/usr/local/www/services_captiveportal.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/services_captiveportal.php @ eb9c5b2e

1	a5c0b6c7	Scott Ullrich	<?php
2	5b237745	Scott Ullrich	/*
3			services_captiveportal.php
4			part of m0n0wall (http://m0n0.ch/wall)
5	a5c0b6c7	Scott Ullrich
6	0bd34ed6	Scott Ullrich	Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
7	5b237745	Scott Ullrich	All rights reserved.
8	a5c0b6c7	Scott Ullrich
9	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11	a5c0b6c7	Scott Ullrich
12	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14	a5c0b6c7	Scott Ullrich
15	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18	a5c0b6c7	Scott Ullrich
19	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30	1d333258	Scott Ullrich	/*
31			pfSense_MODULE: captiveportal
32			*/
33	5b237745	Scott Ullrich
34	6b07c15a	Matthew Grooms	##\|+PRIV
35			##\|*IDENT=page-services-captiveportal
36			##\|*NAME=Services: Captive portal page
37			##\|*DESCR=Allow access to the 'Services: Captive portal' page.
38			##\|MATCH=services_captiveportal.php
39			##\|-PRIV
40
41	5633ab30	jim-p	$statusurl = "status_captiveportal.php";
42			$logurl = "diag_logs_auth.php";
43
44	5b237745	Scott Ullrich	require("guiconfig.inc");
45	7ab2b688	Scott Ullrich	require("functions.inc");
46			require("filter.inc");
47			require("shaper.inc");
48			require("captiveportal.inc");
49	5b237745	Scott Ullrich
50	6fde5a1e	Carlos Eduardo Ramos	$pgtitle = array(gettext("Services"),gettext("Captive portal"));
51
52	5b237745	Scott Ullrich	if (!is_array($config['captiveportal'])) {
53			$config['captiveportal'] = array();
54			$config['captiveportal']['page'] = array();
55			$config['captiveportal']['timeout'] = 60;
56			}
57
58			if ($_GET['act'] == "viewhtml") {
59			echo base64_decode($config['captiveportal']['page']['htmltext']);
60			exit;
61			} else if ($_GET['act'] == "viewerrhtml") {
62			echo base64_decode($config['captiveportal']['page']['errtext']);
63			exit;
64	5b87b24e	Ermal	} else if ($_GET['act'] == "viewlogouthtml") {
65			echo base64_decode($config['captiveportal']['page']['logouttext']);
66			exit;
67	5b237745	Scott Ullrich	}
68
69			$pconfig['cinterface'] = $config['captiveportal']['interface'];
70	0bd34ed6	Scott Ullrich	$pconfig['maxproc'] = $config['captiveportal']['maxproc'];
71			$pconfig['maxprocperip'] = $config['captiveportal']['maxprocperip'];
72	5b237745	Scott Ullrich	$pconfig['timeout'] = $config['captiveportal']['timeout'];
73			$pconfig['idletimeout'] = $config['captiveportal']['idletimeout'];
74			$pconfig['enable'] = isset($config['captiveportal']['enable']);
75	7faeda46	Scott Ullrich	$pconfig['auth_method'] = $config['captiveportal']['auth_method'];
76	5b237745	Scott Ullrich	$pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']);
77	0bd34ed6	Scott Ullrich	$pconfig['radmac_enable'] = isset($config['captiveportal']['radmac_enable']);
78			$pconfig['radmac_secret'] = $config['captiveportal']['radmac_secret'];
79	c980716e	Scott Ullrich	$pconfig['reauthenticate'] = isset($config['captiveportal']['reauthenticate']);
80			$pconfig['reauthenticateacct'] = $config['captiveportal']['reauthenticateacct'];
81	5b237745	Scott Ullrich	$pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']);
82	1d622048	Scott Ullrich	$pconfig['httpsname'] = strtolower($config['captiveportal']['httpsname']);
83	5b237745	Scott Ullrich	$pconfig['cert'] = base64_decode($config['captiveportal']['certificate']);
84	c6e1b0f5	Ermal Lu?i	$pconfig['cacert'] = base64_decode($config['captiveportal']['cacertificate']);
85	5b237745	Scott Ullrich	$pconfig['key'] = base64_decode($config['captiveportal']['private-key']);
86			$pconfig['logoutwin_enable'] = isset($config['captiveportal']['logoutwin_enable']);
87	7e587bdb	Scott Ullrich	$pconfig['peruserbw'] = isset($config['captiveportal']['peruserbw']);
88			$pconfig['bwdefaultdn'] = $config['captiveportal']['bwdefaultdn'];
89			$pconfig['bwdefaultup'] = $config['captiveportal']['bwdefaultup'];
90	5b237745	Scott Ullrich	$pconfig['nomacfilter'] = isset($config['captiveportal']['nomacfilter']);
91	0bd34ed6	Scott Ullrich	$pconfig['noconcurrentlogins'] = isset($config['captiveportal']['noconcurrentlogins']);
92	5b237745	Scott Ullrich	$pconfig['redirurl'] = $config['captiveportal']['redirurl'];
93			$pconfig['radiusip'] = $config['captiveportal']['radiusip'];
94	0bd34ed6	Scott Ullrich	$pconfig['radiusip2'] = $config['captiveportal']['radiusip2'];
95	5b237745	Scott Ullrich	$pconfig['radiusport'] = $config['captiveportal']['radiusport'];
96	0bd34ed6	Scott Ullrich	$pconfig['radiusport2'] = $config['captiveportal']['radiusport2'];
97	5b237745	Scott Ullrich	$pconfig['radiusacctport'] = $config['captiveportal']['radiusacctport'];
98			$pconfig['radiuskey'] = $config['captiveportal']['radiuskey'];
99	0bd34ed6	Scott Ullrich	$pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2'];
100			$pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor'];
101	2342bfb0	Ermal Lu?i	$pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']);
102	822b687b	Ermal	$pconfig['radiussrcip_attribute'] = $config['captiveportal']['radiussrcip_attribute'];
