/src/usr/local/www/system_gateways.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_gateways.php @ cfc0d396

1	d173230c	Seth Mos	<?php
2			/*
3	aaec5634	Renato Botelho	* system_gateways.php
4			*
5			* part of pfSense (https://www.pfsense.org)
6	2a2396a6	Renato Botelho	* Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
7	aaec5634	Renato Botelho	* Copyright (c) 2010 Seth Mos <seth.mos@dds.nl>
8			* All rights reserved.
9			*
10			* Redistribution and use in source and binary forms, with or without
11			* modification, are permitted provided that the following conditions are met:
12			*
13			* 1. Redistributions of source code must retain the above copyright notice,
14			* this list of conditions and the following disclaimer.
15			*
16			* 2. Redistributions in binary form must reproduce the above copyright
17			* notice, this list of conditions and the following disclaimer in
18			* the documentation and/or other materials provided with the
19			* distribution.
20			*
21			* 3. All advertising materials mentioning features or use of this software
22			* must display the following acknowledgment:
23			* "This product includes software developed by the pfSense Project
24			* for use in the pfSense® software distribution. (http://www.pfsense.org/).
25			*
26			* 4. The names "pfSense" and "pfSense Project" must not be used to
27			* endorse or promote products derived from this software without
28			* prior written permission. For written permission, please contact
29			* coreteam@pfsense.org.
30			*
31			* 5. Products derived from this software may not be called "pfSense"
32			* nor may "pfSense" appear in their names without prior written
33			* permission of the Electric Sheep Fencing, LLC.
34			*
35			* 6. Redistributions of any form whatsoever must retain the following
36			* acknowledgment:
37			*
38			* "This product includes software developed by the pfSense Project
39			* for use in the pfSense software distribution (http://www.pfsense.org/).
40			*
41			* THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
42			* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
44			* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
45			* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
46			* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
47			* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
48			* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
49			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
50			* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
51			* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52			* OF THE POSSIBILITY OF SUCH DAMAGE.
53	6ff05704	Stephen Beaver	*/
54	d173230c	Seth Mos
55	6b07c15a	Matthew Grooms	##\|+PRIV
56			##\|*IDENT=page-system-gateways
57	5230f468	jim-p	##\|*NAME=System: Gateways
58	6b07c15a	Matthew Grooms	##\|*DESCR=Allow access to the 'System: Gateways' page.
59			##\|MATCH=system_gateways.php
60			##\|-PRIV
61
62	aceaf18c	Phil Davis	require_once("guiconfig.inc");
63	7a927e67	Scott Ullrich	require_once("functions.inc");
64			require_once("filter.inc");
65			require_once("shaper.inc");
66	d173230c	Seth Mos
67	e97df865	Renato Botelho	$a_gateways = return_gateways_array(true, false, true);
68	b92305a6	--global	$a_gateways_arr = array();
69	e0c7b2fe	Phil Davis	foreach ($a_gateways as $gw) {
70	3df6d458	Seth Mos	$a_gateways_arr[] = $gw;
71	e0c7b2fe	Phil Davis	}
72	b92305a6	--global	$a_gateways = $a_gateways_arr;
73	616e1956	Seth Mos
74	e0c7b2fe	Phil Davis	if (!is_array($config['gateways']['gateway_item'])) {
75	d251a8d4	Renato Botelho	$config['gateways']['gateway_item'] = array();
