/usr/local/www/firewall_aliases_edit.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_aliases_edit.php @ e573ee95

1	d2cfb7a4	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			firewall_aliases_edit.php
5	2e9ab96b	Scott Ullrich	Copyright (C) 2004 Scott Ullrich
6	460b3848	Ermal Lu?i	Copyright (C) 2009 Ermal Lu?i
7	fff3d2b9	jim-p	Copyright (C) 2010 Jim Pingle
8	2e9ab96b	Scott Ullrich	All rights reserved.
9
10			originially part of m0n0wall (http://m0n0.ch/wall)
11	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
12			All rights reserved.
13	d2cfb7a4	Scott Ullrich
14	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
15			modification, are permitted provided that the following conditions are met:
16	d2cfb7a4	Scott Ullrich
17	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
18			this list of conditions and the following disclaimer.
19	d2cfb7a4	Scott Ullrich
20	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
21			notice, this list of conditions and the following disclaimer in the
22			documentation and/or other materials provided with the distribution.
23	d2cfb7a4	Scott Ullrich
24	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
25			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
26			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
27			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
28			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33			POSSIBILITY OF SUCH DAMAGE.
34			*/
35	7ac5a4cb	Scott Ullrich	/*
36			pfSense_BUILDER_BINARIES: /bin/rm /bin/mkdir /usr/bin/fetch
37			pfSense_MODULE: aliases
38			*/
39	5b237745	Scott Ullrich
40	6b07c15a	Matthew Grooms	##\|+PRIV
41			##\|*IDENT=page-firewall-alias-edit
42			##\|*NAME=Firewall: Alias: Edit page
43			##\|*DESCR=Allow access to the 'Firewall: Alias: Edit' page.
44			##\|MATCH=firewall_aliases_edit.php
45			##\|-PRIV
46
47	5a1eebc7	Scott Ullrich
48	f76a479d	sullrich	// Keywords not allowed in names
49	66fc1f14	Scott Ullrich	$reserved_keywords = array("all", "pass", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec");
50	f76a479d	sullrich
51	5b237745	Scott Ullrich	require("guiconfig.inc");
52	7a927e67	Scott Ullrich	require_once("functions.inc");
53			require_once("filter.inc");
54			require_once("shaper.inc");
55	5b237745	Scott Ullrich
56	b13f7f80	Carlos Eduardo Ramos	$pgtitle = array(gettext("Firewall"),gettext("Aliases"),gettext("Edit"));
57
58	7c9d8d71	Ermal Lu?i	$reserved_ifs = get_configured_interface_list(false, true);
59			$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs);
60
61	5b237745	Scott Ullrich	if (!is_array($config['aliases']['alias']))
62			$config['aliases']['alias'] = array();
63			$a_aliases = &$config['aliases']['alias'];
64	f29109d0	Renato Botelho
65	ac7f1763	Renato Botelho	$tab = $_REQUEST['tab'];
66
67	ed0b7949	Scott Ullrich	if($_POST)
68			$origname = $_POST['origname'];
69
70			// Debugging
71	f5200c44	Scott Ullrich	if($debug)
72	7515fb4b	Ermal Lu?i	exec("rm -f {$g['tmp_path']}/alias_rename_log.txt");
73	ed0b7949	Scott Ullrich
74	5e34cdb2	Ermal Lu?i	function alias_same_type($name, $type) {
75			global $config;
76	f29109d0	Renato Botelho
77	5e34cdb2	Ermal Lu?i	foreach ($config['aliases']['alias'] as $alias) {
78			if ($name == $alias['name']) {
79	d6c9ab97	Ermal Lu?i	if (in_array($type, array("host", "network")) &&
80	5e34cdb2	Ermal Lu?i	in_array($alias['type'], array("host", "network")))
81			return true;
82			if ($type == $alias['type'])
83			return true;
84			else
85			return false;
86			}
87			}
88			return true;
89			}
90
91	5b237745	Scott Ullrich	$id = $_GET['id'];
92			if (isset($_POST['id']))
93			$id = $_POST['id'];
94
95			if (isset($id) && $a_aliases[$id]) {
96	ed0b7949	Scott Ullrich	$original_alias_name = $a_aliases[$id]['name'];
97	5b237745	Scott Ullrich	$pconfig['name'] = $a_aliases[$id]['name'];
98	ba393f6c	Scott Dale	$pconfig['detail'] = $a_aliases[$id]['detail'];
99			$pconfig['address'] = $a_aliases[$id]['address'];
100	b4deddce	Ermal Lu?i	$pconfig['type'] = $a_aliases[$id]['type'];
