/usr/local/www/services_captiveportal.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/services_captiveportal.php @ b7e9ec80

1	5b237745	Scott Ullrich	#!/usr/local/bin/php
2	12ee8fe4	Scott Ullrich	<?php
3	b46bfcf5	Bill Marquette	/* $Id$ */
4	5b237745	Scott Ullrich	/*
5			services_captiveportal.php
6			part of m0n0wall (http://m0n0.ch/wall)
7	12ee8fe4	Scott Ullrich
8	9699028a	Scott Ullrich	Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
9	5b237745	Scott Ullrich	All rights reserved.
10	12ee8fe4	Scott Ullrich
11	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
12			modification, are permitted provided that the following conditions are met:
13	12ee8fe4	Scott Ullrich
14	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
15			this list of conditions and the following disclaimer.
16	12ee8fe4	Scott Ullrich
17	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
18			notice, this list of conditions and the following disclaimer in the
19			documentation and/or other materials provided with the distribution.
20	12ee8fe4	Scott Ullrich
21	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
22			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
23			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
25			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30			POSSIBILITY OF SUCH DAMAGE.
31			*/
32
33	9699028a	Scott Ullrich	$pgtitle = array("Services", "Captive portal");
34	5b237745	Scott Ullrich	require("guiconfig.inc");
35
36			if (!is_array($config['captiveportal'])) {
37			$config['captiveportal'] = array();
38			$config['captiveportal']['page'] = array();
39			$config['captiveportal']['timeout'] = 60;
40			}
41
42			if ($_GET['act'] == "viewhtml") {
43			echo base64_decode($config['captiveportal']['page']['htmltext']);
44			exit;
45			} else if ($_GET['act'] == "viewerrhtml") {
46			echo base64_decode($config['captiveportal']['page']['errtext']);
47			exit;
48			}
49
50			$pconfig['cinterface'] = $config['captiveportal']['interface'];
51			$pconfig['timeout'] = $config['captiveportal']['timeout'];
52			$pconfig['idletimeout'] = $config['captiveportal']['idletimeout'];
53			$pconfig['enable'] = isset($config['captiveportal']['enable']);
54	7faeda46	Scott Ullrich	$pconfig['auth_method'] = $config['captiveportal']['auth_method'];
55	5b237745	Scott Ullrich	$pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']);
56			$pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']);
57			$pconfig['httpsname'] = $config['captiveportal']['httpsname'];
58			$pconfig['cert'] = base64_decode($config['captiveportal']['certificate']);
59			$pconfig['key'] = base64_decode($config['captiveportal']['private-key']);
60			$pconfig['logoutwin_enable'] = isset($config['captiveportal']['logoutwin_enable']);
61			$pconfig['nomacfilter'] = isset($config['captiveportal']['nomacfilter']);
62	9699028a	Scott Ullrich	$pconfig['peruserbw'] = isset($config['captiveportal']['peruserbw']);
63			$pconfig['bwauthmacup'] = $config['captiveportal']['bwauthmacup'];
64			$pconfig['bwauthmacdn'] = $config['captiveportal']['bwauthmacdn'];
65			$pconfig['bwauthipup'] = $config['captiveportal']['bwauthipup'];
66			$pconfig['bwauthipdn'] = $config['captiveportal']['bwauthipdn'];
67			$pconfig['bwdefaultup'] = $config['captiveportal']['bwdefaultup'];
68			$pconfig['bwdefaultdn'] = $config['captiveportal']['bwdefaultdn'];
69	5b237745	Scott Ullrich	$pconfig['redirurl'] = $config['captiveportal']['redirurl'];
70			$pconfig['radiusip'] = $config['captiveportal']['radiusip'];
71			$pconfig['radiusport'] = $config['captiveportal']['radiusport'];
72			$pconfig['radiusacctport'] = $config['captiveportal']['radiusacctport'];
73			$pconfig['radiuskey'] = $config['captiveportal']['radiuskey'];
74
75			if ($_POST) {
76
77			unset($input_errors);
78			$pconfig = $_POST;
79
