/**
* Real IPアドレスを戻す
* プライベートアドレスの場合もある
*/
function get_realip()
{
foreach ($this->proxy as $x) {
if (!$x[2]) {
continue;
}
// IP取得利用
$rc = '';
if (isset($_SERVER[$x[0]])) {
$rc = trim($_SERVER[$x[0]]);
}
if (empty($rc)) {
continue;
}
if (!is_ipaddr($rc)) {
continue;
}
// IPアドレス体系か?
if (!is_localIP($rc)) {
return $rc;
}
// プライベートな生IPを取得してもあまり意味がない
}
return '';
}
function stat_block($summary, $stat, $num)
{
global $g, $gotlines, $fields;
uasort($summary[$stat], 'cmp');
print "<table width=\"200\" cellpadding=\"3\" cellspacing=\"0\" border=\"1\" summary=\"source destination ip\">";
print "<tr><th colspan=\"2\">{$fields[$stat]} " . gettext("data") . "</th></tr>";
$k = array_keys($summary[$stat]);
$total = 0;
$numentries = 0;
for ($i = 0; $i < $num; $i++) {
if ($k[$i]) {
$total += $summary[$stat][$k[$i]];
$numentries++;
$outstr = $k[$i];
if (is_ipaddr($outstr)) {
$outstr = "<a href=\"diag_dns.php?host={$outstr}\" title=\"" . gettext("Reverse Resolve with DNS") . "\"><img border=\"0\" src=\"/themes/{$g['theme']}/images/icons/icon_log.gif\" alt=\"log\" /></a> {$outstr}";
} elseif (substr_count($outstr, '/') == 1) {
list($proto, $port) = explode('/', $outstr);
$service = getservbyport($port, strtolower($proto));
if ($service) {
$outstr .= ": {$service}";
}
}
print "<tr><td>{$outstr}</td><td width=\"50\" align=\"right\">{$summary[$stat][$k[$i]]}</td></tr>";
}
}
$leftover = $gotlines - $total;
if ($leftover > 0) {
print "<tr><td>Other</td><td width=\"50\" align=\"right\">{$leftover}</td></tr>";
}
print "</table>";
}
function output_ipsec_tunnel_status($tunnel)
{
global $g, $config, $sad;
$if = "WAN";
$interfaceip = get_ipsec_tunnel_src($tunnel);
$foundsrc = false;
$founddst = false;
if (!is_ipaddr($tunnel['remote-gateway'])) {
$tunnel['remote-gateway'] = resolve_retry($tunnel['remote-gateway']);
}
foreach ($sad as $sa) {
if ($sa['src'] == $interfaceip) {
$foundsrc = true;
}
if ($sa['dst'] == $tunnel['remote-gateway']) {
$founddst = true;
}
}
if ($foundsrc && $founddst) {
/* tunnel is up */
$iconfn = "pass";
} else {
/* tunnel is down */
$iconfn = "reject";
}
echo "<img src ='/themes/{$g['theme']}/images/icons/icon_{$iconfn}.gif'>";
}
function openvpn_validate_host($value, $name)
{
$value = trim($value);
if (empty($value) || !is_domain($value) && !is_ipaddr($value)) {
return sprintf(gettext("The field '%s' must contain a valid IP address or domain name."), $name);
}
return false;
}
function _getHostName($mac, $ip)
{
if (is_ipaddr($ip)) {
if (gethostbyaddr($ip) != "" and gethostbyaddr($ip) != $ip) {
return gethostbyaddr($ip);
} else {
return "";
}
}
}
function fixup_host($value, $position) {
$host = strip_host_logic($value);
$not = has_not($value) ? "not " : "";
$andor = ($position > 0) ? get_host_boolean($value, $host) : "";
if (is_ipaddr($host))
return "{$andor}host {$not}" . $host;
elseif (is_subnet($host))
return "{$andor}net {$not}" . $host;
else
return "";
}
function _getHostName($mac, $ip)
{
if (is_ipaddr($ip)) {
list($ip, $scope) = explode("%", $ip);
if (gethostbyaddr($ip) != "" and gethostbyaddr($ip) != $ip) {
return gethostbyaddr($ip);
} else {
return "";
}
}
}
function lookup_gateway_monitor_ip_by_name($name)
{
$gateways_arr = return_gateways_array(false, true);
if (!empty($gateways_arr[$name])) {
$gateway = $gateways_arr[$name];
if (!is_ipaddr($gateway['monitor'])) {
return $gateway['gateway'];
}
return $gateway['monitor'];
}
return false;
}
function cisco_to_cidr($addr)
{
if (!is_ipaddr($addr)) {
return 0;
}
$mask = decbin(~ip2long($addr));
$mask = substr($mask, -32);