103	6ce61a8f	Ermal	$pconfig['passthrumacadd'] = isset($config['captiveportal']['passthrumacadd']);
104	1c291e64	Ermal	$pconfig['passthrumacaddusername'] = isset($config['captiveportal']['passthrumacaddusername']);
105	d11c1f93	sullrich	$pconfig['radmac_format'] = $config['captiveportal']['radmac_format'];
106	5b237745	Scott Ullrich
107			if ($_POST) {
108
109			unset($input_errors);
110			$pconfig = $_POST;
111
112			/* input validation */
113			if ($_POST['enable']) {
114			$reqdfields = explode(" ", "cinterface");
115	6fde5a1e	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Interface"));
116	a5c0b6c7	Scott Ullrich
117	5b237745	Scott Ullrich	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
118	a5c0b6c7	Scott Ullrich
119	0bd34ed6	Scott Ullrich	/* make sure no interfaces are bridged */
120	97edea16	Ermal Lu?i	foreach ($pconfig['cinterface'] as $cpbrif)
121			if (link_interface_to_bridge($cpbrif))
122	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is part of a bridge."), $cpbrif);
123	a5c0b6c7	Scott Ullrich
124	5b237745	Scott Ullrich	if ($_POST['httpslogin_enable']) {
125			if (!$_POST['cert'] \|\| !$_POST['key']) {
126	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("Certificate and key must be specified for HTTPS login.");
127	5b237745	Scott Ullrich	} else {
128			if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cert'], "END CERTIFICATE"))
129	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This certificate does not appear to be valid.");
130	c6e1b0f5	Ermal Lu?i	if (!strstr($_POST['cacert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cacert'], "END CERTIFICATE"))
131	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This intermmediate certificate does not appear to be valid.");
132	5b237745	Scott Ullrich	if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") \|\| !strstr($_POST['key'], "END RSA PRIVATE KEY"))
133	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This key does not appear to be valid.");
134	5b237745	Scott Ullrich	}
135	a5c0b6c7	Scott Ullrich
136	5b237745	Scott Ullrich	if (!$_POST['httpsname'] \|\| !is_domain($_POST['httpsname'])) {
137	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The HTTPS server name must be specified for HTTPS login.");
138	5b237745	Scott Ullrich	}
139			}
140			}
141	a5c0b6c7	Scott Ullrich
142	5b237745	Scott Ullrich	if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) \|\| ($_POST['timeout'] < 1))) {
143	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The timeout must be at least 1 minute.");
144	5b237745	Scott Ullrich	}
145			if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) \|\| ($_POST['idletimeout'] < 1))) {
146	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The idle timeout must be at least 1 minute.");
147	5b237745	Scott Ullrich	}
148			if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {
149	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip']);
150	5b237745	Scott Ullrich	}
151	0bd34ed6	Scott Ullrich	if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) {
152	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip2']);
153	0bd34ed6	Scott Ullrich	}
154	5b237745	Scott Ullrich	if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {
155	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport']);
156	5b237745	Scott Ullrich	}
157	0bd34ed6	Scott Ullrich	if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) {
158	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport2']);
159	0bd34ed6	Scott Ullrich	}
160	5b237745	Scott Ullrich	if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {
161	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusacctport']);
162	0bd34ed6	Scott Ullrich	}
163			if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) \|\| ($_POST['maxproc'] < 4) \|\| ($_POST['maxproc'] > 100))) {
164	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The total maximum number of concurrent connections must be between 4 and 100.");
165	0bd34ed6	Scott Ullrich	}
166			$mymaxproc = $_POST['maxproc'] ? $_POST['maxproc'] : 16;
167			if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) \|\| ($_POST['maxprocperip'] > $mymaxproc))) {
168	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The maximum number of concurrent connections per client IP address may not be larger than the global maximum.");
169	5b237745	Scott Ullrich	}
170
171			if (!$input_errors) {
172	f8b11310	Ermal Lu?i	$config['captiveportal']['interface'] = implode(",", $_POST['cinterface']);
173	0bd34ed6	Scott Ullrich	$config['captiveportal']['maxproc'] = $_POST['maxproc'];
174			$config['captiveportal']['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false;
175	5b237745	Scott Ullrich	$config['captiveportal']['timeout'] = $_POST['timeout'];
176			$config['captiveportal']['idletimeout'] = $_POST['idletimeout'];
177	0bd34ed6	Scott Ullrich	$config['captiveportal']['enable'] = $_POST['enable'] ? true : false;
178	7faeda46	Scott Ullrich	$config['captiveportal']['auth_method'] = $_POST['auth_method'];
179	0bd34ed6	Scott Ullrich	$config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false;
