*IDENT=page-diagnostics-logs-settings
|
|
41
|
##|*NAME=Diagnostics: Logs: Settings page
|
|
42
|
##|*DESCR=Allow access to the 'Diagnostics: Logs: Settings' page.
|
|
43
|
##|*MATCH=diag_logs_settings.php*
|
|
44
|
##|-PRIV
|
|
45
|
|
|
46
|
require("guiconfig.inc");
|
|
47
|
require_once("functions.inc");
|
|
48
|
require_once("filter.inc");
|
|
49
|
require_once("shaper.inc");
|
|
50
|
|
|
51
|
$pconfig['reverse'] = isset($config['syslog']['reverse']);
|
|
52
|
$pconfig['nentries'] = $config['syslog']['nentries'];
|
|
53
|
$pconfig['remoteserver'] = $config['syslog']['remoteserver'];
|
|
54
|
$pconfig['remoteserver2'] = $config['syslog']['remoteserver2'];
|
|
55
|
$pconfig['remoteserver3'] = $config['syslog']['remoteserver3'];
|
|
56
|
$pconfig['sourceip'] = $config['syslog']['sourceip'];
|
|
57
|
$pconfig['ipproto'] = $config['syslog']['ipproto'];
|
|
58
|
$pconfig['filter'] = isset($config['syslog']['filter']);
|
|
59
|
$pconfig['dhcp'] = isset($config['syslog']['dhcp']);
|
|
60
|
$pconfig['portalauth'] = isset($config['syslog']['portalauth']);
|
|
61
|
$pconfig['vpn'] = isset($config['syslog']['vpn']);
|
|
62
|
$pconfig['apinger'] = isset($config['syslog']['apinger']);
|
|
63
|
$pconfig['relayd'] = isset($config['syslog']['relayd']);
|
|
64
|
$pconfig['hostapd'] = isset($config['syslog']['hostapd']);
|
|
65
|
$pconfig['logall'] = isset($config['syslog']['logall']);
|
|
66
|
$pconfig['system'] = isset($config['syslog']['system']);
|
|
67
|
$pconfig['enable'] = isset($config['syslog']['enable']);
|
|
68
|
$pconfig['logdefaultblock'] = !isset($config['syslog']['nologdefaultblock']);
|
|
69
|
$pconfig['logdefaultpass'] = isset($config['syslog']['nologdefaultpass']);
|
|
70
|
$pconfig['logbogons'] = !isset($config['syslog']['nologbogons']);
|
|
71
|
$pconfig['logprivatenets'] = !isset($config['syslog']['nologprivatenets']);
|
|
72
|
$pconfig['loglighttpd'] = !isset($config['syslog']['nologlighttpd']);
|
|
73
|
$pconfig['rawfilter'] = isset($config['syslog']['rawfilter']);
|
|
74
|
$pconfig['filterdescriptions'] = $config['syslog']['filterdescriptions'];
|
|
75
|
$pconfig['disablelocallogging'] = isset($config['syslog']['disablelocallogging']);
|
|
76
|
$pconfig['logfilesize'] = $config['syslog']['logfilesize'];
|
|
77
|
|
|
78
|
if (!$pconfig['nentries'])
|
|
79
|
$pconfig['nentries'] = 50;
|
|
80
|
|
|
81
|
function is_valid_syslog_server($target) {
|
|
82
|
return (is_ipaddr($target)
|
|
83
|
|| is_ipaddrwithport($target)
|
|
84
|
|| is_hostname($target)
|
|
85
|
|| is_hostnamewithport($target));
|
|
86
|
}
|
|
87
|
|
|
88
|
if ($_POST['resetlogs'] == gettext("Reset Log Files")) {
|
|
89
|
clear_all_log_files();
|
|
90
|
$savemsg .= gettext("The log files have been reset.");
|
|
91
|
} elseif ($_POST) {
|
|
92
|
unset($input_errors);
|
|
93
|
$pconfig = $_POST;
|
|
94
|
|
|
95
|
/* input validation */
|
|
96
|
if ($_POST['enable'] && !is_valid_syslog_server($_POST['remoteserver'])) {
|
|
97
|
$input_errors[] = gettext("A valid IP address/hostname or IP/hostname:port must be specified for remote syslog server #1.");
|
|
98
|
}
|
|
99
|
if ($_POST['enable'] && $_POST['remoteserver2'] && !is_valid_syslog_server($_POST['remoteserver2'])) {
|
|
100
|
$input_errors[] = gettext("A valid IP address/hostname or IP/hostname:port must be specified for remote syslog server #2.");
|
|
101
|
}
|
|
102
|
if ($_POST['enable'] && $_POST['remoteserver3'] && !is_valid_syslog_server($_POST['remoteserver3'])) {
|
|
103
|