$k = 0;
for ($i = 0; $i <= 32; $i++) {
$k += intval($mask[$i]);
}
return $k;
}
/**
* delete gateway
* @param int $id sequence item in $a_gateways
* @param array $a_gateways gateway list
*/
function delete_gateway_item($id, $a_gateways)
{
global $config;
if (!isset($a_gateways[$id])) {
return;
}
/* NOTE: Cleanup static routes for the monitor ip if any */
if (!empty($a_gateways[$id]['monitor']) && $a_gateways[$id]['monitor'] != "dynamic" && is_ipaddr($a_gateways[$id]['monitor']) && $a_gateways[$id]['gateway'] != $a_gateways[$id]['monitor']) {
if (is_ipaddrv4($a_gateways[$id]['monitor'])) {
mwexec("/sbin/route delete " . escapeshellarg($a_gateways[$id]['monitor']));
} else {
mwexec("/sbin/route delete -inet6 " . escapeshellarg($a_gateways[$id]['monitor']));
}
}
if ($config['interfaces'][$a_gateways[$id]['friendlyiface']]['gateway'] == $a_gateways[$id]['name']) {
unset($config['interfaces'][$a_gateways[$id]['friendlyiface']]['gateway']);
}
unset($config['gateways']['gateway_item'][$a_gateways[$id]['attribute']]);
}
function upnp_validate_ip($ip, $check_cdir)
{
/* validate cidr */
$ip_array = array();
if ($check_cdir) {
$ip_array = explode('/', $ip);
if (count($ip_array) == 2) {
if ($ip_array[1] < 1 || $ip_array[1] > 32) {
return false;
}
} else {
if (count($ip_array) != 1) {
return false;
}
}
} else {
$ip_array[] = $ip;
}
/* validate ip */
if (!is_ipaddr($ip_array[0])) {
return false;
}
return true;
}
/* subjectAltNames */
foreach ($pconfig['altname_type'] as $altname_seq => $altname_type) {
if (!empty($pconfig['altname_value'][$altname_seq])) {
$altnames[] = array("type" => $altname_type, "value" => $pconfig['altname_value'][$altname_seq]);
}
}
/* Input validation for subjectAltNames */
foreach ($altnames as $altname) {
switch ($altname['type']) {
case "DNS":
if (!is_hostname($altname['value'])) {
$input_errors[] = gettext("DNS subjectAltName values must be valid hostnames or FQDNs");
}
break;
case "IP":
if (!is_ipaddr($altname['value'])) {
$input_errors[] = gettext("IP subjectAltName values must be valid IP Addresses");
}
break;
case "email":
if (empty($altname['value'])) {
$input_errors[] = gettext("You must provide an e-mail address for this type of subjectAltName");
}
if (preg_match("/[\\!\\#\$\\%\\^\\(\\)\\~\\?\\>\\<\\&\\/\\\\,\"\\']/", $altname['value'])) {
$input_errors[] = gettext("The e-mail provided in a subjectAltName contains invalid characters.");
}
break;
case "URI":
if (!is_URL($altname['value'])) {
$input_errors[] = gettext("URI subjectAltName types must be a valid URI");
}
if ($_POST['apply']) {
$retval = 0;
$retval |= filter_configure();
$retval |= relayd_configure();
$savemsg = get_std_save_message($retval);
clear_subsystem_dirty('loadbalancer');
} else {
/* Keep a list of servers we find in POST variables */
$newservers = array();
foreach ($_POST as $name => $value) {
/* Look through the POST vars to find the pool data */
if (strpos($name, '|') !== false) {
list($poolname, $ip) = explode("|", $name);
$ip = str_replace('_', '.', $ip);
$newservers[$poolname][] = $ip;
} elseif (is_ipaddr($value)) {
$newservers[$name][] = $value;
}
}
foreach ($a_pool as &$pool) {
if (is_array($pool['servers']) && is_array($pool['serversdisabled'])) {
$oldservers = array_merge($pool['servers'], $pool['serversdisabled']);
} elseif (is_array($pool['servers'])) {
$oldservers = $pool['servers'];
} elseif (is_array($pool['serversdisabled'])) {
$oldservers = $pool['serversdisabled'];
} else {
$oldservers = array();
}
if (is_array($newservers[$pool['name']])) {
$pool['servers'] = $newservers[$pool['name']];
