function ROUTE_SHOULD_BE() { $ip = $_POST["ROUTE_SHOULD_BE"]; if (preg_match("#([0-9]+)\$#", $ip, $re)) { $calc_ip = $re[1] . ".0.0.0"; $calc_ip_end = $re[1] . ".255.255.255"; } if (preg_match("#([0-9]+)\\.([0-9]+)\$#", $ip, $re)) { $calc_ip = $re[1] . ".{$re[2]}.0.0"; $calc_ip_end = $re[1] . ".{$re[2]}.255.255"; } if (preg_match("#([0-9]+)\\.([0-9]+)\\.([0-9]+)\$#", $ip, $re)) { $calc_ip = $re[1] . ".{$re[2]}.{$re[3]}.0"; $calc_ip_end = $re[1] . ".{$re[2]}.{$re[3]}.255"; } $ip = new IP(); $cdir = $ip->ip2cidr($calc_ip, $calc_ip_end); $arr = $ip->parseCIDR($cdir); $rang = $arr[0]; $netbit = $arr[1]; $ipv = new ipv4($calc_ip, $netbit); echo "<strong>{$cdir} {$ipv->address()} - {$ipv->netmask()}</strong>"; }
/** * IP::parseCIDR() returns an array containing a signed IP address * representing the network mask and the bit mask. * @covers IP::parseCIDR */ function testCIDRParsing() { $this->assertFalseCIDR('192.0.2.0', "missing mask"); $this->assertFalseCIDR('192.0.2.0/', "missing bitmask"); // Verify if statement $this->assertFalseCIDR('256.0.0.0/32', "invalid net"); $this->assertFalseCIDR('192.0.2.0/AA', "mask not numeric"); $this->assertFalseCIDR('192.0.2.0/-1', "mask < 0"); $this->assertFalseCIDR('192.0.2.0/33', "mask > 32"); // Check internal logic # 0 mask always result in array(0,0) $this->assertEquals(array(0, 0), IP::parseCIDR('192.0.0.2/0')); $this->assertEquals(array(0, 0), IP::parseCIDR('0.0.0.0/0')); $this->assertEquals(array(0, 0), IP::parseCIDR('255.255.255.255/0')); // @todo FIXME: Add more tests. # This part test network shifting $this->assertNet('192.0.0.0', '192.0.0.2/24'); $this->assertNet('192.168.5.0', '192.168.5.13/24'); $this->assertNet('10.0.0.160', '10.0.0.161/28'); $this->assertNet('10.0.0.0', '10.0.0.3/28'); $this->assertNet('10.0.0.0', '10.0.0.3/30'); $this->assertNet('10.0.0.4', '10.0.0.4/30'); $this->assertNet('172.17.32.0', '172.17.35.48/21'); $this->assertNet('10.128.0.0', '10.135.0.0/9'); $this->assertNet('134.0.0.0', '134.0.5.1/8'); }
function bridge_list(){ $q=new mysql(); $tpl=new templates(); $database="artica_backup"; $table="nics_bridge"; $MyPage=CurrentPageName(); $t=$_GET["t"]; if(!$q->TABLE_EXISTS("nics_bridge", "artica_backup")){ json_error_show("nics_bridge no such table...",1); } $sock=new sockets(); $net=new networking(); $ip=new IP(); $interfaces=unserialize(base64_decode($sock->getFrameWork("cmd.php?ifconfig-interfaces=yes"))); $ERROR_NO_PRIVS=$tpl->javascript_parse_text("{ERROR_NO_PRIVS}"); $DisableNetworksManagement=$sock->GET_INFO("DisableNetworksManagement"); if($DisableNetworksManagement==null){$DisableNetworksManagement=0;} if(isset($_POST["sortname"])){ if($_POST["sortname"]<>null){ $ORDER="ORDER BY {$_POST["sortname"]} {$_POST["sortorder"]}"; } } if (isset($_POST['page'])) {$page = $_POST['page'];} $searchstring=string_to_flexquery(); if($searchstring<>null){ $sql="SELECT COUNT( * ) AS tcount FROM $table WHERE 1 $searchstring"; $ligne=mysql_fetch_array($q->QUERY_SQL($sql,$database)); if(!$q->ok){json_error_show($q->mysql_error."<hr>".$sql,1);} $total = $ligne["tcount"]; }else{ $total = $q->COUNT_ROWS($table, $database); } if (isset($_POST['rp'])) {$rp = $_POST['rp'];} if(!is_numeric($page)){$page=1;} if(!is_numeric($rp)){$rp=50;} $pageStart = ($page-1)*$rp; $limitSql = "LIMIT $pageStart, $rp"; $sql="SELECT * FROM `$table` WHERE 1 $searchstring $ORDER $limitSql"; $results = $q->QUERY_SQL($sql,$database); if(!$q->ok){json_error_show($q->mysql_error."<hr>".$sql,1);} $data = array(); $data['page'] = $page; $data['total'] = $total; $data['rows'] = array(); if(mysql_num_rows($results)==0){json_error_show("No rule set...",1);} while ($ligne = mysql_fetch_assoc($results)) { $md=md5(serialize($ligne)); $color="black"; $ip=new IP(); $cdir=$ligne["cdir"]; $eth="br{$ligne["ID"]}"; $eth_text="br{$ligne["ID"]}"; if($ligne["cdir"]==null){ $ligne["cdir"]=$net->array_TCP[$ligne["nic"]]; $eth=$ligne["nic"]; } if($ligne["cdir"]==null){ $ligne["cdir"]=$net->array_TCP[$ligne["nic"]]; $eth=$ligne["nic"]; } $img="folder-network-48.png"; $delete=imgsimple("delete-32.png",null,"Loadjs('$MyPage?network-bridge-delete-js={$ligne['ID']}&t=$t',true)"); $js="Loadjs('$MyPage?network-bridge-js=yes&ID={$ligne['ID']}&t=$t',true);"; $href="<a href=\"javascript:blur();\" OnClick=\"javascript:$js\" style='font-size:18px;color:$color;font-weight:normal;text-decoration:underline'>"; $a=$ip->parseCIDR($cdir); if($a[0]==0){ $img="warning-panneau-24.png"; $cdir="<span style='color:red'>$cdir</span>"; } $delete=imgsimple("delete-32.png",null,"Loadjs('$MyPage?network-bridge-delete-js={$ligne['ID']}&t=$t',true)"); $js="Loadjs('$MyPage?network-bridge-js=yes&ID={$ligne['ID']}&t=$t',true);"; $href="<a href=\"javascript:blur();\" OnClick=\"javascript:$js\" style='font-size:18px;color:$color;font-weight:normal;text-decoration:underline'>"; $bridgedTo=bridgedTo($ligne["ID"]); $data['rows'][] = array( 'id' => $ligne['ID'], 'cell' => array( "<span style='font-size:18px;font-weight:bold;color:$color'>{$ligne['ID']}</span>", "<span style='font-size:18px;font-weight:normal;color:$color'>$href$eth_text</a></span>", " <span style='margin:5px;float:right'> <a href=\"javascript:blur();\" OnClick=\"javascript:Loadjs('$MyPage?network-bridge-associates-js=yes&ID={$ligne['ID']}&t=$t',true);\"> <img src='img/add-32.png'></a> </span> <span style='font-size:18px;font-weight:normal;color:$color'> {$ligne["name"]} $bridgedTo </span>", "<span style='font-size:18px;font-weight:normal;color:$color'>{$ligne["ipaddr"]}</span>", "<span style='font-size:18px;font-weight:normal;color:$color'>{$ligne["netmask"]}</span>", $delete ) ); } echo json_encode($data); }
