/src/usr/local/www/system_gateways.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_gateways.php @ d1a990d6

1	d173230c	Seth Mos	<?php
2			/*
3	c5d81585	Renato Botelho	* system_gateways.php
4			*
5			* part of pfSense (https://www.pfsense.org)
6	b8f91b7c	Luiz Souza	* Copyright (c) 2004-2018 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* Copyright (c) 2010 Seth Mos <seth.mos@dds.nl>
8			* All rights reserved.
9			*
10	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
11			* you may not use this file except in compliance with the License.
12			* You may obtain a copy of the License at
13	c5d81585	Renato Botelho	*
14	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
15	c5d81585	Renato Botelho	*
16	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
17			* distributed under the License is distributed on an "AS IS" BASIS,
18			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19			* See the License for the specific language governing permissions and
20			* limitations under the License.
21	6ff05704	Stephen Beaver	*/
22	d173230c	Seth Mos
23	6b07c15a	Matthew Grooms	##\|+PRIV
24			##\|*IDENT=page-system-gateways
25	5230f468	jim-p	##\|*NAME=System: Gateways
26	6b07c15a	Matthew Grooms	##\|*DESCR=Allow access to the 'System: Gateways' page.
27			##\|MATCH=system_gateways.php
28			##\|-PRIV
29
30	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
31	7a927e67	Scott Ullrich	require_once("functions.inc");
32			require_once("filter.inc");
33			require_once("shaper.inc");
34	43a9b03d	PiBa-NL	require_once("gwlb.inc");
35
36			$simplefields = array('defaultgw4', 'defaultgw6');
37	d173230c	Seth Mos
38	161cd113	Phil Davis	$a_gateways = return_gateways_array(true, false, true, true);
39	616e1956	Seth Mos
40	5aa0c748	Steve Beaver	if (!is_array($config['gateways'])) {
41			$config['gateways'] = array();
42			}
43
44	e0c7b2fe	Phil Davis	if (!is_array($config['gateways']['gateway_item'])) {
45	d251a8d4	Renato Botelho	$config['gateways']['gateway_item'] = array();
46	e0c7b2fe	Phil Davis	}
47	616e1956	Seth Mos
48			$a_gateway_item = &$config['gateways']['gateway_item'];
49
50	4611e283	Steve Beaver	$pconfig = $_REQUEST;
51	d173230c	Seth Mos
52	43a9b03d	PiBa-NL	if ($_POST['save']) {
53			unset($input_errors);
54			$pconfig = $_POST;
55			foreach($simplefields as $field) {
56			$config['gateways'][$field] = $pconfig[$field];
57			}
58			mark_subsystem_dirty('staticroutes');
59			write_config("System - Gateways: save default gateway");
60			}
61
62	4611e283	Steve Beaver	if ($_POST['apply']) {
63	d173230c	Seth Mos
64	4611e283	Steve Beaver	$retval = 0;
65	d173230c	Seth Mos
66	4611e283	Steve Beaver	$retval \|= system_routing_configure();
67			$retval \|= system_resolvconf_generate();
68			$retval \|= filter_configure();
69			/* reconfigure our gateway monitor */
70			setup_gateways_monitor();
71			/* Dynamic DNS on gw groups may have changed */
72			send_event("service reload dyndnsall");
73	d173230c	Seth Mos
74	4611e283	Steve Beaver	if ($retval == 0) {
75			clear_subsystem_dirty('staticroutes');
76	d173230c	Seth Mos	}
77			}
78
79	4611e283	Steve Beaver
80	028ff8f8	Phil Davis	function can_delete_disable_gateway_item($id, $disable = false) {
81	e97df865	Renato Botelho	global $config, $input_errors, $a_gateways;
82	d251a8d4	Renato Botelho
83	e0c7b2fe	Phil Davis	if (!isset($a_gateways[$id])) {
84	e97df865	Renato Botelho	return false;
85	e0c7b2fe	Phil Davis	}
86	e97df865	Renato Botelho
87			if (is_array($config['gateways']['gateway_group'])) {
88			foreach ($config['gateways']['gateway_group'] as $group) {
89			foreach ($group['item'] as $item) {
90			$items = explode("\|", $item);
91			if ($items[0] == $a_gateways[$id]['name']) {
92	205178aa	Phil Davis	if (!$disable) {
93	762faef5	Phil Davis	$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be deleted because it is in use on Gateway Group "%2$s"'), $a_gateways[$id]['name'], $group['name']);
94	205178aa	Phil Davis	} else {
95	762faef5	Phil Davis	$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use on Gateway Group "%2$s"'), $a_gateways[$id]['name'], $group['name']);
96	028ff8f8	Phil Davis	}
97	f78302e8	Ermal	}
98			}
99			}
100	e97df865	Renato Botelho	}
101
102			if (is_array($config['staticroutes']['route'])) {
103			foreach ($config['staticroutes']['route'] as $route) {
104			if ($route['gateway'] == $a_gateways[$id]['name']) {
105	205178aa	Phil Davis	if (!$disable) {
106	028ff8f8	Phil Davis	// The user wants to delete this gateway, but there is a static route (enabled or disabled) that refers to the gateway.