$input_errors[] = gettext("A valid IP address/hostname or IP/hostname:port must be specified for remote syslog server #3.");
|
|
104
|
}
|
|
105
|
|
|
106
|
if (($_POST['nentries'] < 5) || ($_POST['nentries'] > 2000)) {
|
|
107
|
$input_errors[] = gettext("Number of log entries to show must be between 5 and 2000.");
|
|
108
|
}
|
|
109
|
|
|
110
|
if (isset($_POST['logfilesize']) && (strlen($_POST['logfilesize']) > 0)) {
|
|
111
|
if (!is_numeric($_POST['logfilesize']) || ($_POST['logfilesize'] < 100000)) {
|
|
112
|
$input_errors[] = gettext("Log file size must be numeric and greater than or equal to 100000.");
|
|
113
|
}
|
|
114
|
}
|
|
115
|
if (!$input_errors) {
|
|
116
|
$config['syslog']['reverse'] = $_POST['reverse'] ? true : false;
|
|
117
|
$config['syslog']['nentries'] = (int)$_POST['nentries'];
|
|
118
|
$pconfig['nentries'] = $config['syslog']['nentries'];
|
|
119
|
if (isset($_POST['logfilesize']) && (strlen($_POST['logfilesize']) > 0)) {
|
|
120
|
$config['syslog']['logfilesize'] = (int)$_POST['logfilesize'];
|
|
121
|
$pconfig['logfilesize'] = $config['syslog']['logfilesize'];
|
|
122
|
} else {
|
|
123
|
unset($config['syslog']['logfilesize']);
|
|
124
|
}
|
|
125
|
$config['syslog']['remoteserver'] = $_POST['remoteserver'];
|
|
126
|
$config['syslog']['remoteserver2'] = $_POST['remoteserver2'];
|
|
127
|
$config['syslog']['remoteserver3'] = $_POST['remoteserver3'];
|
|
128
|
$config['syslog']['sourceip'] = $_POST['sourceip'];
|
|
129
|
$config['syslog']['ipproto'] = $_POST['ipproto'];
|
|
130
|
$config['syslog']['filter'] = $_POST['filter'] ? true : false;
|
|
131
|
$config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false;
|
|
132
|
$config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false;
|
|
133
|
$config['syslog']['vpn'] = $_POST['vpn'] ? true : false;
|
|
134
|
$config['syslog']['apinger'] = $_POST['apinger'] ? true : false;
|
|
135
|
$config['syslog']['relayd'] = $_POST['relayd'] ? true : false;
|
|
136
|
$config['syslog']['hostapd'] = $_POST['hostapd'] ? true : false;
|
|
137
|
$config['syslog']['logall'] = $_POST['logall'] ? true : false;
|
|
138
|
$config['syslog']['system'] = $_POST['system'] ? true : false;
|
|
139
|
$config['syslog']['disablelocallogging'] = $_POST['disablelocallogging'] ? true : false;
|
|
140
|
$config['syslog']['enable'] = $_POST['enable'] ? true : false;
|
|
141
|
$oldnologdefaultblock = isset($config['syslog']['nologdefaultblock']);
|
|
142
|
$oldnologdefaultpass = isset($config['syslog']['nologdefaultpass']);
|
|
143
|
$oldnologbogons = isset($config['syslog']['nologbogons']);
|
|
144
|
$oldnologprivatenets = isset($config['syslog']['nologprivatenets']);
|
|
145
|
$oldnologlighttpd = isset($config['syslog']['nologlighttpd']);
|
|
146
|
$config['syslog']['nologdefaultblock'] = $_POST['logdefaultblock'] ? false : true;
|
|
147
|
$config['syslog']['nologdefaultpass'] = $_POST['logdefaultpass'] ? true : false;
|
|
148
|
$config['syslog']['nologbogons'] = $_POST['logbogons'] ? false : true;
|
|
149
|
$config['syslog']['nologprivatenets'] = $_POST['logprivatenets'] ? false : true;
|
|
150
|
$config['syslog']['nologlighttpd'] = $_POST['loglighttpd'] ? false : true;
|
|
151
|
$config['syslog']['rawfilter'] = $_POST['rawfilter'] ? true : false;
|
|
152
|
if (is_numeric($_POST['filterdescriptions']) && $_POST['filterdescriptions'] > 0)
|
|
153
|
$config['syslog']['filterdescriptions'] = $_POST['filterdescriptions'];
|
|
154
|
else
|
|
155
|
unset($config['syslog']['filterdescriptions']);
