function bindIP($ips, $object_id) { $added_ips = array(); foreach ($ips as $ip_port) { try { $ip_port_array = explode(':', $ip_port); if (count($ip_port_array) > 2) { showError("invaild ip: \${$ip_port}"); continue; } $ip_bin = ip4_parse($ip_port_array[0]); $port = isset($ip_port_array[1]) ? $ip_port_array[1] : -1; if (getConfigVar('IPV4_JAYWALK') != 'yes' and NULL === getIPAddressNetworkId($ip_bin)) { showFuncMessage(__FUNCTION__, 'ERR1', array(ip_format($ip_bin))); continue; } bindIPToObject($ip_bin, $object_id, '', 'regular'); $added_ips[ip_format($ip_bin)] = $port; } catch (InvalidArgException $e) { showError($e->getMessage()); continue; } } return $added_ips; }
function renderNATv4ForObject($object_id) { function printNewItemTR($alloclist) { printOpFormIntro('addNATv4Rule'); echo "<tr align='center'><td>"; printImageHREF('add', 'Add new NAT rule', TRUE); echo '</td><td>'; printSelect(array('TCP' => 'TCP', 'UDP' => 'UDP', 'ALL' => 'ALL'), array('name' => 'proto')); echo "<select name='localip' tabindex=1>"; foreach ($alloclist as $ip_bin => $alloc) { $ip = $alloc['addrinfo']['ip']; $name = (!isset($alloc['addrinfo']['name']) or !strlen($alloc['addrinfo']['name'])) ? '' : ' (' . niftyString($alloc['addrinfo']['name']) . ')'; $osif = (!isset($alloc['osif']) or !strlen($alloc['osif'])) ? '' : $alloc['osif'] . ': '; echo "<option value='{$ip}'>{$osif}{$ip}{$name}</option>"; } echo "</select>:<input type='text' name='localport' size='4' tabindex=2></td>"; echo "<td><input type='text' name='remoteip' id='remoteip' size='10' tabindex=3>"; echo "<a href='javascript:;' onclick='window.open(\"" . makeHrefForHelper('inet4list'); echo "\", \"findobjectip\", \"height=700, width=400, location=no, menubar=no, resizable=yes, scrollbars=no, status=no, titlebar=no, toolbar=no\");'>"; printImageHREF('find', 'Find object'); echo "</a>"; echo ":<input type='text' name='remoteport' size='4' tabindex=4></td><td></td>"; echo "<td colspan=1><input type='text' name='description' size='20' tabindex=5></td><td>"; printImageHREF('add', 'Add new NAT rule', TRUE, 6); echo "</td></tr></form>"; } $focus = spotEntity('object', $object_id); amplifyCell($focus); echo "<center><h2>locally performed NAT</h2></center>"; echo "<table class='widetable' cellpadding=5 cellspacing=0 border=0 align='center'>\n"; echo "<tr><th></th><th>Match endpoint</th><th>Translate to</th><th>Target object</th><th>Comment</th><th> </th></tr>\n"; if (getConfigVar('ADDNEW_AT_TOP') == 'yes') { printNewItemTR($focus['ipv4']); } foreach ($focus['nat4']['out'] as $pf) { $class = 'trerror'; $osif = ''; $localip_bin = ip4_parse($pf['localip']); if (isset($focus['ipv4'][$localip_bin])) { $class = $focus['ipv4'][$localip_bin]['addrinfo']['class']; $osif = $focus['ipv4'][$localip_bin]['osif'] . ': '; } echo "<tr class='{$class}'>"; echo "<td>" . getOpLink(array('op' => 'delNATv4Rule', 'localip' => $pf['localip'], 'localport' => $pf['localport'], 'remoteip' => $pf['remoteip'], 'remoteport' => $pf['remoteport'], 'proto' => $pf['proto']), '', 'delete', 'Delete NAT rule') . "</td>"; echo "<td>{$pf['proto']}/{$osif}" . getRenderedIPPortPair($pf['localip'], $pf['localport']); if (strlen($pf['local_addr_name'])) { echo ' (' . $pf['local_addr_name'] . ')'; } echo "</td>"; echo "<td>" . getRenderedIPPortPair($pf['remoteip'], $pf['remoteport']) . "</td>"; $address = getIPAddress(ip4_parse($pf['remoteip'])); echo "<td class='description'>"; if (count($address['allocs'])) { foreach ($address['allocs'] as $bond) { echo mkA("{$bond['object_name']}({$bond['name']})", 'object', $bond['object_id']) . ' '; } } elseif (strlen($pf['remote_addr_name'])) { echo '(' . $pf['remote_addr_name'] . ')'; } printOpFormIntro('updNATv4Rule', array('localip' => $pf['localip'], 'localport' => $pf['localport'], 'remoteip' => $pf['remoteip'], 'remoteport' => $pf['remoteport'], 'proto' => $pf['proto'])); echo "</td><td class='description'>"; echo "<input type='text' name='description' value='{$pf['description']}'></td><td>"; printImageHREF('save', 'Save changes', TRUE); echo "</td></form></tr>"; } if (getConfigVar('ADDNEW_AT_TOP') != 'yes') { printNewItemTR($focus['ipv4']); } echo "</table><br><br>"; if (!count($focus['nat4'])) { return; } echo "<center><h2>arriving NAT connections</h2></center>"; echo "<table class='widetable' cellpadding=5 cellspacing=0 border=0 align='center'>\n"; echo "<tr><th></th><th>Source</th><th>Source objects</th><th>Target</th><th>Description</th></tr>\n"; foreach ($focus['nat4']['in'] as $pf) { echo "<tr><td>" . getOpLink(array('op' => 'delNATv4Rule', 'localip' => $pf['localip'], 'localport' => $pf['localport'], 'remoteip' => $pf['remoteip'], 'remoteport' => $pf['remoteport'], 'proto' => $pf['proto']), '', 'delete', 'Delete NAT rule') . "</td>"; echo "<td>{$pf['proto']}/" . getRenderedIPPortPair($pf['localip'], $pf['localport']) . "</td>"; echo '<td class="description">' . mkA($pf['object_name'], 'object', $pf['object_id']); echo "</td><td>" . getRenderedIPPortPair($pf['remoteip'], $pf['remoteport']) . "</td>"; echo "<td class='description'>{$pf['description']}</td></tr>"; } echo "</table><br><br>"; }
function createIPv4Prefix($range = '', $name = '', $is_connected = FALSE, $taglist = array(), $vlan_ck = NULL) { // $range is in x.x.x.x/x format, split into ip/mask vars $rangeArray = explode('/', $range); if (count($rangeArray) != 2) { throw new InvalidRequestArgException('range', $range, 'Invalid IPv4 prefix'); } $ip = $rangeArray[0]; $mask = $rangeArray[1]; $forbidden_ranges = array(constructIPRange("", 8), constructIPRange("ð", 4)); $net = constructIPRange(ip4_parse($ip), $mask); foreach ($forbidden_ranges as $invalid_net) { if (IPNetContainsOrEqual($invalid_net, $net)) { throw new InvalidArgException('range', $range, 'Reserved IPv4 network'); } } usePreparedInsertBlade('IPv4Network', array('ip' => ip4_bin2db($net['ip_bin']), 'mask' => $mask, 'name' => $name)); $network_id = lastInsertID(); if ($is_connected and $mask < 31) { updateV4Address($net['ip_bin'], 'network', 'yes'); updateV4Address(ip_last($net), 'broadcast', 'yes'); } produceTagsForNewRecord('ipv4net', $taglist, $network_id); if ($vlan_ck != NULL) { $ctx = getContext(); fixContext(spotEntity('ipv4net', $network_id)); if (permitted('ipv4net', '8021q', 'bind')) { commitSupplementVLANIPv4($vlan_ck, $network_id); } restoreContext($ctx); } return $network_id; }
