if ($input_errors) { print_input_errors($input_errors); } $tab_array = array(); $tab_array[] = array(gettext("Captive portal(s)"), false, "services_captiveportal.php?zone={$cpzone}"); $tab_array[] = array(gettext("MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}"); $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php?zone={$cpzone}"); $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php?zone={$cpzone}"); $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}"); $tab_array[] = array(gettext("File Manager"), true, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); require_once 'classes/Form.class.php'; if ($_GET['act'] == 'add') { $form = new Form(new Form_Button('Submit', 'Upload')); $form->setMultipartEncoding(); $section = new Form_Section('Upload a new file'); $section->addInput(new Form_Input('zone', null, 'hidden', $cpzone)); $section->addInput(new Form_Input('new', 'File', 'file')); $form->add($section); print $form; } if (is_array($a_cp[$cpzone]['element'])) { ?> <div class="panel panel-default"> <div class="panel-heading"><h2 class="panel-title"><?php echo gettext("Installed Files"); ?> </h2></div> <div class="panel-body"> <div class="table-responsive"> <table class="table table-striped table-hover table-condensed">
$section = new Form_Section('802.1x RADIUS options'); $section->addInput(new Form_Checkbox('ieee8021x', 'IEEE802.1X', 'Enable 802.1X authentication', $pconfig['ieee8021x'], 'yes'))->setHelp('This option requires that the "Enable WPA box" is checked'); $group = new Form_Group('Primary 802.1X server'); $group->add(new Form_IpAddress('auth_server_addr', 'IP Address', $pconfig['auth_server_addr']))->setHelp('IP address. (Commonly a Radius server (FreeRadius, Internet Authentication Services, etc.)'); $group->add(new Form_Input('auth_server_port', 'Port', 'number', $pconfig['auth_server_port']))->setHelp('Server port. Leave blank for the default port 1812'); $group->add(new Form_Input('auth_server_shared_secret', 'Shared secret', 'number', $pconfig['auth_server_shared_secret']))->setHelp('Shared secret'); $section->add($group); $group = new Form_Group('Secondary 802.1X server'); $group->add(new Form_IpAddress('auth_server_addr2', 'IP Address', $pconfig['auth_server_addr2']))->setHelp('IP address. (Commonly a Radius server (FreeRadius, Internet Authentication Services, etc.)'); $group->add(new Form_Input('auth_server_port2', 'Port', 'number', $pconfig['auth_server_port2']))->setHelp('Server port. Leave blank for the default port 1812'); $group->add(new Form_Input('auth_server_shared_secret2', 'Shared secret', 'number', $pconfig['auth_server_shared_secret2']))->setHelp('Shared secret'); $section->add($group); $section->addInput(new Form_Checkbox('rsn_preauth', 'Authentication Roaming Preauth', null, $pconfig['rsn_preauth'], 'yes')); $form->add($section); } $section = new Form_Section('Private networks'); $section->addInput(new Form_Checkbox('blockpriv', 'Block private networks', '', $pconfig['blockpriv'], 'yes'))->setHelp('Blocks traffic from IP addresses that are reserved for private networks per RFC 1918 (10/8, 172.16/12, 192.168/16) ' . ' as well as loopback addresses (127/8). You should generally leave this option turned on, unless your WAN network ' . 'lies in such a private address space, too.'); $section->addInput(new Form_Checkbox('blockbogons', 'Block bogon networks', '', $pconfig['blockbogons'], 'yes'))->setHelp('Blocks traffic from reserved IP addresses (but not RFC 1918) or not yet assigned by IANA. Bogons are prefixes that should ' . 'never appear in the Internet routing table, and so should not appear as the source address in any packets you receive.' . '<br />' . 'Note: The update frequency can be changed under System->Advanced Firewall/NAT settings'); $form->add($section); $form->addGlobal(new Form_Input('if', null, 'hidden', $if)); if ($wancfg['if'] == $a_ppps[$pppid]['if']) { $form->addGlobal(new Form_Input('ppp_port', null, 'hidden', $pconfig['port'])); } $form->addGlobal(new Form_Input('ptpid', null, 'hidden', $pconfig['ptpid'])); print $form; ?> <script type="text/javascript"> //<![CDATA[ events.push(function(){
if ($input_errors) { print_input_errors($input_errors); } if ($savemsg) { print_info_box($savemsg, 'success'); } if (is_subsystem_dirty('unbound')) { print_apply_box(gettext("The DNS Resolver configuration has been changed.") . "<br />" . gettext("You must apply the changes in order for them to take effect.")); } $tab_array = array(); $tab_array[] = array(gettext("General settings"), true, "services_unbound.php"); $tab_array[] = array(gettext("Advanced settings"), false, "services_unbound_advanced.php"); $tab_array[] = array(gettext("Access Lists"), false, "/services_unbound_acls.php"); display_top_tabs($tab_array, true); $form = new Form(); $section = new Form_Section('General DNS Resolver Options'); $section->addInput(new Form_Checkbox('enable', 'Enable', 'Enable DNS resolver', $pconfig['enable'])); $section->addInput(new Form_Input('port', 'Listen Port', 'number', $pconfig['port'], ['placeholder' => '53']))->setHelp('The port used for responding to DNS queries. It should normally be left blank unless another service needs to bind to TCP/UDP port 53.'); $activeiflist = build_if_list($pconfig['active_interface']); $section->addInput(new Form_Select('active_interface', 'Network Interfaces', $activeiflist['selected'], $activeiflist['options'], true))->addClass('general')->setHelp('Interface IPs used by the DNS Resolver for responding to queries from clients. If an interface has both IPv4 and IPv6 IPs, both are used. Queries to other interface IPs not selected below are discarded. ' . 'The default behavior is to respond to queries on every available IPv4 and IPv6 address.'); $outiflist = build_if_list($pconfig['outgoing_interface']); $section->addInput(new Form_Select('outgoing_interface', 'Outgoing Network Interfaces', $outiflist['selected'], $outiflist['options'], true))->addClass('general')->setHelp('Utilize different network interface(s) that the DNS Resolver will use to send queries to authoritative servers and receive their replies. By default all interfaces are used.'); $unbound_local_zone_types = array("deny" => gettext("Deny"), "refuse" => gettext("Refuse"), "static" => gettext("Static"), "transparent" => gettext("Transparent"), "typetransparent" => gettext("Type Transparent"), "redirect" => gettext("Redirect"), "inform" => gettext("Inform"), "inform_deny" => gettext("Inform Deny"), "nodefault" => gettext("No Default")); $section->addInput(new Form_Select('system_domain_local_zone_type', 'System Domain Local Zone Type', $pconfig['system_domain_local_zone_type'], $unbound_local_zone_types))->setHelp('The local-zone type used for the pfSense system domain (System | General Setup | Domain). Transparent is the default. Local-Zone type descriptions are available in the unbound.conf(5) manual pages.'); $section->addInput(new Form_Checkbox('dnssec', 'DNSSEC', 'Enable DNSSEC Support', $pconfig['dnssec'])); $section->addInput(new Form_Checkbox('forwarding', 'DNS Query Forwarding', 'Enable Forwarding Mode', $pconfig['forwarding'])); $section->addInput(new Form_Checkbox('regdhcp', 'DHCP Registration', 'Register DHCP leases in the DNS Resolver', $pconfig['regdhcp']))->setHelp(sprintf('If this option is set, then machines that specify their hostname when requesting a DHCP lease will be registered' . ' in the DNS Resolver, so that their name can be resolved.' . ' You should also set the domain in %sSystem: General setup%s to the proper value.', '<a href="system.php">', '</a>')); $section->addInput(new Form_Checkbox('regdhcpstatic', 'Static DHCP', 'Register DHCP static mappings in the DNS Resolver', $pconfig['regdhcpstatic']))->setHelp(sprintf('If this option is set, then DHCP static mappings will be registered in the DNS Resolver, so that their name can be ' . 'resolved. You should also set the domain in %s' . 'System: General setup%s to the proper value.', '<a href="system.php">', '</a>')); $btnadvdns = new Form_Button('btnadvdns', 'Custom options'); $btnadvdns->removeClass('btn-primary')->addClass('btn-default btn-sm'); $section->addInput(new Form_StaticText('Custom options', $btnadvdns . ' ' . 'Show custom options'));
