Project

General

Profile

Download (20.9 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
	guiconfig.inc
5
	by Scott Ullrich, Copyright 2004, All rights reserved.
6
	originally based on of m0n0wall (http://m0n0.ch/wall)
7

    
8
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
9
	All rights reserved.
10

    
11
	Redistribution and use in source and binary forms, with or without
12
	modification, are permitted provided that the following conditions are met:
13

    
14
	1. Redistributions of source code must retain the above copyright notice,
15
	   this list of conditions and the following disclaimer.
16

    
17
	2. Redistributions in binary form must reproduce the above copyright
18
	   notice, this list of conditions and the following disclaimer in the
19
	   documentation and/or other materials provided with the distribution.
20

    
21
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
22
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
23
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
25
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30
	POSSIBILITY OF SUCH DAMAGE.
31
*/
32

    
33
/* make sure nothing is cached */
34
if (!$omit_nocacheheaders) {
35
	header("Expires: 0");
36
	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
37
	header("Cache-Control: no-store, no-cache, must-revalidate");
38
	header("Cache-Control: post-check=0, pre-check=0", false);
39
	header("Pragma: no-cache");
40
}
41

    
42
/* Include authentication routines */
43
/* THIS MUST BE ABOVE ALL OTHER CODE */
44
require_once("authgui.inc");
45

    
46
/* parse the configuration and include all configuration functions */
47
require_once("config.inc");
48
require_once("functions.inc");
49

    
50
/*
51
 *   if user has selected a custom template, use it.
52
 *   otherwise default to pfsense tempalte
53
 */
54
if($config['theme'] <> "")
55
        $g['theme'] = $config['theme'];
56
else
57
        $g['theme'] = "pfsense";
58

    
59
$d_landirty_path = $g['varrun_path'] . "/lan.conf.dirty";
60
$d_pppoeuserdirty_path = $g['varrun_path'] . "/vpn-pppoe-users-edit.dirty";
61
$d_hostsdirty_path = $g['varrun_path'] . "/hosts.dirty";
62
$d_natconfdirty_path = $g['varrun_path'] . "/nat.conf.dirty";
63
$d_filterconfdirty_path = $g['varrun_path'] . "/filter.conf.dirty";
64
$d_ipsecconfdirty_path = $g['varrun_path'] . "/ipsec.conf.dirty";
65
$d_shaperconfdirty_path = $g['varrun_path'] . "/shaper.conf.dirty";
66
$d_pptpuserdirty_path = $g['varrun_path'] . "/pptpd.user.dirty";
67
$d_dnsmasqdirty_path = $g['varrun_path'] . "/dnsmasq.dirty";
68
$d_staticmapsdirty_path = $g['varrun_path'] . "/staticmaps.dirty";
69
$d_staticroutesdirty_path = $g['varrun_path'] . "/staticroutes.dirty";
70
$d_aliasesdirty_path = $g['varrun_path'] . "/aliases.dirty";
71
$d_proxyarpdirty_path = $g['varrun_path'] . "/proxyarp.dirty";
72
$d_fwupenabled_path = $g['varrun_path'] . "/fwup.enabled";
73
$d_firmwarelock_path = $g['varrun_path'] . "/firmware.lock";
74
$d_sysrebootreqd_path = $g['varrun_path'] . "/sysreboot.reqd";
75
$d_passthrumacsdirty_path = $g['varrun_path'] . "/passthrumacs.dirty";
76
$d_allowedipsdirty_path = $g['varrun_path'] . "/allowedips.dirty";
77
$d_ovpnclidirty_path = $g['varrun_path'] . "/ovpnclient.dirty";
78
$d_vipconfdirty_path = $g['varrun_path'] . "/vip.conf.dirty";
79
$d_vsconfdirty_path = $g['varrun_path'] . "/vs.conf.dirty";
80
$d_shaperconfdirty_path = $g['varrun_path'] . "/shaper.conf.dirty";
81

    
82
/* OpenVPN Directories */
83
$d_ovpnsrvdirty_path = "/tmp/ovpn-srv.dirty";
84
$d_ovpncrldirty_path = "/tmp/ovpn-crl.dirty";
85
$d_ovpnclidirty_path = "/tmp/ovpn-cli.dirty";
86
/* used by progress bar */
87
$lastseen = "-1";
88