public function execute() { global $wgContLang; $params = $this->extractRequestParams(); $this->requireMaxOneParameter($params, 'users', 'ip'); $prop = array_flip($params['prop']); $fld_id = isset($prop['id']); $fld_user = isset($prop['user']); $fld_userid = isset($prop['userid']); $fld_by = isset($prop['by']); $fld_byid = isset($prop['byid']); $fld_timestamp = isset($prop['timestamp']); $fld_expiry = isset($prop['expiry']); $fld_reason = isset($prop['reason']); $fld_range = isset($prop['range']); $fld_flags = isset($prop['flags']); $result = $this->getResult(); $this->addTables('ipblocks'); $this->addFields('ipb_auto'); $this->addFieldsIf('ipb_id', $fld_id); $this->addFieldsIf(array('ipb_address', 'ipb_user'), $fld_user || $fld_userid); $this->addFieldsIf('ipb_by_text', $fld_by); $this->addFieldsIf('ipb_by', $fld_byid); $this->addFieldsIf('ipb_timestamp', $fld_timestamp); $this->addFieldsIf('ipb_expiry', $fld_expiry); $this->addFieldsIf('ipb_reason', $fld_reason); $this->addFieldsIf(array('ipb_range_start', 'ipb_range_end'), $fld_range); $this->addFieldsIf(array('ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock', 'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk'), $fld_flags); $this->addOption('LIMIT', $params['limit'] + 1); $this->addTimestampWhereRange('ipb_timestamp', $params['dir'], $params['start'], $params['end']); $db = $this->getDB(); if (isset($params['ids'])) { $this->addWhereFld('ipb_id', $params['ids']); } if (isset($params['users'])) { foreach ((array) $params['users'] as $u) { $this->prepareUsername($u); } $this->addWhereFld('ipb_address', $this->usernames); $this->addWhereFld('ipb_auto', 0); } if (isset($params['ip'])) { list($ip, $range) = IP::parseCIDR($params['ip']); if ($ip && $range) { // We got a CIDR range if ($range < 16) { $this->dieUsage('CIDR ranges broader than /16 are not accepted', 'cidrtoobroad'); } $lower = wfBaseConvert($ip, 10, 16, 8, false); $upper = wfBaseConvert($ip + pow(2, 32 - $range) - 1, 10, 16, 8, false); } else { $lower = $upper = IP::toHex($params['ip']); } $prefix = substr($lower, 0, 4); # Fairly hard to make a malicious SQL statement out of hex characters, # but it is good practice to add quotes $lower = $db->addQuotes($lower); $upper = $db->addQuotes($upper); $this->addWhere(array('ipb_range_start' . $db->buildLike($prefix, $db->anyString()), 'ipb_range_start <= ' . $lower, 'ipb_range_end >= ' . $upper, 'ipb_auto' => 0)); } if (!is_null($params['show'])) { $show = array_flip($params['show']); /* Check for conflicting parameters. */ if (isset($show['account']) && isset($show['!account']) || isset($show['ip']) && isset($show['!ip']) || isset($show['range']) && isset($show['!range']) || isset($show['temp']) && isset($show['!temp'])) { $this->dieUsageMsg('show'); } $this->addWhereIf('ipb_user = 0', isset($show['!account'])); $this->addWhereIf('ipb_user != 0', isset($show['account'])); $this->addWhereIf('ipb_user != 0 OR ipb_range_end > ipb_range_start', isset($show['!ip'])); $this->addWhereIf('ipb_user = 0 AND ipb_range_end = ipb_range_start', isset($show['ip'])); $this->addWhereIf('ipb_expiry = ' . $db->addQuotes($db->getInfinity()), isset($show['!temp'])); $this->addWhereIf('ipb_expiry != ' . $db->addQuotes($db->getInfinity()), isset($show['temp'])); $this->addWhereIf("ipb_range_end = ipb_range_start", isset($show['!range'])); $this->addWhereIf("ipb_range_end > ipb_range_start", isset($show['range'])); } if (!$this->getUser()->isAllowed('hideuser')) { $this->addWhereFld('ipb_deleted', 0); } // Purge expired entries on one in every 10 queries if (!mt_rand(0, 10)) { Block::purgeExpired(); } $res = $this->select(__METHOD__); $count = 0; foreach ($res as $row) { if (++$count > $params['limit']) { // We've had enough $this->setContinueEnumParameter('start', wfTimestamp(TS_ISO_8601, $row->ipb_timestamp)); break; } $block = array(); if ($fld_id) { $block['id'] = $row->ipb_id; } if ($fld_user && !$row->ipb_auto) { $block['user'] = $row->ipb_address; } if ($fld_userid && !$row->ipb_auto) { $block['userid'] = $row->ipb_user; } if ($fld_by) { $block['by'] = $row->ipb_by_text; } if ($fld_byid) { $block['byid'] = $row->ipb_by; } if ($fld_timestamp) { $block['timestamp'] = wfTimestamp(TS_ISO_8601, $row->ipb_timestamp); } if ($fld_expiry) { $block['expiry'] = $wgContLang->formatExpiry($row->ipb_expiry, TS_ISO_8601); } if ($fld_reason) { $block['reason'] = $row->ipb_reason; } if ($fld_range && !$row->ipb_auto) { $block['rangestart'] = IP::hexToQuad($row->ipb_range_start); $block['rangeend'] = IP::hexToQuad($row->ipb_range_end); } if ($fld_flags) { // For clarity, these flags use the same names as their action=block counterparts if ($row->ipb_auto) { $block['automatic'] = ''; } if ($row->ipb_anon_only) { $block['anononly'] = ''; } if ($row->ipb_create_account) { $block['nocreate'] = ''; } if ($row->ipb_enable_autoblock) { $block['autoblock'] = ''; } if ($row->ipb_block_email) { $block['noemail'] = ''; } if ($row->ipb_deleted) { $block['hidden'] = ''; } if ($row->ipb_allow_usertalk) { $block['allowusertalk'] = ''; } } $fit = $result->addValue(array('query', $this->getModuleName()), null, $block); if (!$fit) { $this->setContinueEnumParameter('start', wfTimestamp(TS_ISO_8601, $row->ipb_timestamp)); break; } } $result->setIndexedTagName_internal(array('query', $this->getModuleName()), 'block'); }