80			/* input validation */
81			if ($_POST['enable']) {
82	94bf3916	Scott Ullrich	$config['captiveportal']['enable'] = $_POST['enable'] ? true : false;
83
84	5b237745	Scott Ullrich	$reqdfields = explode(" ", "cinterface");
85			$reqdfieldsn = explode(",", "Interface");
86	12ee8fe4	Scott Ullrich
87	5b237745	Scott Ullrich	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
88	12ee8fe4	Scott Ullrich
89	5b237745	Scott Ullrich	/* make sure no interfaces are bridged */
90			for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
91			$coptif = &$config['interfaces']['opt' . $i];
92			if (isset($coptif['enable']) && $coptif['bridge']) {
93			$input_errors[] = "The captive portal cannot be used when one or more interfaces are bridged.";
94			break;
95			}
96			}
97	12ee8fe4	Scott Ullrich
98	5b237745	Scott Ullrich	if ($_POST['httpslogin_enable']) {
99			if (!$_POST['cert'] \|\| !$_POST['key']) {
100			$input_errors[] = "Certificate and key must be specified for HTTPS login.";
101			} else {
102			if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cert'], "END CERTIFICATE"))
103			$input_errors[] = "This certificate does not appear to be valid.";
104			if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") \|\| !strstr($_POST['key'], "END RSA PRIVATE KEY"))
105			$input_errors[] = "This key does not appear to be valid.";
106			}
107	12ee8fe4	Scott Ullrich
108	5b237745	Scott Ullrich	if (!$_POST['httpsname'] \|\| !is_domain($_POST['httpsname'])) {
109			$input_errors[] = "The HTTPS server name must be specified for HTTPS login.";
110			}
111			}
112			}
113	12ee8fe4	Scott Ullrich
114	5b237745	Scott Ullrich	if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) \|\| ($_POST['timeout'] < 1))) {
115			$input_errors[] = "The timeout must be at least 1 minute.";
116			}
117			if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) \|\| ($_POST['idletimeout'] < 1))) {
118			$input_errors[] = "The idle timeout must be at least 1 minute.";
119			}
120			if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {
121			$input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip']."]";
122			}
123			if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {
124			$input_errors[] = "A valid port number must be specified. [".$_POST['radiusport']."]";
125			}
126			if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {
127			$input_errors[] = "A valid port number must be specified. [".$_POST['radiusport']."]";
128			}
129
130			if (!$input_errors) {
131			$config['captiveportal']['interface'] = $_POST['cinterface'];
132			$config['captiveportal']['timeout'] = $_POST['timeout'];
133			$config['captiveportal']['idletimeout'] = $_POST['idletimeout'];
134			$config['captiveportal']['enable'] = $_POST['enable'] ? true : false;
135	7faeda46	Scott Ullrich	$config['captiveportal']['auth_method'] = $_POST['auth_method'];
136	5b237745	Scott Ullrich	$config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false;
137			$config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;
138			$config['captiveportal']['httpsname'] = $_POST['httpsname'];
139			$config['captiveportal']['certificate'] = base64_encode($_POST['cert']);
140			$config['captiveportal']['private-key'] = base64_encode($_POST['key']);
141			$config['captiveportal']['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;
142	9699028a	Scott Ullrich	$config['captiveportal']['peruserbw'] = $_POST['peruserbw'] ? true : false;
143			$config['captiveportal']['bwauthmacup'] = $_POST['bwauthmacup'];
144			$config['captiveportal']['bwauthmacdn'] = $_POST['bwauthmacdn'];
145			$config['captiveportal']['bwauthipup'] = $_POST['bwauthipup'];
146			$config['captiveportal']['bwauthipdn'] = $_POST['bwauthipdn'];
147			$config['captiveportal']['bwdefaultup'] = $_POST['bwdefaultup'];
148			$config['captiveportal']['bwdefaultdn'] = $_POST['bwdefaultdn'];