107	762faef5	Phil Davis	$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be deleted because it is in use on Static Route "%2$s"'), $a_gateways[$id]['name'], $route['network']);
108	205178aa	Phil Davis	} else if (!isset($route['disabled'])) {
109			// The user wants to disable this gateway.
110			// But there is a static route that uses this gateway and is enabled (not disabled).
111	762faef5	Phil Davis	$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use on Static Route "%2$s"'), $a_gateways[$id]['name'], $route['network']);
112	028ff8f8	Phil Davis	}
113	f78302e8	Ermal	}
114			}
115	e97df865	Renato Botelho	}
116
117	e0c7b2fe	Phil Davis	if (isset($input_errors)) {
118	e97df865	Renato Botelho	return false;
119	e0c7b2fe	Phil Davis	}
120	e97df865	Renato Botelho
121			return true;
122			}
123
124			function delete_gateway_item($id) {
125	dde20226	Renato Botelho	global $config, $a_gateways;
126
127	e0c7b2fe	Phil Davis	if (!isset($a_gateways[$id])) {
128	e97df865	Renato Botelho	return;
129	e0c7b2fe	Phil Davis	}
130	32a9eb18	Ermal
131	1be1b87b	jim-p	/* If the removed gateway was the default route, remove the default route */
132			if (!empty($a_gateways[$id]) && is_ipaddr($a_gateways[$id]['gateway']) &&
133			!isset($a_gateways[$id]['disabled']) &&
134	43a9b03d	PiBa-NL	isset($a_gateways[$id]['isdefaultgw'])) {
135	1be1b87b	jim-p	$inet = (!is_ipaddrv4($a_gateways[$id]['gateway']) ? '-inet6' : '-inet');
136	43a9b03d	PiBa-NL	file_put_contents("/dev/console", "\n[".getmypid()."] DEL_GW, route= delete {$inet} default");
137	1be1b87b	jim-p	mwexec("/sbin/route delete {$inet} default");
138			}
139
140	e75f0e7d	PiBa-NL	/* NOTE: Cleanup static routes for the interface route if any */
141	d61309a0	Phil Davis	if (!empty($a_gateways[$id]) && is_ipaddr($a_gateways[$id]['gateway']) &&
142			$gateway['gateway'] != $a_gateways[$id]['gateway'] &&
143			isset($a_gateways[$id]["nonlocalgateway"])) {
144	e75f0e7d	PiBa-NL	$realif = get_real_interface($a_gateways[$id]['interface']);
145			$inet = (!is_ipaddrv4($a_gateways[$id]['gateway']) ? "-inet6" : "-inet");
146	43a9b03d	PiBa-NL	file_put_contents("/dev/console", "\n[".getmypid()."] DEL_GW, route= $inet " . escapeshellarg($a_gateways[$id]['gateway']) . " -iface " . escapeshellarg($realif));
147	e75f0e7d	PiBa-NL	$cmd = "/sbin/route delete $inet " . escapeshellarg($a_gateways[$id]['gateway']) . " -iface " . escapeshellarg($realif);
148			mwexec($cmd);
149			}
150	e97df865	Renato Botelho	/* NOTE: Cleanup static routes for the monitor ip if any */
151			if (!empty($a_gateways[$id]['monitor']) &&
152	d61309a0	Phil Davis	$a_gateways[$id]['monitor'] != "dynamic" &&
153			is_ipaddr($a_gateways[$id]['monitor']) &&
154			$a_gateways[$id]['gateway'] != $a_gateways[$id]['monitor']) {
155	e0c7b2fe	Phil Davis	if (is_ipaddrv4($a_gateways[$id]['monitor'])) {
156	e97df865	Renato Botelho	mwexec("/sbin/route delete " . escapeshellarg($a_gateways[$id]['monitor']));
157	e0c7b2fe	Phil Davis	} else {
158	e97df865	Renato Botelho	mwexec("/sbin/route delete -inet6 " . escapeshellarg($a_gateways[$id]['monitor']));
159	e0c7b2fe	Phil Davis	}
160	e97df865	Renato Botelho	}
161
162	e0c7b2fe	Phil Davis	if ($config['interfaces'][$a_gateways[$id]['friendlyiface']]['gateway'] == $a_gateways[$id]['name']) {
163	e97df865	Renato Botelho	unset($config['interfaces'][$a_gateways[$id]['friendlyiface']]['gateway']);
164	e0c7b2fe	Phil Davis	}