function BuildTunServer(){ LoadArgvs(); $unix=new unix(); if(isset($GLOBALS["CLASS_SOCKETS"])){$sock=$GLOBALS["CLASS_SOCKETS"];}else{$GLOBALS["CLASS_SOCKETS"]=new sockets();$sock=$GLOBALS["CLASS_SOCKETS"];} $servername=$unix->hostname_g(); $routess=array(); $duplicate_cn=null; if(preg_match("#^(.+?)\.#",$servername,$re)){$servername=$re[1];} $servername=strtoupper($servername); echo "Starting......: OpenVPN building settings for $servername...\n"; $ini=new Bs_IniHandler(); $ini->loadString($sock->GET_INFO("ArticaOpenVPNSettings")); if(!isset($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"])){$ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"]=0;} if(!isset($ini->_params["GLOBAL"]["IP_START"])){$ini->_params["GLOBAL"]["IP_START"]="10.8.0.0";} if(!isset($ini->_params["GLOBAL"]["NETMASK"])){$ini->_params["GLOBAL"]["NETMASK"]="255.255.255.0";} if($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"]==1){ echo "Starting......: OpenVPN building settings mode bridge enabled...\n"; BuildBridgeServer(); return; } $IPTABLES_ETH=$GLOBALS["IPTABLES_ETH"]; $DEV_TYPE=$ini->_params["GLOBAL"]["DEV_TYPE"]; $port=$ini->_params["GLOBAL"]["LISTEN_PORT"]; $IP_START=$ini->_params["GLOBAL"]["IP_START"]; $NETMASK=$ini->_params["GLOBAL"]["NETMASK"]; $bind_addr=$ini->_params["GLOBAL"]["LOCAL_BIND"]; $LISTEN_PROTO=$ini->_params["GLOBAL"]["LISTEN_PROTO"]; if($LISTEN_PROTO==null){$LISTEN_PROTO="udp";} if($LISTEN_PROTO=="udp"){$proto="--proto udp";}else{$proto="--proto tcp-server";} if(trim($port)==null){$port=1194;} if(trim($IP_START)==null){$IP_START="10.8.0.0";} if(trim($NETMASK)==null){$NETMASK="255.255.255.0";} $nic=new networking(); while (list ($num, $ligne) = each ($nic->array_TCP) ){ if($ligne==null){continue;} $eths[][$num]=$num; $ethi[$num]=$ligne; } if($IPTABLES_ETH<>null){ echo "Starting......: OpenVPN linked to $IPTABLES_ETH ({$ethi[$IPTABLES_ETH]})...\n"; $IPTABLES_ETH_ROUTE=IpCalcRoute($ethi[$IPTABLES_ETH]); }else{ echo "Starting......: OpenVPN no local NIC linked...\n"; } $ca='/etc/artica-postfix/openvpn/keys/allca.crt'; $dh='/etc/artica-postfix/openvpn/keys/dh1024.pem'; $key="/etc/artica-postfix/openvpn/keys/vpn-server.key"; $crt="/etc/artica-postfix/openvpn/keys/vpn-server.crt"; $route=''; //$IPTABLES_ETH_IP= if (is_file('/etc/artica-postfix/settings/Daemons/OpenVPNRoutes')){ $routes=(explode("\n",@file_get_contents("/etc/artica-postfix/settings/Daemons/OpenVPNRoutes"))); while (list ($num, $ligne) = each ($routes) ){ if(!preg_match("#(.+?)\s+(.+)#",$ligne,$re)){continue;} $routess[]="--push \"route {$re[1]} {$re[2]}\""; } } $GetRoutes=GetRoutes(); $routess=$routess+$GetRoutes; if(count($routess)==0){ if($IPTABLES_ETH_ROUTE<>null){ echo "Starting......: OpenVPN IP adding default route \"$IPTABLES_ETH_ROUTE\"\n"; $routess[]="--push \"route $IPTABLES_ETH_ROUTE\""; } }else{ echo "Starting......: OpenVPN IP adding ".count($routess)." routes\n"; } if(trim($bind_addr)<>null){ $local=" --local $bind_addr"; echo "Starting......: OpenVPN IP bind $bind_addr\n"; } $IP_START=FIX_IP_START($IP_START,$local); $ini->set("GLOBAL","IP_START",$IP_START); if(preg_match("#(.+?)\.([0-9]+)$#",$IP_START,$re)){ $calc_ip=" {$re[1]}.0"; $calc_ip_end="{$re[1]}.254"; echo "Starting......: OpenVPN IP pool from {$re[1]}.2 to {$re[1]}.254 mask:$NETMASK\n"; $server_ip="{$re[1]}.1"; $IP_START_PREFIX=$re[1]; } if($NETMASK==null){ $ip=new IP(); $cdir=$ip->ip2cidr($calc_ip,$calc_ip_end); $arr=$ip->parseCIDR($cdir); $rang=$arr[0]; $netbit=$arr[1]; $ipv=new ipv4($calc_ip,$netbit); $NETMASK=$ipv->netmask(); if($NETMASK=="255.255.255.255"){$NETMASK="255.255.255.0";} echo "Starting......: OpenVPN Netmask is null for the range $calc_ip, assume $NETMASK\n"; $ini->set("GLOBAL","NETMASK",$NETMASK); } $OpenVpnPasswordCert=$sock->GET_INFO("OpenVpnPasswordCert"); if($OpenVpnPasswordCert==null){$OpenVpnPasswordCert="MyKey";} $askpass=null; if(is_file("/etc/artica-postfix/openvpn/keys/password")){ $askpass="******"; } $ifconfig_pool_persist=" --ifconfig-pool-persist /etc/artica-postfix/openvpn/ipp.txt "; if(isset($GLOBALS["OPENVPNPARAMS"]["duplicate-cn"])){ echo "Starting......: OpenVPN duplicate-cn is enabled\n"; $duplicate_cn=" --duplicate-cn "; $ifconfig_pool_persist=null; } if(isset($GLOBALS["OPENVPNPARAMS"]["script-security"])){ echo "Starting......: OpenVPN script-security is enabled\n"; $script_security=" --script-security 2"; } if(!is_dir("/etc/openvpn/cdd")){@mkdir("/etc/openvpn/cdd");} $already=array(); echo "Starting......: OpenVPN get remote sites routes...\n"; $sql="SELECT sitename,IP_START,netmask,remote_site_routes,FixedIPAddr FROM vpnclient WHERE connexion_type=1"; $q=new mysql(); $results=$q->QUERY_SQL($sql,"artica_backup"); if(!$q->ok){echo2("Starting......: OpenVPN : $q->mysql_error");} while($ligne=mysql_fetch_array($results,MYSQL_ASSOC)){ $iroute=array(); $sitename=$ligne["sitename"]; $FixedIPAddr=$ligne["FixedIPAddr"]; if(!is_numeric($FixedIPAddr)){$FixedIPAddr=0;} if($IP_START_PREFIX<>null){ if($FixedIPAddr>2){ if($FixedIPAddr<255){ echo "Starting......: OpenVPN $sitename $IP_START_PREFIX.$FixedIPAddr fixed IP address\n"; $iroute[]="ifconfig-push $IP_START_PREFIX.