101	ba393f6c	Scott Dale	$pconfig['descr'] = html_entity_decode($a_aliases[$id]['descr']);
102	e47c266d	Scott Ullrich
103	9bc8788a	Erik Fonnesbeck	/* interface list */
104			$iflist = get_configured_interface_with_descr(false, true);
105	cbe3ea96	Ermal Luçi	foreach ($iflist as $if => $ifdesc)
106	f29109d0	Renato Botelho	if($ifdesc == $pconfig['descr'])
107	24148939	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("Sorry, an interface is already named %s."), $pconfig['descr']);
108	e47c266d	Scott Ullrich
109	c7de8be4	jim-p	if($a_aliases[$id]['type'] == "urltable") {
110			$pconfig['address'] = $a_aliases[$id]['url'];
111			$pconfig['updatefreq'] = $a_aliases[$id]['updatefreq'];
112			}
113	5a1eebc7	Scott Ullrich	if($a_aliases[$id]['aliasurl'] <> "") {
114			$pconfig['type'] = "url";
115	c5eaef8e	Renato Botelho	if(is_array($a_aliases[$id]['aliasurl']))
116			$pconfig['address'] = implode(" ", $a_aliases[$id]['aliasurl']);
117			else
118	5a1eebc7	Scott Ullrich	$pconfig['address'] = $a_aliases[$id]['aliasurl'];
119			}
120	5b237745	Scott Ullrich	}
121
122			if ($_POST) {
123			unset($input_errors);
124
125			/* input validation */
126	0cd7ed19	Scott Ullrich
127	69d2ad77	Erik Fonnesbeck	$reqdfields = explode(" ", "name");
128	bd413d76	Renato Botelho	$reqdfieldsn = array(gettext("Name"));
129	69d2ad77	Erik Fonnesbeck
130			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
131
132	0df6adf8	Bill Marquette	$x = is_validaliasname($_POST['name']);
133			if (!isset($x)) {
134	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("Reserved word used for alias name.");
135	3deb92f7	Renato Botelho	} else if ($_POST['type'] == "port" && (getservbyname($_POST['name'], "tcp") \|\| getservbyname($_POST['name'], "udp"))) {
136	bd413d76	Renato Botelho	$input_errors[] = gettext("Reserved word used for alias name.");
137	3deb92f7	Renato Botelho	} else {
138			if (is_validaliasname($_POST['name']) == false)
139	bac9941b	jim-p	$input_errors[] = gettext("The alias name must be less than 32 characters long and may only consist of the characters") . " a-z, A-Z, 0-9, _.";
140	3deb92f7	Renato Botelho	}
141	5b237745	Scott Ullrich	/* check for name conflicts */
142	6c33fb4b	Ermal	if (empty($a_aliases[$id])) {
143	6b487ec6	Ermal	foreach ($a_aliases as $alias) {
144			if ($alias['name'] == $_POST['name']) {
145	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("An alias with this name already exists.");
146	6b487ec6	Ermal	break;
147			}
148	5b237745	Scott Ullrich	}
149			}
150	5a1eebc7	Scott Ullrich
151	f76a479d	sullrich	/* Check for reserved keyword names */
152	f29109d0	Renato Botelho	foreach($reserved_keywords as $rk)
153	f76a479d	sullrich	if($rk == $_POST['name'])
154	24148939	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk);
155	f76a479d	sullrich
156	cfa466bb	Scott Ullrich	/* check for name interface description conflicts */
157			foreach($config['interfaces'] as $interface) {
158			if($interface['descr'] == $_POST['name']) {
159	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("An interface description with this name already exists.");
160	5a1eebc7	Scott Ullrich	break;
161	cfa466bb	Scott Ullrich	}
162	5a1eebc7	Scott Ullrich	}
163	f29109d0	Renato Botelho
164	ba393f6c	Scott Dale	$alias = array();
165	6c33fb4b	Ermal	$address = array();
166			$final_address_details = array();
167	ba393f6c	Scott Dale	$alias['name'] = $_POST['name'];
168	c7de8be4	jim-p
169			if ($_POST['type'] == "urltable") {
170			$address = "";
171			$isfirst = 0;
172
173			/* item is a url type */
174			if ($_POST['address0']) {
175			/* fetch down and add in */
176	fd86d829	Cristian Feldman	$_POST['address0'] = trim($_POST['address0']);
177	c7de8be4	jim-p	$isfirst = 0;
178	578c81b6	bcyrill	$address[] = $_POST['address0'];
179	c7de8be4	jim-p	$alias['url'] = $_POST['address0'];
180			$alias['updatefreq'] = $_POST['address_subnet0'] ? $_POST['address_subnet0'] : 7;
181			if (!is_URL($alias['url']) \|\| empty($alias['url'])) {