165	e97df865	Renato Botelho	unset($config['gateways']['gateway_item'][$a_gateways[$id]['attribute']]);
166			}
167
168			unset($input_errors);
169	4611e283	Steve Beaver	if ($_REQUEST['act'] == "del") {
170			if (can_delete_disable_gateway_item($_REQUEST['id'])) {
171			$realid = $a_gateways[$_REQUEST['id']]['attribute'];
172			delete_gateway_item($_REQUEST['id']);
173	e97df865	Renato Botelho	write_config("Gateways: removed gateway {$realid}");
174			mark_subsystem_dirty('staticroutes');
175			header("Location: system_gateways.php");
176			exit;
177			}
178			}
179
180	4611e283	Steve Beaver	if (isset($_REQUEST['del_x'])) {
181	e97df865	Renato Botelho	/* delete selected items */
182	4611e283	Steve Beaver	if (is_array($_REQUEST['rule']) && count($_REQUEST['rule'])) {
183			foreach ($_REQUEST['rule'] as $rulei) {
184	028ff8f8	Phil Davis	if (!can_delete_disable_gateway_item($rulei)) {
185	e97df865	Renato Botelho	break;
186	e0c7b2fe	Phil Davis	}
187			}
188	e97df865	Renato Botelho
189			if (!isset($input_errors)) {
190			$items_deleted = "";
191	4611e283	Steve Beaver	foreach ($_REQUEST['rule'] as $rulei) {
192	e97df865	Renato Botelho	delete_gateway_item($rulei);
193			$items_deleted .= "{$rulei} ";
194			}
195			if (!empty($items_deleted)) {
196	762faef5	Phil Davis	write_config(sprintf(gettext("Gateways: removed gateways %s", $items_deleted)));
197	e97df865	Renato Botelho	mark_subsystem_dirty('staticroutes');
198			}
199	f78302e8	Ermal	header("Location: system_gateways.php");
200			exit;
201			}
202	d173230c	Seth Mos	}
203
204	4611e283	Steve Beaver	} else if ($_REQUEST['act'] == "toggle" && $a_gateways[$_REQUEST['id']]) {
205			$realid = $a_gateways[$_REQUEST['id']]['attribute'];
206	028ff8f8	Phil Davis	$disable_gw = !isset($a_gateway_item[$realid]['disabled']);
207			if ($disable_gw) {
208			// The user wants to disable the gateway, so check if that is OK.
209	4611e283	Steve Beaver	$ok_to_toggle = can_delete_disable_gateway_item($_REQUEST['id'], $disable_gw);
210	e0c7b2fe	Phil Davis	} else {
211	028ff8f8	Phil Davis	// The user wants to enable the gateway. That is always OK.
212			$ok_to_toggle = true;
213	e0c7b2fe	Phil Davis	}
214	028ff8f8	Phil Davis	if ($ok_to_toggle) {
215	43a9b03d	PiBa-NL	gateway_set_enabled($a_gateway_item[$realid]['name'], !$disable_gw);
216	e97df865	Renato Botelho
217	028ff8f8	Phil Davis	if (write_config("Gateways: enable/disable")) {
218			mark_subsystem_dirty('staticroutes');
219			}
220	e97df865	Renato Botelho
221	028ff8f8	Phil Davis	header("Location: system_gateways.php");
222			exit;
223			}
224	e97df865	Renato Botelho	}
225	124aee67	Chris Buechler
226	43a9b03d	PiBa-NL	foreach($simplefields as $field) {
227			$pconfig[$field] = $config['gateways'][$field];
228			}
229
230			function gateway_displaygwtiername($gwname) {
231			global $config;
232			$gw = lookup_gateway_or_group_by_name($gwname);
233			if ($config['gateways']['defaultgw4'] == $gwname \|\| $config['gateways']['defaultgw6'] == $gwname) {
234			$result = "Default";
235			} else {
236			if ($gw['ipprotocol'] == 'inet') {
237			$defgw = lookup_gateway_or_group_by_name($config['gateways']['defaultgw4']);
238			} else {
239			$defgw = lookup_gateway_or_group_by_name($config['gateways']['defaultgw6']);
240			}
241			if ($defgw['type'] == "gatewaygroup") {
242			$detail = gateway_is_gwgroup_member($gwname, true);
243			foreach($detail as $gwitem) {
244			if ($gwitem['name'] == $defgw['name']) {