$FixedIPAddr $IP_START_PREFIX.2"; } } } if(!isset($already[$ligne["IP_START"]])){ echo "Starting......: OpenVPN $sitename ({$ligne["IP_START"]} {$ligne["netmask"]})\n"; $rou[]=" --route {$ligne["IP_START"]} {$ligne["netmask"]}"; $iroute[]="iroute {$ligne["IP_START"]} {$ligne["netmask"]}"; $already[$ligne["IP_START"]]=true; } $remote_site_routes=unserialize(base64_decode($ligne["remote_site_routes"])); while (list ($num, $site_mask) = each ($remote_site_routes) ){ if(!isset($already[$num])){ echo "Starting......: OpenVPN $sitename ($num $site_mask)\n"; $rou[]=" --route $num $site_mask"; $iroute[]="iroute $num $site_mask"; $already[$num]=true; } } echo "Starting......: OpenVPN cdd $sitename\n"; @file_put_contents("/etc/openvpn/cdd/$sitename",@implode("\n", $iroute) ); } if(count($rou)>0){ $localroutes=@implode(" ", $rou); $client_config_dir=" --client-config-dir /etc/openvpn/cdd"; } $LDAP_AUTH=$ini->_params["GLOBAL"]["LDAP_AUTH"]; if($LDAP_AUTH==1){ if(is_file("/usr/lib/openvpn/openvpn-auth-pam.so")){ $plugin=" --plugin /usr/lib/openvpn/openvpn-auth-pam.so common-auth"; echo "Starting......: OpenVPN auth is enabled\n"; shell_exec("/usr/share/artica-postfix/bin/artica-install --nsswitch"); } } @mkdir("/etc/openvpn/ccd",0666,true); $php5=$unix->LOCATE_PHP5_BIN(); $me=__FILE__; $cmd=" --port $port --dev tun $proto --server $IP_START $NETMASK$localroutes$client_config_dir --comp-lzo $local --ca $ca --dh $dh --key $key --cert $crt"; $cmd=$cmd. "$ifconfig_pool_persist " . implode(" ",$routess); $cmd=$cmd. " $askpass$duplicate_cn--client-to-client$script_security$plugin --learn-address \"$php5 $me --client-connect\" --keepalive 10 60 --persist-tun --verb 5 --daemon --writepid /var/run/openvpn/openvpn-server.pid --log \"/var/log/openvpn/openvpn.log\""; $cmd=$cmd. " --status /var/log/openvpn/openvpn-status.log 10"; echo "Starting......: OpenVPN building /etc/openvpn/cmdline.conf done\n"; @file_put_contents("/etc/openvpn/cmdline.conf",$cmd); $sock->SaveConfigFile($ini->toString(),"ArticaOpenVPNSettings"); send_email_events("OpenVPN was successfully reconfigured",$cmd,"VPN"); echo "Starting......: OpenVPN building settings done.\n"; if($GLOBALS["VERBOSE"]){writelogs("$cmd",__FUNCTION__,__FILE__,__LINE__);} }
public function execute() { global $wgContLang; $db = $this->getDB(); $params = $this->extractRequestParams(); $this->requireMaxOneParameter($params, 'users', 'ip'); $prop = array_flip($params['prop']); $fld_id = isset($prop['id']); $fld_user = isset($prop['user']); $fld_userid = isset($prop['userid']); $fld_by = isset($prop['by']); $fld_byid = isset($prop['byid']); $fld_timestamp = isset($prop['timestamp']); $fld_expiry = isset($prop['expiry']); $fld_reason = isset($prop['reason']); $fld_range = isset($prop['range']); $fld_flags = isset($prop['flags']); $result = $this->getResult(); $this->addTables('ipblocks'); $this->addFields(array('ipb_auto', 'ipb_id', 'ipb_timestamp')); $this->addFieldsIf(array('ipb_address', 'ipb_user'), $fld_user || $fld_userid); $this->addFieldsIf('ipb_by_text', $fld_by); $this->addFieldsIf('ipb_by', $fld_byid); $this->addFieldsIf('ipb_expiry', $fld_expiry); $this->addFieldsIf('ipb_reason', $fld_reason); $this->addFieldsIf(array('ipb_range_start', 'ipb_range_end'), $fld_range); $this->addFieldsIf(array('ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock', 'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk'), $fld_flags); $this->addOption('LIMIT', $params['limit'] + 1); $this->addTimestampWhereRange('ipb_timestamp', $params['dir'], $params['start'], $params['end']); // Include in ORDER BY for uniqueness $this->addWhereRange('ipb_id', $params['dir'], null, null); if (!is_null($params['continue'])) { $cont = explode('|', $params['continue']); $this->dieContinueUsageIf(count($cont) != 2); $op = $params['dir'] == 'newer' ? '>' : '<'; $continueTimestamp = $db->addQuotes($db->timestamp($cont[0])); $continueId = (int) $cont[1]; $this->dieContinueUsageIf($continueId != $cont[1]); $this->addWhere("ipb_timestamp {$op} {$continueTimestamp} OR " . "(ipb_timestamp = {$continueTimestamp} AND " . "ipb_id {$op}= {$continueId})"); } if (isset($params['ids'])) { $this->addWhereFld('ipb_id', $params['ids']); } if (isset($params['users'])) { $usernames = array(); foreach ((array) $params['users'] as $u) { $usernames[] = $this->prepareUsername($u); } $this->addWhereFld('ipb_address', $usernames); $this->addWhereFld('ipb_auto', 0); } if (isset($params['ip'])) { $blockCIDRLimit = $this->getConfig()->get('BlockCIDRLimit'); if (IP::isIPv4($params['ip'])) { $type = 'IPv4'; $cidrLimit = $blockCIDRLimit['IPv4']; $prefixLen = 0; } elseif (IP::isIPv6($params['ip'])) { $type = 'IPv6'; $cidrLimit = $blockCIDRLimit['IPv6']; $prefixLen = 3; // IP::toHex output is prefixed with "v6-" } else { $this->dieUsage('IP parameter is not valid', 'param_ip'); } # Check range validity, if it's a CIDR list($ip, $range) = IP::parseCIDR($params['ip']); if ($ip !== false && $range !