76	e0c7b2fe	Phil Davis	}
77	616e1956	Seth Mos
78			$a_gateway_item = &$config['gateways']['gateway_item'];
79
80	d173230c	Seth Mos	if ($_POST) {
81
82			$pconfig = $_POST;
83
84			if ($_POST['apply']) {
85
86			$retval = 0;
87
88			$retval = system_routing_configure();
89	138e4140	Renato Botelho	$retval \|= system_resolvconf_generate();
90	d173230c	Seth Mos	$retval \|= filter_configure();
91	13bbe450	Seth Mos	/* reconfigure our gateway monitor */
92			setup_gateways_monitor();
93	acda1403	Chris Buechler	/* Dynamic DNS on gw groups may have changed */
94			send_event("service reload dyndnsall");
95	d173230c	Seth Mos
96			$savemsg = get_std_save_message($retval);
97	e0c7b2fe	Phil Davis	if ($retval == 0) {
98	a368a026	Ermal Lu?i	clear_subsystem_dirty('staticroutes');
99	e0c7b2fe	Phil Davis	}
100	d173230c	Seth Mos	}
101			}
102
103	028ff8f8	Phil Davis	function can_delete_disable_gateway_item($id, $disable = false) {
104	e97df865	Renato Botelho	global $config, $input_errors, $a_gateways;
105	d251a8d4	Renato Botelho
106	e0c7b2fe	Phil Davis	if (!isset($a_gateways[$id])) {
107	e97df865	Renato Botelho	return false;
108	e0c7b2fe	Phil Davis	}
109	e97df865	Renato Botelho
110			if (is_array($config['gateways']['gateway_group'])) {
111			foreach ($config['gateways']['gateway_group'] as $group) {
112			foreach ($group['item'] as $item) {
113			$items = explode("\|", $item);
114			if ($items[0] == $a_gateways[$id]['name']) {
115	205178aa	Phil Davis	if (!$disable) {
116	762faef5	Phil Davis	$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be deleted because it is in use on Gateway Group "%2$s"'), $a_gateways[$id]['name'], $group['name']);
117	205178aa	Phil Davis	} else {
118	762faef5	Phil Davis	$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use on Gateway Group "%2$s"'), $a_gateways[$id]['name'], $group['name']);
119	028ff8f8	Phil Davis	}
120	f78302e8	Ermal	}
121			}
122			}
123	e97df865	Renato Botelho	}
124
125			if (is_array($config['staticroutes']['route'])) {
126			foreach ($config['staticroutes']['route'] as $route) {
127			if ($route['gateway'] == $a_gateways[$id]['name']) {
128	205178aa	Phil Davis	if (!$disable) {
129	028ff8f8	Phil Davis	// The user wants to delete this gateway, but there is a static route (enabled or disabled) that refers to the gateway.
130	762faef5	Phil Davis	$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be deleted because it is in use on Static Route "%2$s"'), $a_gateways[$id]['name'], $route['network']);
131	205178aa	Phil Davis	} else if (!isset($route['disabled'])) {
132			// The user wants to disable this gateway.
133			// But there is a static route that uses this gateway and is enabled (not disabled).
134	762faef5	Phil Davis	$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use on Static Route "%2$s"'), $a_gateways[$id]['name'], $route['network']);
135	028ff8f8	Phil Davis	}
136	f78302e8	Ermal	}
137			}
138	e97df865	Renato Botelho	}
139
140	e0c7b2fe	Phil Davis	if (isset($input_errors)) {
141	e97df865	Renato Botelho	return false;
142	e0c7b2fe	Phil Davis	}
143	e97df865	Renato Botelho
144			return true;
145			}
146
147			function delete_gateway_item($id) {
148	dde20226	Renato Botelho	global $config, $a_gateways;
149
150	e0c7b2fe	Phil Davis	if (!isset($a_gateways[$id])) {
151	e97df865	Renato Botelho	return;
152	e0c7b2fe	Phil Davis	}
153	32a9eb18	Ermal
154	cbd61636	jim-p	/* If the removed gateway was the default route, remove the default route */
155			if (!empty($a_gateways[$id]) && is_ipaddr($a_gateways[$id]['gateway']) &&
156			!isset($a_gateways[$id]['disabled']) &&
157			isset($a_gateways[$id]['defaultgw'])) {
