aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPiBa-NL <pba_2k3@yahoo.com>2014-11-30 20:53:42 +0100
committerPiBa-NL <pba_2k3@yahoo.com>2014-12-04 21:40:20 +0100
commit7b9b5ac6b297792f2c61f09eb5b33133c75a2cc1 (patch)
tree736028045abe6d110dc6d8913ee7d754cff73fea
parent6fcb484f97e991ac408de96efe843bed74c6166c (diff)
downloadpfsense-packages-7b9b5ac6b297792f2c61f09eb5b33133c75a2cc1.tar.gz
pfsense-packages-7b9b5ac6b297792f2c61f09eb5b33133c75a2cc1.tar.bz2
pfsense-packages-7b9b5ac6b297792f2c61f09eb5b33133c75a2cc1.zip
haproxy-devel, remove old listen ip:port configuration, add conversion code.
-rw-r--r--config/haproxy-devel/haproxy.inc405
-rw-r--r--config/haproxy-devel/haproxy_htmllist.inc376
-rw-r--r--config/haproxy-devel/haproxy_listeners.php35
-rw-r--r--config/haproxy-devel/haproxy_listeners_edit.php90
4 files changed, 566 insertions, 340 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc
index 930fd4e9..5b56595a 100644
--- a/config/haproxy-devel/haproxy.inc
+++ b/config/haproxy-devel/haproxy.inc
@@ -38,6 +38,13 @@ require_once("haproxy_xmlrpcsyncclient.inc");
$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty";
+global $a_frontendmode;
+$a_frontendmode = array();
+$a_frontendmode['http'] = array('name' => "http / https(offloading)", 'shortname' => "http/https");
+$a_frontendmode['https'] = array('name' => "ssl / https(TCP mode)", 'shortname' => "ssl/https");
+$a_frontendmode['tcp'] = array('name' => "tcp", 'shortname' => "tcp");
+$a_frontendmode['health'] = array('name' => "health", 'shortname' => "health");
+
global $a_acltypes;
$a_acltypes = array();
$a_acltypes["host_starts_with"] = array('name' => 'Host starts with:',
@@ -84,6 +91,8 @@ $a_acltypes["ssl_sni_starts_with"] = array('name' => 'Server Name Indication TLS
'mode' => 'https', 'syntax' => 'req.ssl_sni -m beg -i %1$s', 'advancedoptions' => "tcp-request content accept if { req.ssl_hello_type 1 }");
$a_acltypes["ssl_sni_ends_with"] = array('name' => 'Server Name Indication TLS extension ends with:', 'inspect-delay' => '5',
'mode' => 'https', 'syntax' => 'req.ssl_sni -m end -i %1$s', 'advancedoptions' => "tcp-request content accept if { req.ssl_hello_type 1 }");
+$a_acltypes["ssl_sni_ends_with"] = array('name' => 'Server Name Indication TLS extension regex:', 'inspect-delay' => '5',
+ 'mode' => 'https', 'syntax' => 'req.ssl_sni -m reg -i %1$s', 'advancedoptions' => "tcp-request content accept if { req.ssl_hello_type 1 }");
$a_acltypes["custom"] = array('name' => 'Custom acl:',
'mode' => '', 'syntax' => '%1$s');
@@ -237,10 +246,11 @@ function group_ports($ports) {
return $result;
}
}
-
+
function haproxy_portoralias_to_list($port_or_alias) {
// input: a port or aliasname: 80 https MyPortAlias
// returns: a array of ports and portranges 80 443 8000:8010
+
global $aliastable;
$portresult = array();
if (alias_get_type($port_or_alias) == "port") {
@@ -253,15 +263,39 @@ function haproxy_portoralias_to_list($port_or_alias) {
return $portresult;
} else if (is_portrange($port_or_alias)) {
return (array)$port_or_alias;
- } else if (is_port($port_or_alias)) {
- if (getservbyname($port_or_alias, "tcp"))
- return (array)getservbyname($port_or_alias, "tcp");
- if (getservbyname($port_or_alias, "udp"))
- return (array)getservbyname($port_or_alias, "udp");
- return (array)$port_or_alias;
+ } else {
+ $ports = explode(",", $port_or_alias);
+ foreach($ports as $port){
+ if (is_port($port)) {
+ if (getservbyname($port, "tcp"))
+ $port = getservbyname($port, "tcp");
+ if (getservbyname($port, "udp"))
+ $port = getservbyname($port, "udp");
+ $portresult[] = $port;
+ }
+ }
+ return $portresult;
+ }
+}
+function haproxy_addressoralias_to_list($address_or_alias) {
+ global $aliastable;
+ $result = array();
+ $alias_type = alias_get_type($address_or_alias);
+ if (!empty($alias_type)) {
+ $alias = $aliastable[$address_or_alias];
+ if ($alias_type == "url") {
+ $result = explode(' ',$alias);
+ } else
+ if ($alias_type == "network") {
+ //$result = explode(' ',$alias);
+ } else
+ if ($alias_type == "host") {
+ $result = explode(' ',$alias);
+ }
+ } else {
+ $result[] = $address_or_alias;
}
- else
- return null;
+ return $result;
}
function haproxy_hostoralias_to_list($host_or_alias) {
@@ -365,107 +399,136 @@ EOD;
$static_output .= "HAProxy, update configuration\n";