== false && $range < $cidrLimit) { $this->dieUsage("{$type} CIDR ranges broader than /{$cidrLimit} are not accepted", 'cidrtoobroad'); } # Let IP::parseRange handle calculating $upper, instead of duplicating the logic here. list($lower, $upper) = IP::parseRange($params['ip']); # Extract the common prefix to any rangeblock affecting this IP/CIDR $prefix = substr($lower, 0, $prefixLen + floor($cidrLimit / 4)); # Fairly hard to make a malicious SQL statement out of hex characters, # but it is good practice to add quotes $lower = $db->addQuotes($lower); $upper = $db->addQuotes($upper); $this->addWhere(array('ipb_range_start' . $db->buildLike($prefix, $db->anyString()), 'ipb_range_start <= ' . $lower, 'ipb_range_end >= ' . $upper, 'ipb_auto' => 0)); } if (!is_null($params['show'])) { $show = array_flip($params['show']); /* Check for conflicting parameters. */ if (isset($show['account']) && isset($show['!account']) || isset($show['ip']) && isset($show['!ip']) || isset($show['range']) && isset($show['!range']) || isset($show['temp']) && isset($show['!temp'])) { $this->dieUsageMsg('show'); } $this->addWhereIf('ipb_user = 0', isset($show['!account'])); $this->addWhereIf('ipb_user != 0', isset($show['account'])); $this->addWhereIf('ipb_user != 0 OR ipb_range_end > ipb_range_start', isset($show['!ip'])); $this->addWhereIf('ipb_user = 0 AND ipb_range_end = ipb_range_start', isset($show['ip'])); $this->addWhereIf('ipb_expiry = ' . $db->addQuotes($db->getInfinity()), isset($show['!temp'])); $this->addWhereIf('ipb_expiry != ' . $db->addQuotes($db->getInfinity()), isset($show['temp'])); $this->addWhereIf('ipb_range_end = ipb_range_start', isset($show['!range'])); $this->addWhereIf('ipb_range_end > ipb_range_start', isset($show['range'])); } if (!$this->getUser()->isAllowed('hideuser')) { $this->addWhereFld('ipb_deleted', 0); } // Purge expired entries on one in every 10 queries if (!mt_rand(0, 10)) { Block::purgeExpired(); } $res = $this->select(__METHOD__); $count = 0; foreach ($res as $row) { if (++$count > $params['limit']) { // We've had enough $this->setContinueEnumParameter('continue', "{$row->ipb_timestamp}|{$row->ipb_id}"); break; } $block = array(ApiResult::META_TYPE => 'assoc'); if ($fld_id) { $block['id'] = (int) $row->ipb_id; } if ($fld_user && !$row->ipb_auto) { $block['user'] = $row->ipb_address; } if ($fld_userid && !$row->ipb_auto) { $block['userid'] = (int) $row->ipb_user; } if ($fld_by) { $block['by'] = $row->ipb_by_text; } if ($fld_byid) { $block['byid'] = (int) $row->ipb_by; } if ($fld_timestamp) { $block['timestamp'] = wfTimestamp(TS_ISO_8601, $row->ipb_timestamp); } if ($fld_expiry) { $block['expiry'] = $wgContLang->formatExpiry($row->ipb_expiry, TS_ISO_8601); } if ($fld_reason) { $block['reason'] = $row->ipb_reason; } if ($fld_range && !$row->ipb_auto) { $block['rangestart'] = IP::formatHex($row->ipb_range_start); $block['rangeend'] = IP::formatHex($row->ipb_range_end); } if ($fld_flags) { // For clarity, these flags use the same names as their action=block counterparts $block['automatic'] = (bool) $row->ipb_auto; $block['anononly'] = (bool) $row->ipb_anon_only; $block['nocreate'] = (bool) $row->ipb_create_account; $block['autoblock'] = (bool) $row->ipb_enable_autoblock; $block['noemail'] = (bool) $row->ipb_block_email; $block['hidden'] = (bool) $row->ipb_deleted; $block['allowusertalk'] = (bool) $row->ipb_allow_usertalk; } $fit = $result->addValue(array('query', $this->getModuleName()), null, $block); if (!$fit) { $this->setContinueEnumParameter('continue', "{$row->ipb_timestamp}|{$row->ipb_id}"); break; } } $result->addIndexedTagName(array('query', $this->getModuleName()), 'block'); }
/** * Given a string range in a number of formats, return the start and end of * the range in hexadecimal. * * Formats are: * 1.2.3.4/24 CIDR * 1.2.3.4 - 1.2.3.5 Explicit range * 1.2.3.4 Single IP */ public static function parseRange($range) { if (strpos($range, '/') !== false) { # CIDR list($network, $bits) = IP::parseCIDR($range); if ($network === false) { $start = $end = false; } else { $start = sprintf('%08X', $network); $end = sprintf('%08X', $network + pow(2, 32 - $bits) - 1); } } elseif (strpos($range, '-') !== false) { # Explicit range list($start, $end) = array_map('trim', explode('-', $range, 2)); if ($start > $end) { $start = $end = false; } else { $start = IP::toHex($start); $end = IP::toHex($end); } } else { # Single IP $start = $end = IP::toHex($range); } if ($start === false || $end === false) { return array(false, false); } else { return array($start, $end); } }
/** * Convert a network specification in CIDR notation to an integer network and a number of bits * * @deprecated Call IP::parseCIDR() directly, will be removed in 1.19 * @return array(string, int) */ function wfParseCIDR($range) { wfDeprecated(__FUNCTION__); return IP::parseCIDR($range); }
public function execute() { $params = $this->extractRequestParams(); $prop = array_flip($params['prop']); $fld_id = isset($prop['id']); $fld_address = isset($prop['address']); $fld_by = isset($prop['by']); $fld_timestamp = isset($prop['timestamp']); $fld_expiry = isset($prop['expiry']); $fld_reason = isset($prop['reason']); $fld_range = isset($prop['range']); $result = $this->getResult(); $data = array(); $this->addTables('globalblocks'); if ($fld_id) { $this->addFields('gb_id'); } if ($fld_address) { $this->addFields(array('gb_address', 'gb_anon_only')); } if ($fld_by) { $this->addFields(array('gb_by', 'gb_by_wiki')); } if ($fld_timestamp) { $this->addFields('gb_timestamp'); } if ($fld_expiry) { $this->addFields('gb_expiry'); } if ($fld_reason) { $this->addFields('gb_reason'); } if ($fld_range) { $this->addFields(array('gb_range_start', 'gb_range_end')); } $this->addOption('LIMIT', $params['limit'] + 