}
if (isset($_POST['wpa_gmk_rekey']) && (!is_numericint($_POST['wpa_gmk_rekey']) || $_POST['wpa_gmk_rekey'] < 1 || $_POST['wpa_gmk_rekey'] > 9999)) {
$input_errors[] = gettext("Master Key Regeneration must be an integer between 1 and 9999.");
}
if (isset($_POST['wpa_group_rekey']) && isset($_POST['wpa_gmk_rekey'])) {
if ($_POST['wpa_group_rekey'] > $_POST['wpa_gmk_rekey']) {
$input_errors[] = gettext("Master Key Regeneration must be greater than Key Rotation.");
}
}
if (!empty($_POST['auth_server_addr'])) {
if (!is_domain($_POST['auth_server_addr']) && !is_ipaddr($_POST['auth_server_addr'])) {
$input_errors[] = gettext("802.1X Authentication Server must be an IP or hostname.");
}
}
if (!empty($_POST['auth_server_addr2'])) {
if (!is_domain($_POST['auth_server_addr2']) && !is_ipaddr($_POST['auth_server_addr2'])) {
$input_errors[] = gettext("Secondary 802.1X Authentication Server must be an IP or hostname.");
}
}
if (!empty($_POST['auth_server_port'])) {
if (!is_port($_POST['auth_server_port'])) {
$input_errors[] = gettext("802.1X Authentication Server Port must be a valid port number (1-65535).");
}
}
if (!empty($_POST['auth_server_port2'])) {
if (!is_port($_POST['auth_server_port2'])) {
$input_errors[] = gettext("Secondary 802.1X Authentication Server Port must be a valid port number (1-65535).");
}
}
if (isset($_POST['channel']) && !is_numericint($_POST['channel'])) {
if (!is_numericint($_POST['channel'])) {
function Check()
{
if (!empty($this->target)) {
// IP
if (!empty($this->BlackList[0])) {
$ips = is_ipaddr($this->target) ? array($this->target) : gethostbynamel($this->target);
foreach ($ips as $ip) {
if ($this->RangeCheck($ip)) {
return true;
}
}
}
// HOST
if (!empty($this->BlackList[1])) {
$host = gethostbyaddr($this->target);
$len_host = strlen($host);
foreach ($this->BlackList[1] as $x) {
// 後方一致のために、長さを確認
if (strlen($x) > $len_host) {
continue;
}
// 部分一致(後方一致)
if (stristr($host, $x) !== FALSE) {
return true;
}
}
}
}
// UA
if (!empty($this->ua)) {
foreach ($this->BlackList[2] as $x) {
if ($this->ua == $x) {
return true;
}
}
}
return false;
}
}
$_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['pppoe_subnet']);
$subnet_start = ip2ulong($_POST['remoteip']);
$subnet_end = ip2ulong($_POST['remoteip']) + $_POST['pppoe_subnet'] - 1;
if (ip2ulong($_POST['localip']) >= $subnet_start && ip2ulong($_POST['localip']) <= $subnet_end) {
$input_errors[] = gettext("The specified server address lies in the remote subnet.");
}
if ($_POST['localip'] == get_interface_ip($_POST['interface'])) {
$input_errors[] = gettext("The specified server address is equal to an interface ip address.");
}
for ($x = 0; $x < 4999; $x++) {
if ($_POST["username{$x}"]) {
if (empty($_POST["password{$x}"])) {
$input_errors[] = sprintf(gettext("No password specified for username %s"), $_POST["username{$x}"]);
}
if ($_POST["ip{$x}"] != "" && !is_ipaddr($_POST["ip{$x}"])) {
$input_errors[] = sprintf(gettext("Incorrect ip address specified for username %s"), $_POST["username{$x}"]);
}
}
}
}
if ($_POST['pppoeid'] && !is_numeric($_POST['pppoeid'])) {
$input_errors[] = gettext("Wrong data submitted");
}
if (!$input_errors) {
$pppoecfg = array();
$pppoecfg['remoteip'] = $_POST['remoteip'];
$pppoecfg['localip'] = $_POST['localip'];
$pppoecfg['mode'] = $_POST['mode'];
$pppoecfg['interface'] = $_POST['interface'];
$pppoecfg['n_pppoe_units'] = $_POST['n_pppoe_units'];
if (!empty($pconfig['dns_server1']) && !is_ipaddr($pconfig['dns_server1'])) {
$input_errors[] = gettext("A valid IP address for 'DNS Server #1' must be specified.");
