} else {
$a_checkip[] = $checkip;
}
write_config(gettext("New/Edited Check IP Services entry was posted."));
header("Location: services_checkip.php");
exit;
}
}
$pgtitle = array(gettext("Services"), gettext("Dynamic DNS"), gettext("Check IP Services"), gettext("Edit"));
include "head.inc";
if ($input_errors) {
print_input_errors($input_errors);
}
if ($savemsg) {
print_info_box($savemsg, 'success');
}
$form = new Form();
$section = new Form_Section('Check IP Service');
$section->addInput(new Form_Checkbox('enable', 'Enable', null, $pconfig['enable']));
$section->addInput(new Form_Input('name', 'Name', 'text', $pconfig['name']))->setHelp('The name of the service may only consist of the characters "a-z, A-Z, 0-9 and _".');
$section->addInput(new Form_Input('url', 'URL', 'text', $pconfig['url']));
$section->addInput(new Form_Input('username', 'User name', 'text', $pconfig['username']));
$section->addPassword(new Form_Input('passwordfld', 'Password', 'password', $pconfig['password']));
$section->addInput(new Form_Checkbox('verifysslpeer', 'Verify SSL Peer', 'Verify SSL Peer', $pconfig['verifysslpeer']));
$section->addInput(new Form_Input('descr', 'Description', 'text', $pconfig['descr']))->setHelp('A description may be entered here for administrative reference (not parsed).');
if (isset($id) && $a_checkip[$id]) {
$section->addInput(new Form_Input('id', null, 'hidden', $id));
}
$form->add($section);
print $form;
include "foot.inc";
display_top_tabs($tab_array);
$form = new Form();
$section = new Form_Section('Growl');
$section->addInput(new Form_Checkbox('disable_growl', 'Disable Growl', 'Disable Growl Notifications', $pconfig['disable_growl']))->setHelp('Check this option to disable growl notifications but preserve the ' . 'settings below.');
$section->addInput(new Form_Input('name', 'Registration Name', 'text', $pconfig['name'], ['placeholder' => 'PHP-Growl']))->setHelp('Enter the name to register with the Growl server.');
$section->addInput(new Form_Input('notification_name', 'Notification Name', 'text', $pconfig['notification_name'], ['placeholder' => $g["product_name"] . ' growl alert']))->setHelp('Enter a name for the Growl notifications');
$section->addInput(new Form_Input('ipaddress', 'IP Address', 'text', $pconfig['ipaddress']))->setHelp('This is the IP address that you would like to send growl ' . 'notifications to.');
$section->addPassword(new Form_Input('password', 'Password', 'text', $pconfig['password']))->setHelp('Enter the password of the remote growl notification device.');
$section->addInput(new Form_Input('test-growl', 'Test Growl', 'submit', 'Test Growl settings'))->addClass('btn-info')->setHelp('A test notification will be sent even if the service is ' . 'marked as disabled.');
$form->add($section);
$section = new Form_Section('E-Mail');
$section->addInput(new Form_Checkbox('disable_smtp', 'Disable SMTP', 'Disable SMTP Notifications', $pconfig['disable_smtp']))->setHelp('Check this option to disable SMTP notifications but preserve the ' . 'settings below. Some other mechanisms, such as packages, may need these settings ' . 'in place to function.');
$section->addInput(new Form_Input('smtpipaddress', 'E-Mail server', 'text', $pconfig['smtpipaddress']))->setHelp('This is the FQDN or IP address of the SMTP E-Mail server to ' . 'which notifications will be sent.');
$section->addInput(new Form_Input('smtpport', 'SMTP Port of E-Mail server', 'number', $pconfig['smtpport']))->setHelp('This is the port of the SMTP E-Mail server, typically 25, 587 ' . '(submission) or 465 (smtps)');
$group = new Form_Group('Secure SMTP Connection');
$group->add(new Form_Checkbox('smtpssl', 'Enable SSL/TLS', 'Enable SMTP over SSL/TLS', isset($pconfig['smtpssl'])));
$group->add(new Form_Checkbox('smtptls', 'Secure STARTTLS', 'Enable STARTTLS', isset($pconfig['smtptls'])));
$section->add($group);
$section->addInput(new Form_Input('smtpfromaddress', 'From e-mail address', 'text', $pconfig['smtpfromaddress']))->setHelp('This is the e-mail address that will appear in the from field.');
$section->addInput(new Form_Input('smtpnotifyemailaddress', 'Notification E-Mail address', 'text', $pconfig['smtpnotifyemailaddress']))->setHelp('Enter the e-mail address that you would like email ' . 'notifications sent to.');