    
89
if (file_exists($d_firmwarelock_path)) {
90
	if (!$d_isfwfile) {
91
		header("Location: system_firmware.php");
92
		exit;
93
	} else {
94
		return;
95
	}
96
}
97

    
98
/* some well knows ports */
99
$wkports = array(3389 => "MS RDP",
100
	21 => "FTP",
101
	22 => "SSH",
102
	23 => "Telnet",
103
	25 => "SMTP",
104
	53 => "DNS",
105
	69 => "TFTP",
106
	80 => "HTTP",
107
	110 => "POP3",
108
	113 => "IDENT/AUTH",
109
	119 => "NNTP",
110
	123 => "NTP",
111
	137 => "NetBIOS-NS",
112
	143 => "IMAP",
113
	161 => "SNMP",
114
	162 => "SNMP-Trap",
115
	389 => "LDAP",
116
	443 => "HTTPS",
117
	465 => "SMTP/S",
118
	500 => "isakmp",
119
	514 => "Syslog",
120
	993 => "IMAP/S",
121
	995 => "POP3/S",
122
	1194 => "OpenVPN",
123
	1512 => "MS WINS",
124
	1701 => "L2TP",
125
	1723 => "PPTP",
126
	1812 => "Radius",
127
	1813 => "Radius-accounting",
128
	3000 => "HBCI",
129
	4500 => "IPSec NAT-T",
130
	5190 => "ICQ",
131
	5900 => "VNC",
132
	5999 => "CVSup");
133

    
134
$specialnets = array("wanip" => "WAN address", "lanip" => "LAN address", "lan" => "LAN net", "pptp" => "PPTP clients");
135

    
136
for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
137
	$specialnets['opt' . $i] = $config['interfaces']['opt' . $i]['descr'] . " net";
138
}
139

    
140
$medias = array("auto" => "autoselect", "100full" => "100BASE-TX full-duplex",
141
	"100half" => "100BASE-TX half-duplex", "10full" => "10BASE-T full-duplex",
142
	"10half" => "10BASE-T half-duplex");
143

    
144
/* platforms that support firmware updating */
145
$fwupplatforms = array('pfSense', 'net45xx', 'net48xx', 'generic-pc', 'embedded', 'wrap');
146

    
147
/* IPsec defines */
148
$my_identifier_list = array('myaddress' => 'My IP address',
149
				'address' => 'IP address',
150
				'fqdn' => 'Domain name',
151
				'user_fqdn' => 'User FQDN',
152
				'dyn_dns' => 'Dynamic DNS');
153

    
154
$p1_ealgos = array('des' => 'DES', '3des' => '3DES', 'blowfish' => 'Blowfish',
155
		'cast128' => 'CAST128','rijndael' => 'Rijndael (AES)', 'rijndael 256' => 'Rijndael 256');
156
$p2_ealgos = array('des' => 'DES', '3des' => '3DES', 'blowfish' => 'Blowfish',
157
		'cast128' => 'CAST128', 'rijndael' => 'Rijndael (AES)', 'rijndael 256' => 'Rijndael 256');
158

    
159
$p1_halgos = array('sha1' => 'SHA1', 'md5' => 'MD5');
160
$p1_authentication_methods = array('pre_shared_key' => 'Pre-shared key', 'rsasig' => 'RSA signature');
161
$p2_halgos = array('hmac_sha1' => 'SHA1', 'hmac_md5' => 'MD5');
162
$p2_protos = array('esp' => 'ESP', 'ah' => 'AH');
163
$p2_pfskeygroups = array('0' => 'off', '1' => '1', '2' => '2', '5' => '5');
164

    
165
function do_input_validation($postdata, $reqdfields, $reqdfieldsn, $input_errors) {
166

    
167
	/* check for bad control characters */
168
	foreach ($postdata as $pn => $pd) {
169
		if (is_string($pd) && preg_match("/[\\x00-\\x08\\x0b\\x0c\\x0e-\\x1f]/", $pd)) {
170
			$input_errors[] = "The field '" . $pn . "' contains invalid characters.";
171
		}
172
	}
173