180			$config['captiveportal']['reauthenticate'] = $_POST['reauthenticate'] ? true : false;
181			$config['captiveportal']['radmac_enable'] = $_POST['radmac_enable'] ? true : false;
182			$config['captiveportal']['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false;
183	c980716e	Scott Ullrich	$config['captiveportal']['reauthenticateacct'] = $_POST['reauthenticateacct'];
184	0bd34ed6	Scott Ullrich	$config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;
185	5b237745	Scott Ullrich	$config['captiveportal']['httpsname'] = $_POST['httpsname'];
186	7e587bdb	Scott Ullrich	$config['captiveportal']['peruserbw'] = $_POST['peruserbw'] ? true : false;
187			$config['captiveportal']['bwdefaultdn'] = $_POST['bwdefaultdn'];
188			$config['captiveportal']['bwdefaultup'] = $_POST['bwdefaultup'];
189	5b237745	Scott Ullrich	$config['captiveportal']['certificate'] = base64_encode($_POST['cert']);
190	c6e1b0f5	Ermal Lu?i	$config['captiveportal']['cacertificate'] = base64_encode($_POST['cacert']);
191	5b237745	Scott Ullrich	$config['captiveportal']['private-key'] = base64_encode($_POST['key']);
192	0bd34ed6	Scott Ullrich	$config['captiveportal']['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;
193			$config['captiveportal']['nomacfilter'] = $_POST['nomacfilter'] ? true : false;
194			$config['captiveportal']['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false;
195	5b237745	Scott Ullrich	$config['captiveportal']['redirurl'] = $_POST['redirurl'];
196			$config['captiveportal']['radiusip'] = $_POST['radiusip'];
197	0bd34ed6	Scott Ullrich	$config['captiveportal']['radiusip2'] = $_POST['radiusip2'];
198	5b237745	Scott Ullrich	$config['captiveportal']['radiusport'] = $_POST['radiusport'];
199	0bd34ed6	Scott Ullrich	$config['captiveportal']['radiusport2'] = $_POST['radiusport2'];
200	5b237745	Scott Ullrich	$config['captiveportal']['radiusacctport'] = $_POST['radiusacctport'];
201			$config['captiveportal']['radiuskey'] = $_POST['radiuskey'];
202	0bd34ed6	Scott Ullrich	$config['captiveportal']['radiuskey2'] = $_POST['radiuskey2'];
203			$config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false;
204	2342bfb0	Ermal Lu?i	$config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false;
205	8aede55b	Ermal	$config['captiveportal']['radiussrcip_attribute'] = $_POST['radiussrcip_attribute'];
206	6ce61a8f	Ermal	$config['captiveportal']['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false;
207	1c291e64	Ermal	$config['captiveportal']['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false;
208	6ce61a8f	Ermal	$config['captiveportal']['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false;
209	a5c0b6c7	Scott Ullrich
210	5b237745	Scott Ullrich	/* file upload? */
211			if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))
212			$config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));
213	c980716e	Scott Ullrich	if (is_uploaded_file($_FILES['errfile']['tmp_name']))
214	5b237745	Scott Ullrich	$config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));
215	5b87b24e	Ermal	if (is_uploaded_file($_FILES['logoutfile']['tmp_name']))
216			$config['captiveportal']['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name']));
217	a5c0b6c7	Scott Ullrich
218	5b237745	Scott Ullrich	write_config();
219	a5c0b6c7	Scott Ullrich
220	5b237745	Scott Ullrich	$retval = 0;
221	ea1eac37	Scott Ullrich	$retval = captiveportal_configure();
222
223	5b237745	Scott Ullrich	$savemsg = get_std_save_message($retval);
224	f8b11310	Ermal Lu?i
225			$pconfig['cinterface'] = implode(",", $_POST['cinterface']);
226	5b237745	Scott Ullrich	}
227			}
228	3d4bd975	Scott Ullrich	include("head.inc");
229	5b237745	Scott Ullrich	?>
230	9699028a	Scott Ullrich	<?php include("fbegin.inc"); ?>
231	5b237745	Scott Ullrich	<script language="JavaScript">
232			<!--
233			function enable_change(enable_change) {
234	0bd34ed6	Scott Ullrich	var endis, radius_endis;
235	07bd3f83	Scott Ullrich	endis = !(document.iform.enable.checked \|\| enable_change);
236	0bd34ed6	Scott Ullrich	radius_endis = !((!endis && document.iform.auth_method[2].checked) \|\| enable_change);
237	a5c0b6c7	Scott Ullrich
238	07bd3f83	Scott Ullrich	document.iform.cinterface.disabled = endis;
239	54611f24	Scott Ullrich	//document.iform.maxproc.disabled = endis;
240	422d57b4	Scott Ullrich	document.iform.maxprocperip.disabled = endis;
241	07bd3f83	Scott Ullrich	document.iform.idletimeout.disabled = endis;
242			document.iform.timeout.disabled = endis;
243			document.iform.redirurl.disabled = endis;
244	0bd34ed6	Scott Ullrich	document.iform.radiusip.disabled = radius_endis;
245			document.iform.radiusip2.disabled = radius_endis;
246			document.iform.radiusport.disabled = radius_endis;
247			document.iform.radiusport2.disabled = radius_endis;
248			document.iform.radiuskey.disabled = radius_endis;
249			document.iform.radiuskey2.disabled = radius_endis;
250	856e58a6	Scott Ullrich	document.iform.radacct_enable.disabled = radius_endis;
251	f5fa7d5e	Ermal Luçi	document.iform.peruserbw.disabled = endis;
252			document.iform.bwdefaultdn.disabled = endis;
253			document.iform.bwdefaultup.disabled = endis;