// This name prevents the browser from auto-filling the field. We change it on submit
$section->addInput(new Form_Input('smtpusername', 'Notification E-Mail auth username (optional)', 'text', $pconfig['smtpusername'], ['autocomplete' => 'off']))->setHelp('Enter the e-mail address username for SMTP authentication.');
$section->addPassword(new Form_Input('smtppassword', 'Notification E-Mail auth password', 'password', $pconfig['smtppassword']))->setHelp('Enter the e-mail account password for SMTP authentication.');
$section->addInput(new Form_Select('smtpauthmech', 'Notification E-Mail auth mechanism', $pconfig['smtpauthmech'], $smtp_authentication_mechanisms))->setHelp('Select the authentication mechanism used by the SMTP server. Most work with PLAIN, some servers like Exchange or Office365 might require LOGIN. ');
$section->addInput(new Form_Input('test-smtp', 'Test SMTP', 'submit', 'Test SMTP settings'))->addClass('btn-info')->setHelp('A test notification will be sent even if the service is ' . 'marked as disabled. The last SAVED values will be used, not necessarily the values entered here.');
$form->add($section);
$section = new Form_Section('Sounds');
$section->addInput(new Form_Checkbox('disablebeep', 'Startup/Shutdown Sound', 'Disable the startup/shutdown beep', $pconfig['disablebeep']))->setHelp('When this is checked, startup and shutdown sounds will no longer ' . 'play.');
$form->add($section);
print $form;
include "foot.inc";
$section->addClass('toggle-l2tp-enable');
$section->addInput(new Form_Select('interface', 'Interface', $pconfig['interface'], $iflist));
$section->addInput(new Form_Input('localip', 'Server address', 'text', $pconfig['localip']))->setHelp('Enter the IP address the L2TP server should give to clients for use as their "gateway". ' . '<br />' . 'Typically this is set to an unused IP just outside of the client range.' . '<br /><br />' . 'NOTE: This should NOT be set to any IP address currently in use on this firewall.');
$section->addInput(new Form_IpAddress('remoteip', 'Remote address range', $pconfig['remoteip']))->addMask(l2tp_subnet, $pconfig['l2tp_subnet'])->setHelp('Specify the starting address for the client IP address subnet.');
$section->addInput(new Form_Select('n_l2tp_units', 'Number of L2TP users', $pconfig['n_l2tp_units'], array_combine(range(1, 255, 1), range(1, 255, 1))));
$section->addPassword(new Form_Input('secret', 'Secret', 'password', $pconfig['secret']))->setHelp('Specify optional secret shared between peers. Required on some devices/setups.');
$section->addInput(new Form_Select('paporchap', 'Authentication type', $pconfig['paporchap'], array('chap' => 'CHAP', 'chap-msv2' => 'MS-CHAPv2', 'pap' => 'PAP')))->setHelp('Specifies the protocol to use for authentication.');
$section->addInput(new Form_Input('l2tp_dns1', 'Primary L2TM DNS server', 'text', $pconfig['l2tp_dns1']));
$section->addInput(new Form_Input('l2tp_dns2', 'Secondary L2TM DNS server', 'text', $pconfig['l2tp_dns2']));
$form->add($section);
$section = new Form_Section("RADIUS");
$section->addClass('toggle-l2tp-enable');
$section->addInput(new Form_Checkbox('radiusenable', 'Enable', 'Use a RADIUS server for authentication', $pconfig['radiusenable']))->setHelp('When set, all users will be authenticated using the RADIUS server specified below. The local user database will not be used.');
$section->addInput(new Form_Checkbox('radacct_enable', 'Accounting', 'Enable RADIUS accounting', $pconfig['radacct_enable']))->setHelp('Sends accounting packets to the RADIUS server.');
$section->addInput(new Form_IpAddress('radiusserver', 'Server', $pconfig['radiusserver']))->setHelp('Enter the IP address of the RADIUS server.');
$section->addPassword(new Form_Input('radiussecret', 'Secret', 'password', $pconfig['radiussecret']))->setHelp('Enter the shared secret that will be used to authenticate to the RADIUS server.');
$section->addInput(new Form_Checkbox('radiusissueips', 'RADIUS issued IPs', 'Issue IP Addresses via RADIUS server.', $pconfig['radiusissueips']));
$form->add($section);
print $form;