158			$inet = (!is_ipaddrv4($a_gateways[$id]['gateway']) ? '-inet6' : '-inet');
159			mwexec("/sbin/route delete {$inet} default");
160			}
161
162	e75f0e7d	PiBa-NL	/* NOTE: Cleanup static routes for the interface route if any */
163	d61309a0	Phil Davis	if (!empty($a_gateways[$id]) && is_ipaddr($a_gateways[$id]['gateway']) &&
164			$gateway['gateway'] != $a_gateways[$id]['gateway'] &&
165			isset($a_gateways[$id]["nonlocalgateway"])) {
166	e75f0e7d	PiBa-NL	$realif = get_real_interface($a_gateways[$id]['interface']);
167			$inet = (!is_ipaddrv4($a_gateways[$id]['gateway']) ? "-inet6" : "-inet");
168			$cmd = "/sbin/route delete $inet " . escapeshellarg($a_gateways[$id]['gateway']) . " -iface " . escapeshellarg($realif);
169			mwexec($cmd);
170			}
171	e97df865	Renato Botelho	/* NOTE: Cleanup static routes for the monitor ip if any */
172			if (!empty($a_gateways[$id]['monitor']) &&
173	d61309a0	Phil Davis	$a_gateways[$id]['monitor'] != "dynamic" &&
174			is_ipaddr($a_gateways[$id]['monitor']) &&
175			$a_gateways[$id]['gateway'] != $a_gateways[$id]['monitor']) {
176	e0c7b2fe	Phil Davis	if (is_ipaddrv4($a_gateways[$id]['monitor'])) {
177	e97df865	Renato Botelho	mwexec("/sbin/route delete " . escapeshellarg($a_gateways[$id]['monitor']));
178	e0c7b2fe	Phil Davis	} else {
179	e97df865	Renato Botelho	mwexec("/sbin/route delete -inet6 " . escapeshellarg($a_gateways[$id]['monitor']));
180	e0c7b2fe	Phil Davis	}
181	e97df865	Renato Botelho	}
182
183	e0c7b2fe	Phil Davis	if ($config['interfaces'][$a_gateways[$id]['friendlyiface']]['gateway'] == $a_gateways[$id]['name']) {
184	e97df865	Renato Botelho	unset($config['interfaces'][$a_gateways[$id]['friendlyiface']]['gateway']);
185	e0c7b2fe	Phil Davis	}
186	e97df865	Renato Botelho	unset($config['gateways']['gateway_item'][$a_gateways[$id]['attribute']]);
187			}
188
189			unset($input_errors);
190			if ($_GET['act'] == "del") {
191	028ff8f8	Phil Davis	if (can_delete_disable_gateway_item($_GET['id'])) {
192	e97df865	Renato Botelho	$realid = $a_gateways[$_GET['id']]['attribute'];
193			delete_gateway_item($_GET['id']);
194			write_config("Gateways: removed gateway {$realid}");
195			mark_subsystem_dirty('staticroutes');
196			header("Location: system_gateways.php");
197			exit;
198			}
199			}
200
201			if (isset($_POST['del_x'])) {
202			/* delete selected items */
203			if (is_array($_POST['rule']) && count($_POST['rule'])) {
204	e0c7b2fe	Phil Davis	foreach ($_POST['rule'] as $rulei) {
205	028ff8f8	Phil Davis	if (!can_delete_disable_gateway_item($rulei)) {
206	e97df865	Renato Botelho	break;
207	e0c7b2fe	Phil Davis	}
208			}
209	e97df865	Renato Botelho
210			if (!isset($input_errors)) {
211			$items_deleted = "";
212			foreach ($_POST['rule'] as $rulei) {
213			delete_gateway_item($rulei);
214			$items_deleted .= "{$rulei} ";
215			}
216			if (!empty($items_deleted)) {
217	762faef5	Phil Davis	write_config(sprintf(gettext("Gateways: removed gateways %s", $items_deleted)));
218	e97df865	Renato Botelho	mark_subsystem_dirty('staticroutes');
219			}
220	f78302e8	Ermal	header("Location: system_gateways.php");
221			exit;
222			}
223	d173230c	Seth Mos	}
224
225	e97df865	Renato Botelho	} else if ($_GET['act'] == "toggle" && $a_gateways[$_GET['id']]) {
226			$realid = $a_gateways[$_GET['id']]['attribute'];
227	028ff8f8	Phil Davis	$disable_gw = !isset($a_gateway_item[$realid]['disabled']);
228			if ($disable_gw) {
229			// The user wants to disable the gateway, so check if that is OK.
230			$ok_to_toggle = can_delete_disable_gateway_item($_GET['id'], $disable_gw);
231	e0c7b2fe	Phil Davis	} else {
232	028ff8f8	Phil Davis	// The user wants to enable the gateway. That is always OK.