|
|
156
|
if($config['syslog']['enable'] == false) {
|
|
157
|
unset($config['syslog']['remoteserver']);
|
|
158
|
unset($config['syslog']['remoteserver2']);
|
|
159
|
unset($config['syslog']['remoteserver3']);
|
|
160
|
}
|
|
161
|
|
|
162
|
write_config();
|
|
163
|
|
|
164
|
$retval = 0;
|
|
165
|
$retval = system_syslogd_start();
|
|
166
|
if (($oldnologdefaultblock !== isset($config['syslog']['nologdefaultblock']))
|
|
167
|
|| ($oldnologdefaultpass !== isset($config['syslog']['nologdefaultpass']))
|
|
168
|
|| ($oldnologbogons !== isset($config['syslog']['nologbogons']))
|
|
169
|
|| ($oldnologprivatenets !== isset($config['syslog']['nologprivatenets'])))
|
|
170
|
$retval |= filter_configure();
|
|
171
|
|
|
172
|
$savemsg = get_std_save_message($retval);
|
|
173
|
|
|
174
|
if ($oldnologlighttpd !== isset($config['syslog']['nologlighttpd'])) {
|
|
175
|
ob_flush();
|
|
176
|
flush();
|
|
177
|
log_error(gettext("webConfigurator configuration has changed. Restarting webConfigurator."));
|
|
178
|
send_event("service restart webgui");
|
|
179
|
$savemsg .= "<br />" . gettext("WebGUI process is restarting.");
|
|
180
|
}
|
|
181
|
|
|
182
|
filter_pflog_start(true);
|
|
183
|
}
|
|
184
|
}
|
|
185
|
|
|
186
|
$pgtitle = array(gettext("Status"), gettext("System logs"), gettext("Settings"));
|
|
187
|
$closehead = false;
|
|
188
|
include("head.inc");
|
|
189
|
?>
|
|
190
|
|
|
191
|
<script type="text/javascript">
|
|
192
|
//<![CDATA[
|
|
193
|
function enable_change(enable_over) {
|
|
194
|
if (document.iform.enable.checked || enable_over) {
|
|
195
|
document.iform.remoteserver.disabled = 0;
|
|
196
|
document.iform.remoteserver2.disabled = 0;
|
|
197
|
document.iform.remoteserver3.disabled = 0;
|
|
198
|
document.iform.filter.disabled = 0;
|
|
199
|
document.iform.dhcp.disabled = 0;
|
|
200
|
document.iform.portalauth.disabled = 0;
|
|
201
|
document.iform.vpn.disabled = 0;
|
|
202
|
document.iform.apinger.disabled = 0;
|
|
203
|
document.iform.relayd.disabled = 0;
|
|
204
|
document.iform.hostapd.disabled = 0;
|
|
205
|
document.iform.system.disabled = 0;
|
|
206
|
document.iform.logall.disabled = 0;
|
|
207
|
check_everything();
|
|
208
|
} else {
|
|
209
|
document.iform.remoteserver.disabled = 1;
|
|
210
|
document.iform.remoteserver2.disabled = 1;
|
|
211
|
document.iform.remoteserver3.disabled = 1;
|
|
212
|
document.iform.filter.disabled = 1;
|
|
213
|
document.iform.dhcp.disabled = 1;
|
|
214
|
document.iform.portalauth.disabled = 1;
|
|
215
|
document.iform.vpn.disabled = 1;
|
|
216
|
document.iform.apinger.disabled = 1;
|
|
217
|
document.iform.relayd.disabled = 1;
|
|
218
|
document.iform.hostapd.disabled = 1;
|
|
219
|
document.iform.system.disabled = 1;
|
|
220
|
document.iform.logall.disabled = 1;
|
|
221
|
}
|
|
222
|
}
|
|
223
|
function check_everything() {
|
|
224
|
if (document.iform.logall.checked) {
|
|
225
|
document.iform.filter.disabled = 1;
|
|
226
|
document.iform.filter.checked = false;
|
|
227
|
document.iform.dhcp.disabled = 1;
|
|
228
|
document.iform.dhcp.checked = false;
|
|
229
|
document.iform.portalauth.disabled = 1;
|
|
230
|
document.iform.portalauth.checked = false;
|
|
231
|
document.iform.vpn.disabled = 1;
|
|
232
|
document.iform.vpn.checked = false;
|
|
233
|
document.iform.apinger.disabled = 1;
|
|
234
|
document.iform.apinger.checked = false;
|
|
235
|
document.iform.relayd.disabled = 1;
|
|
236
|
document.iform.relayd.checked = false;
|
|
237