update_output_window($static_output);
- $writeconfigupdate = false;
- /* Do XML upgrade from haproxy 0.31 to haproxy-dev */
- if (is_array($config['installedpackages']['haproxy']['ha_servers'])) {
- $static_output .= "HAProxy, Do XML upgrade from haproxy 0.31 to haproxy-dev\n";
- update_output_window($static_output);
+ // make sure the version stays 'comparable'
+ if (is_arrayset($config,'installedpackages','haproxy'))
+ $configversion = $config['installedpackages']['haproxy']['configversion'];
+ else
+ $configversion = "00.12";
- /* We have an old config */
- $config['installedpackages']['haproxy']['ha_pools']['item'] = array();
- $a_global = &$config['installedpackages']['haproxy'];
- $a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item'];
- $a_oldservers = &$config['installedpackages']['haproxy']['ha_servers']['item'];
- $a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item'];
+ $static_output .= "HAProxy, from version $configversion\n";
+ update_output_window($static_output);
+
+ $writeconfigupdate = false;
+ if ($configversion < "00.13") {
+ /* Do XML upgrade from haproxy 0.31 to haproxy-dev */
+ if (is_array($config['installedpackages']['haproxy']['ha_servers'])) {
+ $static_output .= "HAProxy, Do XML upgrade from haproxy 0.31 to haproxy-dev\n";
+ update_output_window($static_output);
+
+ /* We have an old config */
+ $config['installedpackages']['haproxy']['ha_pools']['item'] = array();
+ $a_global = &$config['installedpackages']['haproxy'];
+ $a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item'];
+ $a_oldservers = &$config['installedpackages']['haproxy']['ha_servers']['item'];
+ $a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item'];
- foreach ($a_backends as $id => $be) {
- $a_backends[$id]['status'] = 'active';
- }
- $id = 0;
- foreach ($a_oldservers as $oldserver) {
- $pool=$oldserver;
- /* make server sub array */
- $server=array();
- $server['name'] = $oldserver['name'];
- $server['address'] = $oldserver['address'];
- $server['port'] = $oldserver['port'];
- $server['weight'] = $oldserver['weight'];
- $a_servers=array();
- $a_servers[]=$server;
- /* set new pool */
- $pool['name'] = "pool$id";
- $id++;
- $pool['ha_servers']['item']=$a_servers;
- /* link to frontend */
foreach ($a_backends as $id => $be) {
- if ($a_backends[$id]['name'] == $oldserver['backend']) {
- $a_backends[$id]['backend_serverpool'] = $pool['name'];
- $pool['monitor_uri'] = $be['monitor_uri'];
- unset($a_backends[$id]['monitor_uri']);
- break;
+ $a_backends[$id]['status'] = 'active';
+ }
+ $id = 0;
+ foreach ($a_oldservers as $oldserver) {
+ $pool=$oldserver;
+ /* make server sub array */
+ $server=array();
+ $server['name'] = $oldserver['name'];
+ $server['address'] = $oldserver['address'];
+ $server['port'] = $oldserver['port'];
+ $server['weight'] = $oldserver['weight'];
+ $a_servers=array();
+ $a_servers[]=$server;
+ /* set new pool */
+ $pool['name'] = "pool$id";
+ $id++;
+ $pool['ha_servers']['item']=$a_servers;
+ /* link to frontend */
+ foreach ($a_backends as $id => $be) {
+ if ($a_backends[$id]['name'] == $oldserver['backend']) {
+ $a_backends[$id]['backend_serverpool'] = $pool['name'];
+ $pool['monitor_uri'] = $be['monitor_uri'];
+ unset($a_backends[$id]['monitor_uri']);
+ break;
+ }
}
+ unset($pool['backend']);
+ unset($pool['address']);
+ unset($pool['port']);
+ unset($pool['weight']);
+ $a_pools[] = $pool;
}
- unset($pool['backend']);
- unset($pool['address']);
- unset($pool['port']);
- unset($pool['weight']);
- $a_pools[] = $pool;
+ unset($config['installedpackages']['haproxy']['ha_servers']);
+ $writeconfigupdate = true;
}
- unset($config['installedpackages']['haproxy']['ha_servers']);
- $writeconfigupdate = true;
- }
-
- /* XML update to: pkg v1.3 and 'pool' changed to 'backend_serverpool' because 'pool' was added to listtags() in xmlparse.inc */
- if (is_arrayset($config,'installedpackages','haproxy','ha_backends','item',0,'pool')) {
- $static_output .= "HAProxy, Do XML upgrade, change to backend_serverpool from pool array\n";
- update_output_window($static_output);
-
- foreach($config['installedpackages']['haproxy']['ha_backends']['item'] as &$frontend)
- {
- $backend_serverpool = $frontend['pool'][0];
- $frontend['backend_serverpool'] = $backend_serverpool;
- unset($frontend['pool']);
+
