Project

General

Profile

Download (20.1 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
	firewall_shaper_layer7.php
5
	Copyright (C) 2008 Helder Pereira, Andr? Ribeiro
6
	All rights reserved.
7

    
8
	Redistribution and use in source and binary forms, with or without
9
	modification, are permitted provided that the following conditions are met:
10

    
11
	1. Redistributions of source code must retain the above copyright notice,
12
	   this list of conditions and the following disclaimer.
13

    
14
	2. Redistributions in binary form must reproduce the above copyright
15
	   notice, this list of conditions and the following disclaimer in the
16
	   documentation and/or other materials provided with the distribution.
17

    
18
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
	POSSIBILITY OF SUCH DAMAGE.
28
*/
29
/*
30
	pfSense_BUILDER_BINARIES:	/usr/bin/killall
31
	pfSense_MODULE:	shaper
32
*/
33

    
34
##|+PRIV
35
##|*IDENT=page-firewall-trafficshaper-layer7
36
##|*NAME=Firewall: Traffic Shaper: Layer7 page
37
##|*DESCR=Allow access to the 'Firewall: Traffic Shaper: Layer7' page.
38
##|*MATCH=firewall_shaper_layer7.php*
39
##|-PRIV
40

    
41
require("guiconfig.inc");
42
require_once("functions.inc");
43
require_once("filter.inc");
44
require_once("shaper.inc");
45

    
46
// Variables protocols (dynamic) and structures (static)
47
$avail_protos =& generate_protocols_array();
48
$avail_structures = array("action","queue","limiter");
49

    
50
// Available behaviours
51
$avail_behaviours_action = array("block");
52
read_altq_config();
53
$avail_behaviours_altq = get_altq_name_list();
54
read_dummynet_config();
55
$avail_behaviours_limiter = get_dummynet_name_list();
56
$show_proto_form = false;
57

    
58
//More variables
59
$pgtitle = array(gettext("Firewall"),gettext("Traffic Shaper"), gettext("Layer7"));
60
$statusurl = "status_queues.php";
61

    
62
$output_form = "";
63

    
64
$default_layer7shaper_msg = "<tr><td colspan=\"4\">";
65
$default_layer7shaper_msg .= "<p><span class=\"vexpl\"><span class=\"red\"><strong>" . gettext("Note") . ":<br>";
66
$default_layer7shaper_msg .= "</strong></span>" . gettext("You can add new layer7 protocol patterns by simply uploading the file") . " <a href=\"diag_patterns.php\">" . gettext("here") . ".</a><br>";
67
$default_layer7shaper_msg .= "</td></tr>";
68

    
69

    
70
read_layer7_config();
71

    
72
if($_GET['reset'] <> "") {
73
	// kill all ipfw-classifyd processes
74
	mwexec("killall -9 ipfw-classifyd");
75
	exit;
76
}
77

    
78
if ($_GET) {
79
	if ($_GET['container'])
80
		$name = htmlspecialchars(trim($_GET['container']));
81
        if ($_GET['action'])
82
                $action = htmlspecialchars($_GET['action']);
83
}
84

    
85
if($_POST) {
86
	if ($_POST['container']) {
87
		$name = htmlspecialchars(trim($_POST['container']));
88
	}
89
}
90

    
91
if ($name) {
92
	//Get the object from the 7rules list
93
	$container = $layer7_rules_list[$name];
94
}
95

    
96
if ($_GET) {
97
	switch ($action) {
98
		case "add":
99
			$show_proto_form = true;
100
			$container = new layer7();
101
			$output_form .= $container->build_form(); //constructs the graphical interface on the right side
102
			unset($container);
103
			break;
104
		case "show":
105
			$show_proto_form = true;
106
			if($container) {
107
				$output_form .= $container->build_form();
108
			}
109
			else {
110
				$show_proto_form = false;
111
				$input_errors[] = gettext("Layer7 Rules Container not found!");
112
			}
113
			break;
114
		default:
115
			echo log_error("Get default");
116
			$show_proto_form = false;
117
			$output_form .= "<p class=\"pgtitle\">" . $dn_default_shaper_msg . $default_layer7shaper_msg . "</p>";
118
			break;
119
	}
120
}
121