$list[$name] = 'GW Group ' . $name; } unset($grouplist); return $list; } $pgtitle = array(gettext("Services"), gettext("Dynamic DNS client")); include "head.inc"; if ($input_errors) { print_input_errors($input_errors); } if ($savemsg) { print_info_box($savemsg, 'success'); } require_once 'classes/Form.class.php'; $form = new Form(); $section = new Form_Section('Dynamic DNS Client'); // Confusingly the 'enable' checkbox is labelled 'Disable', but thats the way it works! // No action (hide or disable) is taken on selecting this. $section->addInput(new Form_Checkbox('enable', 'Disable', 'Disable this client', $pconfig['enable'])); $section->addInput(new Form_Select('type', 'Service Type', $pconfig['type'], build_type_list())); $interfacelist = build_if_list(); $section->addInput(new Form_Select('interface', 'Interface to monitor', $pconfig['interface'], $interfacelist)); $section->addInput(new Form_Select('requestif', 'Interface to send update from', $pconfig['request'], $interfacelist))->setHelp('This is almost always the same as the Interface to Monitor. '); $section->addInput(new Form_Input('host', 'Hostname', 'text', $pconfig['host']))->setHelp('Enter the complete fully qualified domain name. Example: myhost.dyndns.org' . '<br />' . 'he.net tunnelbroker: Enter your tunnel ID' . '<br />' . 'GleSYS: Enter your record ID' . '<br />' . 'DNSimple: Enter only the domain name.'); $section->addInput(new Form_Input('mx', 'MX', 'text', $pconfig['mx']))->setHelp('Note: With DynDNS service you can only use a hostname, not an IP address. ' . 'Set this option only if you need a special MX record. Not all services support this.'); $section->addInput(new Form_Checkbox('wildcard', 'Wildcards', 'Enable Wildcard', $pconfig['wildcard'])); $section->addInput(new Form_Checkbox('verboselog', 'Verbose logging', 'Enable verbose logging', $pconfig['verboselog'])); $section->addInput(new Form_Checkbox('curl_ipresolve_v4', 'CURL options', 'Force IPv4 resolving', $pconfig['curl_ipresolve_v4'])); $section->addInput(new Form_Checkbox('curl_ssl_verifypeer', null, 'Verify SSL peer', $pconfig['curl_ssl_verifypeer'])); $section->addInput(new Form_Input('username', 'Username', 'text', $pconfig['username']))->setHelp('Username is required for all types except Namecheap, FreeDNS and Custom Entries.' . '<br />' . 'Route 53: Enter your Access Key ID.' . '<br />' . 'GleSYS: Enter your API user.' . '<br />' . 'For Custom Entries, Username and Password represent HTTP Authentication username and passwords.'); $section->addInput(new Form_Input('passwordfld', 'Password', 'password', $pconfig['passwordfld']))->setHelp('FreeDNS (freedns.afraid.org): Enter your "Authentication Token" provided by FreeDNS.' . '<br />' . 'Route 53: Enter your Secret Access Key.' . '<br />' . 'GleSYS: Enter your API key.' . '<br />' . 'DNSimple: Enter your API token.');
$config['captiveportal'] = array(); } $a_cp =& $config['captiveportal']; $pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Test Vouchers"), $a_cp[$cpzone]['zone']); $shortcut_section = "captiveportal-vouchers"; include "head.inc"; $tab_array = array(); $tab_array[] = array(gettext("Active Users"), false, "status_captiveportal.php?zone={$cpzone}"); $tab_array[] = array(gettext("Active Vouchers"), false, "status_captiveportal_vouchers.php?zone={$cpzone}"); $tab_array[] = array(gettext("Voucher Rolls"), false, "status_captiveportal_voucher_rolls.php?zone={$cpzone}"); $tab_array[] = array(gettext("Test Vouchers"), true, "status_captiveportal_test.php?zone={$cpzone}"); $tab_array[] = array(gettext("Expire Vouchers"), false, "status_captiveportal_expire.php?zone={$cpzone}"); display_top_tabs($tab_array); require_once 'classes/Form.class.php'; $form = new Form(); $section = new Form_Section('Test Vouchers'); $section->addInput(new Form_Textarea('vouchers', 'Vouchers', $_POST['vouchers']))->setHelp('Enter multiple vouchers separated by space or newline. The remaining time, if valid, will be shown for each voucher.'); $section->addInput(new Form_Input('zone', null, 'hidden', $cpzone)); $form->add($section); print $form; if ($_POST) { if ($_POST['vouchers']) { $test_results = voucher_auth($_POST['vouchers'], 1); $output = ""; foreach ($test_results as $result) { if (strpos($result, " good ") || strpos($result, " granted ")) { $output .= '<font color="green">' . htmlspecialchars($result) . '</font>' . '<br />'; } else { $output .= '<font color="red">' . htmlspecialchars($result) . '</font>' . '<br />'; } }
$class = 'alert-success'; unset($config['system']['nanobsd_force_rw']); } write_config(gettext("Changed Permanent Read/Write Setting")); conf_mount_ro(); } else { $savemsg = gettext('Saved r/w permanently'); $class = 'alert-success'; } } print_info_box(gettext("The options on this page are intended for use by advanced users only.")); if ($savemsg) { print_info_box($savemsg, $class); } $form = new Form(false); $section = new Form_Section('NanoBSD Options'); $section->addInput(new Form_StaticText('Image Size', $NANOBSD_SIZE)); $slicebtn = new Form_Button('bootslice', 'Switch Slice'); $slicebtn->removeClass('btn-primary')->addClass('btn-default btn-sm'); $section->addInput(new Form_StaticText('Bootup slice', $ACTIVE_SLICE . ' ' . $slicebtn)); $refcount = refcount_read(1000); if (is_writable("/")) { /* refcount_read returns -1 when shared memory section does not exist */ /* refcount can be zero here when the user has set nanobsd_force_rw */ /* refcount 1 is normal, so only display the count for abnormal values */ if ($refcount == 1 || $refcount == 0 || $refcount == -1) { $refdisplay = ""; } else { $refdisplay = " " . sprintf(gettext("(Reference count %s)"), $refcount); } $lbl = gettext("Read/Write") . $refdisplay;
array_push($pfscss, $css); } else { array_push($usrcss, $css); } } } $css = array_merge($pfscss, $betacss, $usrcss); foreach ($css as $file) { $file = basename($file); $csslist[$file] = pathinfo($file, PATHINFO_FILENAME); } } if (!isset($pconfig['webguicss']) || !isset($csslist[$pconfig['webguicss']])) { $pconfig['webguicss'] = "pfSense.css"; } $section = new Form_Section('webConfigurator'); $section->addInput(new Form_Select('webguicss', 'Theme', $pconfig['webguicss'], $csslist))->setHelp(sprintf(gettext('Choose an alternative css file (if installed) to change the appearance of the webConfigurator. css files are located in /usr/local/www/css/%s'), '<span id="csstxt"></span>')); $section->addInput(new Form_Select('webguifixedmenu', 'Top Navigation', $pconfig['webguifixedmenu'], ["" => gettext("Scrolls with page"), "fixed" => gettext("Fixed (Remains visible at top of page)")]))->setHelp("The fixed option is intended for large screens only."); $section->addInput(new Form_Input('dashboardcolumns', 'Dashboard Columns', 'number', $pconfig['dashboardcolumns'], [min => 1, max => 4])); $group = new Form_Group('Associated Panels Show/Hide'); $group->add(new Form_Checkbox('dashboardavailablewidgetspanel', null, 'Available Widgets', $pconfig['dashboardavailablewidgetspanel']))->setHelp('Show the Available Widgets panel on the Dashboard.'); $group->add(new Form_Checkbox('systemlogsfilterpanel', null, 'Log Filter', $pconfig['systemlogsfilterpanel']))->setHelp('Show the Log Filter panel in System Logs.'); $group->add(new Form_Checkbox('systemlogsmanagelogpanel', null, 'Manage Log', $pconfig['systemlogsmanagelogpanel']))->setHelp('Show the Manage Log panel in System Logs.'); $group->add(new Form_Checkbox('statusmonitoringsettingspanel', null, 'Monitoring Settings', $pconfig['statusmonitoringsettingspanel']))->setHelp('Show the Settings panel in Status Monitoring.'); $group->setHelp('These options allow certain panels to be automatically hidden on page load. A control is provided in the title bar to un-hide the panel.'); $section->add($group); $section->addInput(new Form_Checkbox('webguileftcolumnhyper', 'Left Column Labels', 'Active', $pconfig['webguileftcolumnhyper']))->setHelp('If selected, clicking a label in the left column will select/toggle the first item of the group.'); $form->add($section); print $form; $csswarning = sprintf(gettext("%sUser-created themes are unsupported, use at your own risk."), "<br />"); ?>
$numstate = "-a"; } else { $sorttype = "-o " . escapeshellarg($_REQUEST['sorttype']); $numstate = $_REQUEST['states'] == "all" ? "-a" : escapeshellarg($_REQUEST['states']); } } else { $sorttype = "bytes"; $viewtype = "default"; $numstate = "100"; } if ($input_errors) { print_input_errors($input_errors); } $form = new Form(false); $form->addGlobal(new Form_Input('getactivity', null, 'hidden', 'yes')); $section = new Form_Section('pfTop Configuration'); $validViews = array('default' => gettext('default'), 'label' => gettext('label'), 'long' => gettext('long'), 'queue' => gettext('queue'), 'rules' => gettext('rules'), 'size' => gettext('size'), 'speed' => gettext('speed'), 'state' => gettext('state'), 'time' => gettext('time')); $section->addInput(new Form_Select('viewtype', 'View', $viewtype, $validViews)); $section->addInput(new Form_Select('sorttype', 'Sort by', $sorttype, array('none' => gettext('None'), 'age' => gettext('Age'), 'bytes' => gettext('Bytes'), 'dest' => gettext('Destination Address'), 'dport' => gettext('Destination Port'), 'exp' => gettext('Expiry'), 'peak' => gettext('Peak'), 'pkt' => gettext('Packet'), 'rate' => gettext('Rate'), 'size' => gettext('Size'), 'sport' => gettext('Source Port'), 'src' => gettext('Source Address')))); $validStates = array(50, 100, 200, 500, 100, 'all'); $section->addInput(new Form_Select('states', 'Maximum # of States', $numstate, array_combine($validStates, $validStates))); $form->add($section); print $form; ?> <script type="text/javascript"> //<![CDATA[ function getpftopactivity() { $.ajax( '/diag_pftop.php', {