+ /* XML update to: pkg v1.3 and 'pool' changed to 'backend_serverpool' because 'pool' was added to listtags() in xmlparse.inc */
+ if (is_arrayset($config,'installedpackages','haproxy','ha_backends','item',0,'pool')) {
+ $static_output .= "HAProxy, Do XML upgrade, change to backend_serverpool from pool array\n";
+ update_output_window($static_output);
+
+ foreach($config['installedpackages']['haproxy']['ha_backends']['item'] as &$frontend)
+ {
+ $backend_serverpool = $frontend['pool'][0];
+ $frontend['backend_serverpool'] = $backend_serverpool;
+ unset($frontend['pool']);
+ }
+ $writeconfigupdate = true;
}
- $writeconfigupdate = true;
- }
- //also move setting for existing 2.0 installations as only the new variable is used
- if (is_arrayset($config,'installedpackages','haproxy','ha_backends','item',0) &&
- isset($config['installedpackages']['haproxy']['ha_backends']['item'][0]['pool'])) {
- $static_output .= "HAProxy, Do XML upgrade, change to backend_serverpool from pool\n";
- update_output_window($static_output);
- foreach($config['installedpackages']['haproxy']['ha_backends']['item'] as &$frontend)
- {
- $backend_serverpool = $frontend['pool'];
- $frontend['backend_serverpool'] = $backend_serverpool;
- unset($frontend['pool']);
+ //also move setting for existing 2.0 installations as only the new variable is used
+ if (is_arrayset($config,'installedpackages','haproxy','ha_backends','item',0) &&
+ isset($config['installedpackages']['haproxy']['ha_backends']['item'][0]['pool'])) {
+ $static_output .= "HAProxy, Do XML upgrade, change to backend_serverpool from pool\n";
+ update_output_window($static_output);
+ foreach($config['installedpackages']['haproxy']['ha_backends']['item'] as &$frontend)
+ {
+ $backend_serverpool = $frontend['pool'];
+ $frontend['backend_serverpool'] = $backend_serverpool;
+ unset($frontend['pool']);
+ }
+ $writeconfigupdate = true;
+ }
+ // update config to "haproxy-devel 1.5-dev19 pkg v0.5"
+ if(is_arrayset($config,'installedpackages','haproxy','ha_backends','item')) {
+ $static_output .= "HAProxy, Do XML upgrade, update frontend options\n";
+ update_output_window($static_output);
+ foreach ($config['installedpackages']['haproxy']['ha_backends']['item'] as &$bind) {
+ if($bind['httpclose'] && $bind['httpclose'] == "yes" ) {
+ $bind['httpclose'] = "httpclose";
+ $writeconfigupdate = true;
+ }
+ if (!$bind['extaddr']){
+ $bind['extaddr'] = "wan_ipv4";
+ $writeconfigupdate = true;
+ }
+ if ($bind['extaddr'] == "localhost"){
+ $bind['extaddr'] = "localhost_ipv4";
+ $writeconfigupdate = true;
+ }
+ if ($bind['extaddr'] == "any"){
+ $bind['extaddr'] = "any_ipv4";
+ $writeconfigupdate = true;
+ }
+ }
}
- $writeconfigupdate = true;
}
- // update config to "haproxy-devel 1.5-dev19 pkg v0.5"
- if(is_arrayset($config,'installedpackages','haproxy','ha_backends','item')) {
- $static_output .= "HAProxy, Do XML upgrade, update frontend options\n";
- update_output_window($static_output);
+ if ($configversion == "00.12") {
+ // update config to "haproxy-devel 1.5-dev19 pkg v0.13"
foreach ($config['installedpackages']['haproxy']['ha_backends']['item'] as &$bind) {
- if($bind['httpclose'] && $bind['httpclose'] == "yes" ) {
- $bind['httpclose'] = "httpclose";
- $writeconfigupdate = true;
- }
- if (!$bind['extaddr']){
- $bind['extaddr'] = "wan_ipv4";
- $writeconfigupdate = true;
- }
- if ($bind['extaddr'] == "localhost"){
- $bind['extaddr'] = "localhost_ipv4";
- $writeconfigupdate = true;
- }
- if ($bind['extaddr'] == "any"){
- $bind['extaddr'] = "any_ipv4";
- $writeconfigupdate = true;
+ if (isset($bind['extaddr'])) {
+ $new['extaddr'] = $bind['extaddr'];
+ $new['extaddr_port'] = $bind['port'];
+ $new['extaddr_ssl'] = $bind['ssloffload'];
+ $bind['a_extaddr']['item'][] = $new;
}
+ unset($bind['extaddr']);
+ unset($bind['port']);
+ //unset($bind['ssloffload']);
}
+ $configversion = "00.13";
}
+
+ $writeconfigupdate = $config['installedpackages']['haproxy']['configversion'] <> $configversion;
if ($writeconfigupdate) {
- $static_output .= "HAProxy, write updated config\n";
+ $config['installedpackages']['haproxy']['configversion'] = $configversion;
+ $static_output .= "HAProxy, write updated config to version: $configversion\n";
update_output_window($static_output);
write_config("HAProxy, update xml config version");
}