254	856e58a6	Scott Ullrich	document.iform.reauthenticate.disabled = radius_endis;
255	7faeda46	Scott Ullrich	document.iform.auth_method[0].disabled = endis;
256			document.iform.auth_method[1].disabled = endis;
257			document.iform.auth_method[2].disabled = endis;
258	0bd34ed6	Scott Ullrich	document.iform.radmac_enable.disabled = radius_endis;
259	07bd3f83	Scott Ullrich	document.iform.httpslogin_enable.disabled = endis;
260	d11c1f93	sullrich	document.iform.radmac_format.disabled = radius_endis;
261	07bd3f83	Scott Ullrich	document.iform.httpsname.disabled = endis;
262			document.iform.cert.disabled = endis;
263			document.iform.key.disabled = endis;
264			document.iform.logoutwin_enable.disabled = endis;
265	c980716e	Scott Ullrich	document.iform.nomacfilter.disabled = endis;
266	0bd34ed6	Scott Ullrich	document.iform.noconcurrentlogins.disabled = endis;
267			document.iform.radiusvendor.disabled = radius_endis;
268	2342bfb0	Ermal Lu?i	document.iform.radiussession_timeout.disabled = radius_endis;
269	822b687b	Ermal	document.iform.radiussrcip_attribute.disabled = radius_endis;
270	07bd3f83	Scott Ullrich	document.iform.htmlfile.disabled = endis;
271			document.iform.errfile.disabled = endis;
272	5b87b24e	Ermal	document.iform.logoutfile.disabled = endis;
273	a5c0b6c7	Scott Ullrich
274	856e58a6	Scott Ullrich	document.iform.radiusacctport.disabled = (radius_endis \|\| !document.iform.radacct_enable.checked) && !enable_change;
275	a5c0b6c7	Scott Ullrich
276	856e58a6	Scott Ullrich	document.iform.radmac_secret.disabled = (radius_endis \|\| !document.iform.radmac_enable.checked) && !enable_change;
277	a5c0b6c7	Scott Ullrich
278	0bd34ed6	Scott Ullrich	var reauthenticate_dis = (radius_endis \|\| !document.iform.reauthenticate.checked) && !enable_change;
279	856e58a6	Scott Ullrich	document.iform.reauthenticateacct[0].disabled = reauthenticate_dis;
280			document.iform.reauthenticateacct[1].disabled = reauthenticate_dis;
281			document.iform.reauthenticateacct[2].disabled = reauthenticate_dis;
282	5b237745	Scott Ullrich	}
283			//-->
284			</script>
285	93588e1a	Scott Dale	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
286	5b237745	Scott Ullrich	<?php if ($input_errors) print_input_errors($input_errors); ?>
287			<?php if ($savemsg) print_info_box($savemsg); ?>
288			<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
289			<table width="100%" border="0" cellpadding="0" cellspacing="0">
290	9699028a	Scott Ullrich	<tr><td class="tabnavtbl">
291	64b85ffe	Scott Ullrich	<?php
292			$tab_array = array();
293	6fde5a1e	Carlos Eduardo Ramos	$tab_array[] = array(gettext("Captive portal"), true, "services_captiveportal.php");
294			$tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php");
295			$tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php");
296			$tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php");
297			$tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php");
298	64b85ffe	Scott Ullrich	display_top_tabs($tab_array);
299	0bd34ed6	Scott Ullrich	?> </td></tr>
300	5b237745	Scott Ullrich	<tr>
301	c980716e	Scott Ullrich	<td class="tabcont">
302			<table width="100%" border="0" cellpadding="6" cellspacing="0">
303	a5c0b6c7	Scott Ullrich	<tr>
304	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
305			<td width="78%" class="vtable">
306			<input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
307	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable captive portal"); ?> </strong></td>
308	5b237745	Scott Ullrich	</tr>
309	a5c0b6c7	Scott Ullrich	<tr>
310	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interfaces"); ?></td>
311	5b237745	Scott Ullrich	<td width="78%" class="vtable">
312	d823b81c	sullrich	<select name="cinterface[]" multiple="true" size="<?php echo count($config['interfaces']); ?>" class="formselect" id="cinterface">
313	af98cced	Scott Ullrich	<?php
314	fbb45bb0	Ermal Luçi	$interfaces = get_configured_interface_with_descr();
315	c980716e	Scott Ullrich	foreach ($interfaces as $iface => $ifacename): ?>
316	f8b11310	Ermal Lu?i	<option value="<?=$iface;?>" <?php if (stristr($pconfig['cinterface'], $iface)) echo "selected"; ?>>
317	5b237745	Scott Ullrich	<?=htmlspecialchars($ifacename);?>
318			</option>
319			<?php endforeach; ?>
320			</select> <br>
321	6fde5a1e	Carlos Eduardo Ramos	<span class="vexpl"><?=gettext("Select the interface(s) to enable for captive portal"); ?>.</span></td>
322	5b237745	Scott Ullrich	</tr>
323	4362e48a	Scott Ullrich	<tr>
324	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Maximum concurrent connections"); ?></td>
325	4362e48a	Scott Ullrich	<td class="vtable">
326			<table cellpadding="0" cellspacing="0">
327			<tr>
328	b5c78501	Seth Mos	<td><input name="maxprocperip" type="text" class="formfld unknown" id="maxprocperip" size="5"
329	6fde5a1e	Carlos Eduardo Ramos	value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client IP address (0 = no limit)"); ?></td>
330	4362e48a	Scott Ullrich	</tr>
331			</table>
332	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in " .
333			"to the captive portal, but rather how many users can load the portal page or authenticate at the same time! " .