245			if (isset($gwitem['tier'])) {
246			$result = "Tier " . $gwitem['tier'];
247			break;
248			}
249			}
250			}
251			}
252			}
253			if (!empty($result)) {
254			$result .= $gw['ipprotocol'] == "inet" ? " (IPv4)" : " (IPv6)";
255			}
256			return $result;
257			}
258
259	d036bc07	Stephen Beaver	$pgtitle = array(gettext("System"), gettext("Routing"), gettext("Gateways"));
260	edcd7535	Phil Davis	$pglinks = array("", "@self", "@self");
261	b32dd0a6	jim-p	$shortcut_section = "gateways";
262	02ca24c9	jim-p
263	d173230c	Seth Mos	include("head.inc");
264
265	d61309a0	Phil Davis	if ($input_errors) {
266	c3c692a9	Sjon Hortensius	print_input_errors($input_errors);
267	d61309a0	Phil Davis	}
268	44c42356	Phil Davis
269			if ($_POST['apply']) {
270			print_apply_result_box($retval);
271	d61309a0	Phil Davis	}
272	f74457df	Stephen Beaver
273	d61309a0	Phil Davis	if (is_subsystem_dirty('staticroutes')) {
274	7fdca5ff	NOYB	print_apply_box(gettext("The gateway configuration has been changed.") . "<br />" . gettext("The changes must be applied for them to take effect."));
275	d61309a0	Phil Davis	}
276	c3c692a9	Sjon Hortensius
277			$tab_array = array();
278			$tab_array[0] = array(gettext("Gateways"), true, "system_gateways.php");
279	80b4d0c5	heper	$tab_array[1] = array(gettext("Static Routes"), false, "system_routes.php");
280			$tab_array[2] = array(gettext("Gateway Groups"), false, "system_gateway_groups.php");
281	c3c692a9	Sjon Hortensius	display_top_tabs($tab_array);
282	d173230c	Seth Mos
283	d251a8d4	Renato Botelho	?>
284	060ed238	Stephen Beaver	<div class="panel panel-default">
285			<div class="panel-heading"><h2 class="panel-title"><?=gettext('Gateways')?></h2></div>
286			<div class="panel-body">
287			<div class="table-responsive">
288	47180823	Colin Fleming	<table class="table table-striped table-hover table-condensed table-rowdblclickedit">
289	060ed238	Stephen Beaver	<thead>
290			<tr>
291			<th></th>
292			<th><?=gettext("Name")?></th>
293	43a9b03d	PiBa-NL	<th><?=gettext("Default")?></th>
294	060ed238	Stephen Beaver	<th><?=gettext("Interface")?></th>
295			<th><?=gettext("Gateway")?></th>
296			<th><?=gettext("Monitor IP")?></th>
297			<th><?=gettext("Description")?></th>
298			<th><?=gettext("Actions")?></th>
299			</tr>
300			</thead>
301			<tbody>
302	e97df865	Renato Botelho	<?php
303	c3c692a9	Sjon Hortensius	foreach ($a_gateways as $i => $gateway):
304	d61309a0	Phil Davis	if (isset($gateway['inactive'])) {
305	1b7379f9	Jared Dillard	$icon = 'fa-times-circle-o';
306	d61309a0	Phil Davis	} elseif (isset($gateway['disabled'])) {
307	1b7379f9	Jared Dillard	$icon = 'fa-ban';
308	d61309a0	Phil Davis	} else {
309	1b7379f9	Jared Dillard	$icon = 'fa-check-circle-o';
310	d61309a0	Phil Davis	}
311	c3c692a9	Sjon Hortensius
312	d61309a0	Phil Davis	if (isset($gateway['inactive'])) {
313	c3c692a9	Sjon Hortensius	$title = gettext("This gateway is inactive because interface is missing");
314	d61309a0	Phil Davis	} else {
315	c3c692a9	Sjon Hortensius	$title = '';
316	d61309a0	Phil Davis	}
317	e97df865	Renato Botelho	?>
318	060ed238	Stephen Beaver	<tr<?=($icon != 'fa-check-circle-o')? ' class="disabled"' : ''?>>
319			<td title="<?=$title?>"><i class="fa <?=$icon?>"></i></td>
320			<td>
321			<?=htmlspecialchars($gateway['name'])?>
322	e97df865	Renato Botelho	<?php
323	43a9b03d	PiBa-NL	if (isset($gateway['isdefaultgw'])) {
324			echo " <strong>(default)</strong>";