@@ -875,6 +938,9 @@ function haproxy_write_certificate_fullchain($filename, $certid, $append = false
function haproxy_writeconf($configpath) {
global $config;
+ global $aliastable;
+ if (!isset($aliastable))
+ alias_make_table($config);
$chroot_dir = "/tmp/haproxy_chroot"; // can contain socket to forward connection from backend to frontend. "/var/empty"
make_dirs($chroot_dir);
@@ -951,7 +1017,8 @@ function haproxy_writeconf($configpath) {
if(!$frontend['backend_serverpool'])
continue;
$primaryfrontend = get_primaryfrontend($frontend);
- $bname = get_frontend_ipport($frontend);
+
+ $bname = $primaryfrontend['name'];
if (!is_array($a_bind[$bname])) {
$a_bind[$bname] = array();
$a_bind[$bname] = $primaryfrontend;
@@ -959,12 +1026,14 @@ function haproxy_writeconf($configpath) {
}
//check ssl info
- if (strtolower($primaryfrontend['type']) == "http" && $frontend['ssloffload']){
+ $ssl = get_frontend_uses_ssl($frontend);
+
+ if ($ssl) {
//ssl crt ./server.pem ca-file ./ca.crt verify optional crt-ignore-err all crl-file ./ca_crl.pem
- $filename = "$configpath/{$frontend['name']}.{$frontend['port']}.pem";
+ $filename = "$configpath/{$frontend['name']}.pem";
$ssl_crt = " crt $filename";
haproxy_write_certificate_fullchain($filename, $frontend['ssloffloadcert']);
- $subfolder = "$configpath/{$frontend['name']}.{$frontend['port']}";
+ $subfolder = "$configpath/{$frontend['name']}";
$certs = $frontend['ha_certificates']['item'];
if (is_array($certs)){
if (count($certs) > 0){
@@ -1032,8 +1101,8 @@ function haproxy_writeconf($configpath) {
}
// Prepare ports for processing by splitting
- $portss = "{$bind['port']},";
- $ports = split(",", $portss);
+ //$portss = "{$bind['port']},";
+ //$ports = split(",", $portss);
if($bind['type'] == "http") {
// ssl offloading is only possible in http mode.
@@ -1043,41 +1112,36 @@ function haproxy_writeconf($configpath) {
$ssl_info = "";
$advanced_bind = "";
}
+
+ fwrite ($fd, "{$frontendinfo}");
+
// Initialize variable
$listenip = "";
// Process and add bind directives for ports
- $ip = haproxy_interface_ip($bind['extaddr']);
- if ($ip){
- foreach($ports as $alias_or_port) {
- if($alias_or_port) {
- $portsnumeric = group_ports(haproxy_portoralias_to_list($alias_or_port));
- foreach($portsnumeric as $portnumeric) {
- $portnumeric = str_replace(":","-",$portnumeric);
- $listenip .= "\tbind\t\t\t$ip:{$portnumeric} {$ssl_info} {$advanced_bind}\n";
- }
- }
- }
- }
-
- fwrite ($fd, "{$frontendinfo}");
-
if (isset($bind['a_extaddr'])) {
foreach($bind['a_extaddr']['item'] as $extaddr) {
- if (isset($extaddr['extaddr']) && $extaddr['extaddr'] != "") {
- $ip = haproxy_interface_ip($extaddr['extaddr']);
- } else
- $ip = $extaddr['extaddr_custom'];
+ $a_ip = array();
+ if (isset($extaddr['extaddr']) && $extaddr['extaddr'] != "custom") {
+ $a_ip[] = haproxy_interface_ip($extaddr['extaddr']);
+ } else {
+ $iporalias = $extaddr['extaddr_custom'];
+ $a_ip = haproxy_addressoralias_to_list($iporalias);
+ }
if ($extaddr['extaddr_ssl'] == 'yes')
$ssl = $ssl_info;
else
$ssl = "";
- $portsnumeric = group_ports(haproxy_portoralias_to_list($extaddr['extaddr_port']));
- foreach($portsnumeric as $portnumeric) {
- $portnumeric = str_replace(":","-",$portnumeric);
- $listenip .= "\tbind\t\t\t$ip:{$portnumeric} {$ssl} {$advanced_bind} {$extaddr['extaddr_advanced']}\n";
+ foreach($a_ip as $ip) {
+ $portsnumeric = group_ports(haproxy_portoralias_to_list($extaddr['extaddr_port']));
+ if (is_array($portsnumeric)) {
+ foreach($portsnumeric as $portnumeric) {
+ $portnumeric = str_replace(":","-",$portnumeric);
+ $listenip .= "\tbind\t\t\t$ip:{$portnumeric} {$ssl} {$advanced_bind} {$extaddr['extaddr_advanced']}\n";
+ }
+ }
}
}
}
@@ -1127,10 +1191,9 @@ function haproxy_writeconf($configpath) {
if($bind['forwardfor']) {
fwrite ($fd, "\toption\t\t\tforwardfor\n");
- if($bind['ssloffload'] == "yes")
- fwrite ($fd, "\treqadd X-Forwarded-Proto:\ https\n");
- else
- fwrite ($fd, "\treqadd X-Forwarded-Proto:\ http\n");
+ fwrite ($fd, "\tacl https ssl_fc\n");
+ fwrite ($fd, "\treqadd X-Forwarded-Proto:\ http if !https\n");
+ fwrite ($fd, "\treqadd X-Forwarded-Proto:\ https if https\n");
}
}
@@ -1413,8 +1476,7 @@ function haproxy_plugin_certificates($pluginparams) {
$result['certificatelist'] = array();
// return a array of used certificates.