} else { $a_checkip[] = $checkip; } write_config(gettext("New/Edited Check IP Services entry was posted.")); header("Location: services_checkip.php"); exit; } } $pgtitle = array(gettext("Services"), gettext("Dynamic DNS"), gettext("Check IP Services"), gettext("Edit")); include "head.inc"; if ($input_errors) { print_input_errors($input_errors); } if ($savemsg) { print_info_box($savemsg, 'success'); } $form = new Form(); $section = new Form_Section('Check IP Service'); $section->addInput(new Form_Checkbox('enable', 'Enable', null, $pconfig['enable'])); $section->addInput(new Form_Input('name', 'Name', 'text', $pconfig['name']))->setHelp('The name of the service may only consist of the characters "a-z, A-Z, 0-9 and _".'); $section->addInput(new Form_Input('url', 'URL', 'text', $pconfig['url'])); $section->addInput(new Form_Input('username', 'User name', 'text', $pconfig['username'])); $section->addPassword(new Form_Input('passwordfld', 'Password', 'password', $pconfig['password'])); $section->addInput(new Form_Checkbox('verifysslpeer', 'Verify SSL Peer', 'Verify SSL Peer', $pconfig['verifysslpeer'])); $section->addInput(new Form_Input('descr', 'Description', 'text', $pconfig['descr']))->setHelp('A description may be entered here for administrative reference (not parsed).'); if (isset($id) && $a_checkip[$id]) { $section->addInput(new Form_Input('id', null, 'hidden', $id)); } $form->add($section); print $form; include "foot.inc";
} if (!$input_errors) { $doment = array(); $doment['domain'] = $_POST['domain']; $doment['ip'] = $_POST['ip']; $doment['descr'] = $_POST['descr']; if (isset($id) && $a_domainOverrides[$id]) { $a_domainOverrides[$id] = $doment; } else { $a_domainOverrides[] = $doment; } mark_subsystem_dirty('unbound'); write_config(); header("Location: services_unbound.php"); exit; } } $pgtitle = array(gettext("Services"), gettext("DNS Resolver"), gettext("General Settings"), gettext("Edit Domain Override")); $shortcut_section = "resolver"; include "head.inc"; $form = new Form(); $section = new Form_Section('Domain Override'); $section->addInput(new Form_Input('domain', 'Domain', 'text', $pconfig['domain']))->setHelp('Domain to override (NOTE: this does not have to be a valid TLD!) e.g.: testormycompany.localdomainor1.168.192.in-addr.arpa'); $section->addInput(new Form_IpAddress('ip', 'IP Address', $pconfig['ip']))->setHelp('IP address of the authoritative DNS server for this domain. e.g.: 192.168.100.100' . '<br />' . 'To use a nondefault port for communication, append an \'@\' with the port number.'); $section->addInput(new Form_Input('descr', 'Description', 'text', $pconfig['descr']))->setHelp('You may enter a description here for your reference (not parsed).'); if (isset($id) && $a_domainOverrides[$id]) { $section->addInput(new Form_Input('id', null, 'hidden', $id)); } $form->add($section); print $form; include "foot.inc";
$group->addClass('repeatable'); $group->add(new Form_Input('number' . $counter, null, 'text', $number))->setHelp($numrows == $counter ? 'Number' : null); $group->add(new Form_Select('itemtype' . $counter, null, $itemtype, $customitemtypes))->setWidth(3)->setHelp($numrows == $counter ? 'Type' : null); $group->add(new Form_Input('value' . $counter, null, 'text', $value))->setHelp($numrows == $counter ? 'Value' : null); $group->add(new Form_Button('deleterow' . $counter, 'Delete'))->removeClass('btn-primary')->addClass('btn-warning'); $section->add($group); $counter++; } $section->addInput(new Form_Button('addrow', 'Add'))->removeClass('btn-primary')->addClass('btn-success'); $form->add($section); if ($pconfig['netboot']) { $sectate = COLLAPSIBLE | SEC_OPEN; } else { $sectate = COLLAPSIBLE | SEC_CLOSED; } $section = new Form_Section("Network Booting", nwkbootsec, $sectate); $section->addInput(new Form_Checkbox('netboot', 'Enable', 'Enables network booting', $pconfig['netboot'])); $section->addInput(new Form_IpAddress('nextserver', 'Next Server', $pconfig['nextserver']))->setHelp('Enter the IP address of the next server'); $section->addInput(new Form_Input('filename', 'Default BIOS file name', 'text', $pconfig['filename'])); $section->addInput(new Form_Input('filename32', 'UEFI 32 bit file name', 'text', $pconfig['filename32'])); $section->addInput(new Form_Input('filename64', 'UEFI 64 bit file name', 'text', $pconfig['filename64']))->setHelp('You need both a filename and a boot server configured for this to work! ' . 'You will need all three filenames and a boot server configured for UEFI to work! '); $section->addInput(new Form_Input('rootpath', 'Root path', 'text', $pconfig['rootpath']))->setHelp('string-format: iscsi:(servername):(protocol):(port):(LUN):targetname '); $form->add($section); if ($act == "newpool") { $form->addGlobal(new Form_Input('act', null, 'hidden', 'newpool')); } if (is_numeric($pool)) { $form->addGlobal(new Form_Input('pool', null, 'hidden', $pool)); } $form->addGlobal(new Form_Input('if', null, 'hidden', $if)); print $form;
$section = new Form_Section('Network Address Translation'); if (isset($config['system']['disablenatreflection'])) { $value = 'disable'; } elseif (!isset($config['system']['enablenatreflectionpurenat'])) { $value = 'proxy'; } else { $value = 'purenat'; } $section->addInput(new Form_Select('natreflection', 'NAT Reflection mode for port forwards', $value, array('disable' => gettext('disabled'), 'proxy' => gettext('NAT + proxy'), 'purenat' => gettext('Pure NAT'))))->setHelp('</span><ul class="help-block"><li>The pure NAT mode uses a set of NAT rules to direct ' . 'packets to the target of the port forward. It has better scalability, ' . 'but it must be possible to accurately determine the interface and ' . 'gateway IP used for communication with the target at the time the ' . 'rules are loaded. There are no inherent limits to the number of ports ' . 'other than the limits of the protocols. All protocols available for ' . 'port forwards are supported.</li><li>The NAT + proxy mode uses a ' . 'helper program to send packets to the target of the port forward. ' . 'It is useful in setups where the interface and/or gateway IP used ' . 'for communication with the target cannot be accurately determined at ' . 'the time the rules are loaded. Reflection rules are not created for ' . 'ranges larger than 500 ports and will not be used for more than 1000 ' . 'ports total between all port forwards. Only TCP and UDP protocols are ' . 'supported.</li></ul><span class="help-block">Individual rules may be configured to override ' . 'this system setting on a per-rule basis.'); $section->addInput(new Form_Input('reflectiontimeout', 'Reflection Timeout', 'number', $config['system']['reflectiontimeout'], ['min' => 1]))->setHelp('Enter value for Reflection timeout in seconds.<br/>Note: Only ' . 'applies to Reflection on port forwards in NAT + proxy mode.'); $section->addInput(new Form_Checkbox('enablebinatreflection', 'Enable NAT Reflection for 1:1 NAT', 'Automatic creation of additional NAT redirect rules from within the internal networks.', isset($config['system']['enablebinatreflection'])))->setHelp('Note: Reflection on 1:1 mappings is only for the inbound component of ' . 'the 1:1 mappings. This functions the same as the pure NAT mode for port ' . 'forwards. For more details, refer to the pure NAT mode description ' . 'above. Individual rules may be configured to override this system setting on a ' . 'per-rule basis.'); $section->addInput(new Form_Checkbox('enablenatreflectionhelper', 'Enable automatic outbound NAT for Reflection', 'Automatic create outbound NAT rules that direct traffic back out to the same subnet it originated from.', isset($config['system']['enablenatreflectionhelper'])))->setHelp('Required for full functionality of the pure NAT mode of NAT ' . 'Reflection for port forwards or NAT Reflection for 1:1 NAT. Note: This only works ' . 'for assigned interfaces. Other interfaces require manually creating the ' . 'outbound NAT rules that direct the reply packets back through the router.'); $section->addInput(new Form_Select('tftpinterface', 'TFTP Proxy', $pconfig['tftpinterface'], get_configured_interface_with_descr(), true))->setHelp('Choose the interfaces on which to enable TFTP proxy helper.'); $form->add($section); } $section = new Form_Section('State Timeouts (seconds - blank for default)'); $tcpTimeouts = array('First', 'Opening', 'Established', 'Closing', 'FIN Wait', 'Closed'); foreach ($tcpTimeouts as $name) { $keyname = 'tcp' . strtolower(str_replace(" ", "", $name)) . 'timeout'; $section->addInput(new Form_Input($keyname, 'TCP ' . $name, 'number', $config['system'][$keyname])); } $udpTimeouts = array('First', 'Single', 'Multiple'); foreach ($udpTimeouts as $name) { $keyname = 'udp' . strtolower(str_replace(" ", "", $name)) . 'timeout'; $section->addInput(new Form_Input($keyname, 'UDP ' . $name, 'number', $config['system'][$keyname])); } $icmpTimeouts = array('First', 'Error'); foreach ($icmpTimeouts as $name) { $keyname = 'icmp' . strtolower(str_replace(" ", "", $name)) . 'timeout'; $section->addInput(new Form_Input($keyname, 'ICMP ' . $name, 'number', $config['system'][$keyname])); }