    
174
	for ($i = 0; $i < count($reqdfields); $i++) {
175
		if ($_POST[$reqdfields[$i]] == "") {
176
			$input_errors[] = "The field '" . $reqdfieldsn[$i] . "' is required.";
177
		}
178
	}
179
}
180

    
181
function print_input_errors($input_errors) {
182
	global $g;
183
	echo "<p><table border=\"0\" cellspacing=\"0\" cellpadding=\"4\" width=\"100%\">\n";
184
	echo "<tr><td bgcolor=\"#990000\" width=\"36\" align=\"center\" valign=\"top\"><img src=\"./themes/".$g['theme']."/images/icons/icon_error.gif\" width=\"28\" height=\"32\"></td>\n";
185
	echo "<td bgcolor=\"#FFD9D1\" style=\"padding-left: 8px; padding-top: 6px\">";
186

    
187
	echo "<span class=\"errmsg\"><p>The following input errors were detected:<ul>\n";
188
	foreach ($input_errors as $ierr) {
189
		echo "<li>" . htmlspecialchars($ierr) . "</li>\n";
190
	}
191
	echo "</ul></span>";
192

    
193
	echo "</td></tr></table></p>&nbsp;<br>";
194
}
195

    
196
function exec_rc_script($scriptname) {
197

    
198
	global $d_sysrebootreqd_path;
199

    
200
	$execoutput = "";
201
	$retval = "";
202
	exec($scriptname . " >/dev/null 2>&1", $execoutput, $retval);
203
	return $retval;
204
}
205

    
206
function exec_rc_script_async($scriptname) {
207

    
208
	global $d_sysrebootreqd_path;
209
	$execoutput = "";
210
	$retval = "";
211

    
212
	exec("nohup " . $scriptname . " >/dev/null 2>&1 &", $execoutput, $retval);
213
	return $retval;
214
}
215

    
216
function verify_gzip_file($fname) {
217

    
218
    $returnvar = mwexec("/usr/bin/gzip -t " . escapeshellarg($fname));
219
	if ($returnvar != 0)
220
		return 0;
221
	else
222
		return 1;
223
}
224

    
225
function print_info_box_np($msg) {
226
	global $g;
227
	echo "<table height=\"32\" width=\"100%\">\n";
228
	echo "  <tr>\n";
229
	echo "   <td>\n";
230
	echo "      <div style='background-color:#990000' id='redbox'>\n";
231
	echo "       <table width='100%'><tr><td width='8%'>\n";
232
	echo "        &nbsp;&nbsp;&nbsp;<img style='vertical-align:middle' src=\"/themes/".$g['theme']."/images/icons/icon_exclam.gif\" width=\"28\" height=\"32\">\n";
233
	echo "        </td>\n";
234
	echo "        <td width='70%'><font color='white'><b>{$msg}</b></font>\n";
235
	echo "        </td>";
236
	if(stristr($msg, "apply") == true) {
237
		echo "         <td>";
238
		echo "           <input name=\"apply\" type=\"submit\" class=\"formbtn\" id=\"apply\" value=\"Apply changes\">\n";
239
		echo "         </td>";
240
	}
241
	echo "        </tr></table>\n";
242
	echo "       </div>\n";
243
	echo "    </td>\n";
244
	echo "</table>\n";
245
	echo "<script type=\"text/javascript\">\n";
246
	echo "NiftyCheck();\n";
247
	echo "Rounded(\"div#redbox\",\"all\",\"#FFF\",\"#990000\",\"smooth\");\n";
248
	echo "Rounded(\"td#blackbox\",\"all\",\"#FFF\",\"#000000\",\"smooth\");\n";
249
	echo "</script>\n";
250
	echo "\n<br>\n";
251
}
252

    
253
function print_info_box($msg) {
254
	echo "<p>";
255
	print_info_box_np($msg);
256
	echo "</p>";
257
}
258