149	5b237745	Scott Ullrich	$config['captiveportal']['nomacfilter'] = $_POST['nomacfilter'] ? true : false;
150			$config['captiveportal']['redirurl'] = $_POST['redirurl'];
151			$config['captiveportal']['radiusip'] = $_POST['radiusip'];
152			$config['captiveportal']['radiusport'] = $_POST['radiusport'];
153			$config['captiveportal']['radiusacctport'] = $_POST['radiusacctport'];
154			$config['captiveportal']['radiuskey'] = $_POST['radiuskey'];
155	12ee8fe4	Scott Ullrich
156	5b237745	Scott Ullrich	/* file upload? */
157			if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))
158			$config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));
159	1d1038ee	Scott Ullrich	if (is_uploaded_file($_FILES['errfile']['tmp_name']))
160	5b237745	Scott Ullrich	$config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));
161	12ee8fe4	Scott Ullrich
162	5b237745	Scott Ullrich	write_config();
163	12ee8fe4	Scott Ullrich
164	076ebc9f	Scott Ullrich	filter_configure();
165
166	5b237745	Scott Ullrich	$retval = 0;
167			if (!file_exists($d_sysrebootreqd_path)) {
168			config_lock();
169			$retval = captiveportal_configure();
170			config_unlock();
171			}
172			$savemsg = get_std_save_message($retval);
173			}
174			}
175			?>
176	12ee8fe4	Scott Ullrich	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
177			<html>
178			<head>
179			<title><?=gentitle("pfSense webGUI");?></title>
180			<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
181			<link href="gui.css" rel="stylesheet" type="text/css">
182			</head>
183
184			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
185	9699028a	Scott Ullrich	<?php include("fbegin.inc"); ?>
186	5b237745	Scott Ullrich	<script language="JavaScript">
187			<!--
188	7faeda46	Scott Ullrich	function auth_method_change() {
189			if (document.iform.auth_method[0].checked == false) {
190			document.iform.logoutwin_enable.checked = 1;
191			} else {
192			document.iform.logoutwin_enable.checked = 0;
193			}
194	0ac74435	Colin Smith	if (document.iform.auth_method[2].checked == false) {
195			document.iform.radiusip.disabled = 1;
196			document.iform.radiusport.disabled = 1;
197			document.iform.radiuskey.disabled = 1;
198			document.iform.radacct_enable.disabled = 1;
199			document.iform.radiusacctport.disabled = 1;
200			} else {
201			document.iform.radiusip.disabled = 0;
202			document.iform.radiusport.disabled = 0;
203			document.iform.radiuskey.disabled = 0;
204			document.iform.radacct_enable.disabled = 0;
205			document.iform.radiusacctport.disabled = 0;
206			}
207	7faeda46	Scott Ullrich	}
208	0ac74435	Colin Smith
209	9699028a	Scott Ullrich	function radacct_change() {
210			if (document.iform.radacct_enable.checked) {
211	7faeda46	Scott Ullrich	auth_method_change();
212	12ee8fe4	Scott Ullrich	}
213	908ee218	Colin Smith	}
214
215	0ac74435	Colin Smith	function enable_https() {
216			if (document.iform.httpslogin_enable.checked == false) {
217			document.iform.httpsname.disabled = 1;
218			document.iform.cert.disabled = 1;
219			document.iform.key.disabled = 1;
220			} else {
221			document.iform.httpsname.disabled = 0;
222			document.iform.cert.disabled = 0;
223			document.iform.key.disabled = 0;
224			}
225			}
226
227			function enable_peruserbw() {
228			if (document.iform.peruserbw.checked == false) {
229			document.iform.bwauthmacdn.disabled = 1;
230			document.iform.bwauthmacup.disabled = 1;
231			document.iform.bwauthipdn.disabled = 1;
232			document.iform.bwauthipup.disabled = 1;
233			document.iform.bwdefaultdn.disabled = 1;
234			document.iform.bwdefaultup.disabled = 1;
235			} else {
236			document.iform.bwauthmacdn.disabled = 0;
237			document.iform.bwauthmacup.disabled = 0;
238			document.iform.bwauthipdn.disabled = 0;
239			document.iform.bwauthipup.disabled = 0;