print_input_errors($input_errors); } if ($savemsg) { print_info_box($savemsg, 'success'); } if (is_subsystem_dirty('unbound')) { print_info_box_np(gettext("The configuration of the DNS Resolver, has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect.")); } $tab_array = array(); $tab_array[] = array(gettext("General settings"), false, "/services_unbound.php"); $tab_array[] = array(gettext("Advanced settings"), false, "services_unbound_advanced.php"); $tab_array[] = array(gettext("Access Lists"), true, "/services_unbound_acls.php"); display_top_tabs($tab_array, true); if ($act == "new" || $act == "edit") { $form = new Form(); $section = new Form_Section('New Access List'); $section->addInput(new Form_Input('aclid', null, 'hidden', $id)); $section->addInput(new Form_Input('act', null, 'hidden', $act)); $section->addInput(new Form_Input('aclname', 'Access List name', 'text', $pconfig['aclname']))->setHelp('Provide an Access List name.'); $section->addInput(new Form_Select('aclaction', 'Action', strtolower($pconfig['aclaction']), array('allow' => 'Allow', 'deny' => 'Deny', 'refuse' => 'Refuse', 'allow snoop' => 'Allow Snoop')))->setHelp($actionHelp); $section->addInput(new Form_Input('description', 'Description', 'text', $pconfig['description']))->setHelp('You may enter a description here for your reference.'); $numrows = count($networkacl) - 1; $counter = 0; foreach ($networkacl as $item) { $network = $item['acl_network']; $cidr = $item['mask']; $description = $item['description']; $group = new Form_Group($counter == 0 ? 'Networks' : ''); $group->add(new Form_IpAddress('acl_network' . $counter, null, $network))->addMask('mask' . $counter, $cidr)->setWidth(4)->setHelp($counter == $numrows ? 'Network/mask' : null); $group->add(new Form_Input('description' . $counter, null, 'text', $description))->setHelp($counter == $numrows ? 'Description' : null); $group->add(new Form_Button('deleterow' . $counter, 'Delete'))->removeClass('btn-primary')->addClass('btn-warning');
$group->add(new Form_Input('pppoe_resetminute', null, 'text', $pconfig['pppoe_resetminute']))->setHelp('Minute'); $group->add(new Form_Input('pppoe_resetdate', null, 'text', $pconfig['pppoe_resetdate'], ['placeholder' => 'mm/dd/yyyy']))->setHelp('Specific date'); $group->setHelp('Leaving the date field empty will cause the reset to be executed each day at the time specified in the minutes and hour fields. '); $section->add($group); $group = new Form_Group('Reset frequency'); $group->addClass('pppoe-reset-cron'); $group->add(new Form_Checkbox('pppoe_pr_preset_val', null, 'Monthly (0 0 1 * *)', $pconfig['pppoe_monthly'], 'monthly'))->displayAsRadio(); $group->add(new Form_Checkbox('pppoe_pr_preset_val', null, 'Weekly (0 0 * * 0)', $pconfig['pppoe_weekly'], 'weekly'))->displayAsRadio(); $group->add(new Form_Checkbox('pppoe_pr_preset_val', null, 'Daily (0 0 * * *)', $pconfig['pppoe_daily'], 'daily'))->displayAsRadio(); $group->add(new Form_Checkbox('pppoe_pr_preset_val', null, 'Hourly (0 * * * *)', $pconfig['pppoe_hourly'], 'hourly'))->displayAsRadio(); $section->add($group); $btnadv = new Form_Button('btnadvopts', 'Display Advanced', null, 'fa-cog'); $btnadv->setAttribute('type', 'button')->addClass('btn-info btn-sm'); $section->addInput(new Form_StaticText('Advanced options', $btnadv)); $form->add($section); $section = new Form_Section('Advanced Configuration'); $section->addClass('adnlopts'); $section->addInput(new Form_Checkbox('ondemand', 'Dial On Demand', 'Enable Dial-on-Demand mode. ', $pconfig['ondemand']))->setHelp('Causes the interface to operate in dial-on-demand mode. Do NOT enable if the link is to remain continuously connected. ' . 'The interface is configured, but the actual connection of the link is delayed until qualifying outgoing traffic is detected.'); $section->addInput(new Form_Input('idletimeout', 'Idle Timeout', 'text', $pconfig['idletimeout']))->setHelp('If no incoming or outgoing packets are transmitted for the entered number of seconds the connection is brought down.' . " " . 'When the idle timeout occurs, if the dial-on-demand option is enabled, mpd goes back into dial-on-demand mode. ' . 'Otherwise, the interface is brought down and all associated routes removed.'); $section->addInput(new Form_Checkbox('vjcomp', 'Compression', 'Disable vjcomp (compression, auto-negotiated by default).', $pconfig['vjcomp']))->setHelp('Disable vjcomp(compression) (auto-negotiated by default).' . '<br />' . 'This option enables Van Jacobson TCP header compression, which saves several bytes per TCP data packet.' . " " . 'This option is almost always required. Compression is not effective for TCP connections with enabled modern extensions like time ' . 'stamping or SACK, which modify TCP options between sequential packets.'); $section->addInput(new Form_Checkbox('tcpmssfix', 'TCPmssFix', 'Disable tcpmssfix (enabled by default).', $pconfig['tcpmssfix']))->setHelp('Causes mpd to adjust incoming and outgoing TCP SYN segments so that the requested maximum segment size is not greater than the amount ' . 'allowed by the interface MTU. This is necessary in many setups to avoid problems caused by routers that drop ICMP Datagram Too Big messages. Without these messages, ' . 'the originating machine sends data, it passes the rogue router then hits a machine that has an MTU that is not big enough for the data. Because the IP Don\'t Fragment option is set, ' . 'this machine sends an ICMP Datagram Too Big message back to the originator and drops the packet. The rogue router drops the ICMP message and the originator never ' . 'gets to discover that it must reduce the fragment size or drop the IP Don\'t Fragment option from its outgoing data.'); $section->addInput(new Form_Checkbox('shortseq', 'ShortSeq', 'Disable shortseq (auto-negotiated by default).', $pconfig['shortseq']))->setHelp('This option is only meaningful if multi-link PPP is negotiated. It proscribes shorter multi-link fragment headers, saving two bytes on every frame. ' . 'It is not necessary to disable this for connections that are not multi-link.'); $section->addInput(new Form_Checkbox('acfcomp', 'ACFComp', 'Disable ACF compression (auto-negotiated by default)', $pconfig['acfcomp']))->setHelp('Address and control field compression. This option only applies to asynchronous link types. It saves two bytes per frame.'); $section->addInput(new Form_Checkbox('protocomp', 'ProtoComp', 'Disable Protocol compression (auto-negotiated by default)', $pconfig['protocomp']))->setHelp('Protocol field compression. This option saves one byte per frame for most frames.'); // Display the Link parameters. We will hide this by default, then un-hide the selected ones on clicking 'Advanced' $j = 0; foreach ($linklist['list'] as $ifnm => $nm) { $group = new Form_Group('Link Parameters (' . $ifnm . ')'); $group->add(new Form_Input('bandwidth' . $ifnm, null, 'text', $pconfig['bandwidth'][$ifnm]))->setHelp('Bandwidth'); $group->add(new Form_Input('mtu' . $ifnm, null, 'text', $pconfig['mtu'][$ifnm]))->setHelp('MTU'); $group->add(new Form_Input('mru' . $ifnm, null, 'text', $pconfig['mru'][$ifnm]))->setHelp('MRU');