    
122
//add a new l7rules container
123
else if ($_POST) {
124
	$show_proto_form = true;
125
	unset($input_errors);
126

    
127
	if($_POST['submit']) {
128
		if (isset($layer7_rules_list[$name])) {
129
			$l7r = $layer7_rules_list[$name];
130
			$_POST['divert_port'] = $l7r->GetRPort();
131
		} else {
132
			$l7r =& new layer7();
133
			$_POST['divert_port'] = $l7r->gen_divert_port();
134
		}
135
		for($i=0; $_POST['protocol'][$i] <> ""; $i++) {
136
			$_POST['l7rules'][$i]['protocol'] = $_POST['protocol'][$i];
137
			$_POST['l7rules'][$i]['structure'] = $_POST['structure'][$i];
138
			$_POST['l7rules'][$i]['behaviour'] = $_POST['behaviour'][$i];
139
		}
140
		$l7r->validate_input($_POST,&$input_errors);
141
		$l7r->ReadConfig($_POST['container'], $_POST);
142
		//Before writing the results, we need to test for repeated protocols
143
		$non_dupes = array();
144
		$dupes = array();
145
		for($j=0; $j<$i; $j++) {
146
			if(!$non_dupes[$_POST['protocol'][$j]])
147
				$non_dupes[$_POST['protocol'][$j]] = true;
148
			else
149
				$dupes[] = $_POST['protocol'][$j];
150
		}
151
		unset($non_dupes);
152
		if(sizeof($dupes) == 0 && !$input_errors) {
153
			$l7r->wconfig();
154
			write_config();
155
			mark_subsystem_dirty('shaper');
156

    
157
			read_layer7_config();
158
		}
159
		else {
160
			if(sizeof($dupes) > 0) {
161
				$dupe_error = gettext("Found the following repeated protocol definitions") . ": ";
162
				foreach($dupes as $dupe)
163
					$dupe_error .= "$dupe ";
164
				$input_errors[] .= $dupe_error;
165
			}
166
		}
167
		unset($dupes);
168
		unset($dupe_error);
169
		//Even if there are repeated protocols, we won't lose any previous values
170
		//The user will be able to solve the situation
171
		$output_form .= $l7r->build_form();
172
		//Necessary to correctly build the proto form
173
		$container = $layer7_rules_list[$name];
174
		if($input_errors)
175
			$container =& $l7r;
176
	} else if($_POST['apply']) {
177
		write_config();
178

    
179
		$retval = 0;
180
		$retval = filter_configure();
181
		$savemsg = get_std_save_message($retval);
182

    
183
		if(stristr($retval, "error") <> true)
184
			$savemsg = get_std_save_message($retval);
185
		else
186
			$savemsg = $retval;
187

    
188
		clear_subsystem_dirty('shaper');
189

    
190
		if($container) {
191
			$output_form .= $container->build_form();
192
		} else {
193
			$show_proto_form = false;
194
			$output_form .= "<p class=\"pgtitle\">" . $dn_default_shaper_msg . $default_layer7shaper_msg . "</p>";
195
		}
196
	} else if ($_POST['delete']) {
197
		$container->delete_l7c();
198
		write_config();
199
		mark_subsystem_dirty('shaper');
200
		unset($container);
201

    
202
		header("Location: firewall_shaper_layer7.php");
203
		exit;
204
	}
205
	else {
206
		$show_proto_form = false;
207
	}
208
}
209
else {
210
	$show_proto_form = false;
211
	$output_form .= "<p class=\"pgtitle\">" . $dn_default_shaper_msg . $default_layer7shaper_msg . "</p>";
212
}
213