233			$ok_to_toggle = true;
234	e0c7b2fe	Phil Davis	}
235	028ff8f8	Phil Davis	if ($ok_to_toggle) {
236			if ($disable_gw) {
237			$a_gateway_item[$realid]['disabled'] = true;
238	cbd61636	jim-p	/* If the disabled gateway was the default route, remove the default route */
239			if (!empty($a_gateway_item[$realid]) && is_ipaddr($a_gateway_item[$realid]['gateway']) &&
240			isset($a_gateway_item[$realid]['defaultgw'])) {
241			$inet = (!is_ipaddrv4($a_gateway_item[$realid]['gateway']) ? '-inet6' : '-inet');
242			mwexec("/sbin/route delete {$inet} default");
243			}
244	028ff8f8	Phil Davis	} else {
245			unset($a_gateway_item[$realid]['disabled']);
246			}
247	e97df865	Renato Botelho
248	028ff8f8	Phil Davis	if (write_config("Gateways: enable/disable")) {
249			mark_subsystem_dirty('staticroutes');
250			}
251	e97df865	Renato Botelho
252	028ff8f8	Phil Davis	header("Location: system_gateways.php");
253			exit;
254			}
255	e97df865	Renato Botelho	}
256	124aee67	Chris Buechler
257	d036bc07	Stephen Beaver	$pgtitle = array(gettext("System"), gettext("Routing"), gettext("Gateways"));
258	de02dc29	Phil Davis	$pglinks = array("", "@self", "@self");
259	b32dd0a6	jim-p	$shortcut_section = "gateways";
260	02ca24c9	jim-p
261	d173230c	Seth Mos	include("head.inc");
262
263	d61309a0	Phil Davis	if ($input_errors) {
264	c3c692a9	Sjon Hortensius	print_input_errors($input_errors);
265	d61309a0	Phil Davis	}
266			if ($savemsg) {
267	a9929d56	Stephen Beaver	print_info_box($savemsg, 'success');
268	d61309a0	Phil Davis	}
269	f74457df	Stephen Beaver
270	d61309a0	Phil Davis	if (is_subsystem_dirty('staticroutes')) {
271	7fdca5ff	NOYB	print_apply_box(gettext("The gateway configuration has been changed.") . "<br />" . gettext("The changes must be applied for them to take effect."));
272	d61309a0	Phil Davis	}
273	c3c692a9	Sjon Hortensius
274			$tab_array = array();
275			$tab_array[0] = array(gettext("Gateways"), true, "system_gateways.php");
276	80b4d0c5	heper	$tab_array[1] = array(gettext("Static Routes"), false, "system_routes.php");
277			$tab_array[2] = array(gettext("Gateway Groups"), false, "system_gateway_groups.php");
278	c3c692a9	Sjon Hortensius	display_top_tabs($tab_array);
279	d173230c	Seth Mos
280	d251a8d4	Renato Botelho	?>
281	060ed238	Stephen Beaver	<div class="panel panel-default">
282			<div class="panel-heading"><h2 class="panel-title"><?=gettext('Gateways')?></h2></div>
283			<div class="panel-body">
284			<div class="table-responsive">
285	b5e73640	Colin Fleming	<table class="table table-striped table-hover table-condensed table-rowdblclickedit">
286	060ed238	Stephen Beaver	<thead>
287			<tr>
288			<th></th>
289			<th><?=gettext("Name")?></th>
290			<th><?=gettext("Interface")?></th>
291			<th><?=gettext("Gateway")?></th>
292			<th><?=gettext("Monitor IP")?></th>
293			<th><?=gettext("Description")?></th>
294			<th><?=gettext("Actions")?></th>
295			</tr>
296			</thead>
297			<tbody>
298	e97df865	Renato Botelho	<?php
299	c3c692a9	Sjon Hortensius	foreach ($a_gateways as $i => $gateway):
300	d61309a0	Phil Davis	if (isset($gateway['inactive'])) {