    
259
function format_bytes($bytes) {
260
	if ($bytes >= 1073741824) {
261
		return sprintf("%.2f GB", $bytes/1073741824);
262
	} else if ($bytes >= 1048576) {
263
		return sprintf("%.2f MB", $bytes/1048576);
264
	} else if ($bytes >= 1024) {
265
		return sprintf("%.0f KB", $bytes/1024);
266
	} else {
267
		return sprintf("%d bytes", $bytes);
268
	}
269
}
270

    
271
function get_std_save_message($ok) {
272
	global $d_sysrebootreqd_path;
273

    
274
	return "The changes have been applied successfully.  You can also <a href='status_filter_reload.php'>monitor</a> the filter reload progress.";
275
}
276

    
277
function pprint_address($adr) {
278
	global $specialnets;
279

    
280
	if (isset($adr['any'])) {
281
		$padr = "*";
282
	} else if ($adr['network']) {
283
		if (preg_match("/opt[0-999]ip/", $adr['network'])) {
284
			$padr = "Interface IP address";
285
		} else {
286
			$padr = $specialnets[$adr['network']];
287
		}
288
	} else {
289
		$padr = $adr['address'];
290
	}
291

    
292
	if (isset($adr['not']))
293
		$padr = "! " . $padr;
294

    
295
	return $padr;
296
}
297

    
298
function pprint_port($port) {
299
	global $wkports;
300

    
301
	$pport = "";
302

    
303
	if (!$port)
304
		return "*";
305
	else {
306
		$srcport = explode("-", $port);
307
		if ((!$srcport[1]) || ($srcport[0] == $srcport[1])) {
308
			$pport = $srcport[0];
309
			if ($wkports[$srcport[0]]) {
310
				$pport .= " (" . $wkports[$srcport[0]] . ")";
311
			}
312
		} else
313
			$pport .= $srcport[0] . " - " . $srcport[1];
314
	}
315

    
316
	return $pport;
317
}
318

    
319
function captiveportal_users_sort() {
320
	global $g, $config;
321

    
322
	function cpusercmp($a, $b) {
323
		return strcasecmp($a['name'], $b['name']);
324
	}
325

    
326
	usort($config['captiveportal']['user'], "cpusercmp");
327
}
328

    
329
function admin_groups_sort() {
330
	global $g, $config;
331

    
332
	function cpusercmp($a, $b) {
333
		return strcasecmp($a['name'], $b['name']);
334
	}
335

    
336
	usort($config['system']['group'], "cpusercmp");
337
}
338

    
339
function admin_users_sort() {
340
	global $g, $config;
341

    
342
	function cpusercmp($a, $b) {
343
		return strcasecmp($a['name'], $b['name']);
344
	}
345

    
346
	usort($config['system']['user'], "cpusercmp");
347
}
348

    
349
/* sort by interface only, retain the original order of rules that apply to
350
   the same interface */
351
function filter_rules_sort() {
352
	global $config;
353

    
354
	/* mark each rule with the sequence number (to retain the order while sorting) */
355
	for ($i = 0; isset($config['filter']['rule'][$i]); $i++)
356
		$config['filter']['rule'][$i]['seq'] = $i;
357

    
358
	function filtercmp($a, $b) {
359
		if ($a['interface'] == $b['interface'])
360
			return $a['seq'] - $b['seq'];
361
		else
362
			return -strcmp($a['interface'], $b['interface']);
363
	}
364

    
365
	usort($config['filter']['rule'], "filtercmp");
366

    
367
	/* strip the sequence numbers again */
368
	for ($i = 0; isset($config['filter']['rule'][$i]); $i++)
369
		unset($config['filter']['rule'][$i]['seq']);
370
}
371

    
372
function nat_rules_sort() {
373
	global $config;
374

    
375
	function natcmp($a, $b) {
376
		if ($a['external-address'] == $b['external-address']) {
377
			if ($a['protocol'] == $b['protocol']) {
378
				if ($a['external-port'] == $b['external-port']) {
379
					return 0;
380
				} else {
381
					return ($a['external-port'] - $b['external-port']);
382
				}
383
			} else {
384
				return strcmp($a['protocol'], $b['protocol']);
385
			}
386
		} else if (!$a['external-address'])
387
			return 1;
388
		else if (!$b['external-address'])
389
			return -1;
390
		else
391
			return ipcmp($a['external-address'], $b['external-address']);
392
	}
393