}
if (!empty($pconfig['dns_server2']) && !is_ipaddr($pconfig['dns_server2'])) {
$input_errors[] = gettext("A valid IP address for 'DNS Server #2' must be specified.");
}
if (!empty($pconfig['dns_server3']) && !is_ipaddr($pconfig['dns_server3'])) {
$input_errors[] = gettext("A valid IP address for 'DNS Server #3' must be specified.");
}
if (!empty($pconfig['dns_server4']) && !is_ipaddr($pconfig['dns_server4'])) {
$input_errors[] = gettext("A valid IP address for 'DNS Server #4' must be specified.");
}
if (!empty($pconfig['wins_server1']) && !is_ipaddr($pconfig['wins_server1'])) {
$input_errors[] = gettext("A valid IP address for 'WINS Server #1' must be specified.");
}
if (!empty($pconfig['wins_server2']) && !is_ipaddr($pconfig['wins_server2'])) {
$input_errors[] = gettext("A valid IP address for 'WINS Server #2' must be specified.");
}
if (count($input_errors) == 0) {
$client = array();
$copy_fields = "user_source,group_source,pool_address,pool_netbits,dns_domain,dns_server1\n ,dns_server2,dns_server3,dns_server4,wins_server1,wins_server2\n ,dns_split,pfs_group,login_banner";
foreach (explode(",", $copy_fields) as $fieldname) {
$fieldname = trim($fieldname);
if (!empty($pconfig[$fieldname])) {
$client[$fieldname] = $pconfig[$fieldname];
}
}
if (!empty($pconfig['enable'])) {
$client['enable'] = true;
}
if (!empty($pconfig['net_list'])) {
$lastvhid++;
$pconfig['vhid'] = $lastvhid;
$pconfig['uniqid'] = uniqid();
}
if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
/* input validation */
$reqdfields = explode(" ", "mode");
$reqdfieldsn = array(gettext("Type"));
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if ($_POST['subnet']) {
$_POST['subnet'] = trim($_POST['subnet']);
}
if ($_POST['subnet']) {
if (!is_ipaddr($_POST['subnet'])) {
$input_errors[] = gettext("A valid IP address must be specified.");
} else {
if (isset($id) && isset($a_vip[$id])) {
$ignore_if = $a_vip[$id]['interface'];
$ignore_mode = $a_vip[$id]['mode'];
if (isset($a_vip[$id]['uniqid'])) {
$ignore_uniqid = $a_vip[$id]['uniqid'];
}
} else {
$ignore_if = $_POST['interface'];
$ignore_mode = $_POST['mode'];
}
if (!isset($ignore_uniqid)) {
$ignore_uniqid = $_POST['uniqid'];
}
}
}
if ($_POST['domain'] && !is_domain($_POST['domain'])) {
$input_errors[] = gettext("The domain may only contain the characters a-z, 0-9, '-' and '.'.");
}
$dnslist = $ignore_posted_dnsgw = array();
for ($dnscounter = 1; $dnscounter < 5; $dnscounter++) {
$dnsname = "dns{$dnscounter}";
$dnsgwname = "dns{$dnscounter}gw";
$dnslist[] = $_POST[$dnsname];
if ($_POST[$dnsname] && !is_ipaddr($_POST[$dnsname])) {
$input_errors[] = sprintf(gettext("A valid IP address must be specified for DNS server %s."), $dnscounter);
} else {
if ($_POST[$dnsgwname] != "" && $_POST[$dnsgwname] != "none") {
// A real gateway has been selected.
if (is_ipaddr($_POST[$dnsname])) {
if (is_ipaddrv4($_POST[$dnsname]) && validate_address_family($_POST[$dnsname], $_POST[$dnsgwname]) === false) {
$input_errors[] = sprintf(gettext('The IPv6 gateway "%1$s" can not be specified for IPv4 DNS server "%2$s".'), $_POST[$dnsgwname], $_POST[$dnsname]);
}
if (is_ipaddrv6($_POST[$dnsname]) && validate_address_family($_POST[$dnsname], $_POST[$dnsgwname]) === false) {
$input_errors[] = sprintf(gettext('The IPv4 gateway "%1$s" can not be specified for IPv6 DNS server "%2$s".'), $_POST[$dnsgwname], $_POST[$dnsname]);
}
} else {
// The user selected a gateway but did not provide a DNS address. Be nice and set the gateway back to "none".