325			}
326	e97df865	Renato Botelho	?>
327	060ed238	Stephen Beaver	</td>
328	43a9b03d	PiBa-NL	<td>
329			<?=gateway_displaygwtiername($gateway['name'])?>
330			</td>
331	060ed238	Stephen Beaver	<td>
332			<?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($gateway['friendlyiface']))?>
333			</td>
334			<td>
335			<?=htmlspecialchars($gateway['gateway'])?>
336			</td>
337			<td>
338			<?=htmlspecialchars($gateway['monitor'])?>
339			</td>
340			<td>
341			<?=htmlspecialchars($gateway['descr'])?>
342			</td>
343			<td>
344	4611e283	Steve Beaver	<a href="system_gateways_edit.php?id=<?=$i?>" class="fa fa-pencil" title="<?=gettext('Edit gateway');?>"></a>
345			<a href="system_gateways_edit.php?dup=<?=$i?>" class="fa fa-clone" title="<?=gettext('Copy gateway')?>"></a>
346	f74457df	Stephen Beaver
347	fa172bc5	NewEraCracker	<?php if (is_numeric($gateway['attribute'])): ?>
348	1629e8ea	heper	<?php if (isset($gateway['disabled'])) {
349	f74457df	Stephen Beaver	?>
350	a04f6658	Steve Beaver	<a href="?act=toggle&id=<?=$i?>" class="fa fa-check-square-o" title="<?=gettext('Enable gateway')?>" usepost></a>
351	1629e8ea	heper	<?php } else {
352			?>
353	a04f6658	Steve Beaver	<a href="?act=toggle&id=<?=$i?>" class="fa fa-ban" title="<?=gettext('Disable gateway')?>" usepost></a>
354	1629e8ea	heper	<?php }
355	f74457df	Stephen Beaver	?>
356	a04f6658	Steve Beaver	<a href="system_gateways.php?act=del&id=<?=$i?>" class="fa fa-trash" title="<?=gettext('Delete gateway')?>" usepost></a>
357	f74457df	Stephen Beaver
358	fa172bc5	NewEraCracker	<?php endif; ?>
359	060ed238	Stephen Beaver	</td>
360			</tr>
361	fa172bc5	NewEraCracker	<?php endforeach; ?>
362	060ed238	Stephen Beaver	</tbody>
363			</table>
364			</div>
365			</div>
366			</div>
367	c3c692a9	Sjon Hortensius
368	c10cb196	Stephen Beaver	<nav class="action-buttons">
369	4611e283	Steve Beaver	<a href="system_gateways_edit.php" role="button" class="btn btn-success">
370	9d5a20cf	heper	<i class="fa fa-plus icon-embed-btn"></i>
371	f74457df	Stephen Beaver	<?=gettext("Add");?>
372	c3c692a9	Sjon Hortensius	</a>
373			</nav>
374	e97df865	Renato Botelho	<?php
375	c3c692a9	Sjon Hortensius
376	43a9b03d	PiBa-NL	$form = new Form;
377			$section = new Form_Section('Default gateway');
378
379			$items4 = array();
380			$items6 = array();
381			$items4['-'] = "None";
382			$items6['-'] = "None";
383			foreach($a_gateways as $gw) {
384			$gwn = $gw['name'];
385			if ($gw['ipprotocol'] == "inet6") {
386			$items6[$gwn] = $gwn;
387			} else {
388			$items4[$gwn] = $gwn;
389			}
390			}
391			$groups = return_gateway_groups_array();
392			foreach ($groups as $key => $group) {
393			$gwn = $group['descr'];
394			if ($group['ipprotocol'] == "inet6") {
395			$items6[$key] = "$key ($gwn)";
396			} else {
397			$items4[$key] = "$key ($gwn)";
398			}
399			}
400
401			$section->addInput(new Form_Select(
402			'defaultgw4',
403			'Default gateway IPv4',
404			$pconfig['defaultgw4'],
405			$items4
406			))->setHelp('Select the gateway or gatewaygroup to use as the default gateway.');
407
408			$section->addInput(new Form_Select(
409			'defaultgw6',
410			'Default gateway IPv6',
411			$pconfig['defaultgw6'],
412			$items6
413			))->setHelp('Select the gateway or gatewaygroup to use as the default gateway.');
414
415			$form->add($section);
416			print $form;
417
418	1629e8ea	heper	include("foot.inc");

Project

General

Profile

pfSense