function build_if_list() { $list = array(); $interfaces = get_configured_interface_with_descr(false, true); $carplist = get_configured_carp_interface_list(); foreach ($carplist as $cif => $carpip) { $interfaces[$cif] = $carpip . ' (' . get_vip_descr($carpip) . ')'; } $interfaces['lo0'] = 'Localhost'; return $interfaces; } if ($input_errors) { print_input_errors($input_errors); } $form = new Form(); $section = new Form_Section('Edit Virtual IP'); $group = new Form_Group('Type'); $group->add(new Form_Checkbox('mode', null, 'IP Alias', $pconfig['mode'] == "ipalias", 'ipalias'))->displayAsRadio(); $group->add(new Form_Checkbox('mode', null, 'CARP', $pconfig['mode'] == "carp", 'carp'))->displayAsRadio(); $group->add(new Form_Checkbox('mode', null, 'Proxy ARP', $pconfig['mode'] == "proxyarp", 'proxyarp'))->displayAsRadio(); $group->add(new Form_Checkbox('mode', null, 'Other', $pconfig['mode'] == "other", 'other'))->displayAsRadio(); $section->add($group); $section->addInput(new Form_Select('interface', 'Interface', $pconfig['interface'], build_if_list())); $section->addInput(new Form_Select('type', 'Address type', !$pconfig['range'] && $pconfig['subnet_bits'] == 32 || !isset($pconfig['subnet']) ? 'single' : 'network', array('single' => 'Single address', 'network' => 'Network')))->addClass('typesel'); $section->addInput(new Form_IpAddress('subnet', 'Address(es)', $pconfig['subnet']))->addMask('subnet_bits', $pconfig['subnet_bits'])->setHelp('<span id="address_note"></span>'); $section->addInput(new Form_Checkbox('noexpand', 'Expansion', 'Disable expansion of this entry into IPs on NAT lists (e.g. 192.168.1.0/24 expands to 256 entries.) ', isset($pconfig['noexpand']))); $section->addInput(new Form_Input('password', 'Virtual IP Password', 'password', $pconfig['password']))->setHelp('Enter the VHID group password.'); $section->addInput(new Form_Select('vhid', 'VHID Group', $pconfig['vhid'], array_combine(range(1, 255, 1), range(1, 255, 1))))->setHelp('Enter the VHID group that the machines will share'); $group = new Form_Group('Advertising frequency'); $group->add(new Form_Select('advbase', 'Base', $pconfig['advbase'], array_combine(range(1, 254, 1), range(1, 254, 1))))->setHelp('Base'); $group->add(new Form_Select('advskew', 'Skew', $pconfig['advskew'], array_combine(range(0, 254, 1), range(0, 254, 1))))->setHelp('Skew');
if ($input_errors) { print_input_errors($input_errors); } else { if (!$resolved && $type) { print_info_box(sprintf(gettext('Host "%s" could not be resolved.'), $host), 'warning', false); } } if ($createdalias) { if ($alias_exists) { print_info_box(gettext("Alias was updated successfully."), 'success'); } else { print_info_box(gettext("Alias was created successfully."), 'success'); } } $form = new Form(false); $section = new Form_Section('DNS Lookup'); $section->addInput(new Form_Input('host', 'Hostname', 'text', $host, ['placeholder' => 'Hostname to look up.'])); $form->add($section); $form->addGlobal(new Form_Button('Submit', 'Lookup', null, 'fa-search'))->addClass('btn-primary'); if (!empty($resolved)) { if ($alias_exists) { $button_text = gettext("Update alias"); } else { $button_text = gettext("Add alias"); } $form->addGlobal(new Form_Button('create_alias', $button_text, null, 'fa-plus'))->removeClass('btn-primary')->addClass('btn-success'); } print $form; if (!$input_errors && $type) { if ($resolved) { ?>
$counter = 0; $numrows = count($pconfig['subnets']) - 1; foreach ($pconfig['subnets'] as $subnet) { $address_name = "subnet_address" . $counter; $bits_name = "subnet_bits" . $counter; list($address, $subnet) = explode("/", $subnet); $group = new Form_Group($counter == 0 ? 'Subnets' : ''); $group->add(new Form_IpAddress($address_name, null, $address))->addMask($bits_name, $subnet); $group->add(new Form_Button('deleterow' . $counter, 'Delete', null, 'fa-trash'))->removeClass('btn-primary')->addClass('btn-warning'); $group->addClass('repeatable'); $section->add($group); $counter++; } $section->addInput(new Form_Button('addrow', 'Add', null, 'fa-plus'))->addClass('btn-success'); $form->add($section); $section = new Form_Section('DNS Configuration'); for ($idx = 1; $idx <= 3; $idx++) { $section->addInput(new Form_IpAddress('radns' . $idx, 'Server ' . $idx, $pconfig['radns' . $idx]))->setPattern('[a-zA-Z0-9_.:]+')->setHelp($idx < 3 ? '' : 'Leave blank to use the system default DNS servers - this interface\'s IP if DNS Forwarder or Resolver is enabled, otherwise the servers configured on the General page'); } $section->addInput(new Form_Input('radomainsearchlist', 'Domain search list', 'text', $pconfig['radomainsearchlist']))->setHelp('The RA server can optionally provide a domain search list. Use the semicolon character as separator.'); $section->addInput(new Form_Checkbox('rasamednsasdhcp6', 'Settings', 'Use same settings as DHCPv6 server', $pconfig['rasamednsasdhcp6'])); $section->addInput(new Form_Input('if', null, 'hidden', $if)); $form->add($section); print $form; ?> <script type="text/javascript"> //<![CDATA[ events.push(function() { // Suppress "Delete row" button if there are fewer than two rows checkLastRow();
print_info_box($savemsg, $class); } $tab_array = array(); $tab_array[] = array(gettext("Admin Access"), false, "system_advanced_admin.php"); $tab_array[] = array(gettext("Firewall & NAT"), false, "system_advanced_firewall.php"); $tab_array[] = array(gettext("Networking"), true, "system_advanced_network.php"); $tab_array[] = array(gettext("Miscellaneous"), false, "system_advanced_misc.php"); $tab_array[] = array(gettext("System Tunables"), false, "system_advanced_sysctl.php"); $tab_array[] = array(gettext("Notifications"), false, "system_advanced_notifications.php"); display_top_tabs($tab_array); $form = new Form(); $section = new Form_Section('IPv6 Options'); $section->addInput(new Form_Checkbox('ipv6allow', 'Allow IPv6', 'All IPv6 traffic will be blocked by the firewall unless this box is checked', $pconfig['ipv6allow']))->setHelp('NOTE: This does not disable any IPv6 features on the firewall, it only ' . 'blocks traffic.'); $group = new Form_Group('IPv6 over IPv4 Tunneling'); $group->add(new Form_Checkbox('ipv6nat_enable', 'IPv6 over IPv4 Tunneling', 'Enable IPv4 NAT encapsulation of IPv6 packets', $pconfig['ipv6nat_enable']))->setHelp('NOTE: This does not disable any IPv6 features on the firewall, it only ' . 'blocks traffic.'); $group->add(new Form_Input('ipv6nat_ipaddr', 'IP address', 'text', $pconfig['ipv6nat_ipaddr']))->setHelp('Enable IPv4 NAT encapsulation of IPv6 packets. <br/>This provides an ' . 'RFC 2893 compatibility mechanism that can be used to tunneling IPv6 packets over ' . 'IPv4 routing infrastructures. If enabled, don"t forget to add a firewall rule to ' . 'permit IPv6 packets.'); $section->add($group); $section->addInput(new Form_Checkbox('prefer_ipv4', 'Prefer IPv4 over IPv6', 'Prefer to use IPv4 even if IPv6 is available', $pconfig['prefer_ipv4']))->setHelp('By default, if a hostname resolves IPv6 and IPv4 addresses IPv6 will ' . 'be used, if you check this option, IPv4 will be used instead of IPv6.'); $form->add($section); $section = new Form_Section('Network Interfaces'); $section->addInput(new Form_Checkbox('polling_enable', 'Device polling', 'Enable device polling', $pconfig['polling_enable']))->setHelp('Device polling is a technique that lets the system periodically poll ' . 'network devices for new data instead of relying on interrupts. This prevents ' . 'your webConfigurator, SSH, etc. from being inaccessible due to interrupt floods ' . 'when under extreme load. Generally this is not recommended. Not all NICs support ' . 'polling; see the %s homepage for a list of supported cards', [$g["product_name"]]); $section->addInput(new Form_Checkbox('disablechecksumoffloading', 'Hardware Checksum Offloading', 'Disable hardware checksum offload', isset($config['system']['disablechecksumoffloading'])))->setHelp('Checking this option will disable hardware checksum offloading.<br/>' . 'Checksum offloading is broken in some hardware, particularly some Realtek cards. ' . 'Rarely, drivers may have problems with checksum offloading and some specific ' . 'NICs.This will take effect after you reboot the machine or re-configure each ' . 'interface.'); $section->addInput(new Form_Checkbox('disablesegmentationoffloading', 'Hardware TCP Segmentation Offloading', 'Disable hardware TCP segmentation offload', isset($config['system']['disablesegmentationoffloading'])))->setHelp('Checking this option will disable hardware TCP segmentation ' . 'offloading (TSO, TSO4, TSO6). This offloading is broken in some hardware ' . 'drivers, and may impact performance with some specific NICs.This will take ' . 'effect after you reboot the machine or re-configure each interface.'); $section->addInput(new Form_Checkbox('disablelargereceiveoffloading', 'Hardware Large Receive Offloading', 'Disable hardware large receive offload', isset($config['system']['disablelargereceiveoffloading'])))->setHelp('Checking this option will disable hardware large receive offloading ' . '(LRO). This offloading is broken in some hardware drivers, and may impact ' . 'performance with some specific NICs.This will take effect after you reboot the ' . 'machine or re-configure each interface.'); $section->addInput(new Form_Checkbox('sharednet', 'ARP Handling', 'Suppress ARP messages', isset($pconfig['sharednet'])))->setHelp('This option will suppress ARP log messages when multiple interfaces ' . 'reside on the same broadcast domain'); if (get_freebsd_version() == 8) { $section->addInput(new Form_Checkbox('flowtable', 'Enable flowtable support', $pconfig['flowtable']))->setHelp('Enables infrastructure for caching flows as a means of accelerating ' . 'L3 and L2 lookups as well as providing stateful load balancing when used with ' . 'RADIX_MPATH.'); } $form->add($section); print $form; include "foot.inc";