$ignore_posted_dnsgw[$dnsgwname] = true;
}
}
}
}
if (count(array_filter($dnslist)) != count(array_unique(array_filter($dnslist)))) {
$input_errors[] = gettext('Each configured DNS server must have a unique IP address. Remove the duplicated IP.');
if (String_Begins_With(_msdcs, $_POST['domain'])) {
$subdomainstr = substr($_POST['domain'], 7);
if ($subdomainstr && !is_domain($subdomainstr)) {
$input_errors[] = gettext("A valid domain must be specified after _msdcs.");
}
} elseif ($_POST['domain'] && !is_domain($_POST['domain'])) {
$input_errors[] = gettext("A valid domain must be specified.");
}
if ($_POST['ip']) {
if (strpos($_POST['ip'], '@') !== false) {
$ip_details = explode("@", $_POST['ip']);
if (!is_ipaddr($ip_details[0]) || !is_port($ip_details[1])) {
$input_errors[] = gettext("A valid IP address and port must be specified, for example 192.168.100.10@5353.");
}
} else {
if (!is_ipaddr($_POST['ip'])) {
$input_errors[] = gettext("A valid IP address must be specified, for example 192.168.100.10.");
}
}
}
if (!$input_errors) {
$doment = array();
$doment['domain'] = $_POST['domain'];
$doment['ip'] = $_POST['ip'];
$doment['descr'] = $_POST['descr'];
if (isset($id) && $a_domainOverrides[$id]) {
$a_domainOverrides[$id] = $doment;
} else {
$a_domainOverrides[] = $doment;
}
mark_subsystem_dirty('unbound');
if (isset($_GET['username'])) {
echo "FAILED";
closelog();
return;
} else {
closelog();
return -1;
}
}
if (file_exists("/etc/inc/openvpn.attributes.php")) {
include_once "/etc/inc/openvpn.attributes.php";
}
$content = "";
if (is_array($attributes['dns-servers'])) {
foreach ($attributes['dns-servers'] as $dnssrv) {
if (is_ipaddr($dnssrv)) {
$content .= "push \"dhcp-option DNS {$dnssrv}\"\n";
}
}
}
if (is_array($attributes['routes'])) {
foreach ($attributes['routes'] as $route) {
$content .= "push \"route {$route} vpn_gateway\"\n";
}
}
if (isset($attributes['framed_ip'])) {
if (isset($attributes['framed_mask'])) {
$content .= "topology subnet\n";
$content .= "ifconfig-push {$attributes['framed_ip']} {$attributes['framed_mask']}";
} else {
$content .= "topology net30\n";
$cpzoneid = $a_cp[$cpzone]['zoneid'];
}
$pgtitle = array(gettext("Services"), gettext("Captive Portal"), "Zone " . $a_cp[$cpzone]['zone'], gettext("Allowed Hostnames"));
$shortcut_section = "captiveportal";
if ($_GET['act'] == "del" && !empty($cpzone) && isset($cpzoneid)) {
$a_allowedhostnames =& $a_cp[$cpzone]['allowedhostname'];
if ($a_allowedhostnames[$_GET['id']]) {
$ipent = $a_allowedhostnames[$_GET['id']];
if (isset($a_cp[$cpzone]['enable'])) {
if (is_ipaddr($ipent['hostname'])) {
$ip = $ipent['hostname'];
} else {
$ip = gethostbyname($ipent['hostname']);
}
$sn = is_ipaddrv6($ip) ? 128 : 32;
if (is_ipaddr($ip)) {
$ipfw = pfSense_ipfw_getTablestats($cpzoneid, IP_FW_TABLE_XLISTENTRY, 3, $ip);
if (is_array($ipfw)) {
captiveportal_free_dn_ruleno($ipfw['dnpipe']);
pfSense_pipe_action("pipe delete {$ipfw['dnpipe']}");
pfSense_pipe_action("pipe delete " . ($ipfw['dnpipe'] + 1));
}
pfSense_ipfw_Tableaction($cpzoneid, IP_FW_TABLE_XDEL, 3, $ip, $sn);
pfSense_ipfw_Tableaction($cpzoneid, IP_FW_TABLE_XDEL, 4, $ip, $sn);
}
}
unset($a_allowedhostnames[$_GET['id']]);
write_config();
captiveportal_allowedhostname_configure();
header("Location: services_captiveportal_hostname.php?zone={$cpzone}");
exit;
$tab_array[] = array(gettext("States"), true, "diag_dump_states.php");