334			"Default is 4 connections per client IP address, with a total maximum of 16 connections"); ?>.</td>
335	4362e48a	Scott Ullrich	</tr>
336	5b237745	Scott Ullrich	<tr>
337	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Idle timeout"); ?></td>
338	5b237745	Scott Ullrich	<td class="vtable">
339	b5c78501	Seth Mos	<input name="idletimeout" type="text" class="formfld unknown" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">
340	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("minutes"); ?><br>
341			<?=gettext("Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout"); ?>.</td>
342	5b237745	Scott Ullrich	</tr>
343	a5c0b6c7	Scott Ullrich	<tr>
344	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Hard timeout"); ?></td>
345	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
346	b5c78501	Seth Mos	<input name="timeout" type="text" class="formfld unknown" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>">
347	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("minutes"); ?><br>
348			<?=gettext("Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set)"); ?>.</td>
349	5b237745	Scott Ullrich	</tr>
350	a5c0b6c7	Scott Ullrich	<tr>
351	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Logout popup window"); ?></td>
352	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
353	5b237745	Scott Ullrich	<input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>
354	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable logout popup window"); ?></strong><br>
355			<?=gettext("If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs"); ?>.</td>
356	5b237745	Scott Ullrich	</tr>
357			<tr>
358	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Redirection URL"); ?></td>
359	5b237745	Scott Ullrich	<td class="vtable">
360	b5c78501	Seth Mos	<input name="redirurl" type="text" class="formfld url" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">
361	5b237745	Scott Ullrich	<br>
362	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried " .
363			"to access after they've authenticated"); ?>.</td>
364	5b237745	Scott Ullrich	</tr>
365			<tr>
366	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Concurrent user logins"); ?></td>
367	0bd34ed6	Scott Ullrich	<td class="vtable">
368			<input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked"; ?>>
369	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Disable concurrent logins"); ?></strong><br>
370			<?=gettext("If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected"); ?>.</td>
371	0bd34ed6	Scott Ullrich	</tr>
372			<tr>
373	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("MAC filtering"); ?> </td>
374	c980716e	Scott Ullrich	<td class="vtable">
375			<input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked"; ?>>
376	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Disable MAC filtering"); ?></strong><br>
377			<?=gettext("If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in." .
378			"This is required when the MAC address of the client cannot be determined (usually because there are routers between"); ?> <?php echo $g['product_name'] ?> <?=gettext("and the clients)"); ?>.
379			<?=gettext("If this is enabled, RADIUS MAC authentication cannot be used"); ?>.</td>
380	7e587bdb	Scott Ullrich	</tr>
381			<tr>
382	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Pass-through MAC Auto Entry"); ?></td>
383	6ce61a8f	Ermal	<td class="vtable">
384			<input name="passthrumacadd" type="checkbox" class="formfld" id="passthrumacadd" value="yes" <?php if ($pconfig['passthrumacadd']) echo "checked"; ?>>
385	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable Pass-through MAC automatic additions"); ?></strong><br>
386			<?=gettext("If this option is set, a MAC passthrough entry is automatically added after the user has successfully authenticated. Users of that MAC address will never have to authenticate again"); ?>.
387			<?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php">Pass-through MAC tab</a> <?=gettext("or send a POST from another system to remove it"); ?>.
388			<?=gettext("If this is enabled, RADIUS MAC authentication cannot be used. Also, the logout window will not be shown"); ?>.
389	1c291e64	Ermal	<br/><br/>
390			<input name="passthrumacaddusername" type="checkbox" class="formfld" id="passthrumacaddusername" value="yes" <?php if ($pconfig['passthrumacaddusername']) echo "checked"; ?>>
391	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable Pass-through MAC automatic addition with username"); ?></strong><br>
392			<?=gettext("If this option is set, with the automatically MAC passthrough entry created the username, used during authentication, will be saved"); ?>.
393			<?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("Pass-through MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it"); ?>.
394	1c291e64	Ermal	</td>
395	6ce61a8f	Ermal	</tr>
396			<tr>
397	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Per-user bandwidth restriction"); ?></td>
398	7e587bdb	Scott Ullrich	<td class="vtable">
399			<input name="peruserbw" type="checkbox" class="formfld" id="peruserbw" value="yes" <?php if ($pconfig['peruserbw']) echo "checked"; ?>>
400	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable per-user bandwidth restriction"); ?></strong><br><br>
401	7e587bdb	Scott Ullrich	<table cellpadding="0" cellspacing="0">
402			<tr>
403	6fde5a1e	Carlos Eduardo Ramos	<td><?=gettext("Default download"); ?></td>
404			<td><input type="text" class="formfld unknown" name="bwdefaultdn" id="bwdefaultdn" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultdn']);?>"> <?=gettext("Kbit/s"); ?></td>
405	7e587bdb	Scott Ullrich	</tr>
406			<tr>
407	6fde5a1e	Carlos Eduardo Ramos	<td><?=gettext("Default upload"); ?></td>
408			<td><input type="text" class="formfld unknown" name="bwdefaultup" id="bwdefaultup" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultup']);?>"> <?=gettext("Kbit/s"); ?></td>
409	7e587bdb	Scott Ullrich	</tr></table>
410			<br>
411	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth. RADIUS can override the default settings. Leave empty or set to 0 for no limit"); ?>. </td>
412	7e587bdb	Scott Ullrich	</tr>
413	a5c0b6c7	Scott Ullrich	<tr>
414	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?></td>
415	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