182	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("You must provide a valid URL.");
183	c7de8be4	jim-p	$dont_update = true;
184			} elseif (! process_alias_urltable($alias['name'], $alias['url'], 0, true)) {
185	24148939	Carlos Eduardo Ramos	$input_errors[] = gettext("Unable to fetch usable data.");
186	c7de8be4	jim-p	$dont_update = true;
187			}
188	0b9e4e8f	Renato Botelho	if ($_POST["detail0"] <> "")
189			$final_address_details[] = $_POST["detail0"];
190			else
191			$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
192	c7de8be4	jim-p	}
193			} elseif($_POST['type'] == "url") {
194	d2cfb7a4	Scott Ullrich	$isfirst = 0;
195	ba393f6c	Scott Dale	$address_count = 2;
196
197			/* item is a url type */
198	ae5f96c8	Renato Botelho	for($x=0; $x<4999; $x++) {
199	fd86d829	Cristian Feldman	$_POST['address' . $x] = trim($_POST['address' . $x]);
200	ba393f6c	Scott Dale	if($_POST['address' . $x]) {
201			/* fetch down and add in */
202			$isfirst = 0;
203	7c872d3b	Scott Ullrich	$temp_filename = tempnam("{$g['tmp_path']}/", "alias_import");
204	ba393f6c	Scott Dale	unlink($temp_filename);
205	7515fb4b	Ermal Lu?i	$fda = fopen("{$g['tmp_path']}/tmpfetch","w");
206	ba393f6c	Scott Dale	fwrite($fda, "/usr/bin/fetch -q -o \"{$temp_filename}/aliases\" \"" . $_POST['address' . $x] . "\"");
207			fclose($fda);
208	7ac5a4cb	Scott Ullrich	mwexec("/bin/mkdir -p {$temp_filename}");
209	ba393f6c	Scott Dale	mwexec("/usr/bin/fetch -q -o \"{$temp_filename}/aliases\" \"" . $_POST['address' . $x] . "\"");
210			/* if the item is tar gzipped then extract */
211			if(stristr($_POST['address' . $x], ".tgz"))
212			process_alias_tgz($temp_filename);
213	ae5f96c8	Renato Botelho
214			if (!isset($alias['aliasurl']))
215			$alias['aliasurl'] = array();
216
217			$alias['aliasurl'][] = $_POST['address' . $x];
218			if ($_POST["detail{$x}"] <> "")
219			$final_address_details[] = $_POST["detail{$x}"];
220			else
221			$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
222
223	ba393f6c	Scott Dale	if(file_exists("{$temp_filename}/aliases")) {
224			$file_contents = file_get_contents("{$temp_filename}/aliases");
225			$file_contents = str_replace("#", "\n#", $file_contents);
226	cfbfd941	smos	$file_contents_split = explode("\n", $file_contents);
227	ba393f6c	Scott Dale	foreach($file_contents_split as $fc) {
228	c7de8be4	jim-p	// Stop at 3000 items, aliases larger than that tend to break both pf and the WebGUI.
229			if ($address_count >= 3000)
230			break;
231	ba393f6c	Scott Dale	$tmp = trim($fc);
232			if(stristr($fc, "#")) {
233	cfbfd941	smos	$tmp_split = explode("#", $tmp);
234	ba393f6c	Scott Dale	$tmp = trim($tmp_split[0]);
235	5a1eebc7	Scott Ullrich	}
236	74e861e3	jim-p	$tmp = trim($tmp);
237			if(!empty($tmp) && (is_ipaddr($tmp) \|\| is_subnet($tmp))) {
238	6c33fb4b	Ermal	$address[] = $tmp;
239	ae5f96c8	Renato Botelho	$isfirst = 1;
240	c7de8be4	jim-p	$address_count++;
241	5a1eebc7	Scott Ullrich	}
242	ba393f6c	Scott Dale	}
243			if($isfirst == 0) {
244			/* nothing was found */
245	7cbeade1	Renato Botelho	$input_errors[] = sprintf(gettext("You must provide a valid URL. Could not fetch usable data from '%s'."), $_POST['address' . $x]);
246	5a1eebc7	Scott Ullrich	$dont_update = true;
247			}
248	ba393f6c	Scott Dale	mwexec("/bin/rm -rf {$temp_filename}");
249			} else {
250	7cbeade1	Renato Botelho	$input_errors[] = sprintf(gettext("URL '%s' is not valid."), $_POST['address' . $x]);
251	ba393f6c	Scott Dale	$dont_update = true;
252	5a1eebc7	Scott Ullrich	}
253			}
254	ba393f6c	Scott Dale	}
255			} else {
256			/* item is a normal alias type */
257	5e34cdb2	Ermal Lu?i	$wrongaliases = "";
258	a2d8d3dd	Ermal Luçi	for($x=0; $x<4999; $x++) {
259	b6f3005c	Ermal Luçi	if($_POST["address{$x}"] <> "") {
260	fd86d829	Cristian Feldman	$_POST["address{$x}"] = trim($_POST["address{$x}"]);
261	f71e0ac6	Ermal Lu?i	if (is_alias($_POST["address{$x}"])) {
262			if (!alias_same_type($_POST["address{$x}"], $_POST['type']))
263	ae660b3c	Evgeny Yurchenko	// But alias type network can include alias type urltable. Feature#1603.
