if ($ipaddr_int == $lansubnet_start) { $input_errors[] = sprintf(gettext("The IP address cannot be the %s network address."), $ifcfgdescr); } if ($ipaddr_int == $lansubnet_end) { $input_errors[] = sprintf(gettext("The IP address cannot be the %s broadcast address."), $ifcfgdescr); } } if ($_POST['gateway'] && !is_ipaddrv4($_POST['gateway'])) { $input_errors[] = gettext("A valid IP address must be specified for the gateway."); } if ($_POST['wins1'] && !is_ipaddrv4($_POST['wins1']) || $_POST['wins2'] && !is_ipaddrv4($_POST['wins2'])) { $input_errors[] = gettext("A valid IP address must be specified for the primary/secondary WINS servers."); } $parent_ip = get_interface_ip($POST['if']); if (is_ipaddrv4($parent_ip) && $_POST['gateway']) { $parent_sn = get_interface_subnet($_POST['if']); if (!ip_in_subnet($_POST['gateway'], gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn) && !ip_in_interface_alias_subnet($_POST['if'], $_POST['gateway'])) { $input_errors[] = sprintf(gettext("The gateway address %s does not lie within the chosen interface's subnet."), $_POST['gateway']); } } if ($_POST['dns1'] && !is_ipaddrv4($_POST['dns1']) || $_POST['dns2'] && !is_ipaddrv4($_POST['dns2']) || $_POST['dns3'] && !is_ipaddrv4($_POST['dns3']) || $_POST['dns4'] && !is_ipaddrv4($_POST['dns4'])) { $input_errors[] = gettext("A valid IP address must be specified for each of the DNS servers."); } if ($_POST['deftime'] && (!is_numeric($_POST['deftime']) || $_POST['deftime'] < 60)) { $input_errors[] = gettext("The default lease time must be at least 60 seconds."); } if ($_POST['maxtime'] && (!is_numeric($_POST['maxtime']) || $_POST['maxtime'] < 60 || $_POST['maxtime'] <= $_POST['deftime'])) { $input_errors[] = gettext("The maximum lease time must be at least 60 seconds and higher than the default lease time."); } if ($_POST['ddnsdomain'] && !is_domain($_POST['ddnsdomain'])) { $input_errors[] = gettext("A valid domain name must be specified for the dynamic DNS registration.");
} require "guiconfig.inc"; $if = $_GET['if']; if ($_POST['if']) { $if = $_POST['if']; } if (!$if) { header("Location: services_dhcp.php"); exit; } if (!is_array($config['dhcpd'][$if]['staticmap'])) { $config['dhcpd'][$if]['staticmap'] = array(); } $a_maps =& $config['dhcpd'][$if]['staticmap']; $ifcfgip = get_interface_ip($if); $ifcfgsn = get_interface_subnet($if); $ifcfgdescr = convert_friendly_interface_to_friendly_descr($if); $id = $_GET['id']; if (isset($_POST['id'])) { $id = $_POST['id']; } if (isset($id) && $a_maps[$id]) { $pconfig['mac'] = $a_maps[$id]['mac']; $pconfig['hostname'] = $a_maps[$id]['hostname']; $pconfig['ipaddr'] = $a_maps[$id]['ipaddr']; $pconfig['descr'] = base64_decode($a_maps[$id]['descr']); } else { $pconfig['mac'] = $_GET['mac']; $pconfig['hostname'] = $_GET['hostname']; $pconfig['descr'] = $_GET['descr']; }
if ($rule['destination']['address'] == $a_vip[$_GET['id']]['subnet']) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one NAT mapping."); break; } } } } if (is_ipaddrv6($a_vip[$_GET['id']]['subnet'])) { $is_ipv6 = true; $subnet = gen_subnetv6($a_vip[$_GET['id']]['subnet'], $a_vip[$_GET['id']]['subnet_bits']); $if_subnet_bits = get_interface_subnetv6($a_vip[$_GET['id']]['interface']); $if_subnet = gen_subnetv6(get_interface_ipv6($a_vip[$_GET['id']]['interface']), $if_subnet_bits); } else { $is_ipv6 = false; $subnet = gen_subnet($a_vip[$_GET['id']]['subnet'], $a_vip[$_GET['id']]['subnet_bits']); $if_subnet_bits = get_interface_subnet($a_vip[$_GET['id']]['interface']); $if_subnet = gen_subnet(get_interface_ip($a_vip[$_GET['id']]['interface']), $if_subnet_bits); } $subnet .= "/" . $a_vip[$_GET['id']]['subnet_bits']; $if_subnet .= "/" . $if_subnet_bits; if (is_array($config['gateways']['gateway_item'])) { foreach ($config['gateways']['gateway_item'] as $gateway) { if ($a_vip[$_GET['id']]['interface'] != $gateway['interface']) { continue; } if ($is_ipv6 && $gateway['ipprotocol'] == 'inet') { continue; } if (!$is_ipv6 && $gateway['ipprotocol'] == 'inet6') { continue; }