240			document.iform.bwdefaultdn.disabled = 0;
241			document.iform.bwdefaultup.disabled = 0;
242			}
243			}
244
245	5b237745	Scott Ullrich	function enable_change(enable_change) {
246	07bd3f83	Scott Ullrich	var endis;
247			endis = !(document.iform.enable.checked \|\| enable_change);
248	12ee8fe4	Scott Ullrich
249	07bd3f83	Scott Ullrich	document.iform.cinterface.disabled = endis;
250			document.iform.idletimeout.disabled = endis;
251			document.iform.timeout.disabled = endis;
252			document.iform.redirurl.disabled = endis;
253			document.iform.radiusip.disabled = endis;
254			document.iform.radiusport.disabled = endis;
255			document.iform.radiuskey.disabled = endis;
256			document.iform.radacct_enable.disabled = endis;
257	7faeda46	Scott Ullrich	document.iform.auth_method[0].disabled = endis;
258			document.iform.auth_method[1].disabled = endis;
259			document.iform.auth_method[2].disabled = endis;
260	07bd3f83	Scott Ullrich	document.iform.httpslogin_enable.disabled = endis;
261			document.iform.httpsname.disabled = endis;
262			document.iform.cert.disabled = endis;
263			document.iform.key.disabled = endis;
264			document.iform.logoutwin_enable.disabled = endis;
265			document.iform.nomacfilter.disabled = endis;
266			document.iform.htmlfile.disabled = endis;
267			document.iform.errfile.disabled = endis;
268	12ee8fe4	Scott Ullrich
269	5b237745	Scott Ullrich	if (enable_change && document.iform.radacct_enable.checked) {
270			document.iform.logoutwin_enable.checked = 1;
271			}
272	7faeda46	Scott Ullrich	if (enable_change && document.iform.auth_method[0].checked == false) {
273			document.iform.logoutwin_enable.checked = 1;
274			}
275	0ac74435	Colin Smith
276			auth_method_change();
277			enable_https();
278			enable_peruserbw();
279
280	5b237745	Scott Ullrich	}
281			//-->
282			</script>
283			<?php if ($input_errors) print_input_errors($input_errors); ?>
284			<?php if ($savemsg) print_info_box($savemsg); ?>
285			<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
286			<table width="100%" border="0" cellpadding="0" cellspacing="0">
287	9699028a	Scott Ullrich	<tr><td class="tabnavtbl">
288	5b237745	Scott Ullrich	<ul id="tabnav">
289			<li class="tabact">Captive portal</li>
290			<li class="tabinact"><a href="services_captiveportal_mac.php">Pass-through MAC</a></li>
291			<li class="tabinact"><a href="services_captiveportal_ip.php">Allowed IP addresses</a></li>
292	7faeda46	Scott Ullrich	<li class="tabinact"><a href="services_captiveportal_users.php">Users</a></li>
293	5b237745	Scott Ullrich	</ul>
294			</td></tr>
295			<tr>
296			<td class="tabcont">
297			<table width="100%" border="0" cellpadding="6" cellspacing="0">
298	12ee8fe4	Scott Ullrich	<tr>
299	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
300			<td width="78%" class="vtable">
301			<input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
302			<strong>Enable captive portal </strong></td>
303			</tr>
304	12ee8fe4	Scott Ullrich	<tr>
305	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncellreq">Interface</td>
306			<td width="78%" class="vtable">
307			<select name="cinterface" class="formfld" id="cinterface">
308			<?php $interfaces = array('lan' => 'LAN');
309			for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
310			if (isset($config['interfaces']['opt' . $i]['enable']))
311			$interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
312			}
313			foreach ($interfaces as $iface => $ifacename): ?>
314	12ee8fe4	Scott Ullrich	<option value="<?=$iface;?>" <?php if ($iface == $pconfig['cinterface']) echo "selected"; ?>>
315	5b237745	Scott Ullrich	<?=htmlspecialchars($ifacename);?>
316			</option>
317			<?php endforeach; ?>
318			</select> <br>
319			<span class="vexpl">Choose which interface to run the captive portal on.</span></td>
320			</tr>
321			<tr>