    
394
	usort($config['nat']['rule'], "natcmp");
395
}
396

    
397
function nat_1to1_rules_sort() {
398
	global $g, $config;
399

    
400
	function nat1to1cmp($a, $b) {
401
		return ipcmp($a['external'], $b['external']);
402
	}
403

    
404
	usort($config['nat']['onetoone'], "nat1to1cmp");
405
}
406

    
407
function nat_server_rules_sort() {
408
	global $g, $config;
409

    
410
	function natservercmp($a, $b) {
411
		return ipcmp($a['ipaddr'], $b['ipaddr']);
412
	}
413

    
414
	usort($config['nat']['servernat'], "natservercmp");
415
}
416

    
417
function nat_out_rules_sort() {
418
	global $g, $config;
419

    
420
	function natoutcmp($a, $b) {
421
		return strcmp($a['source']['network'], $b['source']['network']);
422
	}
423

    
424
	usort($config['nat']['advancedoutbound']['rule'], "natoutcmp");
425
}
426

    
427
function pptpd_users_sort() {
428
	global $g, $config;
429

    
430
	function usercmp($a, $b) {
431
		return strcasecmp($a['name'], $b['name']);
432
	}
433

    
434
	usort($config['pptpd']['user'], "usercmp");
435
}
436

    
437
function pppoe_users_sort() {
438
	global $g, $config;
439

    
440
	function usercmp($a, $b) {
441
		return strcasecmp($a['name'], $b['name']);
442
	}
443

    
444
	usort($config['pppoe']['user'], "usercmp");
445
}
446

    
447
function staticroutes_sort() {
448
	global $g, $config;
449

    
450
	function staticroutecmp($a, $b) {
451
		return strcmp($a['network'], $b['network']);
452
	}
453

    
454
	usort($config['staticroutes']['route'], "staticroutecmp");
455
}
456

    
457
function hosts_sort() {
458
	global $g, $config;
459

    
460
	function hostcmp($a, $b) {
461
		return strcasecmp($a['host'], $b['host']);
462
	}
463

    
464
	usort($config['dnsmasq']['hosts'], "hostcmp");
465
}
466

    
467
function staticmaps_sort($if) {
468
	global $g, $config;
469

    
470
	function staticmapcmp($a, $b) {
471
		return ipcmp($a['ipaddr'], $b['ipaddr']);
472
	}
473

    
474
	usort($config['dhcpd'][$if]['staticmap'], "staticmapcmp");
475
}
476

    
477
function aliases_sort() {
478
	global $g, $config;
479

    
480
	function aliascmp($a, $b) {
481
		return strcmp($a['name'], $b['name']);
482
	}
483

    
484
	usort($config['aliases']['alias'], "aliascmp");
485
}
486

    
487
function schedule_sort(){
488
	global $g, $config;
489

    
490
	function schedulecmp($a, $b) {
491
		return strcmp($a['name'], $b['name']);
492
	}
493

    
494
	usort($config['schedules']['schedule'], "schedulecmp");
495

    
496
}
497

    
498
function ipsec_mobilekey_sort() {
499
	global $g, $config;
500

    
501
	function mobilekeycmp($a, $b) {
502
		return strcmp($a['ident'][0], $b['ident'][0]);
503
	}
504

    
505
	usort($config['ipsec']['mobilekey'], "mobilekeycmp");
506
}
507

    
508
function proxyarp_sort() {
509
	global $g, $config;
510

    
511
	function proxyarpcmp($a, $b) {
512
		if (isset($a['network']))
513
			list($ast,$asn) = explode("/", $a['network']);
514
		else if (isset($a['range'])) {
515
			$ast = $a['range']['from'];
516
			$asn = 32;
517
		}
518
		if (isset($b['network']))
519
			list($bst,$bsn) = explode("/", $b['network']);
520
		else if (isset($b['range'])) {
521
			$bst = $b['range']['from'];
522
			$bsn = 32;
523
		}
524
		if (ipcmp($ast, $bst) == 0)
525
			return ($asn - $bsn);
526
		else
527
			return ipcmp($ast, $bst);
528
	}
529