if ($act == "edit") { $form->addGlobal(new Form_Input('refid', null, 'hidden', $pconfig['refid'])); } $section = new Form_Section('Create / Edit CA'); $section->addInput(new Form_Input('descr', 'Descriptive name', 'text', $pconfig['descr'])); if (!isset($id) || $act == "edit") { $section->addInput(new Form_Select('method', 'Method', $pconfig['method'], $ca_methods))->toggles(); } $form->add($section); $section = new Form_Section('Existing Certificate Authority'); $section->addClass('toggle-existing collapse'); $section->addInput(new Form_Textarea('cert', 'Certificate data', $pconfig['cert']))->setHelp('Paste a certificate in X.509 PEM format here.'); $section->addInput(new Form_Textarea('key', 'Certificate Private Key (optional)', $pconfig['key']))->setHelp('Paste the private key for the above certificate here. This is ' . 'optional in most cases, but is required when generating a ' . 'Certificate Revocation List (CRL).'); $section->addInput(new Form_Input('serial', 'Serial for next certificate', 'number', $pconfig['serial']))->setHelp('Enter a decimal number to be used as the serial number for the next ' . 'certificate to be created using this CA.'); $form->add($section); $section = new Form_Section('Internal Certificate Authority'); $section->addClass('toggle-internal', 'toggle-intermediate', 'collapse'); $allCas = array(); foreach ($a_ca as $ca) { if (!$ca['prv']) { continue; } $allCas[$ca['refid']] = $ca['descr']; } $group = new Form_Group('Signing Certificate Authority'); $group->addClass('toggle-intermediate', 'collapse'); $group->add(new Form_Select('caref', null, $pconfig['caref'], $allCas)); $section->add($group); $section->addInput(new Form_Select('keylen', 'Key length (bits)', $pconfig['keylen'], array_combine($ca_keylens, $ca_keylens))); $section->addInput(new Form_Select('digest_alg', 'Digest Algorithm', $pconfig['digest_alg'], array_combine($openssl_digest_algs, $openssl_digest_algs)))->setHelp('NOTE: It is recommended to use an algorithm stronger than SHA1 ' . 'when possible.'); $section->addInput(new Form_Input('lifetime', 'Lifetime (days)', 'number', $pconfig['lifetime']));
$group->add(new Form_Button('Submit', 'Download configuration as XML')); $section->add($group); $form->add($section); $section = new Form_Section('Restore backup'); $section->addInput(new Form_StaticText(null, gettext("Open a ") . $g['[product_name'] . gettext(" configuration XML file and click the button below to restore the configuration."))); $section->addInput(new Form_Select('restorearea', 'Restore area', '', build_area_list(false))); $section->addInput(new Form_Input('conffile', 'Configuration file', 'file', null)); $section->addInput(new Form_Checkbox('decrypt', 'Encryption', 'Configuration file is encrypted.', false)); $section->addInput(new Form_Input('decrypt_password', null, 'password', null, ['placeholder' => 'Password'])); $section->addInput(new Form_Input('decrypt_passconf', null, 'password', null, ['placeholder' => 'Confirm password'])); $group = new Form_Group(''); $group->add(new Form_Button('Submit', 'Restore configuration'))->setHelp('The firewall will reboot after restoring the configuration.')->removeClass('btn-primary')->addClass('btn-danger'); $section->add($group); $form->add($section); if ($config['installedpackages']['package'] != "" || is_subsystem_dirty("packagelock")) { $section = new Form_Section('Package functions'); if ($config['installedpackages']['package'] != "") { $group = new Form_Group(''); $group->add(new Form_Button('Submit', 'Reinstall packages'))->setHelp('Click this button to reinstall all system packages. This may take a while.')->removeClass('btn-primary')->addClass('btn-warning'); $section->add($group); } if (is_subsystem_dirty("packagelock")) { $group = new Form_Group(''); $group->add(new Form_Button('Submit', 'Clear Package Lock'))->setHelp('Click this button to clear the package lock if a package fails to reinstall properly after an upgrade.')->removeClass('btn-primary')->addClass('btn-warning'); $section->add($group); } $form->add($section); } print $form; ?> <script type="text/javascript">
}); </script> <?php $tab_array = array(); $tab_array[] = array(gettext("States"), true, "diag_dump_states.php"); if (isset($config['system']['lb_use_sticky'])) { $tab_array[] = array(gettext("Source Tracking"), false, "diag_dump_states_sources.php"); } $tab_array[] = array(gettext("Reset States"), false, "diag_resetstate.php"); display_top_tabs($tab_array); // Start of tab content $current_statecount = `pfctl -si | grep "current entries" | awk '{ print \$3 }'`; require_once 'classes/Form.class.php'; $form = new Form(false); $section = new Form_Section('State filter'); $section->addInput(new Form_Input('filter', 'Filter expression', 'text', $_POST['filter'], ['placeholder' => 'Simple filter such as 192.168, v6, icmp or ESTABLISHED'])); $filterbtn = new Form_Button('filterbtn', 'Filter', null); $filterbtn->removeClass('btn-primary')->addClass('btn-default btn-sm'); $section->addInput(new Form_StaticText('', $filterbtn)); if (isset($_POST['filter']) && (is_ipaddr($_POST['filter']) || is_subnet($_POST['filter']))) { $killbtn = new Form_Button('killfilter', 'Kill States'); $killbtn->removeClass('btn-primary')->addClass('btn-danger btn-sm'); $section->addInput(new Form_StaticText('Kill filtered states', $killbtn))->setHelp('Remove all states to and from the filtered address'); } $form->add($section); print $form; ?> <table class="table table-striped"> <thead> <tr>
$retval = services_dnsupdate_process(); } header("Location: services_rfc2136.php"); exit; } } $pgtitle = array(gettext("Services"), gettext("Dynamic DNS"), gettext("RFC 2136 Client"), gettext("Edit")); include "head.inc"; if ($input_errors) { print_input_errors($input_errors); } if ($savemsg) { print_info_box($savemsg); } $form = new Form(); $section = new Form_Section('RFC 2136 client'); $section->addInput(new Form_Checkbox('enable', 'Enable', null, $pconfig['enable'])); $optionlist = array(); $iflist = get_configured_interface_with_descr(); foreach ($iflist as $ifnam => $ifdescr) { $optionlist[$ifnam] = $ifdescr; } $section->addInput(new Form_Select('interface', 'Interface', $pconfig['interface'], $optionlist)); $section->addInput(new Form_Input('host', 'Hostname', 'text', $pconfig['host']))->setHelp('Fully qualified hostname of the host to be updated'); $section->addInput(new Form_Input('ttl', 'TTL (seconds)', 'number', $pconfig['ttl'])); $section->addInput(new Form_Input('keyname', 'Key name', 'text', $pconfig['keyname']))->setHelp('This must match the setting on the DNS server.'); $group = new Form_Group('Key Type'); $group->add(new Form_Checkbox('keytype', 'Key Type', 'Zone', $pconfig['keytype'] == 'zone', 'zone'))->displayAsRadio(); $group->add(new Form_Checkbox('keytype', 'Key Type', 'Host', $pconfig['keytype'] == 'host', 'host'))->displayAsRadio(); $group->add(new Form_Checkbox('keytype', 'Key Type', 'User', $pconfig['keytype'] == 'user', 'user'))->displayAsRadio(); $section->add($group);
$pgtitle = array(gettext("Services"), gettext("DHCPv6 Relay")); $shortcut_section = "dhcp6"; include "head.inc"; if ($dhcpd_enabled) { echo '<div class="alert alert-danger">' . gettext("DHCPv6 Server is currently enabled. Cannot enable the DHCPv6 Relay service while the DHCPv6 Server is enabled on any interface.") . '</div>'; include "foot.inc"; exit; } if ($input_errors) { print_input_errors($input_errors); } if ($savemsg) { print_info_box($savemsg, 'success'); } $form = new Form(); $section = new Form_Section('DHCPv6 Relay configuration'); $section->addInput(new Form_Checkbox('enable', 'Enable', 'Enable DHCPv6 relay on interface', $pconfig['enable']))->toggles('.form-group:not(:first-child)'); $section->addInput(new Form_Select('interface', 'Interface(s)', $pconfig['interface'], $iflist, true))->setHelp('Interfaces without an IPv6 address will not be shown.'); $section->addInput(new Form_Checkbox('agentoption', '', 'Append circuit ID and agent ID to requests', $pconfig['agentoption']))->setHelp('If this is checked, the DHCPv6 relay will append the circuit ID (%s interface number) and the agent ID to the DHCPv6 request.', [$g['product_name']]); function createDestinationServerInputGroup($value = null) { $group = new Form_Group('Destination server'); $group->add(new Form_IpAddress('server', 'Destination server', $value))->setWidth(4)->setHelp('This is the IPv6 address of the server to which DHCPv6 requests are relayed.')->setIsRepeated(); $group->enableDuplication(null, true); // Buttons are in-line with the input return $group; } if (!isset($pconfig['server'])) { $section->add(createDestinationServerInputGroup()); } else { foreach (explode(',', $pconfig['server']) as $server) {
