Project

General

Profile

Download (10.1 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
	system_gateways.php
5
*/
6
/* ====================================================================
7
 *	Copyright (c)  2004-2015  Electric Sheep Fencing, LLC. All rights reserved.
8
 *	Copyright (c)  2004, 2005 Scott Ullrich
9
 *	Copyright (c)  2010 Seth Mos <seth.mos@dds.nl>
10
 *
11
 *	Redistribution and use in source and binary forms, with or without modification,
12
 *	are permitted provided that the following conditions are met:
13
 *
14
 *	1. Redistributions of source code must retain the above copyright notice,
15
 *		this list of conditions and the following disclaimer.
16
 *
17
 *	2. Redistributions in binary form must reproduce the above copyright
18
 *		notice, this list of conditions and the following disclaimer in
19
 *		the documentation and/or other materials provided with the
20
 *		distribution.
21
 *
22
 *	3. All advertising materials mentioning features or use of this software
23
 *		must display the following acknowledgment:
24
 *		"This product includes software developed by the pfSense Project
25
 *		 for use in the pfSense software distribution. (http://www.pfsense.org/).
26
 *
27
 *	4. The names "pfSense" and "pfSense Project" must not be used to
28
 *		 endorse or promote products derived from this software without
29
 *		 prior written permission. For written permission, please contact
30
 *		 coreteam@pfsense.org.
31
 *
32
 *	5. Products derived from this software may not be called "pfSense"
33
 *		nor may "pfSense" appear in their names without prior written
34
 *		permission of the Electric Sheep Fencing, LLC.
35
 *
36
 *	6. Redistributions of any form whatsoever must retain the following
37
 *		acknowledgment:
38
 *
39
 *	"This product includes software developed by the pfSense Project
40
 *	for use in the pfSense software distribution (http://www.pfsense.org/).
41
 *
42
 *	THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
43
 *	EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
44
 *	IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
45
 *	PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
46
 *	ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
47
 *	SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
48
 *	NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
49
 *	LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50
 *	HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
51
 *	STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
52
 *	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
53
 *	OF THE POSSIBILITY OF SUCH DAMAGE.
54
 *
55
 *	====================================================================
56
 *
57
 */
58
/*
59
	pfSense_MODULE: routing
60
*/
61

    
62
##|+PRIV
63
##|*IDENT=page-system-gateways
64
##|*NAME=System: Gateways page
65
##|*DESCR=Allow access to the 'System: Gateways' page.
66
##|*MATCH=system_gateways.php*
67
##|-PRIV
68

    
69
require("guiconfig.inc");
70
require_once("functions.inc");
71
require_once("filter.inc");
72
require_once("shaper.inc");
73

    
74
$a_gateways = return_gateways_array(true, false, true);
75
$a_gateways_arr = array();
76
foreach ($a_gateways as $gw) {
77
	$a_gateways_arr[] = $gw;
78
}
79
$a_gateways = $a_gateways_arr;
80

    
81
if (!is_array($config['gateways']['gateway_item'])) {
82
	$config['gateways']['gateway_item'] = array();
83
}
84

    
85
$a_gateway_item = &$config['gateways']['gateway_item'];
86

    
87
if ($_POST) {
88

    
89
	$pconfig = $_POST;
90

    
91
	if ($_POST['apply']) {
92

    
93
		$retval = 0;
94

    
95
		$retval = system_routing_configure();
96
		$retval |= filter_configure();
97
		/* reconfigure our gateway monitor */
98
		setup_gateways_monitor();
99

    
100
		$savemsg = get_std_save_message($retval);
101
		if ($retval == 0) {
102
			clear_subsystem_dirty('staticroutes');
103
		}
104
	}
105
}
106

    
107
function can_delete_disable_gateway_item($id, $disable = false) {
108
	global $config, $input_errors, $a_gateways;
109

    
110
	if (!isset($a_gateways[$id])) {
111
		return false;
112
	}
113

    
114
	if (is_array($config['gateways']['gateway_group'])) {
115
		foreach ($config['gateways']['gateway_group'] as $group) {
116
			foreach ($group['item'] as $item) {
117
				$items = explode("|", $item);
118
				if ($items[0] == $a_gateways[$id]['name']) {
119
					if (!$disable) {
120
						$input_errors[] = sprintf(gettext("Gateway '%s' cannot be deleted because it is in use on Gateway Group '%s'"), $a_gateways[$id]['name'], $group['name']);
121
					} else {
122
						$input_errors[] = sprintf(gettext("Gateway '%s' cannot be disabled because it is in use on Gateway Group '%s'"), $a_gateways[$id]['name'], $group['name']);
123
					}
124
				}
125
			}
126
		}
127
	}
128