322			<td valign="top" class="vncell">Idle timeout</td>
323			<td class="vtable">
324			<input name="idletimeout" type="text" class="formfld" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">
325			minutes<br>
326			Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout.</td>
327			</tr>
328	12ee8fe4	Scott Ullrich	<tr>
329	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncell">Hard timeout</td>
330	12ee8fe4	Scott Ullrich	<td width="78%" class="vtable">
331			<input name="timeout" type="text" class="formfld" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>">
332	5b237745	Scott Ullrich	minutes<br>
333			Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set).</td>
334			</tr>
335	12ee8fe4	Scott Ullrich	<tr>
336	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncell">Logout popup window</td>
337	12ee8fe4	Scott Ullrich	<td width="78%" class="vtable">
338	5b237745	Scott Ullrich	<input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>
339			<strong>Enable logout popup window</strong><br>
340			If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs. When RADIUS accounting is enabled, this option is implied.</td>
341			</tr>
342			<tr>
343			<td valign="top" class="vncell">Redirection URL</td>
344			<td class="vtable">
345			<input name="redirurl" type="text" class="formfld" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">
346			<br>
347			If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried
348			to access after they've authenticated.</td>
349			</tr>
350			<tr>
351			<td width="22%" valign="top" class="vncell">RADIUS server</td>
352	12ee8fe4	Scott Ullrich	<td width="78%" class="vtable">
353	5b237745	Scott Ullrich	<table cellpadding="0" cellspacing="0">
354	7faeda46	Scott Ullrich	<td>No Authentication:  </td>
355			<td><input name="auth_method" type="radio" id="auth_method" value="none" <?php if($pconfig['auth_method']!="local" \|\| $pconfig['auth_method']!="radius") echo "checked"; ?> onClick="auth_method_change()"></td>
356			</tr>
357			<td>Local <a href="services_captiveportal_users.php">Usermanager</a>:  </td>
358			<td><input name="auth_method" type="radio" id="auth_method" value="local" <?php if($pconfig['auth_method']=="local") echo "checked"; ?> onClick="auth_method_change()"></td>
359			</tr>
360			<td>RADIUS Authentication:  </td>
361			<td><input name="auth_method" type="radio" id="auth_method" value="radius" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?> onClick="auth_method_change()"></td>
362			</tr>
363	5b237745	Scott Ullrich	<tr>
364			<td>IP address:</td>
365			<td><input name="radiusip" type="text" class="formfld" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"></td>
366			</tr><tr>
367			<td>Port:</td>
368			<td><input name="radiusport" type="text" class="formfld" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"></td>
369			</tr><tr>
370			<td>Shared secret:  </td>
371			<td><input name="radiuskey" type="text" class="formfld" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"> </td>
372			</tr>
373			<tr>
374			<td>Accounting:  </td>
375			<td><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" <?php if($pconfig['radacct_enable']) echo "checked"; ?> onClick="radacct_change()"></td>
376			</tr>
377			<tr>
378			<td>Accounting port:  </td>
379			<td><input name="radiusacctport" type="text" class="formfld" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"></td>
380			</tr></table>
381			<br>
382			Enter the IP address and port of the RADIUS server which users of the captive portal have to authenticate against. Leave blank to disable RADIUS authentication. Leave port number blank to use the default port (1812). Leave the RADIUS shared secret blank to not use a RADIUS shared secret. RADIUS accounting packets will also be sent to the RADIUS server if accounting is enabled (default port is 1813).