301	1b7379f9	Jared Dillard	$icon = 'fa-times-circle-o';
302	d61309a0	Phil Davis	} elseif (isset($gateway['disabled'])) {
303	1b7379f9	Jared Dillard	$icon = 'fa-ban';
304	d61309a0	Phil Davis	} else {
305	1b7379f9	Jared Dillard	$icon = 'fa-check-circle-o';
306	d61309a0	Phil Davis	}
307	c3c692a9	Sjon Hortensius
308	d61309a0	Phil Davis	if (isset($gateway['inactive'])) {
309	c3c692a9	Sjon Hortensius	$title = gettext("This gateway is inactive because interface is missing");
310	d61309a0	Phil Davis	} else {
311	c3c692a9	Sjon Hortensius	$title = '';
312	d61309a0	Phil Davis	}
313	e97df865	Renato Botelho	?>
314	060ed238	Stephen Beaver	<tr<?=($icon != 'fa-check-circle-o')? ' class="disabled"' : ''?>>
315			<td title="<?=$title?>"><i class="fa <?=$icon?>"></i></td>
316			<td>
317			<?=htmlspecialchars($gateway['name'])?>
318	e97df865	Renato Botelho	<?php
319	d61309a0	Phil Davis	if (isset($gateway['defaultgw'])) {
320	c3c692a9	Sjon Hortensius	echo " <strong>(default)</strong>";
321	d61309a0	Phil Davis	}
322	e97df865	Renato Botelho	?>
323	060ed238	Stephen Beaver	</td>
324			<td>
325			<?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($gateway['friendlyiface']))?>
326			</td>
327			<td>
328			<?=htmlspecialchars($gateway['gateway'])?>
329			</td>
330			<td>
331			<?=htmlspecialchars($gateway['monitor'])?>
332			</td>
333			<td>
334			<?=htmlspecialchars($gateway['descr'])?>
335			</td>
336			<td>
337	5154b00d	Phil Davis	<a href="system_gateways_edit.php?id=<?=$i?>" class="fa fa-pencil" title="<?=gettext('Edit gateway');?>"></a>
338			<a href="system_gateways_edit.php?dup=<?=$i?>" class="fa fa-clone" title="<?=gettext('Copy gateway')?>"></a>
339	f74457df	Stephen Beaver
340	fa172bc5	NewEraCracker	<?php if (is_numeric($gateway['attribute'])): ?>
341	1629e8ea	heper	<?php if (isset($gateway['disabled'])) {
342	f74457df	Stephen Beaver	?>
343	5154b00d	Phil Davis	<a href="?act=toggle&id=<?=$i?>" class="fa fa-check-square-o" title="<?=gettext('Enable gateway')?>"></a>
344	1629e8ea	heper	<?php } else {
345			?>
346	5154b00d	Phil Davis	<a href="?act=toggle&id=<?=$i?>" class="fa fa-ban" title="<?=gettext('Disable gateway')?>"></a>
347	1629e8ea	heper	<?php }
348	f74457df	Stephen Beaver	?>
349	5154b00d	Phil Davis	<a href="system_gateways.php?act=del&id=<?=$i?>" class="fa fa-trash" title="<?=gettext('Delete gateway')?>"></a>
350	f74457df	Stephen Beaver
351	fa172bc5	NewEraCracker	<?php endif; ?>
352	060ed238	Stephen Beaver	</td>
353			</tr>
354	fa172bc5	NewEraCracker	<?php endforeach; ?>
355	060ed238	Stephen Beaver	</tbody>
356			</table>
357			</div>
358			</div>
359			</div>
360	c3c692a9	Sjon Hortensius
361	c10cb196	Stephen Beaver	<nav class="action-buttons">
362	c3c692a9	Sjon Hortensius	<a href="system_gateways_edit.php" role="button" class="btn btn-success">
363	9d5a20cf	heper	<i class="fa fa-plus icon-embed-btn"></i>
364	f74457df	Stephen Beaver	<?=gettext("Add");?>
365	c3c692a9	Sjon Hortensius	</a>
366			</nav>
367	e97df865	Renato Botelho	<?php
368	c3c692a9	Sjon Hortensius
369	1629e8ea	heper	include("foot.inc");

Project

General

Profile

pfSense