|
document.iform.hostapd.disabled = 1;
|
|
238
|
document.iform.hostapd.checked = false;
|
|
239
|
document.iform.system.disabled = 1;
|
|
240
|
document.iform.system.checked = false;
|
|
241
|
} else {
|
|
242
|
document.iform.filter.disabled = 0;
|
|
243
|
document.iform.dhcp.disabled = 0;
|
|
244
|
document.iform.portalauth.disabled = 0;
|
|
245
|
document.iform.vpn.disabled = 0;
|
|
246
|
document.iform.apinger.disabled = 0;
|
|
247
|
document.iform.relayd.disabled = 0;
|
|
248
|
document.iform.hostapd.disabled = 0;
|
|
249
|
document.iform.system.disabled = 0;
|
|
250
|
}
|
|
251
|
}
|
|
252
|
//]]>
|
|
253
|
</script>
|
|
254
|
|
|
255
|
<?php
|
|
256
|
|
|
257
|
$logfilesizeHelp = gettext("Logs are held in constant-size circular log files. This field controls how large each log file is, and thus how many entries may exist inside the log. By default this is approximately 500KB per log file, and there are nearly 20 such log files.") .
|
|
258
|
'<br /><br />' .
|
|
259
|
gettext("NOTE: Log sizes are changed the next time a log file is cleared or deleted. To immediately increase the size of the log files, you must first save the options to set the size, then clear all logs using the \"Reset Log Files\" option farther down this page. ") .
|
|
260
|
gettext("Be aware that increasing this value increases every log file size, so disk usage will increase significantly.") . '<br /><br />' .
|
|
261
|
gettext("Disk space currently used by log files is: ") . exec("/usr/bin/du -sh /var/log | /usr/bin/awk '{print $1;}'") .
|
|
262
|
gettext(" Remaining disk space for log files: ") . exec("/bin/df -h /var/log | /usr/bin/awk '{print $4;}'");
|
|
263
|
|
|
264
|
$remoteloghelp = gettext("This option will allow the logging daemon to bind to a single IP address, rather than all IP addresses.") .
|
|
265
|
gettext("If you pick a single IP, remote syslog severs must all be of that IP type. If you wish to mix IPv4 and IPv6 remote syslog servers, you must bind to all interfaces.") .
|
|
266
|
"<br /><br />" .
|
|
267
|
gettext("NOTE: If an IP address cannot be located on the chosen interface, the daemon will bind to all addresses.");
|
|
268
|
if ($input_errors)
|
|
269
|
print_input_errors($input_errors);
|
|
270
|
else if($savemsg)
|
|
271
|
print('<div class="alert alert-success" role="alert">'.$savemsg.'</div>');
|
|
272
|
|
|
273
|
$tab_array = array();
|
|
274
|
$tab_array[] = array(gettext("System"), false, "diag_logs.php");
|
|
275
|
$tab_array[] = array(gettext("Firewall"), false, "diag_logs_filter.php");
|
|
276
|
$tab_array[] = array(gettext("DHCP"), false, "diag_logs_dhcp.php");
|
|
277
|
$tab_array[] = array(gettext("Portal Auth"), false, "diag_logs_auth.php");
|
|
278
|
$tab_array[] = array(gettext("IPsec"), false, "diag_logs_ipsec.php");
|
|
279
|
$tab_array[] = array(gettext("PPP"), false, "diag_logs_ppp.php");
|
|
280
|
$tab_array[] = array(gettext("VPN"), false, "diag_logs_vpn.php");
|
|
281
|
$tab_array[] = array(gettext("Load Balancer"), false, "diag_logs_relayd.php");
|
|
282
|
$tab_array[] = array(gettext("OpenVPN"), false, "diag_logs_openvpn.php");
|
|
283
|
$tab_array[] = array(gettext("NTP"), false, "diag_logs_ntpd.php");
|
|
284
|
$tab_array[] = array(gettext("Settings"), true, "diag_logs_settings.php");
|
|
285
|
display_top_tabs($tab_array);
|
|
286
|
|
|
287
|
require('classes/Form.class.php');
|
|
288
|
|
|
289
|
$form = new Form(new Form_Button(
|
|
290
|
'Submit',
|
|
291
|
gettext("Save")
|
|
292