foreach($config['installedpackages']['haproxy']['ha_backends']['item'] as &$frontend) {
- $mainfrontend = get_primaryfrontend($frontend);
- if (strtolower($mainfrontend['type']) == "http" && $mainfrontend['ssloffload']) {
+ if (get_frontend_uses_ssl($frontend)) {
if ($frontend['ssloffloadacl']){
$item = array();
$cert = $frontend['ssloffloadcert'];
@@ -1602,12 +1664,30 @@ function get_primaryfrontend($frontend) {
return $mainfrontend;
}
-function get_frontend_ipport($frontend,$userfriendly=false) {
+function get_frontend_ipport($frontend, $userfriendly=false) {
$mainfrontend = get_primaryfrontend($frontend);
- $result = haproxy_interface_ip($mainfrontend['extaddr'], $userfriendly);
- if ($userfriendly and is_ipaddrv6($result))
- $result = "[{$result}]";
- return $result . ":" . $mainfrontend['port'];
+ $newline = "";
+ $result = array();
+ if (!isset($mainfrontend))
+ return $result;
+ foreach($mainfrontend['a_extaddr']['item'] as $extaddr) {
+ if ($extaddr['extaddr'] == 'custom'){
+ $addr = $extaddr['extaddr_custom'];
+ } else {
+ $addr = haproxy_interface_ip($extaddr['extaddr'], $userfriendly);
+ }
+ if ($userfriendly and is_ipaddrv6($addr))
+ $addr = "[{$addr}]";
+
+ $port = $extaddr['extaddr_port'];
+ $newitem = array();
+ $newitem['addr'] = $addr;
+ $newitem['port'] = $port;
+ $newitem['ssl'] = $extaddr['extaddr_ssl'];
+ $result[$addr.$port] = $newitem;
+ }
+ ksort($result);
+ return $result;
}
function haproxy_check_config() {
@@ -1620,17 +1700,20 @@ function haproxy_check_config() {
foreach($a_backends as $frontend) {
if (($frontend['status'] != 'active') || ($frontend['secondary'] == 'yes'))
continue;
- $ipport = get_frontend_ipport($frontend);
- if (isset($activefrontends[$ipport]))
- $issues['P_'.$ipport] = "Multiple primary frontends with IP:Port \"$ipport\"";
- else
- $activefrontends[$ipport] = true;
+ $ipports = get_frontend_ipport($frontend);
+ foreach($ipports as $ipport) {
+ $id = "{$ipport['addr']}:{$ipport['port']}";
+ if (isset($activefrontends[$id]))
+ $issues['P_'.$id] = "Multiple primary frontends with IP:Port \"$id\"";
+ else
+ $activefrontends[$id] = true;
+ }
}
foreach($a_backends as $frontend) {
if (($frontend['status'] != 'active') || ($frontend['secondary'] != 'yes'))
continue;
- $ipport = get_frontend_ipport($frontend);
- if (!isset($activefrontends[$ipport]))
+ $mainfrontend = get_primaryfrontend($frontend);
+ if (!isset($mainfrontend))
$issues['S_'.$frontend['name']] = "Secondary frontend \"{$frontend['name']}\" without active primary frontend.";
}
foreach ($issues as $item)
@@ -1649,17 +1732,43 @@ function get_haproxy_frontends($excludeitem="") {
if ($frontend['name'] == $excludeitem)
continue;
- $serveradress = "{$frontend['extaddr']}:{$frontend['port']}";
- $result[$frontend['name']]['name'] = "{$frontend['name']} - {$frontend['type']} ({$serveradress})";
+ $serveraddress = get_frontend_ipport($frontend, true);
+ $serveradresstext = null;
+ foreach($serveraddress as $addr) {
+ $serveradresstext .=($serveradresstext == null ? "" : ", ") . "{$addr['addr']}:{$addr['port']}";
+ }
+ $result[$frontend['name']]['name'] = "{$frontend['name']} - {$frontend['type']} ({$serveradresstext})";
$result[$frontend['name']]['ref'] = &$frontend;
}
uasort($result, haproxy_compareByName);
return $result;
}
-function generate_cert_acl($crt, $defaultport, $nondefaultport){
- // The host header send by a browser will contain the portnumber when a nondefault port is used for the server side.
