Revision c1ec2c2f
Added by Scott Ullrich almost 20 years ago
| etc/inc/config.inc | ||
|---|---|---|
| 1190 | 1190 |
require_once("interfaces.inc");
|
| 1191 | 1191 |
global $config, $g; |
| 1192 | 1192 |
|
| 1193 |
/* if the ftp proxy is disabled then kill pftpx instance and return |
|
| 1194 |
* note that the helpers for port forwards are launched in a different |
|
| 1195 |
* sequence so we are filtering them out here by not including -g 8021 first. |
|
| 1196 |
*/ |
|
| 1197 |
if($config['system']['disableftpproxy'] <> "") {
|
|
| 1198 |
$helpers = exec("ps aux | grep \"/usr/local/sbin/pftpx -g 8021\" | grep -v grep | cut -d\" \" -f6");
|
|
| 1199 |
mwexec("/usr/bin/kill {$helpers}");
|
|
| 1200 |
return; |
|
| 1193 |
/* build an array of interfaces to work with */ |
|
| 1194 |
$iflist = array("lan" => "LAN", "wan" => "WAN");
|
|
| 1195 |
for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) |
|
| 1196 |
$iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; |
|
| 1197 |
|
|
| 1198 |
/* loop through all interfaces and handle pftpx */ |
|
| 1199 |
$interface_counter = 0; |
|
| 1200 |
foreach ($iflist as $ifent => $ifname) {
|
|
| 1201 |
/* if the ftp proxy is disabled for this interface then kill pftpx |
|
| 1202 |
* instance and continue. note that the helpers for port forwards are |
|
| 1203 |
* launched in a different sequence so we are filtering them out |
|
| 1204 |
* here by not including -c {$port} -g 8021 first.
|
|
| 1205 |
*/ |
|
| 1206 |
$port = 8021 + $interface_counter; |
|
| 1207 |
if(isset($config['interfaces'][$ifname]['disableftpproxy'])) {
|
|
| 1208 |
/* item is disabled. lets ++ the interface counter and |
|
| 1209 |
* keep processing interfaces. kill pftpx if already |
|
| 1210 |
* running for this instance. |
|
| 1211 |
*/ |
|
| 1212 |
$helpers = exec("ps aux | grep \"/usr/local/sbin/pftpx -g 8021\" | grep -v grep | cut -d\" \" -f6");
|
|
| 1213 |
mwexec("/usr/bin/kill {$helpers}");
|
|
| 1214 |
$interface_counter++; |
|
| 1215 |
continue; |
|
| 1216 |
} |
|
| 1217 |
/* grab the current interface IP address */ |
|
| 1218 |
$ip = find_interface_ip(convert_friendly_interface_to_real_interface_name($ifname)); |
|
| 1219 |
/* if pftpx is already running then do not launch it again */ |
|
| 1220 |
$helpers = exec("ps aux | grep \"/usr/local/sbin/pftpx -c {$port} -g 8021\" | grep -v grep | grep {$ip}");
|
|
| 1221 |
if(!$helpers) |
|
| 1222 |
mwexec("/usr/local/sbin/pftpx -c {$port} -g 8021 {$ip}");
|
|
| 1223 |
|
|
| 1224 |
$interface_counter++; |
|
| 1201 | 1225 |
} |
| 1202 |
|
|
| 1203 |
/* grab the current WAN IP address */ |
|
| 1204 |
$wanip = get_current_wan_address(); |
|
| 1205 |
|
|
| 1206 |
/* if pftpx is already running then do not launch it again */ |
|
| 1207 |
$helpers = exec("ps aux | grep \"/usr/local/sbin/pftpx -g 8021\" | grep -v grep");
|
|
| 1208 |
if(!$helpers) |
|
| 1209 |
mwexec("/usr/local/sbin/pftpx -g 8021");
|
|
| 1226 |
|
|
| 1210 | 1227 |
} |
| 1211 | 1228 |
|
| 1212 | 1229 |
function cleanup_backupcache($revisions = 30) {
|
| etc/inc/filter.inc | ||