|
));
|
|
293
|
|
|
294
|
// General logging section ------------------------------------------------
|
|
295
|
$section = new Form_Section('General Logging Options');
|
|
296
|
|
|
297
|
$section->addInput(new Form_Checkbox(
|
|
298
|
'reverse',
|
|
299
|
'Forward/Reverse Display',
|
|
300
|
'Show log entries in reverse order (newest entries on top)',
|
|
301
|
$pconfig['reverse']
|
|
302
|
));
|
|
303
|
|
|
304
|
$section->addInput(new Form_Input(
|
|
305
|
'nentries',
|
|
306
|
'GUI Log Entries',
|
|
307
|
'text',
|
|
308
|
$pconfig['nentries'],
|
|
309
|
['placeholder' => '']
|
|
310
|
))->setHelp('This is only the number of log entries displayed in the GUI. It does not affect how many entries are contained in the actual log files.');
|
|
311
|
|
|
312
|
$section->addInput(new Form_Input(
|
|
313
|
'logfilesize',
|
|
314
|
'Log file size (Bytes)',
|
|
315
|
'text',
|
|
316
|
$pconfig['logfilesize'],
|
|
317
|
['placeholder' => 'Bytes']
|
|
318
|
))->setHelp($logfilesizeHelp);
|
|
319
|
|
|
320
|
$section->addInput(new Form_Checkbox(
|
|
321
|
'logdefaultblock',
|
|
322
|
'Log firewall default blocks',
|
|
323
|
'Log packets matched from the default block rules in the ruleset',
|
|
324
|
$pconfig['logdefaultblock']
|
|
325
|
))->setHelp(gettext('Packets that are blocked by the implicit default block rule will not be logged if you uncheck this option. Per-rule logging options are still respected.'));
|
|
326
|
|
|
327
|
$section->addInput(new Form_Checkbox(
|
|
328
|
'logdefaultpass',
|
|
329
|
null,
|
|
330
|
'Log packets matched from the default pass rules put in the ruleset',
|
|
331
|
$pconfig['logdefaultpass']
|
|
332
|
))->setHelp(gettext('Packets that are allowed by the implicit default pass rule will be logged if you check this option. Per-rule logging options are still respected. '));
|
|
333
|
|
|
334
|
$section->addInput(new Form_Checkbox(
|
|
335
|
'logbogons',
|
|
336
|
null,
|
|
337
|
'Log packets blocked by \'Block Bogon Networks\' rules',
|
|
338
|
$pconfig['logbogons']
|
|
339
|
));
|
|
340
|
|
|
341
|
$section->addInput(new Form_Checkbox(
|
|
342
|
'logprivatenets',
|
|
343
|
null,
|
|
344
|
'Log packets blocked by \'Block Private Networks\' rules',
|
|
345
|
$pconfig['logprivatenets']
|
|
346
|
));
|
|
347
|
|
|
348
|
$section->addInput(new Form_Checkbox(
|
|
349
|
'loglighttpd',
|
|
350
|
'Web Server Log',
|
|
351
|
'Log errors from the web server process',
|
|
352
|
$pconfig['loglighttpd']
|
|
353
|
))->setHelp(gettext('If this is checked, errors from the lighttpd web server process for the GUI or Captive Portal will appear in the main system log'));
|
|
354
|
|
|
355
|
$section->addInput(new Form_Checkbox(
|
|
356
|
'rawfilter',
|
|
357
|
'Raw Logs',
|
|
358
|
'Show raw filter logs)',
|
|
359
|
$pconfig['rawfilter']
|
|
360
|
))->setHelp(gettext('If this is checked, filter logs are shown as generated by the packet filter, without any formatting. This will reveal more detailed information, but it is more difficult to read'));
|
|
361
|
|
|
362
|
$section->addInput(new Form_Select(
|
|
363
|
'filterdescriptions',
|
|
364
|
'Where to show rule descriptions',
|
|
365
|
!isset($pconfig['filterdescriptions']) ? '0':$pconfig['filterdescriptions'],
|
|
366
|
array(
|
|
367
|
'0' => 'Dont load descriptions',
|
|
368
|
'1' => 'Display as column',
|
|
369
|
'2' => 'Display as second row'
|
|
370
|
)
|
|
371
|
))->setHelp('Show the applied rule description below or in the firewall log rows' . '<br />' .
