/src/usr/local/www/system_hasync.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_hasync.php @ ac9b1e94

1	f97a5b04	Darren Embry	<?php
2			/* $Id$ */
3			/*
4			system_hasync.php
5	c7281770	Chris Buechler	part of pfSense (https://www.pfsense.org/)
6	f97a5b04	Darren Embry
7			Copyright (C) 2012 Darren Embry <dse@webonastick.com>.
8	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
9	f97a5b04	Darren Embry	All rights reserved.
10
11			Redistribution and use in source and binary forms, with or without
12			modification, are permitted provided that the following conditions are met:
13
14			1. Redistributions of source code must retain the above copyright notice,
15			this list of conditions and the following disclaimer.
16
17			2. Redistributions in binary form must reproduce the above copyright
18			notice, this list of conditions and the following disclaimer in the
19			documentation and/or other materials provided with the distribution.
20
21			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
22			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
23			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
25			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30			POSSIBILITY OF SUCH DAMAGE.
31			*/
32			/*
33	cb7b3761	sbeaver	pfSense_MODULE: system
34	f97a5b04	Darren Embry	*/
35
36			##\|+PRIV
37			##\|*IDENT=page-system-hasync
38			##\|*NAME=System: High Availability Sync
39			##\|*DESCR=Allow access to the 'System: High Availability Sync' page.
40			##\|MATCH=system_hasync.php
41			##\|-PRIV
42
43			require("guiconfig.inc");
44
45			if (!is_array($config['hasync']))
46			$config['hasync'] = array();
47
48			$a_hasync = &$config['hasync'];
49
50	d38bd840	Phil Davis	$checkbox_names = array(
51			'pfsyncenabled',
52			'synchronizeusers',
53			'synchronizeauthservers',
54			'synchronizecerts',
55			'synchronizerules',
56			'synchronizeschedules',
57			'synchronizealiases',
58			'synchronizenat',
59			'synchronizeipsec',
60			'synchronizeopenvpn',
61			'synchronizedhcpd',
62			'synchronizewol',
63			'synchronizestaticroutes',
64			'synchronizelb',
65			'synchronizevirtualip',
66			'synchronizetrafficshaper',
67			'synchronizetrafficshaperlimiter',
68			'synchronizetrafficshaperlayer7',
69			'synchronizednsforwarder',
70			'synchronizecaptiveportal');
71	f97a5b04	Darren Embry
72			if ($_POST) {
73			$pconfig = $_POST;
74			foreach ($checkbox_names as $name) {
75			$a_hasync[$name] = $pconfig[$name] ? $pconfig[$name] : false;
76			}
77	cb7b3761	sbeaver	$a_hasync['pfsyncpeerip'] = $pconfig['pfsyncpeerip'];
78	f97a5b04	Darren Embry	$a_hasync['pfsyncinterface'] = $pconfig['pfsyncinterface'];
79			$a_hasync['synchronizetoip'] = $pconfig['synchronizetoip'];
80	cb7b3761	sbeaver	$a_hasync['username'] = $pconfig['username'];
81			$a_hasync['password'] = $pconfig['passwordfld'];
82	f97a5b04	Darren Embry	write_config("Updated High Availability Sync configuration");
83	8ff85c39	Ermal	interfaces_sync_setup();
84	f97a5b04	Darren Embry	header("Location: system_hasync.php");
85			exit();
86			}
87
88			foreach ($checkbox_names as $name) {
89			$pconfig[$name] = $a_hasync[$name];
90			}
91	cb7b3761	sbeaver	$pconfig['pfsyncpeerip'] = $a_hasync['pfsyncpeerip'];
92	f97a5b04	Darren Embry	$pconfig['pfsyncinterface'] = $a_hasync['pfsyncinterface'];
93			$pconfig['synchronizetoip'] = $a_hasync['synchronizetoip'];
94	cb7b3761	sbeaver	$pconfig['username'] = $a_hasync['username'];
95			$pconfig['passwordfld'] = $a_hasync['password'];
96	f97a5b04	Darren Embry
97			$ifaces = get_configured_interface_with_descr();
98			$ifaces["lo0"] = "loopback";
99
100	d38bd840	Phil Davis	$pgtitle = array(gettext("System"), gettext("High Availability Sync"));
101	345ce722	jim-p	$shortcut_section = "carp";
102	cb7b3761	sbeaver
103			// Build a list of available interfaces
104			$iflist = array();
105			foreach ($ifaces as $ifname => $iface) {
106			$iflist[$ifname] = $iface;
107			}
108
109	f97a5b04	Darren Embry	include("head.inc");
110	cb7b3761	sbeaver
111	ad2879b8	PiBa-NL	require_once('classes/Form.class.php');
112	cb7b3761	sbeaver
113	38e06c66	Sjon Hortensius	$form = new Form;
114	cb7b3761	sbeaver
115			$section = new Form_Section('State Synchronization Settings (pfsync)');
116
117			$section->addInput(new Form_Checkbox(
118			'pfsyncenabled',
119			'Synchronize states',
120			'pfsync transfers state insertion, update, and deletion messages between firewalls.',