1); $this->addWhereRange('gb_timestamp', $params['dir'], $params['start'], $params['end']); if (isset($params['ids'])) { $this->addWhereFld('gb_id', $params['ids']); } if (isset($params['addresses'])) { $this->addWhereFld('gb_address', $params['addresses']); } if (isset($params['ip'])) { list($ip, $range) = IP::parseCIDR($params['ip']); if ($ip && $range) { # We got a CIDR range if ($range < 16) { $this->dieUsage('CIDR ranges broader than /16 are not accepted', 'cidrtoobroad'); } $lower = wfBaseConvert($ip, 10, 16, 8, false); $upper = wfBaseConvert($ip + pow(2, 32 - $range) - 1, 10, 16, 8, false); } else { $lower = $upper = IP::toHex($params['ip']); } $prefix = substr($lower, 0, 4); $this->addWhere(array("gb_range_start LIKE '{$prefix}%'", "gb_range_start <= '{$lower}'", "gb_range_end >= '{$upper}'")); } $res = $this->select(__METHOD__); $count = 0; foreach ($res as $row) { if (++$count > $params['limit']) { // We've had enough $this->setContinueEnumParameter('start', wfTimestamp(TS_ISO_8601, $row->gb_timestamp)); break; } $block = array(); if ($fld_id) { $block['id'] = $row->gb_id; } if ($fld_address) { $block['address'] = $row->gb_address; if ($row->gb_anon_only) { $block['anononly'] = ''; } } if ($fld_by) { $block['by'] = $row->gb_by; $block['bywiki'] = $row->gb_by_wiki; } if ($fld_timestamp) { $block['timestamp'] = wfTimestamp(TS_ISO_8601, $row->gb_timestamp); } if ($fld_expiry) { $block['expiry'] = Block::decodeExpiry($row->gb_expiry, TS_ISO_8601); } if ($fld_reason) { $block['reason'] = $row->gb_reason; } if ($fld_range) { $block['rangestart'] = IP::hexToQuad($row->gb_range_start); $block['rangeend'] = IP::hexToQuad($row->gb_range_end); } $data[] = $block; } $result->setIndexedTagName($data, 'block'); $result->addValue('query', $this->getModuleName(), $data); }
/** * Convert a network specification in CIDR notation to an integer network and a number of bits */ function wfParseCIDR($range) { return IP::parseCIDR($range); }
function virtip_search() { $boot = new boostrap_form(); $page = CurrentPageName(); $tpl = new templates(); $sock = new sockets(); $q = new mysql(); $table = "nics_virtuals"; $database = "artica_backup"; $t = time(); $ORDER = $boot->TableOrder(array("ID" => "DESC")); $sock = new sockets(); $net = new networking(); $ip = new IP(); $interfaces = unserialize(base64_decode($sock->getFrameWork("cmd.php?ifconfig-interfaces=yes"))); $searchstring = string_to_flexquery("search-virtip"); $sql = "SELECT * FROM {$table} WHERE 1 {$searchstring} ORDER BY {$ORDER} LIMIT 0,250"; $results = $q->QUERY_SQL($sql, $database); if (!$q->ok) { senderrors($q->mysql_error . "<br>{$sql}"); } $net = new networking(); while ($ligne = mysql_fetch_assoc($results)) { $md = md5(serialize($ligne)); $ip = new IP(); $cdir = $ligne["cdir"]; $eth = "{$ligne["nic"]}:{$ligne["ID"]}"; $eth_text = "{$ligne["nic"]}:{$ligne["ID"]}"; if ($ligne["cdir"] == null) { $ligne["cdir"] = $net->array_TCP[$ligne["nic"]]; $eth = $ligne["nic"]; } if ($ligne["cdir"] == null) { $ligne["cdir"] = $net->array_TCP[$ligne["nic"]]; $eth = $ligne["nic"]; } $img = "folder-network-48.png"; if ($interfaces["{$ligne["nic"]}.{$ligne["ID"]}"] != null) { $img = "folder-network-48-grey.png"; } if (trim($ligne["org"]) == null) { $ligne["org"] = $tpl->_ENGINE_parse_body("<strong style='color:red'>{no_organization}</strong>"); } $edit = $boot->trswitch("Loadjs('{$page}?virtid-js={$ligne["ID"]}')"); $delete = imgsimple("delete-48.png", "{delete}", "Delete{$t}('{$ligne["ID"]}','{$md}')"); $a = $ip->parseCIDR($cdir); if ($a[0] == 0) { $img = "warning-panneau-24.png"; $cdir = "<span style='color:red'>{$cdir}</span>"; } $tr[] = "\n\t\t<tr id='{$md}'>\n\t\t\t<td style='font-size:18px' width=48px nowrap {$edit}><img src='img/{$img}'></td>\n\t\t\t<td style='font-size:18px' width=1% nowrap {$edit}>{$eth_text}</td>\n\t\t\t<td style='font-size:18px' width=90% nowrap {$edit}>{$ligne["org"]}</td>\n\t\t\t<td style='font-size:18px' width=10% nowrap {$edit}>{$ligne["nic"]}</td>\n\t\t\t<td style='font-size:18px' width=5% nowrap {$edit}>{$ligne["ipaddr"]}</td>\n\t\t\t<td style='font-size:18px' width=5% nowrap {$edit}>{$ligne["netmask"]}</td>\n\t\t\t<td style='font-size:18px' width=1% nowrap>{$delete}</td>\n\t\t</tr>\n\t\t"; } $delete_text = $tpl->javascript_parse_text("{delete}"); echo $boot->TableCompile(array("ID" => "ID:colspan=2", "org" => " {organization}", "nic" => "{nic}", "ipaddr" => "{ipaddr}", "netmask" => "{netmask}", "delete" => null), $tr) . "\n\t\t\t\t\t\n<script>\nvar mem{$t}='';\nvar xDelete{$t}=function(obj){\n\tvar tempvalue=obj.responseText;\n\tif(tempvalue.length>3){alert(tempvalue);return;}\n\t\$('#'+mem{$t}).remove();\n}\nfunction Delete{$t}(ID,mem){\n\tmem{$t}=mem;\n\tif(confirm('{$delete_text} ID: '+ID+'?')){\n\t\tmem{$t}=mem;\n\t\tvar XHR = new XHRConnection();\n\t\tXHR.appendData('virtip-delete',ID);\n\t\tXHR.sendAndLoad('{$page}', 'POST',xDelete{$t});\n\t\t}\n\t}\n</script>\t\t\t\t\t\n"; }