    
530
	usort($config['proxyarp']['proxyarpnet'], "proxyarpcmp");
531
}
532

    
533
function passthrumacs_sort() {
534
	global $g, $config;
535

    
536
	function passthrumacscmp($a, $b) {
537
		return strcmp($a['mac'], $b['mac']);
538
	}
539

    
540
	usort($config['captiveportal']['passthrumac'],"passthrumacscmp");
541
}
542

    
543
function cpelements_sort() {
544
	global $g, $config;
545

    
546
	function cpelementscmp($a, $b) {
547
		return strcasecmp($a['name'], $b['name']);
548
	}
549

    
550
	usort($config['captiveportal']['element'],"cpelementscmp");
551
}
552

    
553
function allowedips_sort() {
554
	global $g, $config;
555

    
556
	function allowedipscmp($a, $b) {
557
		return strcmp($a['ip'], $b['ip']);
558
	}
559

    
560
	usort($config['captiveportal']['allowedip'],"allowedipscmp");
561
}
562

    
563
function wol_sort() {
564
	global $g, $config;
565

    
566
	function wolcmp($a, $b) {
567
		return strcmp($a['descr'], $b['descr']);
568
	}
569

    
570
	usort($config['wol']['wolentry'], "wolcmp");
571
}
572

    
573
function sort_rule_by_queue_priority() {
574
	global $g, $config;
575
	global $queues;
576

    
577
	function rqpcmp($a, $b) {
578
		global $queues;
579

    
580
		$ra = $queues[$a['outqueue']];
581
		$rb = $queues[$b['outqueue']];
582

    
583
		if ($ra == $rb)
584
			return 0;
585
		/* reverse sort - we want higher priority first */
586
		return ($ra < $rb) ? 1 : -1;
587
	}
588

    
589
	foreach($config['shaper']['queue'] as $q) {
590
		$queues[$q['name']] = $q['priority'];
591
	}
592

    
593
	usort($config['shaper']['rule'], "rqpcmp");
594
}
595
function gentitle($pgname) {
596
	global $config;
597
	return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pgname;
598
}
599

    
600
/* update the changedesc and changecount(er) variables */
601
function update_changedesc($update) {
602
	global $changedesc;
603
	global $changecount;
604

    
605
	$changedesc .= " {$update}";
606
	$changecount++;
607
}
608

    
609
function dump_clog($logfile, $tail, $withorig = true, $grepfor = "", $grepinvert = "") {
610
	global $g, $config;
611
    $sor = isset($config['syslog']['reverse']) ? "-r" : "";
612
    $logarr = "";
613
	$grepline = "  ";
614
	if(is_array($grepfor))
615
		foreach($grepfor as $agrep)
616
			$grepline .= " | grep \"$agrep\"";
617
	if(is_array($grepinvert))
618
		foreach($grepinvert as $agrep)
619
			$grepline .= " | grep -v \"$agrep\"";
620
	exec("/usr/sbin/clog {$logfile}{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n {$tail}", $logarr);
621
    echo "<!-- /usr/sbin/clog {$logfile}{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n {$tail} -->";
622
    foreach ($logarr as $logent) {
623
            $logent = preg_split("/\s+/", $logent, 6);
624
            echo "<tr valign=\"top\">\n";
625
            if ($withorig) {
626
            		$entry_date_time = htmlspecialchars(join(" ", array_slice($logent, 0, 3)));
627
                    echo "<td class=\"listlr\" nowrap>" . $entry_date_time  . "</td>\n";
628
                    echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
629
            } else {
630
                    echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
631
            }
632
            echo "</tr>\n";
633
    }
634
}
635