383			</tr>
384			<tr>
385			<td valign="top" class="vncell">HTTPS login</td>
386			<td class="vtable">
387	0ac74435	Colin Smith	<input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?> onClick="enable_https()">
388	5b237745	Scott Ullrich	<strong>Enable HTTPS login</strong><br>
389			If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. This option only applies when RADIUS authentication is used. A server name, certificate and matching private key must also be specified below.</td>
390			</tr>
391			<tr>
392			<td valign="top" class="vncell">HTTPS server name </td>
393			<td class="vtable">
394			<input name="httpsname" type="text" class="formfld" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>
395			This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS. </td>
396			</tr>
397			<tr>
398			<td valign="top" class="vncell">HTTPS certificate</td>
399			<td class="vtable">
400			<textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>
401			<br>
402	9699028a	Scott Ullrich	Paste a signed certificate in X.509 PEM format here.</td>
403	5b237745	Scott Ullrich	</tr>
404			<tr>
405			<td valign="top" class="vncell">HTTPS private key</td>
406			<td class="vtable">
407			<textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>
408			<br>
409			Paste an RSA private key in PEM format here.</td>
410			</tr>
411	12ee8fe4	Scott Ullrich	<tr>
412	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncellreq">Portal page contents</td>
413	12ee8fe4	Scott Ullrich	<td width="78%" class="vtable">
414	9699028a	Scott Ullrich	<?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld" id="htmlfile"><br>
415	5b237745	Scott Ullrich	<?php if ($config['captiveportal']['page']['htmltext']): ?>
416	12ee8fe4	Scott Ullrich	<a href="?act=viewhtml" target="_blank">View current page</a>
417	5b237745	Scott Ullrich	<br>
418			<br>
419			<?php endif; ?>
420			Upload an HTML file for the portal page here (leave blank to keep the current one). Make sure to include a form (POST to "$PORTAL_ACTION$")
421	07bd3f83	Scott Ullrich	with a submit button (name="accept") and a hidden field with name="redirurl" and value="$PORTAL_REDIRURL$". Include the "auth_user" and "auth_pass" input elements if RADIUS authentication is enabled. If RADIUS is enabled and no "auth_user" is present, authentication will always fail. If RADIUS is not enabled, you can omit both of these input elements. Example code for the form:<br>
422	5b237745	Scott Ullrich	<br>
423			<tt><form method="post" action="$PORTAL_ACTION$"><br>
424			<input name="auth_user" type="text"><br>
425			<input name="auth_pass" type="password"><br>
426			<input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br>
427			<input name="accept" type="submit" value="Continue"><br>
428			</form></tt></td>
429			</tr>
430			<tr>
431			<td width="22%" valign="top" class="vncell">Authentication<br>
432			error page<br>
433			contents</td>
434			<td class="vtable">
435			<input name="errfile" type="file" class="formfld" id="errfile"><br>
436			<?php if ($config['captiveportal']['page']['errtext']): ?>
437	12ee8fe4	Scott Ullrich	<a href="?act=viewerrhtml" target="_blank">View current page</a>
438	5b237745	Scott Ullrich	<br>
439			<br>
440			<?php endif; ?>
441	65052086	Colin Smith	The contents of the HTML file that you upload here are displayed when an authentication error occurs.</td>
442	5b237745	Scott Ullrich	</tr>
443	12ee8fe4	Scott Ullrich	<tr>
444	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
445	12ee8fe4	Scott Ullrich	<td width="78%">
446			<input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)">
447	5b237745	Scott Ullrich	</td>
448			</tr>
449	12ee8fe4	Scott Ullrich	<tr>
450	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
451			<td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br>
452			</strong></span>Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work. </span></td>
453			</tr>
454			</table>
455			</td>
456			</tr>
457			</table>
458			</form>
459			<script language="JavaScript">
460			<!--
461			enable_change(false);
462			//-->
463			</script>
464			<?php include("fend.inc"); ?>

Project

General

Profile

pfSense