    
214
// Builds the left tree
215
$tree = "<ul class=\"tree\" >";
216
if (is_array($layer7_rules_list)) {
217
        foreach ($layer7_rules_list as $tmpl7) {
218
                $tree .= $tmpl7->build_tree();
219
        }
220
}
221
$tree .= "</ul>";
222

    
223
$output = "<div id=\"shaperarea\" style=\"position:relative\">";
224
$output .= $output_form;
225

    
226
include("head.inc");
227
?>
228

    
229
<body link="#0000CC" vlink="#0000CC" alink="#0000CC" >
230
<link rel="stylesheet" type="text/css" media="all" href="./tree/tree.css" />
231
<script type="text/javascript" src="./tree/tree.js"></script>
232

    
233
<script language="javascript">
234

    
235
var initial_count = new Array();
236
var rows_limit = 0; // Set to 0 to disable limitation
237

    
238

    
239
/* Build the behaviours arrays in javascript */
240
var js_behaviours_action = ['block']; //static
241

    
242
var js_behaviours_altq = new Array();
243
js_behaviours_altq = array_altq(js_behaviours_altq);
244

    
245
var js_behaviours_limiter = new Array();
246
js_behaviours_limiter = array_limiter(js_behaviours_limiter);
247

    
248
function array_altq(a_behav) {
249
	var index;
250
	<?php if (!empty($avail_behaviours_altq)) {
251
	  foreach ($avail_behaviours_altq as $key => $queue) { ?>
252
	    name = "<?= $queue; ?>";
253
	    index = <?= $key; ?>;
254
	    a_behav[index] = name;
255
	<?php }
256
	} ?>
257
	return a_behav;
258
}
259

    
260
function array_limiter(a_behav) {
261
	var index;
262
	<?php if (!empty($avail_behaviours_limiter)) {
263
	  foreach ($avail_behaviours_limiter as $key => $limiter) { ?>
264
		name = "<?= $limiter; ?>";
265
		index = <?= $key; ?>;
266
		a_behav[index] = name;
267
	<?php }
268
	} ?>
269
	return a_behav;
270
}
271

    
272
/* Fill the variables with available protocols, structures and behaviours */
273
function fillProtocol() {
274
	var protocol = '<select name="protocol[]" id="protocol" style="font-size:8pt">';
275
	var name;
276

    
277
	<?php foreach ($avail_protos as $key => $proto) { ?>
278
		name = "<?= $proto; ?>";
279
		protocol += "<option value=" + name + ">" + name + "</option>";
280
	<?php } ?>
281
	protocol += "</select>";
282

    
283
	return protocol;
284
}
285

    
286
function fillStructure() {
287
	var structure = '<select name="structure[]" id="structure" style="font-size:8pt" onchange="changeBehaviourValues(this.parentNode.parentNode);">';
288
	var name;
289
	<?php foreach ($avail_structures as $key => $struct) { ?>
290
		name = "<?= $struct; ?>";
291
		if(name == "queue") {
292
		  if(js_behaviours_altq != "") { structure += "<option value=" + name + ">" + name + "</option>";}
293
		}
294
		else {
295
		  if(name == "limiter") {
296
		    if(js_behaviours_limiter != "") { structure += "<option value=" + name + ">" + name + "</option>";}
297
		  }
298
		  else structure += "<option value=" + name + ">" + name + "</option>"; //action
299
		}
300
	<?php } ?>
301
	structure += "</select>";
302

    
303
	return structure;
304
}
305

    
306
//Used by default to fill the values when inserting a new row.
307
function fillBehaviour() {
308
	var behaviour = '<select name="behaviour[]" id="behaviour" style="width:80px; font-size:8pt">';
309
	var name;
310
	<?php foreach ($avail_behaviours_action as $key => $behav) { ?>
311
		name = "<?= $behav; ?>";
312
		behaviour += "<option value=" + name + ">" + name + "</option>";
313
	<?php } ?>
314
	behaviour += "</select>";
315