+function get_frontend_uses_ssl($frontend) {
+ $mainfrontend = get_primaryfrontend($frontend);
+ $ssl = false;
+ if (is_arrayset($mainfrontend,'a_extaddr','item')) {
+ foreach($mainfrontend['a_extaddr']['item'] as $extaddr) {
+ if ($extaddr['extaddr_ssl'] == 'yes') {
+ $ssl = true;
+ break;
+ }
+ }
+ }
+ if ($mainfrontend['name'] != $frontend['name'])
+ $ssl = $ssl && $frontend['ssloffload'] == 'yes';
+ return $ssl;
+}
+function get_frontend_uses_ssl_only($frontend) {
+ $mainfrontend = get_primaryfrontend($frontend);
+ if (is_arrayset($mainfrontend,'a_extaddr','item')) {
+ foreach($mainfrontend['a_extaddr']['item'] as $extaddr) {
+ if ($extaddr['extaddr_ssl'] != 'yes')
+ return false;
+ }
+ }
+ return true;
}
function get_frontend_acls($frontend) {
@@ -1685,7 +1794,7 @@ function get_frontend_acls($frontend) {
}
}
- if (strtolower($mainfrontend['type']) == "http" && $mainfrontend['ssloffload']) {
+ if (get_frontend_uses_ssl($frontend)) {
$a_acl = &$frontend['ha_acls']['item'];
if(!is_array($a_acl))
$a_acl=array();
diff --git a/config/haproxy-devel/haproxy_htmllist.inc b/config/haproxy-devel/haproxy_htmllist.inc
index 193728f5..98f7ab94 100644
--- a/config/haproxy-devel/haproxy_htmllist.inc
+++ b/config/haproxy-devel/haproxy_htmllist.inc
@@ -34,193 +34,233 @@
require_once("config.inc");
require_once("haproxy_utils.inc");
-function haproxy_htmllist_get_values($html_list){
- $values = array();
- for($x=0; $x<99; $x++) {
- $value = array();
- $add_item = false;
- foreach($html_list as $item){
- $itemname = $item['name'];
- $value[$itemname] = $_POST[$itemname.$x];
- $add_item |= isset($_POST[$itemname.$x]);
+class HaproxyHtmlList
+{
+ /*
+ javascript 'events':
+ <tableId>_row_added(tableId, rowNr)
+ <tableId>_field_changed(tableId, rowNr, fieldId, field)
+ */
+
+ private $tablename = "";
+ private $fields = array();
+ public $editmode = false;
+ public $fields_details = null;
+
+ public function HaproxyHtmlList($tablename, $fields){
+ $this->tablename = $tablename;
+ $this->fields = $fields;
+ }
+
+ public function Draw($data){
+ $this->haproxy_htmllist($data, $this->fields, $this->editmode, $this->fields_details);
+ }
+
+ function haproxy_htmllist_get_values(){
+ $values = array();
+ for($x=0; $x<99; $x++) {
+ $value = array();
+ $add_item = false;
+ foreach($this->fields as $item){
+ $itemname = $item['name'];
+ $value[$itemname] = $_POST[$itemname.$x];
+ $add_item |= isset($_POST[$itemname.$x]);
+ }
+ if ($add_item)
+ $values[] = $value;
}
- if ($add_item)
- $values[] = $value;
+ return $values;
}
- return $values;
-}
-function haproxy_htmllist_drawcell($item, $itemvalue, $editable, $itemnamenr = "") {
- $itemtype = $item['type'];
- if ($editable) {
+ private function haproxy_htmllist_drawcell($item, $itemvalue, $editable, $itemname, $counter) {
+ $itemnamenr = $itemname . $counter;
$itemtype = $item['type'];
- if ($itemtype == "select"){
- echo_html_select($itemnamenr, $item['items'], $itemvalue,"","updatevisibility();", "width:{$item['size']}");
- } else
- if ($itemtype == "checkbox"){
- $checked = $itemvalue=='yes' ? " checked" : "";
- echo "<input name='$itemnamenr' id='$itemnamenr' type='checkbox'$checked value='yes' size='{$item['size']}' />";
- } else
- echo "<input name='$itemnamenr' id='$itemnamenr' type='text' value='{$itemvalue}' size='{$item['size']}' />";
- } else {
- if ($itemtype == "select"){
- echo $item['items'][$itemvalue]['name'];
- } else
- if ($itemtype == "checkbox"){
- echo $itemvalue=='yes' ? gettext('yes') : gettext('no');
- } else
- echo $itemvalue;
+ if ($editable) {
+ $itemtype = $item['type'];
+ if ($itemtype == "select"){
+ //updatevisibility()
+ echo_html_select($itemnamenr, $item['items'], $itemvalue,"","html_listitem_change(\"{$this->tablename}\",\"{$itemname}\",\"{$counter}\",this);", "width:{$item['size']}");
+ } else
+ if ($itemtype == "checkbox"){
+ $checked = $itemvalue=='yes' ? " checked" : "";
+ echo "<input onclick='html_listitem_change(\"{$this->tablename}\",\"{$itemname}\",\"{$counter}\",this);' name='$itemnamenr' id='$itemnamenr' type='checkbox'$checked value='yes' size='{$item['size']}' />";