416	c980716e	Scott Ullrich	<table cellpadding="0" cellspacing="0">
417			<tr>
418	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onClick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked"; ?>>
419	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("No Authentication"); ?></td>
420	c980716e	Scott Ullrich	</tr>
421			<tr>
422	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked"; ?>>
423	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Local"); ?> <a href="system_usermanager.php"><?=gettext("User Manager"); ?></a></td>
424	c980716e	Scott Ullrich	</tr>
425			<tr>
426	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?>>
427	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("RADIUS Authentication"); ?></td>
428	c980716e	Scott Ullrich	</tr><tr>
429			<td> </td>
430			<td> </td>
431			</tr>
432			</table>
433	0bd34ed6	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0">
434	a5c0b6c7	Scott Ullrich	<tr>
435	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Primary RADIUS server"); ?></td>
436	0bd34ed6	Scott Ullrich	</tr>
437			<tr>
438	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
439	b5c78501	Seth Mos	<td class="vtable"><input name="radiusip" type="text" class="formfld unknown" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"><br>
440	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against"); ?>.</td>
441	0bd34ed6	Scott Ullrich	</tr>
442			<tr>
443	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
444	b5c78501	Seth Mos	<td class="vtable"><input name="radiusport" type="text" class="formfld unknown" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"><br>
445	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Leave this field blank to use the default port (1812)"); ?>.</td>
446	0bd34ed6	Scott Ullrich	</tr>
447			<tr>
448	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
449	b5c78501	Seth Mos	<td class="vtable"><input name="radiuskey" type="text" class="formfld unknown" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"><br>
450	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Leave this field blank to not use a RADIUS shared secret (not recommended)"); ?>.</td>
451	0bd34ed6	Scott Ullrich	</tr>
452	a5c0b6c7	Scott Ullrich	<tr>
453	0bd34ed6	Scott Ullrich	<td colspan="2" class="list" height="12"></td>
454			</tr>
455			<tr>
456	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Secondary RADIUS server"); ?></td>
457	0bd34ed6	Scott Ullrich	</tr>
458			<tr>
459	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
460	b5c78501	Seth Mos	<td class="vtable"><input name="radiusip2" type="text" class="formfld unknown" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>"><br>
461	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("If you have a second RADIUS server, you can activate it by entering its IP address here"); ?>.</td>
462	0bd34ed6	Scott Ullrich	</tr>
463			<tr>
464	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
465	b5c78501	Seth Mos	<td class="vtable"><input name="radiusport2" type="text" class="formfld unknown" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>"></td>
466	0bd34ed6	Scott Ullrich	</tr>
467			<tr>
468	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
469	b5c78501	Seth Mos	<td class="vtable"><input name="radiuskey2" type="text" class="formfld unknown" id="radiuskey2" size="16"
470			value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td>
471	0bd34ed6	Scott Ullrich	</tr>
472			<tr>
473			<td colspan="2" class="list" height="12"></td>
474			</tr>
475	856e58a6	Scott Ullrich	<tr>
476	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Accounting"); ?></td>
477	856e58a6	Scott Ullrich	</tr>
478			<tr>
479			<td class="vncell"> </td>
480			<td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked"; ?>>
481	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("send RADIUS accounting packets"); ?></strong><br>
482			<?=gettext("If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server"); ?>.</td>
483	856e58a6	Scott Ullrich	</tr>
484			<tr>
485	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Accounting port"); ?></td>
486	b5c78501	Seth Mos	<td class="vtable"><input name="radiusacctport" type="text" class="formfld unknown" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"><br>
487	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Leave blank to use the default port (1813)"); ?>.</td>
488	856e58a6	Scott Ullrich	</tr>
489			<tr>
490			<td colspan="2" class="list" height="12"></td>
491			</tr>
492			<tr>
493	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Reauthentication"); ?></td>
494	856e58a6	Scott Ullrich	</tr>
495			<tr>
496			<td class="vncell"> </td>
497			<td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onClick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked"; ?>>
498	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Reauthenticate connected users every minute"); ?></strong><br>
499			<?=gettext("If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is " .
500			"logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately"); ?>.</td>
501	856e58a6	Scott Ullrich	</tr>
502			<tr>
503	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Accounting updates"); ?></td>
504	856e58a6	Scott Ullrich	<td class="vtable">
505	6fde5a1e	Carlos Eduardo Ramos	<input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked"; ?>> <?=gettext("no accounting updates"); ?><br>
506			<input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked"; ?>> <?=gettext("stop/start accounting"); ?><br>
507			<input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked"; ?>> <?=gettext("interim update"); ?>
508	856e58a6	Scott Ullrich	</td>
509			</tr>
510			<tr>
511			<td colspan="2" class="list" height="12"></td>
512			</tr>
513	0bd34ed6	Scott Ullrich	<tr>
514	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("RADIUS MAC authentication"); ?></td>
515	0bd34ed6	Scott Ullrich	</tr>
516			<tr>
517			<td class="vncell"> </td>
518			<td class="vtable">
519	6fde5a1e	Carlos Eduardo Ramos	<input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onClick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked"; ?>><strong><?=gettext("Enable RADIUS MAC authentication"); ?></strong><br>
520			<?=gettext("If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password " .