    
316
	return behaviour;
317
}
318

    
319
/* Change the values on behaviours select when changing the structure row */
320
function changeBehaviourValues(row) {
321
	var selectedRow = row.rowIndex - 2; //because row.rowIndex returns 2, not 0
322
	var structureSelected = document.getElementsByName("structure[]")[selectedRow].value;
323

    
324
	//Select the behaviours values to array a_behav
325
	var a_behav = new Array();
326
	if (structureSelected == "action") {
327
		a_behav = js_behaviours_action; //static
328
	}
329
	else {
330
		if (structureSelected == "queue") {
331
			a_behav = js_behaviours_altq;
332
		}
333
		else {
334
			a_behav = js_behaviours_limiter;
335
		}
336
	}
337

    
338
	//Build the html statement with the array values previously selected
339
	var new_behav;
340
	var name;
341
	for(i=0; i<a_behav.length; i++) {
342
		new_behav += "<option value=" + a_behav[i] + ">" + a_behav[i] + "</option>";
343
	}
344

    
345
	document.getElementsByName("behaviour[]")[selectedRow].innerHTML = new_behav;
346
}
347

    
348
/* Add row to the table */
349
function addRow(table_id) {
350
  var tbl = document.getElementById(table_id);
351
  // counting rows in table
352
  var rows_count = tbl.rows.length;
353
  if (initial_count[table_id] == undefined) {
354
    // if it is first adding in this table setting initial rows count
355
    initial_count[table_id] = rows_count;
356
  }
357
  // determining real count of added fields
358
  var tFielsNum =  rows_count - initial_count[table_id];
359
  if (rows_limit!=0 && tFielsNum >= rows_limit) return false;
360

    
361
  var remove = '<a onclick="removeRow(\''+table_id+'\',this.parentNode.parentNode)" href="#"><img border="0" src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" /></a>';
362

    
363
  try {
364
    var newRow = tbl.insertRow(rows_count);
365
    var newCell = newRow.insertCell(0);
366
    newCell.innerHTML = fillProtocol();
367
    var newCell = newRow.insertCell(1);
368
    newCell.innerHTML = fillStructure();
369
    var newCell = newRow.insertCell(2);
370
    newCell.innerHTML = fillBehaviour();
371
    var newCell = newRow.insertCell(3);
372
    newCell.innerHTML = remove;
373
  }
374
  catch (ex) {
375
    //if exception occurs
376
    alert(ex);
377
  }
378
}
379

    
380
/* Remove row from the table */
381
function removeRow(tbl,row) {
382
  var table = document.getElementById(tbl);
383
  try {
384
    table.deleteRow(row.rowIndex);
385
  } catch (ex) {
386
    alert(ex);
387
  }
388
}
389
</script>
390

    
391
<?php
392
include("fbegin.inc");
393
?>
394
<div id="inputerrors"></div>
395
<?php if ($input_errors) print_input_errors($input_errors); ?>
396

    
397
<form action="firewall_shaper_layer7.php" method="post" id="iform" name="iform">
398

    
399
<?php if ($savemsg) print_info_box($savemsg); ?>
400
<?php if (is_subsystem_dirty('shaper')): ?><p>
401
<?php print_info_box_np(gettext("The traffic shaper configuration has been changed")  .  ".<br>" . gettext("You must apply the changes in order for them to take effect."));?><br>
402
<?php endif; ?>
403
<table width="100%" border="0" cellpadding="0" cellspacing="0">
404
  <tr><td>
405
<?php
406
	$tab_array = array();
407
	$tab_array[0] = array(gettext("By Interface"), false, "firewall_shaper.php");
408
	$tab_array[1] = array(gettext("By Queue"), false, "firewall_shaper_queues.php");
409
	$tab_array[2] = array(gettext("Limiter"), false, "firewall_shaper_vinterface.php");
410
	$tab_array[3] = array(gettext("Layer7"), true, "firewall_shaper_layer7.php");
411
	$tab_array[4] = array(gettext("Wizards"), false, "firewall_shaper_wizards.php");
412
	display_top_tabs($tab_array);
413
?>
414
  </td></tr>
415
  <tr>
416
    <td>
417
	<div id="mainarea">
418
              <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
419