print_info_box(gettext("Don't forget to add a firewall rule to permit traffic from L2TP clients!"), info);
?>
<script type="text/javascript">
//<![CDATA[
events.push(function() {
function setL2TP () {
hide = ! $('#mode').prop('checked');
hideClass('toggle-l2tp-enable', hide);
}
$section->addInput(new Form_Textarea('publickey', 'Voucher Public Key', $pconfig['publickey']))->setHelp('Paste an RSA public key (64 Bit or smaller) in PEM format here. This key is used to decrypt vouchers.');
$section->addInput(new Form_Textarea('privatekey', 'Voucher Private Key', $pconfig['privatekey']))->setHelp('Paste an RSA private key (64 Bit or smaller) in PEM format here. This key is only used to generate encrypted vouchers and doesn\'t need to be available if the vouchers have been generated offline.');
$section->addInput(new Form_Input('charset', 'Character set', 'text', $pconfig['charset']))->setHelp('Tickets are generated with the specified character set. It should contain printable characters (numbers, lower case and upper case letters) that are hard to confuse with others. Avoid e.g. 0/O and l/1.');
$section->addInput(new Form_Input('rollbits', '# of Roll bits', 'text', $pconfig['rollbits']))->setHelp('Reserves a range in each voucher to store the Roll # it belongs to. Allowed range: 1..31. Sum of Roll+Ticket+Checksum bits must be one Bit less than the RSA key size.');
$section->addInput(new Form_Input('ticketbits', '# of Ticket bits', 'text', $pconfig['ticketbits']))->setHelp('Reserves a range in each voucher to store the Ticket# it belongs to. Allowed range: 1..16. ' . 'Using 16 bits allows a roll to have up to 65535 vouchers. ' . 'A bit array, stored in RAM and in the config, is used to mark if a voucher has been used. A bit array for 65535 vouchers requires 8 KB of storage. ');
$section->addInput(new Form_Input('checksumbits', '# of Checksum bits', 'text', $pconfig['checksumbits']))->setHelp('Reserves a range in each voucher to store a simple checksum over Roll # and Ticket#. Allowed range is 0..31.');
$section->addInput(new Form_Input('magic', 'Magic number', 'text', $pconfig['magic']))->setHelp('Magic number stored in every voucher. Verified during voucher check. ' . 'Size depends on how many bits are left by Roll+Ticket+Checksum bits. If all bits are used, no magic number will be used and checked.');
$section->addInput(new Form_Input('msgnoaccess', 'Invalid voucher message', 'text', $pconfig['msgnoaccess']))->setHelp('Error message displayed for invalid vouchers on captive portal error page ($PORTAL_MESSAGE$).');
$section->addInput(new Form_Input('msgexpired', 'Expired voucher message', 'text', $pconfig['msgexpired']))->setHelp('Error message displayed for expired vouchers on captive portal error page ($PORTAL_MESSAGE$).');
$form->add($section);
$section = new Form_Section('Voucher database synchronization');
$section->addClass('rolledit');
$section->addInput(new Form_IpAddress('vouchersyncdbip', 'Synchronize Voucher Database IP', $pconfig['vouchersyncdbip']))->setHelp('IP address of master nodes webConfigurator to synchronize voucher database and used vouchers from.' . '<br />' . 'NOTE: this should be setup on the slave nodes and not the primary node!');
$section->addInput(new Form_Input('vouchersyncport', 'Voucher sync port', 'text', $pconfig['vouchersyncport']))->setHelp('The port of the master voucher node\'s webConfigurator. Example: 443 ');
$section->addInput(new Form_Input('vouchersyncusername', 'Voucher sync username', 'text', $pconfig['vouchersyncusername']))->setHelp('This is the username of the master voucher nodes webConfigurator.');
$section->addPassword(new Form_Input('vouchersyncpass', 'Voucher sync password', 'password', $pconfig['vouchersyncpass']))->setHelp('This is the password of the master voucher nodes webConfigurator.');
$section->addInput(new Form_Input('zone', null, 'hidden', $cpzone));
$section->addInput(new Form_Input('exponent', null, 'hidden', $pconfig['exponent']));
$form->add($section);
print $form;
?>
<div class="rolledit">
<?php
print_info_box(gettext('Changing any Voucher parameter (apart from managing the list of Rolls) on this page will render existing vouchers useless if they were generated with different settings. ' . 'Specifying the Voucher Database Synchronization options will not record any other value from the other options. They will be retrieved/synced from the master.'), 'info');