$text .= "<p/>"; $text .= `/sbin/pfctl -vvsm`; $text .= "<p/>"; $text .= `/sbin/pfctl -vvst`; $text .= "<p/>"; $text .= `/sbin/pfctl -vvsI`; echo $text; exit; } include "head.inc"; if ($input_errors) { print_input_errors($input_errors); } $form = new Form(false); $form->addGlobal(new Form_Input('getactivity', null, 'hidden', 'yes')); $section = new Form_Section('Auto Update Page'); $section->addInput(new Form_Checkbox('refresh', 'Refresh', 'Automatically refresh the output below', true)); $form->add($section); print $form; ?> <script type="text/javascript"> //<![CDATA[ function getpfinfo() { if (!$('#refresh').is(':checked')) { return; } $.ajax( '/diag_pf_info.php', { type: 'post',
$section->addInput(new Form_Checkbox('nohttpreferercheck', 'Browser HTTP_REFERER enforcement', 'Disable HTTP_REFERER enforcement check', $pconfig['nohttpreferercheck']))->setHelp('When this is unchecked, access to the webConfigurator is protected ' . 'against HTTP_REFERER redirection attempts. Check this box to disable this ' . 'protection if you find that it interferes with webConfigurator access in certain ' . 'corner cases such as using external scripts to interact with this system. More ' . 'information on HTTP_REFERER is available from <a target="_blank" ' . 'href="http://en.wikipedia.org/wiki/HTTP_referrer">Wikipedia</a>.'); $section->addInput(new Form_Checkbox('pagenamefirst', 'Browser tab text', 'Display page name first in browser tab', $pconfig['pagenamefirst']))->setHelp('When this is unchecked, the browser tab shows the host name followed ' . 'by the current page. Check this box to display the current page followed by the ' . 'host name.'); $form->add($section); $section = new Form_Section('Secure Shell'); $section->addInput(new Form_Checkbox('enablesshd', 'Secure Shell Server', 'Enable Secure Shell', isset($pconfig['enablesshd']))); $section->addInput(new Form_Checkbox('sshdkeyonly', 'Authentication Method', 'Disable password login for Secure Shell (RSA/DSA key only)', $pconfig['sshdkeyonly']))->setHelp('When enabled, authorized keys need to be configured for each <a ' . 'href="system_usermanager.php">user</a> that has been granted secure shell ' . 'access.'); $section->addInput(new Form_Input('sshport', 'SSH port', 'number', $pconfig['sshport'], ['min' => 1, 'max' => 65535, 'placeholder' => 22]))->setHelp('Note: Leave this blank for the default of 22.'); if (!$g['enableserial_force'] && ($g['platform'] == $g['product_name'] || $g['platform'] == "cdrom")) { $form->add($section); $section = new Form_Section('Serial Communications'); $section->addInput(new Form_Checkbox('enableserial', 'Serial Terminal', 'Enables the first serial port with 115200/8/N/1 by default, or another speed selectable below.', isset($pconfig['enableserial'])))->setHelp('Note: This will redirect the console output and messages to ' . 'the serial port. You can still access the console menu from the internal video ' . 'card/keyboard. A <b>null modem</b> serial cable or adapter is required to use the ' . 'serial console.'); $section->addInput(new Form_Select('serialspeed', 'Serial Speed', $pconfig['serialspeed'], array_combine(array(115200, 57600, 38400, 19200, 14400, 9600), array(115200, 57600, 38400, 19200, 14400, 9600))))->setHelp('Allows selection of different speeds for the serial console port.'); $section->addInput(new Form_Select('primaryconsole', 'Primary Console', $pconfig['primaryconsole'], array('serial' => 'Serial Console', 'video' => 'VGA Console')))->setHelp('Select the preferred console if multiple consoles are present. ' . 'The preferred console will show pfSense boot script output. All consoles ' . 'display OS boot messages, console messages, and the console menu.'); } $form->add($section); $section = new Form_Section('Console Options'); $section->addInput(new Form_Checkbox('disableconsolemenu', 'Console menu', 'Password protect the console menu', $pconfig['disableconsolemenu'])); $form->add($section); print $form; ?> <script type="text/javascript"> //<![CDATA[ events.push(function() { // ---------- On initial page load ------------------------------------------------------------ hideInput('ssl-certref', $('input[name=webguiproto]:checked').val() == 'http'); // ---------- Click checkbox handlers --------------------------------------------------------- $('[id=webguiproto]').click(function () {
$edgelist = build_port_list($pconfig['autoedge']); $section->addInput(new Form_Select('autoedge', 'Auto Edge Ports', $edgelist['selected'], $edgelist['list'], true))->setHelp('Allow interface to automatically detect edge status. This is the default for all interfaces added to a bridge.' . '%sThis will disable the autoedge status of interfaces. %s', ['<strong>', '</strong>']); $edgelist = build_port_list($pconfig['ptp']); $section->addInput(new Form_Select('ptp', 'PTP Ports', $edgelist['selected'], $edgelist['list'], true))->setHelp('Set the interface as a point-to-point link. This is required for straight transitions to forwarding and should be enabled on a direct link to another RSTP-capable switch.'); $edgelist = build_port_list($pconfig['autoptp']); $section->addInput(new Form_Select('autoptp', 'Auto PTP Ports', $edgelist['selected'], $edgelist['list'], true))->setHelp('Automatically detect the point-to-point status on interface by checking the full duplex link status. This is the default for interfaces added to the bridge.' . '%sThe interfaces selected here will be removed from default autoedge status. %s', ['<strong>', '</strong>']); $edgelist = build_port_list($pconfig['static']); $section->addInput(new Form_Select('static', 'Sticky Ports', $edgelist['selected'], $edgelist['list'], true))->setHelp('Mark an interface as a "sticky" interface. Dynamically learned address entries are treated as static once entered into the cache. ' . 'Sticky entries are never aged out of the cache or replaced, even if the address is seen on a different interface.'); $edgelist = build_port_list($pconfig['private']); $section->addInput(new Form_Select('private', 'Private Ports', $edgelist['selected'], $edgelist['list'], true))->setHelp('Mark an interface as a "private" interface. A private interface does not forward any traffic to any other port that is also a private interface. '); // STP section // ToDo: - Should disable spanning tree section when not checked $section->addInput(new Form_Checkbox('enablestp', 'Enable RSTP/STP', null, $pconfig['enablestp'])); // Show the spanning tree section $form->add($section); $section = new Form_Section('RSTP/STP'); $section->addClass('adnlopts'); $section->addInput(new Form_Select('proto', 'Protocol', $pconfig['proto'], array('rstp' => 'RSTP', 'stp' => 'STP')))->setHelp('Protocol used for spanning tree.'); $edgelist = build_port_list($pconfig['stp']); $section->addInput(new Form_Select('stp', 'STP Interfaces', $edgelist['selected'], $edgelist['list'], true))->setHelp('Enable Spanning Tree Protocol on interface. The if_bridge(4) driver has support for the IEEE 802.1D Spanning Tree Protocol (STP). ' . 'STP is used to detect and remove loops in a network topology.'); $section->addInput(new Form_Input('maxage', 'Valid time', 'number', $pconfig['maxage'], ['placeholder' => 20, 'min' => 6, 'max' => 40]))->setHelp('Set the time that a Spanning Tree Protocol configuration is valid. The default is 20 seconds. The minimum is 6 seconds and the maximum is 40 seconds.'); $section->addInput(new Form_Input('fwdelay', 'Forward time', 'number', $pconfig['fwdelay'], ['placeholder' => 15, 'min' => 4, 'max' => 30]))->setHelp('Set the time that must pass before an interface begins forwarding packets when Spanning Tree is enabled. The default is 15 seconds. The minimum is 4 seconds and the maximum is 30 seconds. '); $section->addInput(new Form_Input('hellotime', 'Hello time', 'number', $pconfig['hellotime'], ['placeholder' => 2, 'min' => 1, 'max' => 2, 'step' => '0.1']))->setHelp('Set the time in seconds between broadcasting of Spanning Tree Protocol configuration messages. The hello time may only be changed when operating in legacy STP mode. ' . 