+ } else
+ echo "<input name='$itemnamenr' id='$itemnamenr' type='text' value='{$itemvalue}' size='{$item['size']}' />";
+ } else {
+ if ($itemtype == "select"){
+ echo $item['items'][$itemvalue]['name'];
+ } else
+ if ($itemtype == "checkbox"){
+ echo $itemvalue=='yes' ? gettext('yes') : gettext('no');
+ } else
+ echo $itemvalue;
+ }
}
-}
-function haproxy_htmllist($tablename,$rowvalues,$items,$editstate=false,$itemdetails=null){
- global $g, $counter;
- echo "<table class='' width='100%' cellpadding='0' cellspacing='0' id='$tablename'>
- <tr>";
- foreach($items as $item){
- echo "<td width='{$item['colwidth']}' class='listhdrr'>{$item['columnheader']}</td>";
- }
- echo "<td width='5%' class=''></td>
- </tr>";
- if (is_array($rowvalues)){
- foreach($rowvalues as $value){
- if (!$editstate) {
- echo "<tr id='tr_view_$counter' ondblclick='editRow($counter); return false;' >";
- $leftitem = true;
- foreach($items as $item) {
- $tdclass = $leftitem ? "vtable listlr" : "vtable listr";
- echo "<td class='$tdclass'>";
+ function haproxy_htmllist($rowvalues,$items,$editstate=false,$itemdetails=null){
+ $tablename = $this->tablename;
+ global $g, $counter;
+ echo "<table class='' width='100%' cellpadding='0' cellspacing='0' id='$tablename'>
+ <tr>";
+ foreach($items as $item){
+ echo "<td width='{$item['colwidth']}' class='listhdrr'>{$item['columnheader']}</td>";
+ }
+ echo "<td width='5%' class=''></td>
+ </tr>";
+ if (is_array($rowvalues)){
+ foreach($rowvalues as $value){
+ if (!$editstate) {
+ echo "<tr id='tr_view_$counter' ondblclick='editRow($counter); return false;' >";
+ $leftitem = true;
+ foreach($items as $item) {
+ $tdclass = $leftitem ? "vtable listlr" : "vtable listr";
+ echo "<td class='$tdclass'>";
+ $itemname = $item['name'];
+ $itemvalue = $value[$itemname];
+ if (isset($item['customdrawcell'])) {
+ $item['customdrawcell']($item, $itemvalue, false);
+ } else
+ $this->haproxy_htmllist_drawcell($item, $itemvalue, false, $itemname, $counter);
+ echo "</td>";
+ $leftitem = false;
+ }
+ echo "
+ <td class='list'>
+ <table border='0' cellspacing='0' cellpadding='1'><tr>
+ <td valign='middle'>
+ <img src='/themes/{$g['theme']}/images/icons/icon_e.gif' title='edit entry' width='17' height='17' border='0' onclick='editRow($counter); return false;' />
+ </td>
+ <td valign='middle'>
+ <img src='/themes/{$g['theme']}/images/icons/icon_x.gif' title='delete entry' width='17' height='17' border='0' onclick='deleteRow($counter, \"$tablename\"); return false;' />
+ </td>
+ <td valign='middle'>
+ <img src='/themes/{$g['theme']}/images/icons/icon_plus.gif' title='duplicate entry' width='17' height='17' border='0' onclick='dupRow($counter, \"$tablename\"); return false;' />
+ </td></tr></table>
+ </td>";
+ echo "</tr>";
+ }
+ $displaystyle = $editstate ? "" : "display: none;";
+ echo "<tr id='tr_edit_$counter' style='$displaystyle'>";
+ foreach($items as $item){
$itemname = $item['name'];
- $itemvalue = $value[$itemname];
+ $itemvalue = $value[$itemname];
+ echo "<td class='vtable'>";
if (isset($item['customdrawcell'])) {
- $item['customdrawcell']($item, $itemvalue, false);
+ $item['customdrawcell']($item, $itemvalue, true, $item['name'].$counter);
} else
- haproxy_htmllist_drawcell($item, $itemvalue, false);
+ $this->haproxy_htmllist_drawcell($item, $itemvalue, true, $itemname, $counter);
echo "</td>";
- $leftitem = false;
}
echo "
<td class='list'>
<table border='0' cellspacing='0' cellpadding='1'><tr>
<td valign='middle'>
- <img src='/themes/{$g['theme']}/images/icons/icon_e.gif' title='edit entry' width='17' height='17' border='0' onclick='editRow($counter); return false;' />
- </td>
- <td valign='middle'>
- <img src='/themes/{$g['theme']}/images/icons/icon_x.gif' title='delete entry' width='17' height='17' border='0' onclick='deleteRow($counter, \"$tablename\"); return false;' />
+ <img src='/themes/{$g['theme']}/images/icons/icon_x.gif' title='delete entry' width='17' height='17' border='0' onclick='removeRow(this); return false;' />