?>
</div>
<script type="text/javascript">
//<![CDATA[
events.push(function() {
print_info_box($savemsg, 'success');
}
$tab_array = array();
$tab_array[] = array(gettext("Admin Access"), false, "system_advanced_admin.php");
$tab_array[] = array(htmlspecialchars(gettext("Firewall & NAT")), false, "system_advanced_firewall.php");
$tab_array[] = array(gettext("Networking"), false, "system_advanced_network.php");
$tab_array[] = array(gettext("Miscellaneous"), true, "system_advanced_misc.php");
$tab_array[] = array(gettext("System Tunables"), false, "system_advanced_sysctl.php");
$tab_array[] = array(gettext("Notifications"), false, "system_advanced_notifications.php");
display_top_tabs($tab_array);
$form = new Form();
$section = new Form_Section('Proxy Support');
$section->addInput(new Form_Input('proxyurl', 'Proxy URL', 'text', $pconfig['proxyurl']))->setHelp('Hostname or IP address of proxy server this system will ' . 'use for its outbound Internet access.');
$section->addInput(new Form_Input('proxyport', 'Proxy Port', 'text', $pconfig['proxyport']))->setHelp('Port where proxy server is listening.');
$section->addInput(new Form_Input('proxyuser', 'Proxy Username', 'text', $pconfig['proxyuser']))->setHelp('Username for authentication to proxy server. Optional, ' . 'leave blank to not use authentication.');
$section->addPassword(new Form_Input('proxypass', 'Proxy Password', 'password', $pconfig['proxypass']))->setHelp('Password for authentication to proxy server.');
$form->add($section);
$section = new Form_Section('Load Balancing');
$group = new Form_Group('Load Balancing');
$group->add(new Form_Checkbox('lb_use_sticky', 'Use sticky connections', 'Use sticky connections', $pconfig['lb_use_sticky']))->setHelp('Successive connections will be redirected to the servers in a ' . 'round-robin manner with connections from the same source being sent to the ' . 'same web server. This "sticky connection" will exist as long as there are ' . 'states that refer to this connection. Once the states expire, so will the ' . 'sticky connection. Further connections from that host will be redirected ' . 'to the next web server in the round robin. Changing this option will ' . 'restart the Load Balancing service.');
$group->add(new Form_Input('srctrack', 'Source tracking timeout', 'number', $pconfig['srctrack'], ["placeholder" => "0"]))->setHelp('Set the source tracking timeout for sticky connections. By default ' . 'this is 0, so source tracking is removed as soon as the state expires. ' . 'Setting this timeout higher will cause the source/destination relationship ' . 'to persist for longer periods of time.');
$section->add($group);
$section->addInput(new Form_Checkbox('gw_switch_default', 'Default gateway switching', 'Enable default gateway switching', $pconfig['gw_switch_default']))->setHelp('If the default gateway goes down, switch the default gateway to ' . 'another available one. This is not enabled by default, as it\'s unnecessary in ' . 'most all scenarios, which instead use gateway groups.');
$form->add($section);
$section = new Form_Section('Power Savings');
$section->addInput(new Form_Checkbox('powerd_enable', 'PowerD', 'Enable PowerD', $pconfig['powerd_enable']))->setHelp('The powerd utility monitors ' . 'the system state and sets various power control options accordingly. It offers ' . 'four modes (maximum, minimum, adaptive and hiadaptive) that can be individually ' . 'selected while on AC power or batteries. The modes maximum, minimum, adaptive ' . 'and hiadaptive may be abbreviated max, min, adp, hadp. Maximum mode chooses the ' . 'highest performance values. Minimum mode selects the lowest performance values ' . 'to get the most power savings. Adaptive mode attempts to strike a balance by ' . 'degrading performance when the system appears idle and increasing it when the ' . 'system is busy. It offers a good balance between a small performance loss for ' . 'greatly increased power savings. Hiadaptive mode is alike adaptive mode, but ' . 'tuned for systems where performance and interactivity are more important than ' . 'power consumption. It raises frequency faster, drops slower and keeps twice ' . 'lower CPU load.');