|
|
372
|
'Displaying rule descriptions for all lines in the log might affect performance with large rule sets');
|
|
373
|
|
|
374
|
$section->addInput(new Form_Checkbox(
|
|
375
|
'disablelocallogging',
|
|
376
|
'Local Logging',
|
|
377
|
$g['platform'] == 'pfSense' ? gettext("Disable writing log files to the local disk") : gettext("Disable writing log files to the local RAM disk"),
|
|
378
|
$pconfig['disablelocallogging']
|
|
379
|
));
|
|
380
|
|
|
381
|
$resetlogsbtn = new Form_Button(
|
|
382
|
'resetlogs',
|
|
383
|
'Reset Log Files'
|
|
384
|
);
|
|
385
|
|
|
386
|
$resetlogsbtn->removeClass("btn-primary")->addClass("btn-danger btn-xs");
|
|
387
|
|
|
388
|
$section->addInput(new Form_StaticText(
|
|
389
|
'Reset Logs',
|
|
390
|
$resetlogsbtn
|
|
391
|
))->setHelp('Clears all local log files and reinitializes them as empty logs. This also restarts the DHCP daemon. Use the Save button first if you have made any setting changes.');
|
|
392
|
|
|
393
|
|
|
394
|
// Remote logging section ------------------------------------------------
|
|
395
|
$section2 = new Form_Section('Remote Logging Options');
|
|
396
|
|
|
397
|
$sourceips = get_possible_traffic_source_addresses(false);
|
|
398
|
|
|
399
|
$selected = "";
|
|
400
|
|
|
401
|
foreach ($sourceips as $sa) {
|
|
402
|
$rllist[$sa['value']] = $sa['name'];
|
|
403
|
|
|
404
|
if (!link_interface_to_bridge($sa['value']) && ($sa['value'] == $pconfig['sourceip']))
|
|
405
|
$selected = $sa['value'];
|
|
406
|
}
|
|
407
|
|
|
408
|
$section2->addInput(new Form_Select(
|
|
409
|
'sourceip',
|
|
410
|
'Source Address',
|
|
411
|
$selected,
|
|
412
|
$rllist
|
|
413
|
))->setHelp($remoteloghelp);
|
|
414
|
|
|
415
|
$section2->addInput(new Form_Select(
|
|
416
|
'ipproto',
|
|
417
|
'IP Protocol',
|
|
418
|
$ipproto,
|
|
419
|
array('ipv4' => 'IPv4', 'ipv6' => 'IPv6')
|
|
420
|
))->setHelp(gettext("This option is only used when a non-default address is chosen as the source above. This option only expresses a preference; If an IP address of the selected type is not found on the chosen interface, the other type will be tried."));
|
|
421
|
|
|
422
|
$section2->addInput(new Form_Checkbox(
|
|
423
|
'enable',
|
|
424
|
'Enable Remote Logging',
|
|
425
|
'Send log messages to remote syslog server',
|
|
426
|
$pconfig['enable']
|
|
427
|
));
|
|
428
|
|
|
429
|
$section2->addInput(new Form_Input(
|
|
430
|
'remoteserver',
|
|
431
|
'Server 1',
|
|
432
|
'text',
|
|
433
|
$pconfig['remoteserver'],
|
|
434
|
['placeholder' => 'IP[:port]']
|
|
435
|
));
|
|
436
|
|
|
437
|
$section2->addInput(new Form_Input(
|
|
438
|
'remoteserver2',
|
|
439
|
'Server 2',
|
|
440
|
'text',
|
|
441
|
$pconfig['remoteserver2'],
|
|
442
|
['placeholder' => 'IP[:port]']
|
|
443
|
));
|
|
444
|
|
|
445
|
$section2->addInput(new Form_Input(
|
|
446
|
'remoteserver3',
|
|
447
|
'Server 3',
|
|
448
|
'text',
|
|
449
|
$pconfig['remoteserver3'],
|
|