    
420
		<?php if (count($layer7_rules_list) > 0): ?>
421
                        <tr class="tabcont"><td width="25%" align="left">
422
                        </td><td width="75%"> </td></tr>
423

    
424
		<?php endif; ?>
425
			<tr>
426
			<td width="25%" valign="top" algin="left">
427
			<?php
428
				echo $tree;
429
			?>
430
			<br/><br/>
431
			<a href="firewall_shaper_layer7.php?action=add">
432
			<img src="./themes/<?=$g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("Create new l7 rules group"); ?>" width="17" height="17" border="0">  <?=gettext("Create new l7 rules group"); ?>
433
			</a><br/>
434
			</td>
435
			<td width="75%" valign="top" align="center">
436
			<table>
437
			<?
438
				echo $output;
439
			?>
440

    
441
			<!-- Layer 7 rules form -->
442
			<?php if($show_proto_form): ?>
443
			<td width = "22%" valign = "top" class = "vncellreq">
444
                                <div id = "addressnetworkport">
445
                                        <?=gettext("Rule(s)"); ?>
446
                                </div>
447
                        </td>
448

    
449
                        <td width = "78%" class = "vtable">
450
                                <table width="236" id = "maintable">
451
					<tbody>
452

    
453
						<tr>
454
                                                        <td colspan = "4">
455
                                                            <div style = "font-size: 8pt; padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066;"
456
                                                                id = "itemhelp">
457
                                                                <?=gettext("Add one or more rules"); ?>
458
                                                            </div>
459
                                                        </td>
460
                                                </tr>
461

    
462
                                                <tr>
463
                                                        <td>
464
                                                            <div style = "font-size: 8pt; padding:5px;"
465
                                                                id = "onecolumn">
466
                                                                <?=gettext("Protocol"); ?>
467
                                                            </div>
468
                                                        </td>
469

    
470
                                                        <td>
471
                                                            <div style = "font-size: 8pt; padding:5px;"
472
                                                                id = "twocolumn">
473
                                                                <?=gettext("Structure"); ?>
474
                                                            </div>
475
                                                        </td>
476