$modes = array('hadp' => gettext('Hiadaptive'), 'adp' => gettext('Adaptive'), 'min' => gettext('Minimum'), 'max' => gettext('Maximum'));
$section->addInput(new Form_Select('powerd_ac_mode', 'AC Power', $pconfig['powerd_ac_mode'], $modes));
$section->addInput(new Form_Select('powerd_battery_mode', 'Battery Power', $pconfig['powerd_battery_mode'], $modes));
$section->addInput(new Form_Select('powerd_normal_mode', 'Unknown Power', $pconfig['powerd_normal_mode'], $modes));
$form->add($section);
$section->addInput(new Form_Select('dev_mode', 'Device mode', empty($pconfig['dev_mode']) ? 'tun' : $pconfig['dev_mode'], array_combine($openvpn_dev_mode, $openvpn_dev_mode)));
$section->addInput(new Form_Select('interface', 'Interface', $pconfig['interface'], openvpn_build_if_list()));
$section->addInput(new Form_Input('local_port', 'Local port', 'number', $pconfig['local_port']))->setHelp('Set this option if you would like to bind to a specific port. Leave this blank or enter 0 for a random dynamic port.');
$section->addInput(new Form_Input('server_addr', 'Server host or address', 'text', $pconfig['server_addr']));
$section->addInput(new Form_Input('server_port', 'Server port', 'number', $pconfig['server_port']));
$section->addInput(new Form_Input('proxy_addr', 'Proxy host or address', 'text', $pconfig['proxy_addr']));
$section->addInput(new Form_Select('proxy_authtype', 'Proxy Auth. - Extra options', $pconfig['proxy_authtype'], array('none' => gettext('none'), 'basic' => gettext('basic'), 'ntlm' => gettext('ntlm'))));
$section->addInput(new Form_Input('proxy_user', 'Username', 'text', $pconfig['proxy_user']));
$section->addPassword(new Form_Input('proxy_passwd', 'Password', 'password', $pconfig['proxy_passwd']));
$section->addInput(new Form_Checkbox('resolve_retry', 'Server hostname resolution', 'Infinitely resolve server ', $pconfig['resolve_retry']))->setHelp('Continuously attempt to resolve the server host name. ' . 'Useful when communicating with a server that is not permanently connected to the Internet.');
$section->addInput(new Form_Input('description', 'Description', 'text', $pconfig['description']))->setHelp('You may enter a description here for your reference (not parsed).');
$form->add($section);
$section = new Form_Section('User Authentication settings');
$section->addClass('authentication');
$section->addInput(new Form_Input('auth_user', 'Username', 'text', $pconfig['auth_user']))->setHelp('Leave empty when no user name is needed');
$section->addPassword(new Form_Input('auth_pass', 'Password', 'password', $pconfig['auth_pass']))->setHelp('Leave empty when no password is needed');
$form->add($section);
$section = new Form_Section('Cryptographic settings');
$section->addInput(new Form_Checkbox('tlsauth_enable', 'TLS authentication', 'Enable authentication of TLS packets.', $pconfig['tlsauth_enable']));
if (!$pconfig['tls']) {
$section->addInput(new Form_Checkbox('autotls_enable', null, 'Automatically generate a shared TLS authentication key.', $pconfig['autotls_enable']));
}
$section->addInput(new Form_Textarea('tls', 'Key', $pconfig['tls']))->setHelp('Paste your shared key here');
if (count($a_ca)) {
$list = array();
foreach ($a_ca as $ca) {
$list[$ca['refid']] = $ca['descr'];
}
$section->addInput(new Form_Select('caref', 'Peer Certificate Authority', $pconfig['caref'], $list));
} else {
$section->addInput(new Form_StaticText('Peer Certificate Authority', sprintf('No Certificate Authorities defined. You may create one here: %s', '<a href="system_camanager.php">System > Cert Manager</a>')));
if ($input_errors) {
print_input_errors($input_errors);
}
$form = new Form();
$section = new Form_Section('Edit Virtual IP');
$group = new Form_Group('Type');
$group->add(new Form_Checkbox('mode', null, 'IP Alias', $pconfig['mode'] == "ipalias", 'ipalias'))->displayAsRadio();
$group->add(new Form_Checkbox('mode', null, 'CARP', $pconfig['mode'] == "carp", 'carp'))->displayAsRadio();
$group->add(new Form_Checkbox('mode', null, 'Proxy ARP', $pconfig['mode'] == "proxyarp", 'proxyarp'))->displayAsRadio();