|---|---|---|
| 544 | 544 |
$natrules .= "\n# Load balancing anchor - slbd updates\n"; |
| 545 | 545 |
$natrules .= "rdr-anchor \"slb\"\n"; |
| 546 | 546 |
|
| 547 |
if(!isset($config['system']['disableftpproxy'])) {
|
|
| 548 |
$optcfg = array(); |
|
| 549 |
generate_optcfg_array($optcfg); |
|
| 550 |
$natrules .= "# FTP proxy\n"; |
|
| 551 |
$natrules .= "rdr-anchor \"pftpx/*\"\n"; |
|
| 552 |
$natrules .= "rdr on {$lanif} proto tcp from any to any port 21 -> 127.0.0.1 port 8021\n";
|
|
| 553 |
# go through optional interfaces, setting up pftpx for them as well. |
|
| 554 |
foreach($optcfg as $oc) {
|
|
| 555 |
$natrules .= "rdr on {$oc['if']} proto tcp from any to any port 21 -> 127.0.0.1 port 8021\n";
|
|
| 547 |
/* build an array of interfaces to work with */ |
|
| 548 |
$iflist = array("lan" => "LAN", "wan" => "WAN");
|
|
| 549 |
for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) |
|
| 550 |
$iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; |
|
| 551 |
$natrules .= "# FTP proxy\n"; |
|
| 552 |
$natrules .= "rdr-anchor \"pftpx/*\"\n"; |
|
| 553 |
$interface_counter = 0; |
|
| 554 |
/* loop through all interfaces and handle pftpx redirections */ |
|
| 555 |
foreach ($iflist as $ifent => $ifname) {
|
|
| 556 |
if(isset($config['interfaces'][$ifname]['disableftpproxy'])) {
|
|
| 557 |
$interface_counter++; |
|
| 558 |
continue; |
|
| 556 | 559 |
} |
| 557 |
$natrules .= "\n"; |
|
| 560 |
$tmp_port = 8021 + $interface_counter; |
|
| 561 |
$tmp_interface = convert_friendly_interface_to_real_interface_name($ifname); |
|
| 562 |
$natrules .= "rdr on {$tmp_interface} proto tcp from any to any port 21 -> 127.0.0.1 port {$tmp_port}\n";
|
|
| 563 |
$interface_counter++; |
|
| 558 | 564 |
} |
| 565 |
$natrules .= "\n"; |
|
| 559 | 566 |
|
| 560 | 567 |
/* DIAG: add ipv6 NAT, if requested */ |
| 561 | 568 |
if (isset($config['diag']['ipv6nat']['enable']) and $config['diag']['ipv6nat']['ipaddr'] <> "") {
|
| usr/local/www/interfaces.php | ||
|---|---|---|
| 51 | 51 |
$pconfig['pptp_dialondemand'] = isset($config['pptp']['ondemand']); |
| 52 | 52 |
$pconfig['pptp_idletimeout'] = $config['pptp']['timeout']; |
| 53 | 53 |
|
| 54 |
$pconfig['disableftpproxy'] = isset($wancfg['disableftpproxy']); |
|
| 55 |
|
|
| 54 | 56 |
$pconfig['bigpond_username'] = $config['bigpond']['username']; |
| 55 | 57 |
$pconfig['bigpond_password'] = $config['bigpond']['password']; |
| 56 | 58 |
$pconfig['bigpond_authserver'] = $config['bigpond']['authserver']; |
| ... | ... | |
| 209 | 211 |
unset($config['bigpond']['authserver']); |
| 210 | 212 |
unset($config['bigpond']['authdomain']); |
| 211 | 213 |
unset($config['bigpond']['minheartbeatinterval']); |
| 214 |
unset($wancfg['disableftpproxy']); |
|
| 215 |
|
|
| 216 |
/* per interface pftpx helper */ |
|
| 217 |
if($_POST['disableftpproxy'] == "yes") {
|
|
| 218 |
$wancfg['disableftpproxy'] = true; |
|
| 219 |
system_start_ftp_helpers(); |
|
| 220 |
} else {
|
|
| 221 |
system_start_ftp_helpers(); |
|
| 222 |
} |
|
| 212 | 223 |
|
| 213 | 224 |