    
477
                                                        <td>
478
                                                            <div style = "font-size: 8pt; padding:5px;"
479
                                                                id = "threecolumn">
480
                                                                <?=gettext("Behaviour"); ?>
481
                                                            </div>
482
                                                        </td>
483
                                                </tr>
484
                                                <!-- PHP Code to generate the existing rules -->
485
						<?php
486
						if($container) {
487
							foreach($container->rsets as $l7rule) {
488
						?>
489
						<tr>
490
							<td>
491
							<select name="protocol[]" class="formselect" id="protocol" style="font-size:8pt">
492
							<?php foreach($avail_protos as $proto): ?>
493
							<option value="<?=$proto;?>" <?php if ($proto == $l7rule->GetRProtocol()) echo "selected"; ?>><?=$proto;?></option>
494
							<?php endforeach; ?>
495
							</select>
496
						</td>
497
						<td>
498
							<select name="structure[]" class="formselect" id="structure" style="font-size:8pt" onchange="changeBehaviourValues(this.parentNode.parentNode);">
499
							<?php foreach($avail_structures as $struct) {
500
							  if($struct == "queue") {
501
							    if(!empty($avail_behaviours_altq)) { ?>
502
							      <option value="<?=$struct ?>" <?php if ($struct == $l7rule->GetRStructure()) echo "selected"; ?>><?=$struct;?></option>
503
							    <?php }
504
							  }
505
							  else {
506
							    if($struct == "limiter") {
507
								if(!empty($avail_behaviours_limiter)) { ?>
508
								  <option value="<?=$struct ?>" <?php if ($struct == $l7rule->GetRStructure()) echo "selected"; ?>><?=$struct;?></option>
509
								<?php }
510
							    }
511
							    else {
512
							      if($struct == "action") { ?>
513
								  <option value="<?=$struct ?>" <?php if ($struct == $l7rule->GetRStructure()) echo "selected"; ?>><?=$struct;?></option>
514
							      <?php }
515
							    }
516
							  }
517
							} ?>
518
							</select>
519
						</td>
520
						<td>
521
							<select name="behaviour[]" class="formselect" id="behaviour" style="width:80px; font-size:8pt">
522
							<?php if($l7rule->GetRStructure() == "action"): ?>
523
								<?php foreach($avail_behaviours_action as $behaviour): ?>
524
								<option value="<?=$behaviour ?>" <?php if ($behaviour == $l7rule->GetRBehaviour()) echo "selected"; ?>><?=$behaviour;?></option>
525
								<?php endforeach; ?>
526
								</select>
527
							<?php endif; ?>
528
							<?php if($l7rule->GetRStructure() == "queue"): ?>
529
								<?php foreach($avail_behaviours_altq as $behaviour): ?>
530
								<option value="<?=$behaviour ?>" <?php if ($behaviour == $l7rule->GetRBehaviour()) echo "selected"; ?>><?=$behaviour;?></option>
531
								<?php endforeach; ?>
532
								</select>
533
							<?php endif; ?>
534
							<?php if($l7rule->GetRStructure() == "limiter"): ?>
535
								<?php foreach($avail_behaviours_limiter as $behaviour): ?>
536
								<option value="<?=$behaviour ?>" <?php if ($behaviour == $l7rule->GetRBehaviour()) echo "selected"; ?>><?=$behaviour;?></option>
537
								<?php endforeach; ?>
538
								</select>
539
							<?php endif; ?>
540
						</td>
541
						<td>
542
							<a onclick="removeRow('maintable',this.parentNode.parentNode); return false;" href="#"><img border="0" src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" /></a>
543
						</td>
544
						</tr>
545

    
546
						<?php
547
							} //end foreach
548
						} //end if
549
						?>
550
                                        </tbody>
551

    
552
                                        <tfoot>
553
                                        </tfoot>
554
                                </table>
555

    
556
                                        <a onclick = "javascript:addRow('maintable'); return false;" href="#"> <img border = "0"
557
                                                src = "/themes/<?=$g['theme']; ?>/images/icons/icon_plus.gif"
558
                                                alt = "" title = "<?=gettext("add another entry"); ?>" /> </a>
559
                        </td>
560
			</tr>
561

    
562
                        <tr>
563
                        <td width = "22%" valign = "top">
564
                                &nbsp;
565
                        </td>
566

    
567
                        <td width = "78%">
568
                                <input id = "submit"
569
                                name = "submit" type = "submit" class = "formbtn" value = "<?=gettext("Save"); ?>" />
570

    
571
				<a href= "firewall_shaper_layer7.php">
572
                                <input id = "cancelbutton"
573
                                name = "cancelbutton" type = "button" class = "formbtn" value = "<?=gettext("Cancel"); ?>" /></a>
574

    
575
				<?php if($container): ?>
576
						<input id = "delete" type="submit" class="formbtn" name="delete" value="<?=gettext("Delete"); ?>"></a>
577
				<?php endif ?>
578
                        </td>
579
                        </tr>
580
			<?php endif; ?>
581
			<!-- End of layer7 rules form -->
582
			</table>
583

    
584
		      </td></tr>
585
                    </table>
586
		</div>
587
	  </td>
588
	</tr>
589
</table>
590
</form>
591

    
592
<?php include("fend.inc");
593
?>
594
</body>
595
</html>
(64-64/224)