$group->add(new Form_Checkbox('mode', null, 'Other', $pconfig['mode'] == "other", 'other'))->displayAsRadio();
$section->add($group);
$section->addInput(new Form_Select('interface', 'Interface', $pconfig['interface'], build_if_list()));
$section->addInput(new Form_Select('type', 'Address type', !$pconfig['range'] && $pconfig['subnet_bits'] == 32 || !isset($pconfig['subnet']) ? 'single' : 'network', array('single' => gettext('Single address'), 'network' => gettext('Network'))))->addClass('typesel');
$section->addInput(new Form_IpAddress('subnet', 'Address(es)', $pconfig['subnet']))->addMask('subnet_bits', $pconfig['subnet_bits'])->setHelp('<span id="address_note"></span>');
$section->addInput(new Form_Checkbox('noexpand', 'Expansion', 'Disable expansion of this entry into IPs on NAT lists (e.g. 192.168.1.0/24 expands to 256 entries.) ', isset($pconfig['noexpand'])));
$section->addPassword(new Form_Input('password', 'Virtual IP Password', 'password', $pconfig['password']))->setHelp('Enter the VHID group password.');
$section->addInput(new Form_Select('vhid', 'VHID Group', $pconfig['vhid'], array_combine(range(1, 255, 1), range(1, 255, 1))))->setHelp('Enter the VHID group that the machines will share');
$group = new Form_Group('Advertising frequency');
$group->add(new Form_Select('advbase', 'Base', $pconfig['advbase'], array_combine(range(1, 254, 1), range(1, 254, 1))))->setHelp('Base');
$group->add(new Form_Select('advskew', 'Skew', $pconfig['advskew'], array_combine(range(0, 254, 1), range(0, 254, 1))))->setHelp('Skew');
$group->setHelp('The frequency that this machine will advertise. 0 means usually master. Otherwise the lowest combination of both values in the cluster determines the master.');
$section->add($group);
$section->addInput(new Form_Input('descr', 'Description', 'text', $pconfig['descr']))->setHelp('You may enter a description here for your reference (not parsed).');
if (isset($id) && $a_vip[$id]) {
$section->addInput(new Form_Input('id', null, 'hidden', $id));
}
$section->addInput(new Form_Input('uniqid', null, 'hidden', $pconfig['uniqid']));
$form->add($section);
print $form;
?>
if (isset($id) && $a_secret[$id]) {
$a_secret[$id] = $secretent;
} else {
$a_secret[] = $secretent;
}
l2tp_users_sort();
write_config();
$retval = vpn_l2tp_configure();
pfSenseHeader("vpn_l2tp_users.php");
exit;
}
}
include "head.inc";
if ($input_errors) {
print_input_errors($input_errors);
}
$form = new Form();
$section = new Form_Section("User");
$section->addInput(new Form_Input('usernamefld', 'Username', 'text', $pconfig['usernamefld']));
$pwd = new Form_Input('passwordfld', 'Password', 'text', $pconfig['passwordfld']);
if (isset($id) && $a_secret[$id]) {
$pwd->setHelp('If you want to change the users password, enter it here.');
}
$section->addPassword($pwd);
$section->addInput(new Form_IpAddress('ip', 'IP Address', $pconfig['ip']))->setHelp('If you want the user to be assigned a specific IP address, enter it here.');
$form->add($section);
if (isset($id) && $a_secret[$id]) {
$form->addGlobal(new Form_Input('id', null, 'hidden', $i));
}
print $form;
include "foot.inc";
$iflist[$ifname] = $iface;
}
include "head.inc";
if ($input_errors) {
print_input_errors($input_errors);
}
$form = new Form();
$section = new Form_Section('State Synchronization Settings (pfsync)');
$section->addInput(new Form_Checkbox('pfsyncenabled', 'Synchronize states', 'pfsync transfers state insertion, update, and deletion messages between firewalls.', $pconfig['pfsyncenabled'] === 'on', 'on'))->setHelp('Each firewall sends these messages out via multicast on a specified interface, using the PFSYNC protocol (IP Protocol 240).' . ' It also listens on that interface for similar messages from other firewalls, and imports them into the local state table.<br />' . 'This setting should be enabled on all members of a failover group.<br />' . 'Clicking "Save" will force a configuration sync if it is enabled! (see Configuration Synchronization Settings below)');