121			($pconfig['pfsyncenabled'] === 'on'),
122			'on'
123			))->setHelp('Each firewall sends these messages out via multicast on a specified interface, using the PFSYNC protocol (IP Protocol 240).' .
124			' It also listens on that interface for similar messages from other firewalls, and imports them into the local state table.<br />' .
125			'This setting should be enabled on all members of a failover group.<br />' .
126			'Clicking "Save" will force a configuration sync if it is enabled! (see Configuration Synchronization Settings below)');
127
128			$section->addInput(new Form_Select(
129			'pfsyncinterface',
130			'Synchorize Interface',
131			$pconfig['pfsyncinterface'],
132			$iflist
133			))->setHelp('If Synchronize States is enabled this interface will be used for communication.<br />' .
134			'We recommend setting this to an interface other than LAN! A dedicated interface works the best.<br />' .
135			'You must define a IP on each machine participating in this failover group.<br />' .
136			'You must have an IP assigned to the interface on any participating sync nodes.');
137
138			$section->addInput(new Form_Input(
139			'pfsyncpeerip',
140			'pfsync Synchronize Peer IP',
141			'text',
142			$pconfig['pfsyncpeerip'],
143			['placeholder' => 'IP Address']
144			))->setHelp('Setting this option will force pfsync to synchronize its state table to this IP address. The default is directed multicast.');
145
146			$form->add($section);
147
148			$section = new Form_Section('Configuration Synchronization Settings (XMLRPC Sync)');
149
150			$section->addInput(new Form_Input(
151			'synchronizetoip',
152			'Synchronize Config to IP',
153			'text',
154			$pconfig['synchronizetoip'],
155			['placeholder' => 'IP Address']
156			))->setHelp('Enter the IP address of the firewall to which the selected configuration sections should be synchronized.<br /><br />' .
157			'XMLRPC sync is currently only supported over connections using the same protocol and port as this system - make sure the remote system\'s port and protocol are set accordingly!<br />' .
158			'Do not use the Synchronize Config to IP and password option on backup cluster members!');
159
160			$section->addInput(new Form_Input(
161			'username',
162			'Remote System Username',
163			'text',
164			$pconfig['username']
165			))->setHelp('Enter the webConfigurator username of the system entered above for synchronizing your configuration.<br />' .
166			'Do not use the Synchronize Config to IP and username option on backup cluster members!');
167
168			$section->addInput(new Form_Input(
169			'passwordfld',
170			'Remote System Password',
171			'password',
172			$pconfig['passwordfld']
173			))->setHelp('Enter the webConfigurator password of the system entered above for synchronizing your configuration.<br />' .
174			'Do not use the Synchronize Config to IP and password option on backup cluster members!');
175
176	52d7947c	Sjon Hortensius	$group = new Form_MultiCheckboxGroup('Select options to sync');
177
178			$group->add(new Form_MultiCheckbox(
179	cb7b3761	sbeaver	'synchronizeusers',
180			'Synchronize Users and Groups',
181	52d7947c	Sjon Hortensius	'Sync the users and groups over ',
182	cb7b3761	sbeaver	($pconfig['synchronizeusers'] === 'on'),
183			'on'
184			));
185
186	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
187	cb7b3761	sbeaver	'synchronizeauthservers',
188			'Synchronize Auth Servers',
189	52d7947c	Sjon Hortensius	'Sync the authentication servers (e.g. LDAP, RADIUS) over ',
190	cb7b3761	sbeaver	($pconfig['synchronizeauthservers'] === 'on'),
191			'on'
192			));
193
194	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
195	cb7b3761	sbeaver	'synchronizecerts',
196			'Synchronize Certificates',
197	52d7947c	Sjon Hortensius	'Sync the Certificate Authorities, Certificates, and Certificate Revocation Lists over ',
198	cb7b3761	sbeaver	($pconfig['synchronizecerts'] === 'on'),
199			'on'
200			));
201
202	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
203	cb7b3761	sbeaver	'synchronizerules',
204			'Synchronize Rules',
205	52d7947c	Sjon Hortensius	'Sync the firewall rules ',
206	cb7b3761	sbeaver	($pconfig['synchronizerules'] === 'on'),
207			'on'
208			));
209
210	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
211	cb7b3761	sbeaver	'synchronizeschedules',
212			'Synchronize Firewall schedules',
213	52d7947c	Sjon Hortensius	'Sync the firewall schedules ',