if (isset($config['system']['lb_use_sticky'])) {
$tab_array[] = array(gettext("Source Tracking"), false, "diag_dump_states_sources.php");
}
$tab_array[] = array(gettext("Reset States"), false, "diag_resetstate.php");
display_top_tabs($tab_array);
// Start of tab content
$current_statecount = `pfctl -si | grep "current entries" | awk '{ print \$3 }'`;
require_once 'classes/Form.class.php';
$form = new Form(false);
$section = new Form_Section('State filter');
$section->addInput(new Form_Input('filter', 'Filter expression', 'text', $_POST['filter'], ['placeholder' => 'Simple filter such as 192.168, v6, icmp or ESTABLISHED']));
$filterbtn = new Form_Button('filterbtn', 'Filter', null);
$filterbtn->removeClass('btn-primary')->addClass('btn-default btn-sm');
$section->addInput(new Form_StaticText('', $filterbtn));
if (isset($_POST['filter']) && (is_ipaddr($_POST['filter']) || is_subnet($_POST['filter']))) {
$killbtn = new Form_Button('killfilter', 'Kill States');
$killbtn->removeClass('btn-primary')->addClass('btn-danger btn-sm');
$section->addInput(new Form_StaticText('Kill filtered states', $killbtn))->setHelp('Remove all states to and from the filtered address');
}
$form->add($section);
print $form;
?>
<table class="table table-striped">
<thead>
<tr>
<th><?php
echo gettext("Int");
?>
</th>
<th><?php
function fixup_string($string)
{
global $config, $g, $myurl, $title;
$newstring = $string;
// fixup #1: $myurl -> http[s]://ip_address:port/
switch ($config['system']['webgui']['protocol']) {
case "http":
$proto = "http";
break;
case "https":
$proto = "https";
break;
default:
$proto = "http";
break;
}
$port = $config['system']['webgui']['port'];
if ($port != "") {
if ($port == "443" and $proto != "https" or $port == "80" and $proto != "http") {
$urlport = ":" . $port;
} elseif ($port != "80" and $port != "443") {
$urlport = ":" . $port;
} else {
$urlport = "";
}
}
$http_host = explode(":", $_SERVER['HTTP_HOST']);
$http_host = $http_host[0];
$urlhost = $http_host;
// If finishing the setup wizard, check if accessing on a LAN or WAN address that changed
if ($title == "Reload in progress") {
if (is_ipaddr($urlhost)) {
$host_if = find_ip_interface($urlhost);
if ($host_if) {
$host_if = convert_real_interface_to_friendly_interface_name($host_if);
if ($host_if && is_ipaddr($config['interfaces'][$host_if]['ipaddr'])) {
$urlhost = $config['interfaces'][$host_if]['ipaddr'];
}
}
} else {
if ($urlhost == $config['system']['hostname']) {
$urlhost = $config['wizardtemp']['system']['hostname'];
} else {
if ($urlhost == $config['system']['hostname'] . '.' . $config['system']['domain']) {
$urlhost = $config['wizardtemp']['system']['hostname'] . '.' . $config['wizardtemp']['system']['domain'];
}
}
}
}
if ($urlhost != $http_host) {
file_put_contents("{$g['tmp_path']}/setupwizard_lastreferrer", $proto . "://" . $http_host . $urlport . $_SERVER['REQUEST_URI']);
}
$myurl = $proto . "://" . $urlhost . $urlport . "/";
if (strstr($newstring, "\$myurl")) {
$newstring = str_replace("\$myurl", $myurl, $newstring);
}
// fixup #2: $wanip
if (strstr($newstring, "\$wanip")) {
$curwanip = get_interface_ip();
$newstring = str_replace("\$wanip", $curwanip, $newstring);
}
// fixup #3: $lanip
if (strstr($newstring, "\$lanip")) {
$lanip = get_interface_ip("lan");
$newstring = str_replace("\$lanip", $lanip, $newstring);
}
// fixup #4: fix'r'up here.