    
636
function return_clog($logfile, $tail, $grepfor = "", $grepinvert = "", $grepreverse = false) {
637
	global $g, $config;
638
	$sor = isset($config['syslog']['reverse']) ? "-r" : "";
639
	$sor = isset($grepreverse) ? "-r" : "";
640
	$logarr = "";
641
	$grepline = "  ";
642
	if(is_array($grepfor))
643
		foreach($grepfor as $agrep)
644
			$grepline .= " | grep \"$agrep\"";
645
	if(is_array($grepinvert))
646
		foreach($grepinvert as $agrep)
647
			$grepline .= " | grep -v \"$agrep\"";
648
	echo "<!-- /usr/sbin/clog {$logfile}{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n {$tail} -->";
649
	exec("/usr/sbin/clog {$logfile}{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail {$sor} -n {$tail}", $logarr);
650
	return($logarr);
651
}
652

    
653
/* Check if variable has changed, update and log if it has
654
 * returns true if var changed
655
 * varname = variable name in plain text
656
 * orig = original value
657
 * new = new value
658
 */
659
function update_if_changed($varname, & $orig, $new) {
660
	if (is_array($orig) && is_array($new)) {
661
		$a_diff = array_diff($orig, $new);
662
		foreach ($a_diff as $diff) {
663
			update_changedesc("removed {$varname}: \"{$diff}\"");
664
		}
665
		$a_diff = array_diff($new, $orig);
666
		foreach ($a_diff as $diff) {
667
			update_changedesc("added {$varname}: \"{$diff}\"");
668
		}
669
		$orig = $new;
670
		return true;
671

    
672
	} else {
673
		if ($orig != $new) {
674
			update_changedesc("{$varname}: \"{$orig}\" -> \"{$new}\"");
675
			$orig = $new;
676
			return true;
677
		}
678
	}
679
	return false;
680
}
681

    
682
function address_to_pconfig($adr, &$padr, &$pmask, &$pnot, &$pbeginport, &$pendport) {
683

    
684
        if (isset($adr['any']))
685
                $padr = "any";
686
        else if ($adr['network'])
687
                $padr = $adr['network'];
688
        else if ($adr['address']) {
689
                list($padr, $pmask) = explode("/", $adr['address']);
690
                if (!$pmask)
691
                        $pmask = 32;
692
        }
693

    
694
        if (isset($adr['not']))
695
                $pnot = 1;
696
        else
697
                $pnot = 0;
698

    
699
        if ($adr['port']) {
700
                list($pbeginport, $pendport) = explode("-", $adr['port']);
701
                if (!$pendport)
702
                        $pendport = $pbeginport;
703
        } else {
704
                if(alias_expand($pbeginport) <> "" || alias_expand($pendport) <> "") {
705
                        /* Item is a port alias */
706
                } else {
707
                        $pbeginport = "any";
708
                        $pendport = "any";
709
                }
710
        }
711
}
712

    
713
function pconfig_to_address(&$adr, $padr, $pmask, $pnot=false, $pbeginport=0, $pendport=0) {
714

    
715
        $adr = array();
716

    
717
        if ($padr == "any")
718
                $adr['any'] = true;
719
        else if (is_specialnet($padr))
720
                $adr['network'] = $padr;
721
        else {
722
                $adr['address'] = $padr;
723
                if ($pmask != 32)
724
                        $adr['address'] .= "/" . $pmask;
725
        }
726

    
727
        if ($pnot)
728
                $adr['not'] = true;
729
        else
730
                unset($adr['not']);
731

    
732
        if (($pbeginport != 0) && ($pbeginport != "any")) {
733
                if ($pbeginport != $pendport)
734
                        $adr['port'] = $pbeginport . "-" . $pendport;
735
                else
736
                        $adr['port'] = $pbeginport;
737
        }
738

    
739
        if(alias_expand($pbeginport)) {
740
                $adr['port'] = $pbeginport;
741
        }
742
}
743

    
744
function is_specialnet($net) {
745
        global $specialsrcdst;
746

    
747
        if (in_array($net, $specialsrcdst) || strstr($net, "opt"))
748
                return true;
749
        else
750
                return false;
751
}
752

    
753
function ipsec_ca_sort() {
754
        global $g, $config;
755

    
756
        function ipseccacmp($a, $b) {
757
                return strcmp($a['ident'], $b['ident']);
758
        }
759

    
760
        usort($config['ipsec']['cacert'], "ipseccacmp");
761
}
762

    
763

    
764
?>
(62-62/175)