521			"entered below to the RADIUS server"); ?>.</td>
522	0bd34ed6	Scott Ullrich	</tr>
523			<tr>
524	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell"><?=gettext("Shared secret"); ?></td>
525	b5c78501	Seth Mos	<td class="vtable"><input name="radmac_secret" type="text" class="formfld unknown" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>"></td>
526	0bd34ed6	Scott Ullrich	</tr>
527			<tr>
528			<td colspan="2" class="list" height="12"></td>
529			</tr>
530			<tr>
531	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("RADIUS options"); ?></td>
532	0bd34ed6	Scott Ullrich	</tr>
533	cf0542ac	Scott Ullrich
534	822b687b	Ermal	<tr>
535	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Radius ip attribute"); ?></td>
536	822b687b	Ermal	<td>
537			<select name="radiussrcip_attribute" id="radiussrcip_attribute">
538			<?php $iflist = get_configured_interface_with_descr();
539			foreach ($iflist as $ifdesc => $ifdescr) {
540			$ipaddr = get_interface_ip($ifdesc);
541			if (is_ipaddr($ipaddr)) {
542			$selected = "";
543			if ($ipaddr == $pconfig['radiussrcip_attribute'])
544			$ifdesc = "selected";
545			echo "<option value='{$ifdesc}' {$selected}>{$ifdescr} - {$ipaddr}</option>\n";
546			}
547			}
548	34e9ca60	Ermal	if (is_array($config['virtualip']['vip'])) {
549			foreach ($config['virtualip']['vip'] as $sn) {
550			if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") {
551			$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
552			$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
553			$len = $end - $start;
554
555			for ($i = 0; $i <= $len; $i++) {
556			$snip = long2ip32($start+$i);
557			echo "<option value='{$snip}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$snip}") . "></option>\n";
558			}
559			} else
560			echo "<option value='{$sn['subnet']}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$sn['subnet']}") . "></option>\n";
561			}
562			}
563	822b687b	Ermal	?>
564			</select><br/>
565	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Choose the ip to use for calling station attribute"); ?>.
566	822b687b	Ermal	</td>
567			</tr>
568
569	0bd34ed6	Scott Ullrich	<tr>
570	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Session-Timeout"); ?></td>
571			<td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong><?=gettext("Use RADIUS Session-Timeout attributes"); ?></strong><br>
572			<?=gettext("When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute"); ?>.</td>
573	0bd34ed6	Scott Ullrich	</tr>
574	cf0542ac	Scott Ullrich
575	0bd34ed6	Scott Ullrich	<tr>
576	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Type"); ?></td>
577	0bd34ed6	Scott Ullrich	<td class="vtable"><select name="radiusvendor" id="radiusvendor">
578	6fde5a1e	Carlos Eduardo Ramos	<option><?=gettext("default"); ?></option>
579	a5c0b6c7	Scott Ullrich	<?php
580	0bd34ed6	Scott Ullrich	$radiusvendors = array("cisco");
581			foreach ($radiusvendors as $radiusvendor){
582			if ($pconfig['radiusvendor'] == $radiusvendor)
583			echo "<option selected value=\"$radiusvendor\">$radiusvendor</option>\n";
584			else
585			echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n";
586			}
587			?></select><br>
588	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and " .
589			"the Called-Station-Id to the client's MAC address. Default behavior is Calling-Station-Id = client's MAC address and Called-Station-Id"); ?> = <?=$g['product_name']?>'s <?=gettext("WAN IP address"); ?>.</td>
590	0bd34ed6	Scott Ullrich	</tr>
591			</table>
592	5b237745	Scott Ullrich	</tr>
593	d11c1f93	sullrich	<tr>
594	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("MAC address format"); ?></td>
595	d11c1f93	sullrich	<td class="vtable">
596			<select name="radmac_format" id="radmac_format">
597	6fde5a1e	Carlos Eduardo Ramos	<option><?=gettext("default"); ?></option>
598	d11c1f93	sullrich	<?php
599	6fde5a1e	Carlos Eduardo Ramos	$macformats = array(gettext("singledash"),gettext("ietf"),gettext("cisco"),gettext("unformatted"));
600	d11c1f93	sullrich	foreach ($macformats as $macformat) {
601			if ($pconfig['radmac_format'] == $macformat)
602			echo "<option selected value=\"$macformat\">$macformat</option>\n";
603			else
604			echo "<option value=\"$macformat\">$macformat</option>\n";
605			}
606			?>
607			</select></br>
608	6fde5a1e	Carlos Eduardo Ramos	<?=getetxt("This option changes the MAC address format used in the whole RADIUS system. Change this if you also " .