450
|
['placeholder' => 'IP[:port]']
|
|
451
|
))->setHelp('IP addresses or IP:Port of remote syslog servers');
|
|
452
|
|
|
453
|
$section2->addInput(new Form_Checkbox(
|
|
454
|
'logall',
|
|
455
|
'Remote Syslog Contents',
|
|
456
|
'Everything!',
|
|
457
|
$pconfig['logall']
|
|
458
|
));
|
|
459
|
|
|
460
|
$section2->addInput(new Form_Checkbox(
|
|
461
|
'system',
|
|
462
|
'',
|
|
463
|
'System Events',
|
|
464
|
$pconfig['system']
|
|
465
|
));
|
|
466
|
|
|
467
|
$section2->addInput(new Form_Checkbox(
|
|
468
|
'filter',
|
|
469
|
'',
|
|
470
|
'Firewall Events',
|
|
471
|
$pconfig['filter']
|
|
472
|
));
|
|
473
|
|
|
474
|
$section2->addInput(new Form_Checkbox(
|
|
475
|
'dhcp',
|
|
476
|
'',
|
|
477
|
'DHCP service events',
|
|
478
|
$pconfig['dhcp']
|
|
479
|
));
|
|
480
|
|
|
481
|
$section2->addInput(new Form_Checkbox(
|
|
482
|
'portalauth',
|
|
483
|
'',
|
|
484
|
'Portal Auth events',
|
|
485
|
$pconfig['portalauth']
|
|
486
|
));
|
|
487
|
|
|
488
|
$section2->addInput(new Form_Checkbox(
|
|
489
|
'vpn',
|
|
490
|
'',
|
|
491
|
'VPN (PPTP, IPsec, OpenVPN) events',
|
|
492
|
$pconfig['vpn']
|
|
493
|
));
|
|
494
|
|
|
495
|
$section2->addInput(new Form_Checkbox(
|
|
496
|
'apinger',
|
|
497
|
'',
|
|
498
|
'Gateway Monitor events',
|
|
499
|
$pconfig['apinger']
|
|
500
|
));
|
|
501
|
|
|
502
|
$section2->addInput(new Form_Checkbox(
|
|
503
|
'relayd',
|
|
504
|
'',
|
|
505
|
'Server Load Balancer events',
|
|
506
|
$pconfig['relayd']
|
|
507
|
));
|
|
508
|
|
|
509
|
$section2->addInput(new Form_Checkbox(
|
|
510
|
'hostapd',
|
|
511
|
'',
|
|
512
|
'Wireless events',
|
|
513
|
$pconfig['hostapd']
|
|
514
|
));
|
|
515
|
|
|
516
|
$section2->addInput(new Form_StaticText(
|
|
517
|
'Note',
|
|
518
|
'syslog sends UDP datagrams to port 514 on the specified remote syslog server, unless another port is specified. Be sure to set syslogd on the remote server to accept syslog messages frompfSense.'
|
|
519
|
));
|
|
520
|
|
|
521
|
$form->add($section);
|
|
522
|
$form->add($section2);
|
|
523
|
print $form;
|
|
524
|
?>
|
|
525
|
|
|
526
|
<script type="text/javascript">
|
|
527
|
//<![CDATA[
|
|
528
|
enable_change(false);
|
|
529
|
//]]>
|
|
530
|
</script>
|
|
531
|
|
|
532
|
<?php include("foot.inc"); ?>
|
|
533
|
<script>
|
|
534
|
//<![CDATA[
|
|
535
|
setRemoteServers();
|
|
536
|
|
|
537
|
$("#enable").click( function(){
|
|
538
|
setRemoteServers();
|
|
539
|
});
|
|
540
|
|
|
541
|
function setRemoteServers() {
|
|
542
|
if(enable.checked == 1) {
|
|
543
|
$("#remoteserver" ).prop('disabled', false);
|
|
544
|
$("#remoteserver2").prop('disabled', false);
|
|
545
|
$("#remoteserver3").prop('disabled', false);
|
|
546
|
} else {
|
|
547
|
$("#remoteserver" ).prop('disabled', true);
|
|
548
|
$("#remoteserver2").prop('disabled', true);
|
|
549
|
$("#remoteserver3").prop('disabled', true);
|
|
550
|
}
|
|
551
|
}
|
|
552
|
//]]>
|
|
553
|
</script>
|