if ($_POST['type'] == "Static") {
|
| 214 | 225 |
$wancfg['ipaddr'] = $_POST['ipaddr']; |
| ... | ... | |
| 687 | 698 |
When set, this option blocks traffic from IP addresses that |
| 688 | 699 |
are reserved (but not RFC 1918) or not yet assigned by IANA.<br> |
| 689 | 700 |
Bogons are prefixes that should never appear in the Internet routing table, and obviously should not appear as the source address in any packets you receive.</td> |
| 701 |
</tr> |
|
| 702 |
<tr> |
|
| 703 |
<td width="22%" valign="top" class="vncell">FTP Helper</td> |
|
| 704 |
<td width="78%" class="vtable"> |
|
| 705 |
<input name="disableftpproxy" type="checkbox" id="disableftpproxy" value="yes" <?php if (isset($config['system']['disableftpproxy'])) echo "checked"; ?> onclick="enable_change(false)" /> |
|
| 706 |
<strong>Disable the userland FTP-Proxy application</strong> |
|
| 707 |
<br /> |
|
| 708 |
</td> |
|
| 709 |
</tr> |
|
| 690 | 710 |
<tr> |
| 691 | 711 |
<td width="100" valign="top"> </td> |
| 692 | 712 |
<td> <br> <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change_pptp(true)&&enable_change(true)"> |
| usr/local/www/interfaces_lan.php | ||
|---|---|---|
| 41 | 41 |
$pconfig['bandwidth'] = $lancfg['bandwidth']; |
| 42 | 42 |
$pconfig['bandwidthtype'] = $lancfg['bandwidthtype']; |
| 43 | 43 |
|
| 44 |
$pconfig['disableftpproxy'] = isset($lancfg['disableftpproxy']); |
|
| 45 |
|
|
| 44 | 46 |
/* Wireless interface? */ |
| 45 | 47 |
if (isset($lancfg['wireless'])) {
|
| 46 | 48 |
require("interfaces_wlan.inc");
|
| ... | ... | |
| 105 | 107 |
|
| 106 | 108 |
if (!$input_errors) {
|
| 107 | 109 |
|
| 110 |
unset($lancfg['disableftpproxy']); |
|
| 111 |
|
|
| 112 |
/* per interface pftpx helper */ |
|
| 113 |
if($_POST['disableftpproxy'] == "yes") {
|
|
| 114 |
$lancfg['disableftpproxy'] = true; |
|
| 115 |
system_start_ftp_helpers(); |
|
| 116 |
} else {
|
|
| 117 |
system_start_ftp_helpers(); |
|
| 118 |
} |
|
| 119 |
|
|
| 108 | 120 |
$bridge = discover_bridge($lancfg['if'], filter_translate_type_to_real_interface($lancfg['bridge'])); |
| 109 | 121 |
if($bridge <> "-1") {
|
| 110 | 122 |
destroy_bridge($bridge); |
| ... | ... | |
| 230 | 242 |
<br> The bandwidth setting will define the speed of the interface for traffic shaping. Do not enter your "Internet" bandwidth here, only the physical speed! |
| 231 | 243 |
</td> |
| 232 | 244 |
</tr> |
| 245 |
<tr> |
|
| 246 |
<td width="22%" valign="top" class="vncell">FTP Helper</td> |
|
| 247 |
<td width="78%" class="vtable"> |
|
| 248 |
<input name="disableftpproxy" type="checkbox" id="disableftpproxy" value="yes" <?php if (isset($config['system']['disableftpproxy'])) echo "checked"; ?> onclick="enable_change(false)" /> |
|
| 249 |
<strong>Disable the userland FTP-Proxy application</strong> |
|
| 250 |
<br /> |
|
| 251 |
</td> |
|
| 252 |
</tr> |
|
| 233 | 253 |
<tr> |
| 234 | 254 |
<td width="22%" valign="top"> </td> |
| 235 | 255 |
<td width="78%"> |
| ... | ... | |
| 278 | 298 |
|
| 279 | 299 |
} |
| 280 | 300 |
|
| 281 |
?> |
|
| 301 |
?> |
|