public function execute() { global $wgUser; $params = $this->extractRequestParams(); if (isset($params['users']) && isset($params['ip'])) { $this->dieUsage('bkusers and bkip cannot be used together', 'usersandip'); } $prop = array_flip($params['prop']); $fld_id = isset($prop['id']); $fld_user = isset($prop['user']); $fld_by = isset($prop['by']); $fld_timestamp = isset($prop['timestamp']); $fld_expiry = isset($prop['expiry']); $fld_reason = isset($prop['reason']); $fld_range = isset($prop['range']); $fld_flags = isset($prop['flags']); $result = $this->getResult(); $pageSet = $this->getPageSet(); $titles = $pageSet->getTitles(); $data = array(); $this->addTables('ipblocks'); if ($fld_id) { $this->addFields('ipb_id'); } if ($fld_user) { $this->addFields(array('ipb_address', 'ipb_user', 'ipb_auto')); } if ($fld_by) { $this->addTables('user'); $this->addFields(array('ipb_by', 'user_name')); $this->addWhere('user_id = ipb_by'); } if ($fld_timestamp) { $this->addFields('ipb_timestamp'); } if ($fld_expiry) { $this->addFields('ipb_expiry'); } if ($fld_reason) { $this->addFields('ipb_reason'); } if ($fld_range) { $this->addFields(array('ipb_range_start', 'ipb_range_end')); } if ($fld_flags) { $this->addFields(array('ipb_auto', 'ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock', 'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk')); } $this->addOption('LIMIT', $params['limit'] + 1); $this->addWhereRange('ipb_timestamp', $params['dir'], $params['start'], $params['end']); if (isset($params['ids'])) { $this->addWhereFld('ipb_id', $params['ids']); } if (isset($params['users'])) { foreach ((array) $params['users'] as $u) { $this->prepareUsername($u); } $this->addWhereFld('ipb_address', $this->usernames); } if (isset($params['ip'])) { list($ip, $range) = IP::parseCIDR($params['ip']); if ($ip && $range) { # We got a CIDR range if ($range < 16) { $this->dieUsage('CIDR ranges broader than /16 are not accepted', 'cidrtoobroad'); } $lower = wfBaseConvert($ip, 10, 16, 8, false); $upper = wfBaseConvert($ip + pow(2, 32 - $range) - 1, 10, 16, 8, false); } else { $lower = $upper = IP::toHex($params['ip']); } $prefix = substr($lower, 0, 4); $this->addWhere(array("ipb_range_start LIKE '{$prefix}%'", "ipb_range_start <= '{$lower}'", "ipb_range_end >= '{$upper}'")); } if (!$wgUser->isAllowed('suppress')) { $this->addWhereFld('ipb_deleted', 0); } // Purge expired entries on one in every 10 queries if (!mt_rand(0, 10)) { Block::purgeExpired(); } $res = $this->select(__METHOD__); $count = 0; while ($row = $res->fetchObject()) { if (++$count > $params['limit']) { // We've had enough $this->setContinueEnumParameter('start', wfTimestamp(TS_ISO_8601, $row->ipb_timestamp)); break; } $block = array(); if ($fld_id) { $block['id'] = $row->ipb_id; } if ($fld_user && !$row->ipb_auto) { $block['user'] = $row->ipb_address; } if ($fld_by) { $block['by'] = $row->user_name; } if ($fld_timestamp) { $block['timestamp'] = wfTimestamp(TS_ISO_8601, $row->ipb_timestamp); } if ($fld_expiry) { $block['expiry'] = Block::decodeExpiry($row->ipb_expiry, TS_ISO_8601); } if ($fld_reason) { $block['reason'] = $row->ipb_reason; } if ($fld_range) { $block['rangestart'] = IP::hexToQuad($row->ipb_range_start); $block['rangeend'] = IP::hexToQuad($row->ipb_range_end); } if ($fld_flags) { // For clarity, these flags use the same names as their action=block counterparts if ($row->ipb_auto) { $block['automatic'] = ''; } if ($row->ipb_anon_only) { $block['anononly'] = ''; } if ($row->ipb_create_account) { $block['nocreate'] = ''; } if ($row->ipb_enable_autoblock) { $block['autoblock'] = ''; } if ($row->ipb_block_email) { $block['noemail'] = ''; } if ($row->ipb_deleted) { $block['hidden'] = ''; } if ($row->ipb_allow_usertalk) { $block['allowusertalk'] = ''; } } $data[] = $block; } $result->setIndexedTagName($data, 'block'); $result->addValue('query', $this->getModuleName(), $data); }
function vlan_list_list() { $page = CurrentPageName(); $tpl = new templates(); $sock = new sockets(); $q = new mysql(); $table = "nics_vlan"; $database = "artica_backup"; $search = '%'; $page = 1; $sock = new sockets(); $net = new networking(); $ip = new IP(); $interfaces = unserialize(base64_decode($sock->getFrameWork("cmd.php?ifconfig-interfaces=yes"))); $ERROR_NO_PRIVS = $tpl->javascript_parse_text("{ERROR_NO_PRIVS}"); $DisableNetworksManagement = $sock->GET_INFO("DisableNetworksManagement"); if ($DisableNetworksManagement == null) { $DisableNetworksManagement = 0; } if (isset($_POST["sortname"])) { if ($_POST["sortname"] != null) { $ORDER = "ORDER BY {$_POST["sortname"]} {$_POST["sortorder"]}"; } } if (isset($_POST['page'])) { $page = $_POST['page']; } if ($_POST["query"] != null) { $search = string_to_sql_search($_POST["query"]); $searchstring = "AND (`{$_POST["qtype"]}` LIKE '{$search}')"; $sql = "SELECT COUNT( * ) AS tcount FROM {$table} WHERE 1 {$searchstring}"; $ligne = mysql_fetch_array($q->QUERY_SQL($sql, $database)); if (!$q->ok) { json_error_show($q->mysql_error . "<hr>" . $sql, 1); } $total = $ligne["tcount"]; } else { $total = $q->COUNT_ROWS($table, $database); } if (isset($_POST['rp'])) { $rp = $_POST['rp']; } $pageStart = ($page - 1) * $rp; $limitSql = "LIMIT {$pageStart}, {$rp}"; $sql = "SELECT * FROM `{$table}` WHERE 1 {$searchstring} {$ORDER} {$limitSql}"; $results = $q->QUERY_SQL($sql, $database); if (!$q->ok) { json_error_show($q->mysql_error . "<hr>" . $sql, 1); } $data = array(); $data['page'] = $page; $data['total'] = $total; $data['rows'] = array(); if (mysql_num_rows($results) == 0) { json_error_show("No VLAN interface set...", 1); } while ($ligne = mysql_fetch_assoc($results)) { $ip = new IP(); $cdir = $ligne["cdir"]; $eth = "{$ligne["nic"]}.