264			if (!($_POST['type'] == 'network' &&
265	5ffa3389	Ermal	alias_get_type($_POST["address{$x}"]) == 'urltable'))
266	ae660b3c	Evgeny Yurchenko	$wrongaliases .= " " . $_POST["address{$x}"];
267	f71e0ac6	Ermal Lu?i	} else if ($_POST['type'] == "port") {
268	231e0606	Ermal Lu?i	if (!is_port($_POST["address{$x}"]))
269	24148939	Carlos Eduardo Ramos	$input_errors[] = $_POST["address{$x}"] . " " . gettext("is not a valid port or alias.");
270	f71e0ac6	Ermal Lu?i	} else if ($_POST['type'] == "host" \|\| $_POST['type'] == "network") {
271	ecd1f2d9	jim-p	if (!is_ipaddr($_POST["address{$x}"])
272			&& !is_hostname($_POST["address{$x}"])
273			&& !is_iprange($_POST["address{$x}"]))
274	ddc55e12	Erik Fonnesbeck	$input_errors[] = sprintf(gettext('%1$s is not a valid %2$s alias.'), $_POST["address{$x}"], $_POST['type']);
275	f71e0ac6	Ermal Lu?i	}
276	6c33fb4b	Ermal	if (is_iprange($_POST["address{$x}"])) {
277			list($startip, $endip) = explode('-', $_POST["address{$x}"]);
278			$rangesubnets = ip_range_to_subnet_array($startip, $endip);
279	9ae9a7fc	Ermal	$address = array_merge($address, $rangesubnets);
280	6c33fb4b	Ermal	} else {
281			$tmpaddress = $_POST["address{$x}"];
282	6775c54e	Ermal	if(is_ipaddr($_POST["address{$x}"]) && $_POST["address_subnet{$x}"] <> "")
283	6c33fb4b	Ermal	$tmpaddress .= "/" . $_POST["address_subnet{$x}"];
284			$address[] = $tmpaddress;
285			}
286			if ($_POST["detail{$x}"] <> "")
287			$final_address_details[] = $_POST["detail{$x}"];
288			else
289	24148939	Carlos Eduardo Ramos	$final_address_details[] = sprintf(gettext("Entry added %s"), date('r'));
290	5e34cdb2	Ermal Lu?i	}
291	d2cfb7a4	Scott Ullrich	}
292	5e34cdb2	Ermal Lu?i	if ($wrongaliases <> "")
293	bcc8d8a3	Erik Fonnesbeck	$input_errors[] = sprintf(gettext('The alias(es): %s cannot be nested because they are not of the same type.'), $wrongaliases);
294	ba393f6c	Scott Dale	}
295	d2cfb7a4	Scott Ullrich
296	f29109d0	Renato Botelho	// Allow extending of the firewall edit page and include custom input validation
297	439cc13f	Scott Ullrich	pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/input_validation");
298
299	ba393f6c	Scott Dale	if (!$input_errors) {
300	c7de8be4	jim-p	$alias['address'] = is_array($address) ? implode(" ", $address) : $address;
301	d865241e	jim-p	$alias['descr'] = $_POST['descr'];
302	ba393f6c	Scott Dale	$alias['type'] = $_POST['type'];
303	6c33fb4b	Ermal	$alias['detail'] = implode("\|\|", $final_address_details);
304	d2cfb7a4	Scott Ullrich
305	ed0b7949	Scott Ullrich	/* Check to see if alias name needs to be
306			* renamed on referenced rules and such
307			*/
308			if ($_POST['name'] <> $_POST['origname']) {
309			// Firewall rules
310	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('filter', 'rule'), array('source', 'address'), $_POST['name'], $origname);
311			update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
312			update_alias_names_upon_change(array('filter', 'rule'), array('source', 'port'), $_POST['name'], $origname);
313			update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'port'), $_POST['name'], $origname);
314	ed0b7949	Scott Ullrich	// NAT Rules
315	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'rule'), array('source', 'address'), $_POST['name'], $origname);
316			update_alias_names_upon_change(array('nat', 'rule'), array('source', 'port'), $_POST['name'], $origname);
317			update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
318			update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'port'), $_POST['name'], $origname);
319			update_alias_names_upon_change(array('nat', 'rule'), array('target'), $_POST['name'], $origname);
320			update_alias_names_upon_change(array('nat', 'rule'), array('local-port'), $_POST['name'], $origname);
321	b43b7613	Erik Fonnesbeck	// NAT 1:1 Rules
322			//update_alias_names_upon_change(array('nat', 'onetoone'), array('external'), $_POST['name'], $origname);
323			//update_alias_names_upon_change(array('nat', 'onetoone'), array('source', 'address'), $_POST['name'], $origname);
324			update_alias_names_upon_change(array('nat', 'onetoone'), array('destination', 'address'), $_POST['name'], $origname);
325			// NAT Outbound Rules
326			update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('source', 'network'), $_POST['name'], $origname);
327	ca640261	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('sourceport'), $_POST['name'], $origname);
328	b43b7613	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('destination', 'address'), $_POST['name'], $origname);
329	ca640261	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('dstport'), $_POST['name'], $origname);
330	b43b7613	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('target'), $_POST['name'], $origname);
331	f43ba926	Scott Ullrich	// Alias in an alias
332	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $_POST['name'], $origname);