} case "address": if (!$pconfig['localid_address'] || !is_ipaddr($pconfig['localid_address'])) { $input_errors[] = gettext("A valid local network IP address must be specified."); } elseif (is_ipaddrv4($pconfig['localid_address']) && $pconfig['mode'] != "tunnel") { $input_errors[] = gettext("A valid local network IPv4 address must be specified or you need to change Mode to IPv6"); } elseif (is_ipaddrv6($pconfig['localid_address']) && $pconfig['mode'] != "tunnel6") { $input_errors[] = gettext("A valid local network IPv6 address must be specified or you need to change Mode to IPv4"); } break; } /* Check if the localid_type is an interface, to confirm if it has a valid subnet. */ if (isset($config['interfaces'][$pconfig['localid_type']])) { // Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201. $address = get_interface_ip($pconfig['localid_type']); $netbits = get_interface_subnet($pconfig['localid_type']); if (empty($address) || empty($netbits)) { $input_errors[] = gettext("Invalid Local Network.") . " " . convert_friendly_interface_to_friendly_descr($pconfig['localid_type']) . " " . gettext("has no subnet."); } } if (!empty($pconfig['natlocalid_address'])) { switch ($pconfig['natlocalid_type']) { case "network": if ($pconfig['natlocalid_netbits'] != 0 && !$pconfig['natlocalid_netbits'] || !is_numeric($pconfig['natlocalid_netbits'])) { $input_errors[] = gettext("A valid NAT local network bit count must be specified."); } if ($pconfig['localid_type'] == "address") { $input_errors[] = gettext("You cannot configure a network type address for NAT while only an address type is selected for local source."); } // address rules also apply to network type (hence, no break) // address rules also apply to network type (hence, no break)
$if = $_POST['interface']; } /* input validation */ if (!$mac || !is_macaddr($mac)) { $input_errors[] = gettext("A valid MAC address must be specified."); } if (!$if) { $input_errors[] = gettext("A valid interface must be specified."); } if (!$input_errors) { /* determine broadcast address */ $ipaddr = get_interface_ip($if); if (!is_ipaddr($ipaddr)) { $input_errors[] = gettext("A valid ip could not be found!"); } else { $bcip = gen_subnet_max($ipaddr, get_interface_subnet($if)); /* Execute wol command and check return code. */ if (!mwexec("/usr/local/bin/wol -i {$bcip} " . escapeshellarg($mac))) { $savemsg .= sprintf(gettext("Sent magic packet to %s."), $mac); } else { $savemsg .= sprintf(gettext('Please check the %1$ssystem log%2$s, the wol command for %3$s did not complete successfully%4$s'), '<a href="/diag_logs.php">', '</a>', $mac, ".<br />"); } } } } if ($_GET['act'] == "del") { if ($a_wol[$_GET['id']]) { unset($a_wol[$_GET['id']]); write_config(); header("Location: services_wol.php"); exit;