609			"need to change the username format for RADIUS MAC authentication"); ?>.<br>
610			<?=gettext("default"); ?>: 00:11:22:33:44:55<br>
611			<?=gettext("singledash"); ?>: 001122-334455<br>
612			<?=gettext("ietf"); ?>: 00-11-22-33-44-55<br>
613			<?=gettext("cisco"); ?>: 0011.2233.4455<br>
614			<?=gettext("unformatted"); ?>: 001122334455
615	d11c1f93	sullrich	</tr>
616	5b237745	Scott Ullrich	<tr>
617	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS login"); ?></td>
618	5b237745	Scott Ullrich	<td class="vtable">
619	c980716e	Scott Ullrich	<input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>>
620	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable HTTPS login"); ?></strong><br>
621			<?=gettext("If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below"); ?>.</td>
622	5b237745	Scott Ullrich	</tr>
623			<tr>
624	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS server name"); ?> </td>
625	5b237745	Scott Ullrich	<td class="vtable">
626	b5c78501	Seth Mos	<input name="httpsname" type="text" class="formfld unknown" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>
627	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS and verify on the client that the IP resolves to the correct interface IP on"); ?> <?=$g['product_name']?>. </td>
628	5b237745	Scott Ullrich	</tr>
629			<tr>
630	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS certificate"); ?></td>
631	5b237745	Scott Ullrich	<td class="vtable">
632			<textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>
633			<br>
634	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Paste a signed certificate in X.509 PEM format here"); ?>.</td>
635	5b237745	Scott Ullrich	</tr>
636			<tr>
637	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS private key"); ?></td>
638	5b237745	Scott Ullrich	<td class="vtable">
639			<textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>
640			<br>
641	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Paste an RSA private key in PEM format here"); ?>.</td>
642	5b237745	Scott Ullrich	</tr>
643	c6e1b0f5	Ermal Lu?i	<tr>
644	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS intermediate certificate"); ?></td>
645	c6e1b0f5	Ermal Lu?i	<td class="vtable">
646			<textarea name="cacert" cols="65" rows="7" id="cacert" class="formpre"><?=htmlspecialchars($pconfig['cacert']);?></textarea>
647			<br>
648	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Paste a certificate in X.509 PEM format here"); ?>.</td>
649	c6e1b0f5	Ermal Lu?i	</tr>
650	a5c0b6c7	Scott Ullrich	<tr>
651	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Portal page contents"); ?></td>
652	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
653	b5c78501	Seth Mos	<?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile"><br>
654	16f5fe76	Scott Ullrich	<?php
655			list($host) = explode(":", $_SERVER['HTTP_HOST']);
656			if(isset($config['captiveportal']['httpslogin'])) {
657			$href = "https://$host:8001";
658			} else {
659			$href = "http://$host:8000";
660	a5c0b6c7	Scott Ullrich	}
661	16f5fe76	Scott Ullrich	?>
662	5b237745	Scott Ullrich	<?php if ($config['captiveportal']['page']['htmltext']): ?>
663	6fde5a1e	Carlos Eduardo Ramos	<a href="<?=$href?>" target="_new"><?=gettext("View current page"); ?></a>
664	5b237745	Scott Ullrich	<br>
665			<br>
666			<?php endif; ?>
667	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("Upload an HTML/PHP file for the portal page here (leave blank to keep the current one). Make sure to include a form (POST to"); ?> "$PORTAL_ACTION$")
668			<?=gettext("with a submit button"); ?> (name="accept") <?=gettext("and a hidden field with"); ?> name="redirurl" <?=gettext("and"); ?> value="$PORTAL_REDIRURL$".
669			<?=gettext("Include the"); ?> "auth_user" <?=gettext("and"); ?> "auth_pass" <?=gettext("and/or"); ?> "auth_voucher" <?=gettext("input fields if authentication is enabled, otherwise it will always fail"); ?>.
670			<?=gettext("Example code for the form"); ?>:<br>
671	5b237745	Scott Ullrich	<br>
672			<tt><form method="post" action="$PORTAL_ACTION$"><br>
673			<input name="auth_user" type="text"><br>
674			<input name="auth_pass" type="password"><br>
675	336e3c1c	Charlie	<input name="auth_voucher" type="text"><br>
676	5b237745	Scott Ullrich	<input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br>
677			<input name="accept" type="submit" value="Continue"><br>
678			</form></tt></td>
679			</tr>
680			<tr>
681	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?><br>
682			<?=gettext("error page"); ?><br>
683			<?=gettext("contents"); ?></td>
684	5b237745	Scott Ullrich	<td class="vtable">
685	b5c78501	Seth Mos	<input name="errfile" type="file" class="formfld file" id="errfile"><br>
686	5b237745	Scott Ullrich	<?php if ($config['captiveportal']['page']['errtext']): ?>
687	6fde5a1e	Carlos Eduardo Ramos	<a href="?act=viewerrhtml" target="_blank"><?=gettext("View current page"); ?></a>
688	5b237745	Scott Ullrich	<br>
689			<br>
690			<?php endif; ?>
691	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. " .
692			"You may include"); ?> "$PORTAL_MESSAGE$", <?=gettext("which will be replaced by the error or reply messages from the RADIUS server, if any"); ?>.</td>
693	5b87b24e	Ermal	</tr>
694			<tr>
695	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Logout"); ?><br>
696			<?=gettext("page"); ?><br>
697			<?=gettext("contents"); ?></td>
698	5b87b24e	Ermal	<td class="vtable">
699			<input name="logoutfile" type="file" class="formfld file" id="logoutfile"><br>
700			<?php if ($config['captiveportal']['page']['logouttext']): ?>
701	6fde5a1e	Carlos Eduardo Ramos	<a href="?act=viewlogouthtml" target="_blank"><?=gettext("View current page"); ?></a>
702	5b87b24e	Ermal	<br>
703			<br>
704			<?php endif; ?>
705	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. " .
706			"You may include"); ?> "$PORTAL_MESSAGE$", <?=gettext("which will be replaced by the error or reply messages from the RADIUS server, if any"); ?>.</td>
707	5b237745	Scott Ullrich	</tr>
708	a5c0b6c7	Scott Ullrich	<tr>
709	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
710	a5c0b6c7	Scott Ullrich	<td width="78%">
711	6fde5a1e	Carlos Eduardo Ramos	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onClick="enable_change(true)">
712	5b237745	Scott Ullrich	</td>
713			</tr>
714	a5c0b6c7	Scott Ullrich	<tr>
715	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
716	6fde5a1e	Carlos Eduardo Ramos	<td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note"); ?>:<br>
717			</strong></span><?=gettext("Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work"); ?>. </span></td>
718	5b237745	Scott Ullrich	</tr>
719			</table>
720			</td>
721			</tr>
722			</table>
723			</form>
724			<script language="JavaScript">
725			<!--
726			enable_change(false);
727			//-->
728			</script>
729			<?php include("fend.inc"); ?>
730	93588e1a	Scott Dale	</body>
731			</html>

Project

General

Profile

pfSense