| usr/local/www/interfaces_opt.php | ||
|---|---|---|
| 61 | 61 |
$pconfig['spoofmac'] = $optcfg['spoofmac']; |
| 62 | 62 |
$pconfig['mtu'] = $optcfg['mtu']; |
| 63 | 63 |
|
| 64 |
$pconfig['disableftpproxy'] = isset($optcfg['disableftpproxy']); |
|
| 64 | 65 |
|
| 65 | 66 |
/* Wireless interface? */ |
| 66 | 67 |
if (isset($optcfg['wireless'])) {
|
| ... | ... | |
| 171 | 172 |
} |
| 172 | 173 |
|
| 173 | 174 |
unset($optcfg['dhcphostname']); |
| 175 |
unset($optcfg['disableftpproxy']); |
|
| 176 |
|
|
| 177 |
/* per interface pftpx helper */ |
|
| 178 |
if($_POST['disableftpproxy'] == "yes") {
|
|
| 179 |
$optcfg['disableftpproxy'] = true; |
|
| 180 |
system_start_ftp_helpers(); |
|
| 181 |
} else {
|
|
| 182 |
system_start_ftp_helpers(); |
|
| 183 |
} |
|
| 174 | 184 |
|
| 175 | 185 |
$optcfg['descr'] = remove_bad_chars($_POST['descr']); |
| 176 | 186 |
$optcfg['bridge'] = $_POST['bridge']; |
| ... | ... | |
| 413 | 423 |
</select> |
| 414 | 424 |
<br> The bandwidth setting will define the speed of the interface for traffic shaping. Do not enter your "Internet" bandwidth here, only the physical speed! |
| 415 | 425 |
</td> |
| 416 |
</tr> <tr> |
|
| 426 |
</tr> |
|
| 427 |
<tr> |
|
| 428 |
<td width="22%" valign="top" class="vncell">FTP Helper</td> |
|
| 429 |
<td width="78%" class="vtable"> |
|
| 430 |
<input name="disableftpproxy" type="checkbox" id="disableftpproxy" value="yes" <?php if (isset($config['system']['disableftpproxy'])) echo "checked"; ?> onclick="enable_change(false)" /> |
|
| 431 |
<strong>Disable the userland FTP-Proxy application</strong> |
|
| 432 |
<br /> |
|
| 433 |
</td> |
|
| 434 |
</tr> |
|
| 435 |
<tr> |
|
| 417 | 436 |
<td width="22%" valign="top"> </td> |
| 418 | 437 |
<td width="78%"> |
| 419 | 438 |
<input name="index" type="hidden" value="<?=$index;?>"> |
| usr/local/www/interfaces_wan.php | ||
|---|---|---|
| 51 | 51 |
$pconfig['pptp_dialondemand'] = isset($config['pptp']['ondemand']); |
| 52 | 52 |
$pconfig['pptp_idletimeout'] = $config['pptp']['timeout']; |
| 53 | 53 |
|
| 54 |
$pconfig['disableftpproxy'] = isset($wancfg['disableftpproxy']); |
|
| 55 |
|
|
| 54 | 56 |
$pconfig['bigpond_username'] = $config['bigpond']['username']; |
| 55 | 57 |
$pconfig['bigpond_password'] = $config['bigpond']['password']; |
| 56 | 58 |
$pconfig['bigpond_authserver'] = $config['bigpond']['authserver']; |
| ... | ... | |
| 209 | 211 |
unset($config['bigpond']['authserver']); |
| 210 | 212 |
unset($config['bigpond']['authdomain']); |
| 211 | 213 |
unset($config['bigpond']['minheartbeatinterval']); |
| 214 |
unset($wancfg['disableftpproxy']); |
|
| 215 |
|
|
| 216 |
/* per interface pftpx helper */ |
|
| 217 |
if($_POST['disableftpproxy'] == "yes") {
|
|
| 218 |
$wancfg['disableftpproxy'] = true; |
|
| 219 |
system_start_ftp_helpers(); |
|
| 220 |
} else {
|
|
| 221 |
system_start_ftp_helpers(); |
|
| 222 |
} |
|
| 212 | 223 |
|
| 213 | 224 |
if ($_POST['type'] == "Static") {
|
| 214 | 225 |
$wancfg['ipaddr'] = $_POST['ipaddr']; |
| ... | ... | |
| 687 | 698 |
When set, this option blocks traffic from IP addresses that |