$reqdfieldsn = array(gettext("Name"), gettext("Interface")); do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors); if (!isset($pconfig['name'])) { $input_errors[] = gettext("A valid gateway name must be specified."); } if (!is_validaliasname($pconfig['name'])) { $input_errors[] = gettext("The gateway name must not contain invalid characters."); } /* skip system gateways which have been automatically added */ if (!empty($pconfig['gateway']) && !is_ipaddr($pconfig['gateway']) && $pconfig['attribute'] !== "system" && $pconfig['gateway'] != "dynamic") { $input_errors[] = gettext("A valid gateway IP address must be specified."); } if (!empty($pconfig['gateway']) && is_ipaddr($pconfig['gateway']) && !isset($_REQUEST['isAjax'])) { if (is_ipaddrv4($pconfig['gateway'])) { $parent_ip = get_interface_ip($pconfig['interface']); $parent_sn = get_interface_subnet($pconfig['interface']); if (empty($parent_ip) || empty($parent_sn)) { $input_errors[] = gettext("Cannot add IPv4 Gateway Address because no IPv4 address could be found on the interface."); } else { $subnets = array(gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn); $vips = link_interface_to_vips($_POST['interface']); if (is_array($vips)) { foreach ($vips as $vip) { if (!is_ipaddrv4($vip['subnet'])) { continue; } $subnets[] = gen_subnet($vip['subnet'], $vip['subnet_bits']) . "/" . $vip['subnet_bits']; } } $found = false; foreach ($subnets as $subnet) {
/** * delete virtual ip */ function deleteVIPEntry($id) { global $config; $input_errors = array(); $a_vip =& $config['virtualip']['vip']; /* make sure no inbound NAT mappings reference this entry */ if (isset($config['nat']['rule'])) { foreach ($config['nat']['rule'] as $rule) { if (!empty($rule['destination']['address'])) { if ($rule['destination']['address'] == $a_vip[$id]['subnet']) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one NAT mapping."); break; } } } } if (is_ipaddrv6($a_vip[$id]['subnet'])) { $is_ipv6 = true; $subnet = gen_subnetv6($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']); $if_subnet_bits = get_interface_subnetv6($a_vip[$id]['interface']); $if_subnet = gen_subnetv6(get_interface_ipv6($a_vip[$id]['interface']), $if_subnet_bits); } else { $is_ipv6 = false; $subnet = gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']); $if_subnet_bits = get_interface_subnet($a_vip[$id]['interface']); $if_subnet = gen_subnet(get_interface_ip($a_vip[$id]['interface']), $if_subnet_bits); } $subnet .= "/" . $a_vip[$id]['subnet_bits']; $if_subnet .= "/" . $if_subnet_bits; if (isset($config['gateways']['gateway_item'])) { foreach ($config['gateways']['gateway_item'] as $gateway) { if ($a_vip[$id]['interface'] != $gateway['interface']) { continue; } if ($is_ipv6 && $gateway['ipprotocol'] == 'inet') { continue; } if (!$is_ipv6 && $gateway['ipprotocol'] == 'inet6') { continue; } if (ip_in_subnet($gateway['gateway'], $if_subnet)) { continue; } if (ip_in_subnet($gateway['gateway'], $subnet)) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one Gateway."); break; } } } if ($a_vip[$id]['mode'] == "ipalias") { $subnet = gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']) . "/" . $a_vip[$id]['subnet_bits']; $found_if = false; $found_carp = false; $found_other_alias = false; if ($subnet == $if_subnet) { $found_if = true; } $vipiface = $a_vip[$id]['interface']; foreach ($a_vip as $vip_id => $vip) { if ($vip_id != $id) { if ($vip['interface'] == $vipiface && ip_in_subnet($vip['subnet'], $subnet)) { if ($vip['mode'] == "carp") { $found_carp = true; } else { if ($vip['mode'] == "ipalias") { $found_other_alias = true; } } } } } if ($found_carp === true && $found_other_alias === false && $found_if === false) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by a CARP IP with the description") . " {$vip['descr']}."; } } if (count($input_errors) == 0) { // Special case since every proxyarp vip is handled by the same daemon. if ($a_vip[$id]['mode'] == "proxyarp") { $viface = $a_vip[$id]['interface']; unset($a_vip[$id]); interface_proxyarp_configure($viface); } else { interface_vip_bring_down($a_vip[$id]); unset($a_vip[$id]); } if (count($config['virtualip']['vip']) == 0) { unset($config['virtualip']['vip']); } } return $input_errors; }