214	cb7b3761	sbeaver	($pconfig['synchronizeschedules'] === 'on'),
215			'on'
216			));
217
218	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
219	cb7b3761	sbeaver	'synchronizealiases',
220			'Synchronize Firewall aliasas',
221	52d7947c	Sjon Hortensius	'Sync the firewall aliasas ',
222	cb7b3761	sbeaver	($pconfig['synchronizealiasas'] === 'on'),
223			'on'
224			));
225
226	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
227	cb7b3761	sbeaver	'synchronizenat',
228			'Synchronize NAT',
229	52d7947c	Sjon Hortensius	'Sync NAT rules ',
230	cb7b3761	sbeaver	($pconfig['synchronizenat'] === 'on'),
231			'on'
232			));
233
234	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
235	cb7b3761	sbeaver	'synchronizeipsec',
236			'Synchronize IPsec',
237	52d7947c	Sjon Hortensius	'Automatically IPsec configuration ',
238	cb7b3761	sbeaver	($pconfig['synchronizeipsec'] === 'on'),
239			'on'
240			));
241
242	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
243	cb7b3761	sbeaver	'synchronizeopenvpn',
244			'Synchronize OpenVPN',
245	52d7947c	Sjon Hortensius	'Automatically OpenVPN configuration ',
246	cb7b3761	sbeaver	($pconfig['synchronizeopenvpn'] === 'on'),
247			'on'
248			));
249
250	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
251	cb7b3761	sbeaver	'synchronizedhcpd',
252			'Synchronize DHCPD',
253	52d7947c	Sjon Hortensius	'Sync DHCP Server settings ',
254	cb7b3761	sbeaver	($pconfig['synchronizedhcpd'] === 'on'),
255			'on'
256			));
257
258	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
259	cb7b3761	sbeaver	'synchronizewol',
260			'Synchronize Wake on LAN',
261	52d7947c	Sjon Hortensius	'Sync WoL Server settings ',
262	cb7b3761	sbeaver	($pconfig['synchronizewol'] === 'on'),
263			'on'
264			));
265
266	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
267	cb7b3761	sbeaver	'synchronizestaticroutes',
268			'Synchronize Static Routes',
269	52d7947c	Sjon Hortensius	'Sync Static Route configuration ',
270	cb7b3761	sbeaver	($pconfig['synchronizestaticroutes'] === 'on'),
271			'on'
272			));
273
274	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
275	cb7b3761	sbeaver	'synchronizelb',
276			'Synchronize Load Balancer',
277	52d7947c	Sjon Hortensius	'Sync Load Balancer configuration ',
278	cb7b3761	sbeaver	($pconfig['synchronizelb'] === 'on'),
279			'on'
280			));
281
282	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
283	cb7b3761	sbeaver	'synchronizevirtualip',
284			'Synchronize Virtual IPs',
285	52d7947c	Sjon Hortensius	'Sync Virtual IPs ',
286	cb7b3761	sbeaver	($pconfig['synchronizevirtualip'] === 'on'),
287			'on'
288			));
289
290	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
291	cb7b3761	sbeaver	'synchronizetrafficshaper',
292			'Synchronize traffic shaper (queues)',
293	52d7947c	Sjon Hortensius	'Sync the Traffic Shaper configuration ',
294	cb7b3761	sbeaver	($pconfig['synchronizetrafficshaper'] === 'on'),
295			'on'
296			));
297
298	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
299	cb7b3761	sbeaver	'synchronizetrafficshaperlimiter',
300			'Synchronize traffic shaper (limiter)',
301	52d7947c	Sjon Hortensius	'Sync the Traffic Shaper configuration for limiters ',
302	cb7b3761	sbeaver	($pconfig['synchronizetrafficshaperlimiter'] === 'on'),
303			'on'
304			));
305
306	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
307	cb7b3761	sbeaver	'synchronizetrafficshaperlayer7',
308			'Synchronize traffic shaper (layer 7)',
309	52d7947c	Sjon Hortensius	'Sync the Traffic Shaper configuration for layer 7 ',
310	cb7b3761	sbeaver	($pconfig['synchronizetrafficshaperlayer7'] === 'on'),
311			'on'
312			));
313
314	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
315	cb7b3761	sbeaver	'synchronizednsforwarder',
316			'Synchronize traffic shaper (Forwarder/Resolver)',
317	52d7947c	Sjon Hortensius	'Sync the DNS Forwarder and DNS Resolver configurations ',
318	cb7b3761	sbeaver	($pconfig['synchronizednsforwarder'] === 'on'),
319			'on'
320			));
321
322	52d7947c	Sjon Hortensius	$group->add(new Form_MultiCheckbox(
323	cb7b3761	sbeaver	'synchronizecaptiveportal',
324			'Synchronize Captive Portal)',
325	52d7947c	Sjon Hortensius	'Sync the Captive Portal configurations ',
326	cb7b3761	sbeaver	($pconfig['synchronizecaptiveportal'] === 'on'),
327			'on'
328			));
329
330	52d7947c	Sjon Hortensius	$section->add($group);
331
332	cb7b3761	sbeaver	$form->add($section);
333
334			print($form);
335
336			include("foot.inc");

Project

General

Profile

pfSense