/** * generate closure tag, block all traffic coming from captiveportal interfaces * rule number range 6001..6999 */ private function generateClosure() { $cpinterfaces = []; # find all cp interfaces foreach ($this->config->object()->captiveportal->children() as $cpzonename => $zone) { if (isset($zone->enable)) { // search interface $interface = $zone->interface->xpath("//" . $zone->interface); if (count($interface) > 0) { $interface = $interface[0]; if ($interface->if != null) { // check if interface exists before appending it. $cpinterfaces[$interface->if->__toString()] = 1; } } } } // generate accept rules for every interface not in captive portal $ruleid = 6001; $this->rules[] = "#======================================================================================"; $this->rules[] = "# accept traffic from all interfaces not used by captive portal (5001..5999) "; $this->rules[] = "#======================================================================================"; foreach ($this->config->object()->interfaces->children() as $interface => $content) { if (!isset($cpinterfaces[$content->if->__toString()])) { $this->rules[] = "add " . $ruleid++ . " allow all from any to any via " . $content->if; } } $this->rules[] = "# let the responses from the captive portal web server back out"; $this->rules[] = "add " . $ruleid++ . " pass tcp from any to any out"; // block every thing else (not mentioned before) $this->rules[] = "# block everything else"; $this->rules[] = "add " . $ruleid . " skipto 65534 all from any to any"; $this->rules[] = "add 65534 deny all from any to any"; }
/** * translate a text * @param OPNsense\Core\Config $cnf config handle * @return Gettext */ public function getTranslator($cnf) { $lang = 'en_US'; foreach ($cnf->object()->system->children() as $key => $node) { if ($key == 'language') { $lang = $node->__toString(); break; } } $lang_encoding = $lang . '.UTF-8'; $ret = new Gettext(array('directory' => '/usr/local/share/locale', 'defaultDomain' => 'OPNsense', 'locale' => $lang_encoding)); /* this isn't being done by Phalcon */ putenv('LANG=' . $lang_encoding); return $ret; }