return $newstring;
}
<pre>
<?php
$useicmp = isset($_REQUEST['useicmp']) ? "-I" : "";
$n = isset($resolve) ? "" : "-n";
$command = "/usr/sbin/traceroute";
if ($ipproto == "ipv6") {
$command .= "6";
$ifaddr = is_ipaddr($sourceip) ? $sourceip : get_interface_ipv6($sourceip);
} else {
$ifaddr = is_ipaddr($sourceip) ? $sourceip : get_interface_ip($sourceip);
}
if ($ifaddr && (is_ipaddr($host) || is_hostname($host)))
$srcip = "-s " . escapeshellarg($ifaddr);
$cmd = "{$command} {$n} {$srcip} -w 2 {$useicmp} -m " . escapeshellarg($ttl) . " " . escapeshellarg($host);
//echo "Traceroute command: {$cmd}\n";
system($cmd);
?>
</pre>
</div>
</div>
</section>
<? endif; ?>
</div>
</div>
$query_time = exec("/usr/bin/drill {$host_esc} " . escapeshellarg("@" . trim($dns_server)) . " | /usr/bin/grep Query | /usr/bin/cut -d':' -f2");
if ($query_time == "") {
$query_time = gettext("No response");
}
$new_qt = array();
$new_qt['dns_server'] = $dns_server;
$new_qt['query_time'] = $query_time;
$dns_speeds[] = $new_qt;
unset($new_qt);
}
}
$type = "unknown";
$resolved = array();
$ipaddr = "";
if (!$input_errors) {
if (is_ipaddr($host)) {
$type = "ip";
$resolvedptr = gethostbyaddr($host);
$ipaddr = $host;
if ($host != $resolvedptr) {
$tmpresolved = array();
$tmpresolved['type'] = "PTR";
$tmpresolved['data'] = $resolvedptr;
$resolved[] = $tmpresolved;
}
} elseif (is_hostname($host)) {
$type = "hostname";
$ipaddr = gethostbyname($host);
$resolved = resolve_host_addresses($host);
}
}
$reqdfieldsn = explode(",", "Username");
} else {
$reqdfields = explode(" ", "username password");
$reqdfieldsn = explode(",", "Username,Password");
}
do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
if (preg_match("/[^a-zA-Z0-9\\.\\-_]/", $_POST['username'])) {
$input_errors[] = "Kullanıcı adında geçersiz karakterler mevcut.";
}
if (preg_match("/[[:cntrl:]\"]/", $_POST['password'])) {
$input_errors[] = "Şifre içinde geçersiz karakterler mevcut.";
}
if ($_POST['password'] && $_POST['password'] != $_POST['password2']) {
$input_errors[] = "Şifreler aynı değil.";
}
if ($_POST['ip'] && !is_ipaddr($_POST['ip'])) {
$input_errors[] = "Geçersiz IP adresi girildi.";
}
if (!$input_errors && !(isset($id) && $a_secret[$id])) {
/* make sure there are no dupes */
foreach ($a_secret as $secretent) {
if ($secretent['name'] == $_POST['username']) {
$input_errors[] = "Aynı kullanıcı adıyla başka bir giriş mevcut.";
break;
}
}
}
if (!$input_errors) {
if (isset($id) && $a_secret[$id]) {
$secretent = $a_secret[$id];
}
require_once "functions.inc";
require_once "filter.inc";
require_once "shaper.inc";
$pconfig['ipv6nat_enable'] = isset($config['diag']['ipv6nat']['enable']);
$pconfig['ipv6nat_ipaddr'] = $config['diag']['ipv6nat']['ipaddr'];
$pconfig['ipv6allow'] = isset($config['system']['ipv6allow']);
$pconfig['prefer_ipv4'] = isset($config['system']['prefer_ipv4']);
$pconfig['polling_enable'] = isset($config['system']['polling']);
$pconfig['sharednet'] = $config['system']['sharednet'];
$pconfig['disablechecksumoffloading'] = isset($config['system']['disablechecksumoffloading']);
$pconfig['disablesegmentationoffloading'] = isset($config['system']['disablesegmentationoffloading']);
$pconfig['disablelargereceiveoffloading'] = isset($config['system']['disablelargereceiveoffloading']);
if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
if ($_POST['ipv6nat_enable'] && !is_ipaddr($_POST['ipv6nat_ipaddr'])) {