{$ligne["ID"]}/{$ligne["nic"]}"; if ($ligne["cdir"] == null) { $ligne["cdir"] = $net->array_TCP[$ligne["nic"]]; $eth = $ligne["nic"]; } $img = "22-win-nic-off.png"; if ($interfaces["{$ligne["nic"]}.{$ligne["ID"]}"] != null) { $img = "22-win-nic.png"; } if (trim($ligne["org"]) == null) { $ligne["org"] = $tpl->_ENGINE_parse_body("<strong style='color:#d32d2d'>{no_organization}</strong>"); } $edit = imgsimple("24-administrative-tools.png", "{apply}", "VLANEdit({$ligne["ID"]})"); $delete = imgsimple("delete-24.png", "{delete}", "VLANDelete({$ligne["ID"]})"); if ($DisableNetworksManagement == 1) { $edit = " "; $delete = " "; } $a = $ip->parseCIDR($cdir); if ($a[0] == 0) { $img = "warning-panneau-24.png"; $cdir = "<span style='color:#d32d2d'>{$cdir}</span>"; } $data['rows'][] = array('id' => $ligne['ID'], 'cell' => array("<img src='img/{$img}'>", "<div style='font-size:14px;font-weight:normal'>{$ligne["vlanid"]}</div>", "<div style='font-size:14px;font-weight:normal'>{$ligne["org"]}</div>", "<div style='font-size:14px;font-weight:normal'>{$eth}</div>", "<div style='font-size:14px;font-weight:normal'>{$ligne["ipaddr"]}</div>", "<div style='font-size:14px;font-weight:normal'>{$ligne["netmask"]}<div style='font-size:11px'>{$cdir}</div></div>", $edit, $delete)); } echo json_encode($data); }
function BuildTunServer() { $unix = new unix(); $sock = new sockets(); $servername = $unix->hostname_g(); if (preg_match("#^(.+?)\\.#", $servername, $re)) { $servername = $re[1]; } $servername = strtoupper($servername); echo "Starting......: OpenVPN building settings for {$servername}...\n"; $ini = new Bs_IniHandler(); $sock = new sockets(); $ini->loadString($sock->GET_INFO("ArticaOpenVPNSettings")); if ($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"] == 1) { echo "Starting......: OpenVPN building settings mode bridge enabled...\n"; BuildBridgeServer(); return; } $IPTABLES_ETH = $GLOBALS["IPTABLES_ETH"]; $DEV_TYPE = $ini->_params["GLOBAL"]["DEV_TYPE"]; $port = $ini->_params["GLOBAL"]["LISTEN_PORT"]; $IP_START = $ini->_params["GLOBAL"]["IP_START"]; $NETMASK = $ini->_params["GLOBAL"]["NETMASK"]; $bind_addr = $ini->_params["GLOBAL"]["LOCAL_BIND"]; if (trim($port) == null) { $port = 1194; } if (trim($IP_START) == null) { $IP_START = "10.8.0.0"; } if (trim($NETMASK) == null) { $IP_START = "255.255.255.0"; } $nic = new networking(); while (list($num, $ligne) = each($nic->array_TCP)) { if ($ligne == null) { continue; } $eths[][$num] = $num; $ethi[$num] = $ligne; } if ($IPTABLES_ETH != null) { echo "Starting......: OpenVPN linked to {$IPTABLES_ETH} ({$ethi[$IPTABLES_ETH]})...\n"; $IPTABLES_ETH_ROUTE = IpCalcRoute($ethi[$IPTABLES_ETH]); } else { echo "Starting......: OpenVPN no local NIC linked...\n"; } $ca = '/etc/artica-postfix/openvpn/keys/allca.crt'; $dh = '/etc/artica-postfix/openvpn/keys/dh1024.pem'; $key = "/etc/artica-postfix/openvpn/keys/vpn-server.key"; $crt = "/etc/artica-postfix/openvpn/keys/vpn-server.crt"; $route = ''; //$IPTABLES_ETH_IP= if (is_file('/etc/artica-postfix/settings/Daemons/OpenVPNRoutes')) { $routes = explode("\n", @file_get_contents("/etc/artica-postfix/settings/Daemons/OpenVPNRoutes")); while (list($num, $ligne) = each($routes)) { if (!preg_match("#(.+?)\\s+(.+)#", $ligne, $re)) { continue; } $routess[] = "--push \"route {$re[1]} {$re[2]}\""; } } $routess[] = GetRoutes(); if (count($routess) == 0) { if ($IPTABLES_ETH_ROUTE != null) { echo "Starting......: OpenVPN IP adding default route \"{$IPTABLES_ETH_ROUTE}\"\n"; $routess[] = "--push \"route {$IPTABLES_ETH_ROUTE}\""; } } else { echo "Starting......: OpenVPN IP adding " . count($routess) . " routes\n"; } if (trim($bind_addr) != null) { $local = " --local {$bind_addr}"; echo "Starting......: OpenVPN IP bind {$bind_addr}\n"; } $IP_START = FIX_IP_START($IP_START, $local); $ini->set("GLOBAL", "IP_START", $IP_START); if (preg_match("#(.+?)\\.([0-9]+)\$#", $IP_START, $re)) { $calc_ip = " {$re[1]}.0"; $calc_ip_end = "{$re[1]}.254"; echo "Starting......: OpenVPN IP pool from {$re[1]}.2 to {$re[1]}.254 mask:{$NETMASK}\n"; $server_ip = "{$re[1]}.1"; } if ($NETMASK == null) { $ip = new IP(); $cdir = $ip->ip2cidr($calc_ip, $calc_ip_end); $arr = $ip->parseCIDR($cdir); $rang = $arr[0]; $netbit = $arr[1]; $ipv = new ipv4($calc_ip, $netbit); $NETMASK = $ipv->netmask(); if ($NETMASK == "255.255.255.255") { $NETMASK = "255.255.255.0"; } echo "Starting......: OpenVPN Netmask is null for the range {$calc_ip}, assume {$NETMASK}\n"; $ini->set("GLOBAL", "NETMASK", $NETMASK); } $OpenVpnPasswordCert = $sock->GET_INFO("OpenVpnPasswordCert"); if ($OpenVpnPasswordCert == null) { $OpenVpnPasswordCert = "MyKey"; } if (is_file("/etc/artica-postfix/openvpn/keys/password")) { $askpass = "******"; } $cmd = " --port {$port} --dev tun --server {$IP_START} {$NETMASK} --comp-lzo {$local} --ca {$ca} --dh {$dh} --key {$key} --cert {$crt}"; $cmd = $cmd . " --ifconfig-pool-persist /etc/artica-postfix/openvpn/ipp.txt " . implode(" ", $routess); $cmd = $cmd . " {$askpass}--client-to-client --persist-tun --verb 5 --daemon --writepid /var/run/openvpn/openvpn-server.pid --log \"/var/log/openvpn/openvpn.log\""; $cmd = $cmd . " --status /var/log/openvpn/openvpn-status.log 10"; @file_put_contents("/etc/openvpn/cmdline.conf", $cmd); $sock->SaveConfigFile($ini->toString(), "ArticaOpenVPNSettings"); echo "Starting......: OpenVPN building settings done.\n"; if ($GLOBALS["VERBOSE"]) { writelogs("{$cmd}", __FUNCTION__, __FILE__, __LINE__); } }