'The default is 2 seconds. The minimum is 1 second and the maximum is 2 seconds.'); $section->addInput(new Form_Input('priority', 'Priority', 'number', $pconfig['priority'], ['placeholder' => 32768, 'min' => 0, 'max' => 61440]))->setHelp('Set the bridge priority for Spanning Tree. The default is 32768. The minimum is 0 and the maximum is 61440. '); $section->addInput(new Form_Input('holdcnt', 'Hold Count', 'number', $pconfig['holdcnt'], ['placeholder' => 6, 'min' => 1, 'max' => 10]))->setHelp('Set the transmit hold count for Spanning Tree. This is the number of packets transmitted before being rate limited. The default is 6. The minimum is 1 and the maximum is 10.'); foreach ($ifacelist as $ifn => $ifdescr) { $section->addInput(new Form_Input($ifn, $ifdescr . ' Priority', 'number', $pconfig['ifpriority'][$ifn], ['placeholder' => 128, 'min' => 0, 'max' => 240, 'step' => 16]))->setHelp('Set the Spanning Tree priority of interface to value. The default is 128. The minimum is 0 and the maximum is 240. Increments of 16.'); } $i = 0; foreach ($ifacelist as $ifn => $ifdescr) { $section->addInput(new Form_Input($ifn . 0, $ifdescr . ' Path cost', 'number', $pconfig['ifpathcost'][$ifn], ['placeholder' => 0, 'min' => 1, 'max' => 200000000]))->setHelp('Set the Spanning Tree path cost of interface to value. The default is calculated from the link speed. ' . 'To change a previously selected path cost back to automatic, set the cost to 0. The minimum is 1 and the maximum is 200000000.');
header("Location: services_dhcp.php?if={$if}"); exit; } } // Get our MAC address $ip = $_SERVER['REMOTE_ADDR']; $mymac = `/usr/sbin/arp -an | grep '('{$ip}')' | cut -d" " -f4`; $mymac = str_replace("\n", "", $mymac); $pgtitle = array(gettext("Services"), gettext("DHCP"), gettext("Edit static mapping")); $shortcut_section = "dhcp"; include "head.inc"; if ($input_errors) { print_input_errors($input_errors); } $form = new Form(); $section = new Form_Section(sprintf("Static DHCP Mapping on %s", $ifcfgdescr)); $macaddress = new Form_Input('mac', 'MAC Address', 'text', $pconfig['mac'], ['placeholder' => 'xx:xx:xx:xx:xx:xx']); $btnmymac = new Form_Button('btnmymac', 'Copy My MAC'); $btnmymac->removeClass('btn-primary')->addClass('btn-success btn-sm'); $group = new Form_Group('MAC controls'); $group->add($macaddress); $group->add($btnmymac); $group->setHelp('MAC address (6 hex octets separated by colons)'); $section->add($group); $section->addInput(new Form_Input('cid', 'Client Identifier', 'text', $pconfig['cid'])); $section->addInput(new Form_IpAddress('ipaddr', 'IP Address', $pconfig['ipaddr']))->setHelp('If an IPv4 address is entered, the address must be outside of the pool.' . '<br />' . 'If no IPv4 address is given, one will be dynamically allocated from the pool.'); $section->addInput(new Form_Input('hostname', 'Hostname', 'text', $pconfig['hostname']))->setHelp('Name of the host, without domain part.'); if ($netboot_enabled) { $section->addInput(new Form_Input('filename', 'Netboot filename', 'text', $pconfig['filename']))->setHelp('Name of the file that should be loaded when this host boots off of the network, overrides setting on main page.'); $section->addInput(new Form_Input('rootpath', 'Root Path', 'text', $pconfig['rootpath']))->setHelp('Enter the root-path-string, overrides setting on main page.'); }
$input_errors[] = gettext("The zone name can only contain letters, digits, and underscores ( _ )."); } foreach ($a_cp as $cpkey => $cpent) { if ($cpent['zone'] == $_POST['zone']) { $input_errors[] = sprintf(gettext("Zone [%s] already exists."), $_POST['zone']); break; } } if (!$input_errors) { $cpzone = strtolower($_POST['zone']); $a_cp[$cpzone] = array(); $a_cp[$cpzone]['zone'] = str_replace(" ", "", $_POST['zone']); $a_cp[$cpzone]['descr'] = $_POST['descr']; $a_cp[$cpzone]['localauth_priv'] = true; write_config(); header("Location: services_captiveportal.php?zone={$cpzone}"); exit; } } include "head.inc"; if ($input_errors) { print_input_errors($input_errors); } $form = new Form(false); $section = new Form_Section('Add Captive Portal Zone'); $section->addInput(new Form_Input('zone', 'Zone name'))->setPattern('[0-9A-Za-z_]+')->setHelp('Zone name. Can only contain letters, digits, and underscores (_).'); $section->addInput(new Form_Input('descr', 'Zone description'))->setHelp('A description may be entered here for administrative reference (not parsed).'); $form->add($section); $form->addGlobal(new Form_Button('Submit', 'Save & Continue', null, 'fa-save'))->addClass('btn-primary'); print $form; include "foot.inc";
$netstat .= " | /usr/bin/sed -e '1,3d'"; } if (is_numeric($_REQUEST['limit']) && $_REQUEST['limit'] > 0) { $_REQUEST['limit']++; // Account for the header line $netstat .= " | /usr/bin/head -n {$_REQUEST['limit']}"; } echo htmlspecialchars_decode(shell_exec($netstat)); exit; } $pgtitle = array(gettext("Diagnostics"), gettext("Routes")); $shortcut_section = "routing"; include 'head.inc'; $form = new Form(false); $form->addGlobal(new Form_Input('isAjax', null, 'hidden', 1)); $section = new Form_Section('Routing Table Display Options'); $section->addInput(new Form_Checkbox('resolve', 'Resolve names', 'Enable', $resolve))->setHelp('Enabling name resolution may cause the query to take longer.' . ' It can be stopped at any time by clicking the Stop button in the browser.'); $validLimits = array('10', '50', '100', '200', '500', '1000', 'all'); $section->addInput(new Form_Select('limit', 'Rows to display', $limit, array_combine($validLimits, $validLimits))); $section->addInput(new Form_Input('filter', 'Filter', 'text', $host))->setHelp('Use a regular expression to filter the tables.'); $form->add($section); $form->addGlobal(new Form_Button('Submit', 'Update', null, 'fa-refresh'))->addClass('btn-primary'); print $form; ?> <script type="text/javascript"> //<![CDATA[ function update_routes(section) { $.ajax( '/diag_routes.php', { type: 'post',
$interfaces = get_configured_interface_with_descr(); foreach ($interfaces as $iface => $ifacename) { $iflist[$iface] = $ifacename; } $section = new Form_Section("Configuration"); $section->addClass('toggle-l2tp-enable'); $section->addInput(new Form_Select('interface', 'Interface', $pconfig['interface'], $iflist)); $section->addInput(new Form_Input('localip', 'Server address', 'text', $pconfig['localip']))->setHelp('Enter the IP address the L2TP server should give to clients for use as their "gateway". ' . '<br />' . 'Typically this is set to an unused IP just outside of the client range.' . '<br /><br />' . 'NOTE: This should NOT be set to any IP address currently in use on this firewall.'); $section->addInput(new Form_IpAddress('remoteip', 'Remote address range', $pconfig['remoteip']))->addMask(l2tp_subnet, $pconfig['l2tp_subnet'])->setHelp('Specify the starting address for the client IP address subnet.'); $section->addInput(new Form_Select('n_l2tp_units', 'Number of L2TP users', $pconfig['n_l2tp_units'], array_combine(range(1, 255, 1), range(1, 255, 1)))); $section->addPassword(new Form_Input('secret', 'Secret', 'password', $pconfig['secret']))->setHelp('Specify optional secret shared between peers. Required on some devices/setups.'); $section->addInput(new Form_Select('paporchap', 'Authentication type', $pconfig['paporchap'], array('chap' => 'CHAP', 'chap-msv2' => 'MS-CHAPv2', 'pap' => 'PAP')))->setHelp('Specifies the protocol to use for authentication.'); $section->addInput(new Form_Input('l2tp_dns1', 'Primary L2TM DNS server', 'text', $pconfig['l2tp_dns1'])); $section->addInput(new Form_Input('l2tp_dns2', 'Secondary L2TM DNS server', 'text', $pconfig['l2tp_dns2'])); $form->add($section); $section = new Form_Section("RADIUS"); $section->addClass('toggle-l2tp-enable'); $section->addInput(new Form_Checkbox('radiusenable', 'Enable', 'Use a RADIUS server for authentication', $pconfig['radiusenable']))->setHelp('When set, all users will be authenticated using the RADIUS server specified below. The local user database will not be used.'); $section->addInput(new Form_Checkbox('radacct_enable', 'Accounting', 'Enable RADIUS accounting', $pconfig['radacct_enable']))->setHelp('Sends accounting packets to the RADIUS server.'); $section->addInput(new Form_IpAddress('radiusserver', 'Server', $pconfig['radiusserver']))->setHelp('Enter the IP address of the RADIUS server.'); $section->addPassword(new Form_Input('radiussecret', 'Secret', 'password', $pconfig['radiussecret']))->setHelp('Enter the shared secret that will be used to authenticate to the RADIUS server.'); $section->addInput(new Form_Checkbox('radiusissueips', 'RADIUS issued IPs', 'Issue IP Addresses via RADIUS server.', $pconfig['radiusissueips'])); $form->add($section); print $form; print_info_box(gettext("Don't forget to add a firewall rule to permit traffic from L2TP clients!"), info); ?> <script type="text/javascript"> //<![CDATA[ events.push(function() {