    
129
	if (is_array($config['staticroutes']['route'])) {
130
		foreach ($config['staticroutes']['route'] as $route) {
131
			if ($route['gateway'] == $a_gateways[$id]['name']) {
132
				if (!$disable) {
133
					// The user wants to delete this gateway, but there is a static route (enabled or disabled) that refers to the gateway.
134
					$input_errors[] = sprintf(gettext("Gateway '%s' cannot be deleted because it is in use on Static Route '%s'"), $a_gateways[$id]['name'], $route['network']);
135
				} else if (!isset($route['disabled'])) {
136
					// The user wants to disable this gateway.
137
					// But there is a static route that uses this gateway and is enabled (not disabled).
138
					$input_errors[] = sprintf(gettext("Gateway '%s' cannot be disabled because it is in use on Static Route '%s'"), $a_gateways[$id]['name'], $route['network']);
139
				}
140
			}
141
		}
142
	}
143

    
144
	if (isset($input_errors)) {
145
		return false;
146
	}
147

    
148
	return true;
149
}
150

    
151
function delete_gateway_item($id) {
152
	global $config, $a_gateways;
153

    
154
	if (!isset($a_gateways[$id])) {
155
		return;
156
	}
157

    
158
	/* NOTE: Cleanup static routes for the monitor ip if any */
159
	if (!empty($a_gateways[$id]['monitor']) &&
160
		$a_gateways[$id]['monitor'] != "dynamic" &&
161
		is_ipaddr($a_gateways[$id]['monitor']) &&
162
		$a_gateways[$id]['gateway'] != $a_gateways[$id]['monitor']) {
163
		if (is_ipaddrv4($a_gateways[$id]['monitor'])) {
164
			mwexec("/sbin/route delete " . escapeshellarg($a_gateways[$id]['monitor']));
165
		} else {
166
			mwexec("/sbin/route delete -inet6 " . escapeshellarg($a_gateways[$id]['monitor']));
167
		}
168
	}
169

    
170
	if ($config['interfaces'][$a_gateways[$id]['friendlyiface']]['gateway'] == $a_gateways[$id]['name']) {
171
		unset($config['interfaces'][$a_gateways[$id]['friendlyiface']]['gateway']);
172
	}
173
	unset($config['gateways']['gateway_item'][$a_gateways[$id]['attribute']]);
174
}
175

    
176
unset($input_errors);
177
if ($_GET['act'] == "del") {
178
	if (can_delete_disable_gateway_item($_GET['id'])) {
179
		$realid = $a_gateways[$_GET['id']]['attribute'];
180
		delete_gateway_item($_GET['id']);
181
		write_config("Gateways: removed gateway {$realid}");
182
		mark_subsystem_dirty('staticroutes');
183
		header("Location: system_gateways.php");
184
		exit;
185
	}
186
}
187

    
188
if (isset($_POST['del_x'])) {
189
	/* delete selected items */
190
	if (is_array($_POST['rule']) && count($_POST['rule'])) {
191
		foreach ($_POST['rule'] as $rulei) {
192
			if (!can_delete_disable_gateway_item($rulei)) {
193
				break;
194
			}
195
		}
196

    
197
		if (!isset($input_errors)) {
198
			$items_deleted = "";
199
			foreach ($_POST['rule'] as $rulei) {
200
				delete_gateway_item($rulei);
201
				$items_deleted .= "{$rulei} ";
202
			}
203
			if (!empty($items_deleted)) {
204
				write_config("Gateways: removed gateways {$items_deleted}");
205
				mark_subsystem_dirty('staticroutes');
206
			}
207
			header("Location: system_gateways.php");
208
			exit;
209
		}
210
	}
211