333	ed0b7949	Scott Ullrich	}
334
335	b22bf161	Scott Ullrich	pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/pre_write_config");
336
337	171aa30d	Ermal Lu?i	if (isset($id) && $a_aliases[$id]) {
338			if ($a_aliases[$id]['name'] <> $alias['name']) {
339			foreach ($a_aliases as $aliasid => $aliasd) {
340	16f78ff0	Ermal Lu?i	if ($aliasd['address'] <> "") {
341	96b4269c	Ermal Lu?i	$tmpdirty = false;
342	16f78ff0	Ermal Lu?i	$tmpaddr = explode(" ", $aliasd['address']);
343			foreach ($tmpaddr as $tmpidx => $tmpalias) {
344	96b4269c	Ermal Lu?i	if ($tmpalias == $a_aliases[$id]['name']) {
345	16f78ff0	Ermal Lu?i	$tmpaddr[$tmpidx] = $alias['name'];
346	96b4269c	Ermal Lu?i	$tmpdirty = true;
347			}
348	16f78ff0	Ermal Lu?i	}
349	96b4269c	Ermal Lu?i	if ($tmpdirty == true)
350			$a_aliases[$aliasid]['address'] = implode(" ", $tmpaddr);
351	16f78ff0	Ermal Lu?i	}
352	171aa30d	Ermal Lu?i	}
353			}
354	ba393f6c	Scott Dale	$a_aliases[$id] = $alias;
355	171aa30d	Ermal Lu?i	} else
356	ba393f6c	Scott Dale	$a_aliases[] = $alias;
357	a18b6b97	Scott Ullrich
358	974cbfe0	Ermal Lu?i	// Sort list
359			$a_aliases = msort($a_aliases, "name");
360
361	3a343d73	jim-p	if (write_config())
362			mark_subsystem_dirty('aliases');
363	d2cfb7a4	Scott Ullrich
364	ac7f1763	Renato Botelho	if(!empty($tab))
365			header("Location: firewall_aliases.php?tab=" . htmlspecialchars ($tab));
366	a5416de2	Warren Baker	else
367			header("Location: firewall_aliases.php");
368			exit;
369	ba393f6c	Scott Dale	}
370			//we received input errors, copy data to prevent retype
371			else
372			{
373	c7de8be4	jim-p	$pconfig['name'] = $_POST['name'];
374	d865241e	jim-p	$pconfig['descr'] = $_POST['descr'];
375	6a45942f	Renato Botelho	if ($_POST['type'] == 'url')
376			$pconfig['address'] = implode(" ", $alias['aliasurl']);
377			else
378			$pconfig['address'] = implode(" ", $address);
379	ba393f6c	Scott Dale	$pconfig['type'] = $_POST['type'];
380	6c33fb4b	Ermal	$pconfig['detail'] = implode("\|\|", $final_address_details);
381	5b237745	Scott Ullrich	}
382			}
383	da7ae7ef	Bill Marquette
384			include("head.inc");
385
386	5a1eebc7	Scott Ullrich	$jscriptstr = <<<EOD
387	da7ae7ef	Bill Marquette
388	5a1eebc7	Scott Ullrich	<script type="text/javascript">
389	0cea9a23	Ermal Lu?i
390			var objAlias = new Array(4999);
391	5b237745	Scott Ullrich	function typesel_change() {
392			switch (document.iform.type.selectedIndex) {
393			case 0: /* host */
394	d2cfb7a4	Scott Ullrich	var cmd;
395	5a1eebc7	Scott Ullrich
396	b6f3005c	Ermal Luçi	newrows = totalrows;
397			for(i=0; i<newrows; i++) {
398	5a1eebc7	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
399			eval(comd);
400			comd = 'document.iform.address_subnet' + i + '.value = "";';
401			eval(comd);
402	d2cfb7a4	Scott Ullrich	}
403	5b237745	Scott Ullrich	break;
404			case 1: /* network */
405	d2cfb7a4	Scott Ullrich	var cmd;
406	5a1eebc7	Scott Ullrich
407	b6f3005c	Ermal Luçi	newrows = totalrows;
408			for(i=0; i<newrows; i++) {
409	5a1eebc7	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 0;';
410			eval(comd);
411	d2cfb7a4	Scott Ullrich	}
412	5b237745	Scott Ullrich	break;
413	4d6b6263	Scott Ullrich	case 2: /* port */
414			var cmd;
415	5a1eebc7	Scott Ullrich
416	b6f3005c	Ermal Luçi	newrows = totalrows;
417			for(i=0; i<newrows; i++) {
418	5a1eebc7	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
419			eval(comd);
420	2936a57e	Seth Mos	comd = 'document.iform.address_subnet' + i + '.value = "128";';
421	5a1eebc7	Scott Ullrich	eval(comd);
422			}
423			break;
424	f29109d0	Renato Botelho	/* case 3: // OpenVPN Users
425	5a1eebc7	Scott Ullrich	var cmd;
426	cd35a596	Scott Ullrich
427	b6f3005c	Ermal Luçi	newrows = totalrows;
428			for(i=0; i<newrows; i++) {
429	cd35a596	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
430			eval(comd);
431			comd = 'document.iform.address_subnet' + i + '.value = "";';
432	5a1eebc7	Scott Ullrich	eval(comd);
433	4d6b6263	Scott Ullrich	}
434			break;
435	aa11af07	jim-p	*/
436			case 3: /* url */
437	6e7e1814	Scott Ullrich	var cmd;
438	b6f3005c	Ermal Luçi	newrows = totalrows;
439			for(i=0; i<newrows; i++) {
440	a0fc25ae	Scott Ullrich	comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
441	6e7e1814	Scott Ullrich	eval(comd);
442			}
443			break;
444	c7de8be4	jim-p
445	aa11af07	jim-p	case 4: /* urltable */
446	c7de8be4	jim-p	var cmd;
447			newrows = totalrows;
448			for(i=0; i<newrows; i++) {
449			comd = 'document.iform.address_subnet' + i + '.disabled = 0;';
450			eval(comd);
451			}
452			break;
453	5b237745	Scott Ullrich	}
454			}
455	d2cfb7a4	Scott Ullrich
456	0cea9a23	Ermal Lu?i	function add_alias_control() {
457			var name = "address" + (totalrows - 1);
458			obj = document.getElementById(name);
459			obj.setAttribute('class', 'formfldalias');
460			obj.setAttribute('autocomplete', 'off');
461			objAlias[totalrows - 1] = new AutoSuggestControl(obj, new StateSuggestions(addressarray));