function searchEntitiesByText($terms) { $summary = array(); if (preg_match(RE_IP4_ADDR, $terms)) { if ($net_id = getIPv4AddressNetworkId(ip4_parse($terms))) { $summary['ipv4addressbydq'][$terms] = array('net_id' => $net_id, 'ip' => $terms); } } elseif (FALSE !== ($ip_bin = ip6_checkparse($terms))) { if ($net_id = getIPv6AddressNetworkId($ip_bin)) { $summary['ipv6addressbydq'][$net_id] = array('net_id' => $net_id, 'ip' => $ip_bin); } } elseif (preg_match(RE_IP4_NET, $terms)) { list($base, $len) = explode('/', $terms); if (NULL !== ($net_id = getIPv4AddressNetworkId(ip4_parse($base), $len + 1))) { $summary['ipv4network'][$net_id] = spotEntity('ipv4net', $net_id); } } elseif (preg_match('@(.*)/(\\d+)$@', $terms, $matches) && FALSE !== ($ip_bin = ip6_checkparse($matches[1]))) { if (NULL !== ($net_id = getIPv6AddressNetworkId($ip_bin, $matches[2] + 1))) { $summary['ipv6network'][$net_id] = spotEntity('ipv6net', $net_id); } } else { // search by FQDN has special treatment - if single object found, do not search by other fields $object_id_by_fqdn = NULL; $domains = preg_split('/\\s*,\\s*/', strtolower(getConfigVar('SEARCH_DOMAINS'))); if (!empty($domains) and $object_id = searchByMgmtHostname($terms)) { // get FQDN $attrs = getAttrValues($object_id); $fqdn = ''; if (isset($attrs[3]['value'])) { $fqdn = strtolower(trim($attrs[3]['value'])); } foreach ($domains as $domain) { if ('.' . $domain === substr($fqdn, -strlen($domain) - 1)) { $object_id_by_fqdn = $object_id; break; } } } if ($object_id_by_fqdn) { $summary['object'][$object_id_by_fqdn] = array('id' => $object_id_by_fqdn, 'method' => 'fqdn'); } else { $summary['object'] = getObjectSearchResults($terms); $summary['ipv4addressbydescr'] = getIPv4AddressSearchResult($terms); $summary['ipv6addressbydescr'] = getIPv6AddressSearchResult($terms); $summary['ipv4network'] = getIPv4PrefixSearchResult($terms); $summary['ipv6network'] = getIPv6PrefixSearchResult($terms); $summary['ipv4rspool'] = getIPv4RSPoolSearchResult($terms); $summary['ipv4vs'] = getIPv4VServiceSearchResult($terms); $summary['user'] = getAccountSearchResult($terms); $summary['file'] = getFileSearchResult($terms); $summary['rack'] = getRackSearchResult($terms); $summary['vlan'] = getVLANSearchResult($terms); } } # Filter search results in a way in some realms to omit records, which the # user would not be able to browse anyway. if (isset($summary['object'])) { foreach ($summary['object'] as $key => $record) { if (!isolatedPermission('object', 'default', spotEntity('object', $record['id']))) { unset($summary['object'][$key]); } } } if (isset($summary['ipv4network'])) { foreach ($summary['ipv4network'] as $key => $netinfo) { if (!isolatedPermission('ipv4net', 'default', $netinfo)) { unset($summary['ipv4network'][$key]); } } } if (isset($summary['ipv6network'])) { foreach ($summary['ipv6network'] as $key => $netinfo) { if (!isolatedPermission('ipv6net', 'default', $netinfo)) { unset($summary['ipv6network'][$key]); } } } if (isset($summary['file'])) { foreach ($summary['file'] as $key => $fileinfo) { if (!isolatedPermission('file', 'default', $fileinfo)) { unset($summary['file'][$key]); } } } // clear empty search result realms foreach ($summary as $key => $data) { if (!count($data)) { unset($summary[$key]); } } return $summary; }