$input_errors[] = gettext("You must specify an IP address to NAT IPv6 packets.");
}
ob_flush();
flush();
if (!$input_errors) {
if ($_POST['ipv6nat_enable'] == "yes") {
$config['diag']['ipv6nat']['enable'] = true;
$config['diag']['ipv6nat']['ipaddr'] = $_POST['ip-address'];
} else {
if ($config['diag']) {
if ($config['diag']['ipv6nat']) {
unset($config['diag']['ipv6nat']['enable']);
unset($config['diag']['ipv6nat']['ipaddr']);
}
}
if ($_POST['dstmask'] && !is_numericint($_POST['dstmask'])) {
$input_errors[] = gettext("A valid destination bit count must be specified.");
}
}
if (is_ipaddr($_POST['src']) && is_ipaddr($_POST['dst'])) {
if (!validate_address_family($_POST['src'], $_POST['dst'])) {
$input_errors[] = sprintf(gettext("The Source IP address %s Address Family differs from the destination %s."), $_POST['src'], $_POST['dst']);
}
if ((is_ipaddrv6($_POST['src']) || is_ipaddrv6($_POST['dst'])) && $_POST['ipprotocol'] == "inet") {
$input_errors[] = gettext("You can not use IPv6 addresses in IPv4 rules.");
}
if ((is_ipaddrv4($_POST['src']) || is_ipaddrv4($_POST['dst'])) && $_POST['ipprotocol'] == "inet6") {
$input_errors[] = gettext("You can not use IPv4 addresses in IPv6 rules.");
}
}
if ((is_ipaddr($_POST['src']) || is_ipaddr($_POST['dst'])) && $_POST['ipprotocol'] == "inet46") {
$input_errors[] = gettext("You can not use a IPv4 or IPv6 address in combined IPv4 + IPv6 rules.");
}
if ($_POST['srcbeginport'] > $_POST['srcendport']) {
/* swap */
$tmp = $_POST['srcendport'];
$_POST['srcendport'] = $_POST['srcbeginport'];
$_POST['srcbeginport'] = $tmp;
}
if ($_POST['dstbeginport'] > $_POST['dstendport']) {
/* swap */
$tmp = $_POST['dstendport'];
$_POST['dstendport'] = $_POST['dstbeginport'];
$_POST['dstbeginport'] = $tmp;
}
if ($_POST['os']) {
if ($_POST['pppoe_resethour'] != "" && !is_numericint($_POST['pppoe_resethour']) && $_POST['pppoe_resethour'] >= 0 && $_POST['pppoe_resethour'] <= 23) {
$input_errors[] = gettext("PPPoE yeniden başlatma saati (0-23) arasında olmalıdır.");
}
if ($_POST['pppoe_resetminute'] != "" && !is_numericint($_POST['pppoe_resetminute']) && $_POST['pppoe_resetminute'] >= 0 && $_POST['pppoe_resetminute'] <= 59) {
$input_errors[] = gettext("PPPoE yeniden başlatma dakikası (0-59) arasında olmalıdır.");
}
if ($_POST['pppoe_resetdate'] != "" && !is_numeric(str_replace("/", "", $_POST['pppoe_resetdate']))) {
$input_errors[] = gettext("PPPoE yeniden başlatma tarih değeri (mm/dd/yyyy) bu şekilde tanımlanmalıdır.");
}
if ($_POST['pptp_local'] && !is_ipaddr($_POST['pptp_local'])) {
$input_errors[] = "Geçerli bir PPTP yerel IP adresi tanımlanmalıdır.";
}
if ($_POST['pptp_subnet'] && !is_numeric($_POST['pptp_subnet'])) {
$input_errors[] = "Geçerli bir PPTP subnet bit count tanımlanmalıdır.";
}
if ($_POST['pptp_remote'] && !is_ipaddr($_POST['pptp_remote'])) {
$input_errors[] = "PPTP uzak IP için geçerli bir IP adresi tanımlanmaldır.";
}
if ($_POST['pptp_idletimeout'] != "" && !is_numericint($_POST['pptp_idletimeout'])) {
$input_errors[] = "idle timeout bir tamsayı olmak zorundadır.";
}
if ($_POST['spoofmac'] && !is_macaddr($_POST['spoofmac'])) {
$input_errors[] = "Geçerli bir MAC adresi tanımlanmalıdır.";
}
if ($_POST['mtu'] && ($_POST['mtu'] < 576 || $_POST['mtu'] > 1500)) {
$input_errors[] = "MTU değeri 576 ile 1500 byte arasında olmalıdır.";
}
/* Wireless interface? */
if (isset($wancfg['wireless'])) {
$wi_input_errors = wireless_config_post();
if ($wi_input_errors) {