462			}
463	5a1eebc7	Scott Ullrich	EOD;
464
465			$network_str = gettext("Network");
466			$networks_str = gettext("Network(s)");
467			$cidr_str = gettext("CIDR");
468			$description_str = gettext("Description");
469			$hosts_str = gettext("Host(s)");
470			$ip_str = gettext("IP");
471			$ports_str = gettext("Port(s)");
472			$port_str = gettext("Port");
473			$url_str = gettext("URL");
474	c7de8be4	jim-p	$urltable_str = gettext("URL Table");
475	5a1eebc7	Scott Ullrich	$update_freq_str = gettext("Update Freq.");
476
477	2936a57e	Seth Mos	$networks_help = gettext("Networks are specified in CIDR format. Select the CIDR mask that pertains to each entry. /32 specifies a single IPv4 host, /128 specifies a single IPv6 host, /24 specifies 255.255.255.0, /64 specifies a normal IPv6 network, etc. Hostnames (FQDNs) may also be specified, using a /32 mask for IPv4 or /128 for IPv6. You may also enter an IP range such as 192.168.1.1-192.168.1.254 and a list of CIDR networks will be derived to fill the range.");
478	e8e2ffbd	jim-p	$hosts_help = gettext("Enter as many hosts as you would like. Hosts must be specified by their IP address or fully qualified domain name (FQDN). FQDN hostnames are periodically re-resolved and updated. If multiple IPs are returned by a DNS query, all are used.");
479	5a1eebc7	Scott Ullrich	$ports_help = gettext("Enter as many ports as you wish. Port ranges can be expressed by seperating with a colon.");
480	24148939	Carlos Eduardo Ramos	$url_help = sprintf(gettext("Enter as many URLs as you wish. After saving %s will download the URL and import the items into the alias. Use only with small sets of IP addresses (less than 3000)."), $g['product_name']);
481			$urltable_help = sprintf(gettext("Enter a single URL containing a large number of IPs and/or Subnets. After saving %s will download the URL and create a table file containing these addresses. This will work with large numbers of addresses (30,000+) or small numbers."), $g['product_name']);
482	5a1eebc7	Scott Ullrich
483	3ebd97eb	Scott Ullrich	$openvpn_str = gettext("Username");
484			$openvpn_user_str = gettext("OpenVPN Users");
485			$openvpn_help = gettext("Enter as many usernames as you wish.");
486	bd413d76	Renato Botelho	$openvpn_freq = "";
487	3ebd97eb	Scott Ullrich
488	5a1eebc7	Scott Ullrich	$jscriptstr .= <<<EOD
489
490	d2cfb7a4	Scott Ullrich	function update_box_type() {
491			var indexNum = document.forms[0].type.selectedIndex;
492			var selected = document.forms[0].type.options[indexNum].text;
493	5a1eebc7	Scott Ullrich	if(selected == '{$networks_str}') {
494			document.getElementById ("addressnetworkport").firstChild.data = "{$networks_str}";
495			document.getElementById ("onecolumn").firstChild.data = "{$network_str}";
496			document.getElementById ("twocolumn").firstChild.data = "{$cidr_str}";
497			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
498			document.getElementById ("itemhelp").firstChild.data = "{$networks_help}";
499	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
500	5a1eebc7	Scott Ullrich	} else if(selected == '{$hosts_str}') {
501			document.getElementById ("addressnetworkport").firstChild.data = "{$hosts_str}";
502			document.getElementById ("onecolumn").firstChild.data = "{$ip_str}";
503			document.getElementById ("twocolumn").firstChild.data = "";
504			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
505			document.getElementById ("itemhelp").firstChild.data = "{$hosts_help}";
506	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
507	5a1eebc7	Scott Ullrich	} else if(selected == '{$ports_str}') {
508			document.getElementById ("addressnetworkport").firstChild.data = "{$ports_str}";
509			document.getElementById ("onecolumn").firstChild.data = "{$port_str}";
510			document.getElementById ("twocolumn").firstChild.data = "";
511			document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
512			document.getElementById ("itemhelp").firstChild.data = "{$ports_help}";
513	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
514	5a1eebc7	Scott Ullrich	} else if(selected == '{$url_str}') {
515			document.getElementById ("addressnetworkport").firstChild.data = "{$url_str}";
516			document.getElementById ("onecolumn").firstChild.data = "{$url_str}";
517	a0fc25ae	Scott Ullrich	document.getElementById ("twocolumn").firstChild.data = "";
518	5a1eebc7	Scott Ullrich	document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
519			document.getElementById ("itemhelp").firstChild.data = "{$url_help}";
520	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
521	6e7e1814	Scott Ullrich	} else if(selected == '{$openvpn_user_str}') {
522			document.getElementById ("addressnetworkport").firstChild.data = "{$openvpn_user_str}";
523	3ebd97eb	Scott Ullrich	document.getElementById ("onecolumn").firstChild.data = "{$openvpn_str}";