$section->addInput(new Form_Select('pfsyncinterface', 'Synchronize Interface', $pconfig['pfsyncinterface'], $iflist))->setHelp('If Synchronize States is enabled this interface will be used for communication.<br />' . 'It is recommended to set this to an interface other than LAN! A dedicated interface works the best.<br />' . 'An IP must be defined on each machine participating in this failover group.<br />' . 'An IP must be assigned to the interface on any participating sync nodes.');
$section->addInput(new Form_Input('pfsyncpeerip', 'pfsync Synchronize Peer IP', 'text', $pconfig['pfsyncpeerip'], ['placeholder' => 'IP Address']))->setHelp('Setting this option will force pfsync to synchronize its state table to this IP address. The default is directed multicast.');
$form->add($section);
$section = new Form_Section('Configuration Synchronization Settings (XMLRPC Sync)');
$section->addInput(new Form_Input('synchronizetoip', 'Synchronize Config to IP', 'text', $pconfig['synchronizetoip'], ['placeholder' => 'IP Address']))->setHelp('Enter the IP address of the firewall to which the selected configuration sections should be synchronized.<br /><br />' . 'XMLRPC sync is currently only supported over connections using the same protocol and port as this system - make sure the remote system\'s port and protocol are set accordingly!<br />' . 'Do not use the Synchronize Config to IP and password option on backup cluster members!');
$section->addInput(new Form_Input('username', 'Remote System Username', 'text', $pconfig['username']))->setHelp('Enter the webConfigurator username of the system entered above for synchronizing the configuration.<br />' . 'Do not use the Synchronize Config to IP and username option on backup cluster members!');
$section->addPassword(new Form_Input('passwordfld', 'Remote System Password', 'password', $pconfig['passwordfld']))->setHelp('Enter the webConfigurator password of the system entered above for synchronizing the configuration.<br />' . 'Do not use the Synchronize Config to IP and password option on backup cluster members!');
$group = new Form_MultiCheckboxGroup('Select options to sync');
$group->add(new Form_MultiCheckbox('synchronizeusers', 'Synchronize Users and Groups', 'User manager users and groups', $pconfig['synchronizeusers'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizeauthservers', 'Synchronize Auth Servers', 'Authentication servers (e.g. LDAP, RADIUS)', $pconfig['synchronizeauthservers'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizecerts', 'Synchronize Certificates', 'Certificate Authorities, Certificates, and Certificate Revocation Lists', $pconfig['synchronizecerts'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizerules', 'Synchronize Rules', 'Firewall rules ', $pconfig['synchronizerules'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizeschedules', 'Synchronize Firewall schedules', 'Firewall schedules ', $pconfig['synchronizeschedules'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizealiases', 'Synchronize Firewall aliases', 'Firewall aliases ', $pconfig['synchronizealiases'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizenat', 'Synchronize NAT', 'NAT configuration ', $pconfig['synchronizenat'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizeipsec', 'Synchronize IPsec', 'IPsec configuration ', $pconfig['synchronizeipsec'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizeopenvpn', 'Synchronize OpenVPN', 'OpenVPN configuration ', $pconfig['synchronizeopenvpn'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizedhcpd', 'Synchronize DHCPD', 'DHCP Server settings ', $pconfig['synchronizedhcpd'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizewol', 'Synchronize Wake-on-LAN', 'WoL Server settings ', $pconfig['synchronizewol'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizestaticroutes', 'Synchronize Static Routes', 'Static Route configuration ', $pconfig['synchronizestaticroutes'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizelb', 'Synchronize Load Balancer', 'Load Balancer configuration ', $pconfig['synchronizelb'] === 'on', 'on'));
$group->add(new Form_MultiCheckbox('synchronizevirtualip', 'Synchronize Virtual IPs', 'Virtual IPs ', $pconfig['synchronizevirtualip'] === 'on', 'on'));
$section->addInput(new Form_Select('type', 'Service Type', $pconfig['type'], build_type_list()));