#!/usr/local/bin/php <?php $options = getopt("i:"); require_once "config.inc"; require_once "gwlb.inc"; require_once "interfaces.inc"; $interface_name = $options[i]; $realif = get_real_interface($interface_name); $ipaddr = get_interface_ip($interface_name); $subnet = get_interface_subnet($interface_name); printf("%s/%s", $ipaddr, $subnet);
} if ($_POST['custom_subnet_mask'] && is_validmask_v4($_POST['custom_subnet_mask']) != 1) { $input_errors[] = gettext("A valid custom subnet maks must be specified."); } if ($_POST['range_to'] && !is_ipaddrv4($_POST['range_to'])) { $input_errors[] = gettext("A valid range must be specified."); } if ($_POST['gateway'] && $_POST['gateway'] != "none" && !is_ipaddrv4($_POST['gateway'])) { $input_errors[] = gettext("A valid IP address must be specified for the gateway."); } if ($_POST['wins1'] && !is_ipaddrv4($_POST['wins1']) || $_POST['wins2'] && !is_ipaddrv4($_POST['wins2'])) { $input_errors[] = gettext("A valid IP address must be specified for the primary/secondary WINS servers."); } $parent_ip = is_ipaddrv4($_POST['custom_subnet']) ? $_POST['custom_subnet'] : get_interface_ip($_POST['if']); if (is_ipaddrv4($parent_ip) && $_POST['gateway'] && $_POST['gateway'] != "none") { $parent_sn = is_validmask_v4($_POST['custom_subnet_mask']) ? mask2cidr_v4($_POST['custom_subnet_mask']) : get_interface_subnet($_POST['if']); if (!ip_in_subnet($_POST['gateway'], gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn) && !ip_in_interface_alias_subnet($_POST['if'], $_POST['gateway'])) { $input_errors[] = sprintf(gettext("The gateway address %s does not lie within the chosen interface's subnet."), $_POST['gateway']); } } for ($dns = 1; $dns <= 4; $dns++) { if ($_POST["dns{$dns}"] && !is_ipaddrv4($_POST["dns{$dns}"])) { $input_errors[] = gettext("A valid IP address must be specified for each of the DNS servers."); } } if ($_POST['deftime'] && (!is_numeric($_POST['deftime']) || $_POST['deftime'] < 60)) { $input_errors[] = gettext("The default lease time must be at least 60 seconds."); } if (isset($config['captiveportal']) && is_array($config['captiveportal'])) { $deftime = 7200; // Default value if it's empty
// if there are already AON rules configured, don't generate default ones if (!empty($a_out)) { continue; } /* * user has enabled advanced outbound NAT and doesn't have rules * lets automatically create entries * for all of the interfaces to make life easier on the pip-o-chap */ $ifdescrs = get_configured_interface_with_descr(); foreach ($ifdescrs as $if => $ifdesc) { if (interface_has_gateway($if)) { continue; } $osipaddr = get_interface_ip($if); $ossubnet = get_interface_subnet($if); if (!is_ipaddr($osipaddr) || empty($ossubnet)) { continue; } $osn = gen_subnet($osipaddr, $ossubnet); foreach ($ifdescrs as $if2 => $ifdesc2) { if (!interface_has_gateway($if2)) { continue; } $natent = array(); $natent['source']['network'] = "{$osn}/{$ossubnet}"; $natent['dstport'] = "500"; $natent['descr'] = sprintf(gettext('Auto created rule for ISAKMP - %1$s to %2$s'), $ifdesc, $ifdesc2); $natent['target'] = ""; $natent['interface'] = $if2; $natent['destination']['any'] = true;