524	4c743413	Scott Ullrich	document.getElementById ("twocolumn").firstChild.data = "{$openvpn_freq}";
525	6e7e1814	Scott Ullrich	document.getElementById ("threecolumn").firstChild.data = "{$description_str}";
526	3ebd97eb	Scott Ullrich	document.getElementById ("itemhelp").firstChild.data = "{$openvpn_help}";
527	c7de8be4	jim-p	document.getElementById ("addrowbutton").style.display = 'block';
528			} else if(selected == '{$urltable_str}') {
529			if ((typeof(totalrows) == "undefined") \|\| (totalrows < 1)) {
530			addRowTo('maintable', 'formfldalias');
531			typesel_change();
532			add_alias_control(this);
533			}
534			document.getElementById ("addressnetworkport").firstChild.data = "{$url_str}";
535			document.getElementById ("onecolumn").firstChild.data = "{$url_str}";
536			document.getElementById ("twocolumn").firstChild.data = "{$update_freq_str}";
537			document.getElementById ("threecolumn").firstChild.data = "";
538			document.getElementById ("threecolumn").style.display = 'none';
539			document.getElementById ("itemhelp").firstChild.data = "{$urltable_help}";
540			document.getElementById ("addrowbutton").style.display = 'none';
541	d2cfb7a4	Scott Ullrich	}
542			}
543	5b237745	Scott Ullrich	</script>
544
545	66138bf6	Scott Dale	EOD;
546	d2cfb7a4	Scott Ullrich
547	5a1eebc7	Scott Ullrich	?>
548	d2cfb7a4	Scott Ullrich
549	5a1eebc7	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
550			<?php
551			include("fbegin.inc");
552			echo $jscriptstr;
553			?>
554
555	f51d5d57	Darren Embry	<script type="text/javascript" src="/javascript/jquery.ipv4v6ify.js">
556			</script>
557	625dcc40	Bill Marquette	<script type="text/javascript" src="/javascript/row_helper.js">
558	5a1eebc7	Scott Ullrich	</script>
559	0cea9a23	Ermal Lu?i	<script type="text/javascript" src="/javascript/autosuggest.js">
560			</script>
561			<script type="text/javascript" src="/javascript/suggestions.js">
562			</script>
563	d2cfb7a4	Scott Ullrich
564	5a1eebc7	Scott Ullrich	<input type='hidden' name='address_type' value='textbox' />
565			<input type='hidden' name='address_subnet_type' value='select' />
566	d2cfb7a4	Scott Ullrich
567	5a1eebc7	Scott Ullrich	<script type="text/javascript">
568			rowname[0] = "address";
569	a8fe61f1	Darren Embry	rowtype[0] = "textbox,ipv4v6";
570	5a1eebc7	Scott Ullrich	rowsize[0] = "30";
571	d2cfb7a4	Scott Ullrich
572	5a1eebc7	Scott Ullrich	rowname[1] = "address_subnet";
573	a8fe61f1	Darren Embry	rowtype[1] = "select,ipv4v6";
574	5a1eebc7	Scott Ullrich	rowsize[1] = "1";
575	d2cfb7a4	Scott Ullrich
576	5a1eebc7	Scott Ullrich	rowname[2] = "detail";
577			rowtype[2] = "textbox";
578	b6f3005c	Ermal Luçi	rowsize[2] = "50";
579	d2cfb7a4	Scott Ullrich	</script>
580
581	193716d0	Scott Ullrich	<?php pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/pre_input_errors"); ?>
582	5b237745	Scott Ullrich	<?php if ($input_errors) print_input_errors($input_errors); ?>
583	5a1eebc7	Scott Ullrich	<div id="inputerrors"></div>
584
585			<form action="firewall_aliases_edit.php" method="post" name="iform" id="iform">
586	ac7f1763	Renato Botelho	<?php
587			if (empty($tab)) {
588			if ($pconfig['type'] == 'urltable')
589			$tab = 'url';
590			else if ($pconfig['type'] == 'host')
591			$tab = 'ip';
592			else
593			$tab = $pconfig['type'];
594			}
595			?>
596			<input name="tab" type="hidden" id="tab" value="<?=htmlspecialchars($tab);?>" />
597	8fcb7cf4	Renato Botelho	<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0">
598	f29109d0	Renato Botelho	<tr>
599			<td colspan="2" valign="top" class="listtopic"><?=gettext("Alias Edit"); ?></td>
600			</tr>
601			<tr>
602			<td valign="top" class="vncellreq"><?=gettext("Name"); ?></td>
603			<td class="vtable">
604			<input name="origname" type="hidden" id="origname" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
605			<input name="name" type="text" id="name" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
606			<?php if (isset($id) && $a_aliases[$id]): ?>
607			<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
608			<?php endif; ?>
609			<br />
610			<span class="vexpl">
611			<?=gettext("The name of the alias may only consist of the characters \"a-z, A-Z, 0-9 and _\"."); ?>
612			</span>
613			</td>
614			</tr>
615			<?php pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases_edit/after_first_tr"); ?>
616			<tr>
617			<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
618			<td width="78%" class="vtable">
619			<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" />
620			<br />
621			<span class="vexpl">
622			<?=gettext("You may enter a description here for your reference (not parsed)."); ?>
623			</span>
624			</td>
625			</tr>
626			<tr>
627			<td valign="top" class="vncellreq"><?=gettext("Type"); ?></td>
628			<td class="vtable">
629			<select name="type" class="formselect" id="type" onchange="update_box_type(); typesel_change();">