$interfacelist = build_if_list();
$section->addInput(new Form_Select('interface', 'Interface to monitor', $pconfig['interface'], $interfacelist));
$section->addInput(new Form_Select('requestif', 'Interface to send update from', $pconfig['requestif'], $interfacelist))->setHelp('This is almost always the same as the Interface to Monitor. ');
$group = new Form_Group('Hostname');
$group->add(new Form_Input('host', 'Hostname', 'text', $pconfig['host']));
$group->add(new Form_Input('domainname', 'Domain name', 'text', $pconfig['domainname']));
$group->setHelp('Enter the complete fully qualified domain name. Example: myhost.dyndns.org' . '<br />' . 'he.net tunnelbroker: Enter the tunnel ID.' . '<br />' . 'GleSYS: Enter the record ID.' . '<br />' . 'DNSimple: Enter only the domain name.' . '<br />' . 'Namecheap: Enter the hostname and the domain separately, with the domain being the domain or subdomain zone being handled by Namecheap.');
$section->add($group);
$section->addInput(new Form_Input('mx', 'MX', 'text', $pconfig['mx']))->setHelp('Note: With DynDNS service only a hostname can be used, not an IP address. ' . 'Set this option only if a special MX record is needed. Not all services support this.');
$section->addInput(new Form_Checkbox('wildcard', 'Wildcards', 'Enable Wildcard', $pconfig['wildcard']));
$section->addInput(new Form_Checkbox('verboselog', 'Verbose logging', 'Enable verbose logging', $pconfig['verboselog']));
$section->addInput(new Form_Checkbox('curl_ipresolve_v4', 'CURL options', 'Force IPv4 resolving', $pconfig['curl_ipresolve_v4']));
$section->addInput(new Form_Checkbox('curl_ssl_verifypeer', null, 'Verify SSL peer', $pconfig['curl_ssl_verifypeer']));
$section->addInput(new Form_Input('username', 'Username', 'text', $pconfig['username']))->setHelp('Username is required for all types except Namecheap, FreeDNS and Custom Entries.' . '<br />' . 'Route 53: Enter the Access Key ID.' . '<br />' . 'GleSYS: Enter the API user.' . '<br />' . 'For Custom Entries, Username and Password represent HTTP Authentication username and passwords.');
$section->addPassword(new Form_Input('passwordfld', 'Password', 'password', $pconfig['password']))->setHelp('FreeDNS (freedns.afraid.org): Enter the "Authentication Token" provided by FreeDNS.' . '<br />' . 'Route 53: Enter the Secret Access Key.' . '<br />' . 'GleSYS: Enter the API key.' . '<br />' . 'DNSimple: Enter the API token.');
$section->addInput(new Form_Input('zoneid', 'Zone ID', 'text', $pconfig['zoneid']))->setHelp('Enter Zone ID that was received when creating the domain in Route 53.' . '<br />' . 'DNSimple: Enter the Record ID of record to update.');
$section->addInput(new Form_Input('updateurl', 'Update URL', 'text', $pconfig['updateurl']))->setHelp('This is the only field required by for Custom Dynamic DNS, and is only used by Custom Entries.');
$section->addInput(new Form_Textarea('resultmatch', 'Result Match', $pconfig['resultmatch']))->sethelp('This field should be identical to what the DDNS Provider will return if the update succeeds, leave it blank to disable checking of returned results.' . '<br />' . 'To include the new IP in the request, put %IP% in its place.' . '<br />' . 'To include multiple possible values, separate them with a |. If the provider includes a |, escape it with \\|)' . '<br />' . 'Tabs (\\t), newlines (\\n) and carriage returns (\\r) at the beginning or end of the returned results are removed before comparison.');
$section->addInput(new Form_Input('ttl', 'TTL', 'text', $pconfig['ttl']))->setHelp('Choose TTL for the dns record.');
$section->addInput(new Form_Input('descr', 'Description', 'text', $pconfig['descr']))->setHelp('A description may be entered here for administrative reference (not parsed).');
if (isset($id) && $a_dyndns[$id]) {
$section->addInput(new Form_Input('id', null, 'hidden', $id));
$form->addGlobal(new Form_Button('force', 'Save & Force Update', null, 'fa-refresh'))->removeClass('btn-primary')->addClass('btn-info');
}
$form->add($section);
print $form;
// Certain input elements are hidden/shown based on the service type in the following script
?>
<script type="text/javascript">