| 688 | 699 |
are reserved (but not RFC 1918) or not yet assigned by IANA.<br> |
| 689 | 700 |
Bogons are prefixes that should never appear in the Internet routing table, and obviously should not appear as the source address in any packets you receive.</td> |
| 701 |
</tr> |
|
| 702 |
<tr> |
|
| 703 |
<td width="22%" valign="top" class="vncell">FTP Helper</td> |
|
| 704 |
<td width="78%" class="vtable"> |
|
| 705 |
<input name="disableftpproxy" type="checkbox" id="disableftpproxy" value="yes" <?php if (isset($config['system']['disableftpproxy'])) echo "checked"; ?> onclick="enable_change(false)" /> |
|
| 706 |
<strong>Disable the userland FTP-Proxy application</strong> |
|
| 707 |
<br /> |
|
| 708 |
</td> |
|
| 709 |
</tr> |
|
| 690 | 710 |
<tr> |
| 691 | 711 |
<td width="100" valign="top"> </td> |
| 692 | 712 |
<td> <br> <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change_pptp(true)&&enable_change(true)"> |
| usr/local/www/system_advanced.php | ||
|---|---|---|
| 35 | 35 |
require("guiconfig.inc");
|
| 36 | 36 |
|
| 37 | 37 |
$pconfig['disablefilter'] = $config['system']['disablefilter']; |
| 38 |
$pconfig['disableftpproxy'] = $config['system']['disableftpproxy']; |
|
| 39 | 38 |
$pconfig['rfc959workaround'] = $config['system']['rfc959workaround']; |
| 40 | 39 |
$pconfig['ipv6nat_enable'] = isset($config['diag']['ipv6nat']['enable']); |
| 41 | 40 |
$pconfig['ipv6nat_ipaddr'] = $config['diag']['ipv6nat']['ipaddr']; |
| ... | ... | |
| 130 | 129 |
system_enable_arp_wrong_if(); |
| 131 | 130 |
} |
| 132 | 131 |
|
| 133 |
if($_POST['disableftpproxy'] == "yes") {
|
|
| 134 |
$config['system']['disableftpproxy'] = "enabled"; |
|
| 135 |
unset($config['system']['rfc959workaround']); |
|
| 136 |
system_start_ftp_helpers(); |
|
| 137 |
} else {
|
|
| 138 |
unset($config['system']['disableftpproxy']); |
|
| 139 |
system_start_ftp_helpers(); |
|
| 140 |
} |
|
| 141 | 132 |
if($_POST['rfc959workaround'] == "yes") |
| 142 | 133 |
$config['system']['rfc959workaround'] = "enabled"; |
| 143 | 134 |
else |
| ... | ... | |
| 524 | 515 |
<tr> |
| 525 | 516 |
<td colspan="2" valign="top" class="listtopic">Traffic Shaper and Firewall Advanced</td> |
| 526 | 517 |
</tr> |
| 527 |
<tr> |
|
| 528 |
<td width="22%" valign="top" class="vncell">FTP Helper</td> |
|
| 529 |
<td width="78%" class="vtable"> |
|
| 530 |
<input name="disableftpproxy" type="checkbox" id="disableftpproxy" value="yes" <?php if (isset($config['system']['disableftpproxy'])) echo "checked"; ?> onclick="enable_change(false)" /> |
|
| 531 |
<strong class="vexpl">Disable the userland FTP-Proxy application</strong> |
|
| 532 |
<br /> |
|
| 533 |
</td> |
|
| 534 |
</tr> |
|
| 535 | 518 |
<tr> |
| 536 | 519 |
<td width="22%" valign="top" class="vncell">FTP RFC 959 data port violation workaround</td> |
| 537 | 520 |
<td width="78%" class="vtable"> |
Also available in: Unified diff
MFC 7401
Add support for per interface ftp helper.
Suggested-by: Dan Swartzendruber <dswartz_AT_druber.com>
In-Discussion-with: Bill M, Dan S