630			<option value="host" <?php if ($pconfig['type'] == "host") echo "selected"; ?>><?=gettext("Host(s)"); ?></option>
631			<option value="network" <?php if ($pconfig['type'] == "network") echo "selected"; ?>><?=gettext("Network(s)"); ?></option>
632			<option value="port" <?php if ($pconfig['type'] == "port") echo "selected"; ?>><?=gettext("Port(s)"); ?></option>
633			<!--<option value="openvpn" <?php if ($pconfig['type'] == "openvpn") echo "selected"; ?>><?=gettext("OpenVPN Users"); ?></option> -->
634			<option value="url" <?php if ($pconfig['type'] == "url") echo "selected"; ?>><?=gettext("URL");?></option>
635			<option value="urltable" <?php if ($pconfig['type'] == "urltable") echo "selected"; ?>><?=gettext("URL Table"); ?></option>
636			</select>
637			</td>
638			</tr>
639			<tr>
640			<td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport"><?=gettext("Host(s)"); ?></div></td>
641			<td width="78%" class="vtable">
642			<table id="maintable">
643			<tbody>
644			<tr>
645			<td colspan="4">
646			<div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp"><?=gettext("Item information"); ?></div>
647			</td>
648			</tr>
649			<tr>
650			<td><div id="onecolumn"><?=gettext("Network"); ?></div></td>
651			<td><div id="twocolumn">CIDR</div></td>
652			<td><div id="threecolumn"><?=gettext("Description"); ?></div></td>
653			</tr>
654
655			<?php
656			$counter = 0;
657			$address = $pconfig['address'];
658			if ($address <> "") {
659			$item = explode(" ", $address);
660			$item3 = explode("\|\|", $pconfig['detail']);
661			foreach($item as $ww) {
662			$address = $item[$counter];
663			$address_subnet = "";
664			$item2 = explode("/", $address);
665			foreach($item2 as $current) {
666			if($item2[1] <> "") {
667			$address = $item2[0];
668			$address_subnet = $item2[1];
669			}
670	5a1eebc7	Scott Ullrich
671	f29109d0	Renato Botelho	}
672			$item4 = $item3[$counter];
673			$tracker = $counter;
674			?>
675			<tr>
676			<td>
677			<input autocomplete="off" name="address<?php echo $tracker; ?>" type="text" class="formfldalias ipv4v6" id="address<?php echo $tracker; ?>" size="30" value="<?=htmlspecialchars($address);?>" />
678			</td>
679			<td>
680			<select name="address_subnet<?php echo $tracker; ?>" class="formselect ipv4v6" id="address_subnet<?php echo $tracker; ?>">
681			<option></option>
682			<?php for ($i = 128; $i >= 1; $i--): ?>
683			<option value="<?=$i;?>" <?php if (($i == $address_subnet) \|\| ($i == $pconfig['updatefreq'])) echo "selected"; ?>><?=$i;?></option>
684			<?php endfor; ?>
685			</select>
686			</td>
687			<td>
688			<input name="detail<?php echo $tracker; ?>" type="text" class="formfld unknown" id="detail<?php echo $tracker; ?>" size="50" value="<?=$item4;?>" />
689			</td>
690			<td>
691			<a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" alt="" title="<?=gettext("remove this entry"); ?>" /></a>
692			</td>
693			</tr>
694			<?php
695			$counter++;
696
697			} // end foreach
698			} // end if
699			?>
700			</tbody>
701			<tfoot>
702
703			</tfoot>
704			</table>
705			<div id="addrowbutton">
706			<a onclick="javascript:addRowTo('maintable', 'formfldalias'); typesel_change(); add_alias_control(this); return false;" href="#">
707			<img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="<?=gettext("add another entry"); ?>" />
708			</a>
709			</div>
710			</td>
711			</tr>
712			<tr>
713			<td width="22%" valign="top"> </td>
714			<td width="78%">
715			<input id="submit" name="submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
716	5a815dc7	Renato Botelho	<a href="firewall_aliases.php?tab=<?=$tab;?>"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" /></a>
717	5a1eebc7	Scott Ullrich	</td>
718	f29109d0	Renato Botelho	</tr>
719	5a1eebc7	Scott Ullrich	</table>
720	5b237745	Scott Ullrich	</form>
721	5a1eebc7	Scott Ullrich
722			<script type="text/javascript">
723	4dfd930e	Darren Embry	//<![CDATA[
724	5a1eebc7	Scott Ullrich	field_counter_js = 3;
725			rows = 1;
726			totalrows = <?php echo $counter; ?>;
727			loaded = <?php echo $counter; ?>;
728			typesel_change();
729			update_box_type();
730	0cea9a23	Ermal Lu?i
731	dd760cfc	r-duran	var addressarray = <?= json_encode(array_exclude($pconfig['name'], get_alias_list($pconfig['type']))) ?>;
732	0cea9a23	Ermal Lu?i
733	4dfd930e	Darren Embry	function createAutoSuggest() {
734	f29109d0	Renato Botelho	<?php
735	4dfd930e	Darren Embry	for ($jv = 0; $jv < $counter; $jv++)
736			echo "objAlias[{$jv}] = new AutoSuggestControl(document.getElementById(\"address{$jv}\"), new StateSuggestions(addressarray));\n";
737			?>
738			}
739	0cea9a23	Ermal Lu?i
740	4dfd930e	Darren Embry	setTimeout("createAutoSuggest();", 500);
741			//]]>
742	5b237745	Scott Ullrich	</script>
743	5a1eebc7	Scott Ullrich
744	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
745			</body>
746			</html>

Project

General

Profile

pfSense