    
212
} else if ($_GET['act'] == "toggle" && $a_gateways[$_GET['id']]) {
213
	$realid = $a_gateways[$_GET['id']]['attribute'];
214
	$disable_gw = !isset($a_gateway_item[$realid]['disabled']);
215
	if ($disable_gw) {
216
		// The user wants to disable the gateway, so check if that is OK.
217
		$ok_to_toggle = can_delete_disable_gateway_item($_GET['id'], $disable_gw);
218
	} else {
219
		// The user wants to enable the gateway. That is always OK.
220
		$ok_to_toggle = true;
221
	}
222
	if ($ok_to_toggle) {
223
		if ($disable_gw) {
224
			$a_gateway_item[$realid]['disabled'] = true;
225
		} else {
226
			unset($a_gateway_item[$realid]['disabled']);
227
		}
228

    
229
		if (write_config("Gateways: enable/disable")) {
230
			mark_subsystem_dirty('staticroutes');
231
		}
232

    
233
		header("Location: system_gateways.php");
234
		exit;
235
	}
236
}
237

    
238
$pgtitle = array(gettext("System"), gettext("Gateways"));
239
$shortcut_section = "gateways";
240

    
241
include("head.inc");
242

    
243
if ($input_errors)
244
	print_input_errors($input_errors);
245
if ($savemsg)
246
	print_info_box($savemsg, 'success');
247
	
248
if (is_subsystem_dirty('staticroutes'))
249
	print_info_box_np(gettext("The gateway configuration has been changed.") . "<br />" . gettext("You must apply the changes in order for them to take effect."));
250

    
251
$tab_array = array();
252
$tab_array[0] = array(gettext("Gateways"), true, "system_gateways.php");
253
$tab_array[1] = array(gettext("Routes"), false, "system_routes.php");
254
$tab_array[2] = array(gettext("Groups"), false, "system_gateway_groups.php");
255
display_top_tabs($tab_array);
256

    
257
?>
258
<table class="table">
259
<thead>
260
	<tr>
261
		<th></th>
262
		<th><?=gettext("Name")?></th>
263
		<th><?=gettext("Interface")?></th>
264
		<th><?=gettext("Gateway")?></th>
265
		<th><?=gettext("Monitor IP")?></th>
266
		<th><?=gettext("Description")?></th>
267
		<th></th>
268
	</tr>
269
</thead>
270
<tbody>
271
<?php
272
foreach ($a_gateways as $i => $gateway):
273
	if (isset($gateway['inactive']))
274
		$icon = 'icon-remove-circle';
275
	elseif (isset($gateway['disabled']))
276
		$icon = 'icon-ban-circle';
277
	else
278
		$icon = 'icon-ok-circle';
279

    
280
	if (isset($gateway['inactive']))
281
		$title = gettext("This gateway is inactive because interface is missing");
282
	else
283
		$title = '';
284
?>
285
	<tr<?=($icon != 'icon-ok-circle')? ' class="disabled"' : ''?>>
286
		<td title="<?=$title?>"><i class="icon <?=$icon?>"></i></td>
287
		<td>
288
			<?=$gateway['name']?>
289
<?php
290
			if (isset($gateway['defaultgw']))
291
				echo " <strong>(default)</strong>";
292
?>
293
		</td>
294
		<td>
295
			<?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($gateway['friendlyiface']))?>
296
		</td>
297
		<td>
298
			<?=$gateway['gateway']?>
299
		</td>
300
		<td>
301
			<?=htmlspecialchars($gateway['monitor'])?>
302
		</td>
303
		<td>
304
			<?=htmlspecialchars($gateway['descr'])?>
305
		</td>
306
		<td>
307
			<a class="btn btn-xs btn-primary" href="system_gateways_edit.php?id=<?=$i?>">
308
				edit
309
			</a>
310
			<a class="btn btn-xs btn-default" href="system_gateways_edit.php?dup=<?=$i?>">
311
				copy
312
			</a>
313
<? if (is_numeric($gateway['attribute'])): ?>
314
			<a class="btn btn-xs btn-danger" href="system_gateways.php?act=del&amp;id=<?=$i?>">
315
				delete
316
			</a>
317
			<a class="btn btn-xs btn-default" href="?act=toggle&amp;id=<?=$i?>">
318
				toggle
319
			</a>
320
<? endif?>
321
		</td>
322
	</tr>
323
<? endforeach?>
324
</tbody>
325
</table>
326

    
327
<nav class="action-buttons">
328
	<a href="system_gateways_edit.php" role="button" class="btn btn-success">
329
		<?=gettext("Add new gateway");?>
330
	</a>
331
</nav>
332
<?php
333

    
334
include("foot.inc");
(205-205/235)