</td>
<td valign='middle'>
<img src='/themes/{$g['theme']}/images/icons/icon_plus.gif' title='duplicate entry' width='17' height='17' border='0' onclick='dupRow($counter, \"$tablename\"); return false;' />
</td></tr></table>
</td>";
echo "</tr>";
- }
- $displaystyle = $editstate ? "" : "display: none;";
- echo "<tr id='tr_edit_$counter' style='$displaystyle'>";
- foreach($items as $item){
- $itemname = $item['name'];
- $itemvalue = $value[$itemname];
- $itemnamenr = $itemname . $counter;
- echo "<td class='vtable'>";
- if (isset($item['customdrawcell'])) {
- $item['customdrawcell']($item, $itemvalue, true, $itemnamenr);
- } else
- haproxy_htmllist_drawcell($item, $itemvalue, true, $itemnamenr);
- echo "</td>";
- }
- echo "
- <td class='list'>
- <table border='0' cellspacing='0' cellpadding='1'><tr>
- <td valign='middle'>
- <img src='/themes/{$g['theme']}/images/icons/icon_x.gif' title='delete entry' width='17' height='17' border='0' onclick='removeRow(this); return false;' />
- </td>
- <td valign='middle'>
- <img src='/themes/{$g['theme']}/images/icons/icon_plus.gif' title='duplicate entry' width='17' height='17' border='0' onclick='dupRow($counter, \"$tablename\"); return false;' />
- </td></tr></table>
- </td>";
- echo "</tr>";
- if (isset($itemdetails)) {
- $colspan = count($items)-1;
- echo "<tr id='tr_viewdetail_$counter'>";
- ?>
- <td class='vtable listlr' style='border-bottom-width: medium;vertical-align:top;'>
- <div style="position:relative;float:right;width:11px;height:11px;">
- <a onclick="htmltable_toggle_details('<?="htmltable_{$tablename}_{$counter}_details"?>')">
- <img id="htmltable_<?="{$tablename}_{$counter}"?>_details_off" alt="Expand advanced server settings"
- src="tree/plus.gif" style="clip:rect(19px 13px 30px 2px); top:-19px;position:absolute;"/>
- </a>
- </div>
- </td>
- <?
- echo "<td class='vtable listr' colspan='$colspan' style='border-bottom-width: medium;'>";
- $itemnr = 0;
- echo "<div id='htmltable_{$tablename}_{$counter}_details_view'>";
- $itemcount = count($itemdetails);
- foreach($itemdetails as $item) {
- echo "<div style='float: left;padding-right: 2px;'>";
- $tdclass = "";//$leftitem ? "vtable listlr" : "vtable listr";
- echo $item['columnheader'] . ": ";
- $itemname = $item['name'];
- $itemvalue = $value[$itemname];
- if (isset($item['customdrawcell'])) {
- $item['customdrawcell']($item, $itemvalue, false);
- } else
- haproxy_htmllist_drawcell($item, $itemvalue, false);
- $leftitem = false;
- $itemnr++;
- if ($itemcount != $itemnr)
- echo ", ";
+ if (isset($itemdetails)) {
+ $colspan = count($items)-1;
+ echo "<tr id='tr_viewdetail_$counter'>";
+ ?>
+ <td class='vtable listlr' style='border-bottom-width: medium;vertical-align:top;'>
+ <div style="position:relative;float:right;width:11px;height:11px;">
+ <a onclick="htmltable_toggle_details('<?="htmltable_{$tablename}_{$counter}_details"?>')">
+ <img id="htmltable_<?="{$tablename}_{$counter}"?>_details_off" alt="Expand advanced server settings"
+ src="tree/plus.gif" style="clip:rect(19px 13px 30px 2px); top:-19px;position:absolute;"/>
+ </a>
+ </div>
+ </td>
+ <?
+ echo "<td class='vtable listr' colspan='$colspan' style='border-bottom-width: medium;'>";
+ $itemnr = 0;
+ echo "<div id='htmltable_{$tablename}_{$counter}_details_view'>";
+ $itemcount = count($itemdetails);
+ foreach($itemdetails as $item) {
+ echo "<div style='float: left;padding-right: 2px;'>";
+ $tdclass = "";//$leftitem ? "vtable listlr" : "vtable listr";
+ echo $item['columnheader'] . ": ";
+ $itemname = $item['name'];
+ $itemvalue = $value[$itemname];
+ if (isset($item['customdrawcell'])) {
+ $item['customdrawcell']($item, $itemvalue, false);
+ } else
+ $this->haproxy_htmllist_drawcell($item, $itemvalue, false, $itemname, $counter);
+ $leftitem = false;
+ $itemnr++;
+ if ($itemcount != $itemnr)
+ echo ", ";
+ echo "</div>";
+ }
+ echo "</div>";
+ echo "<div id='htmltable_{$tablename}_{$counter}_details_edit' style='display:none;'>";
+ echo "<table class='tabcont' style='border-collapse:collapse' border='1' cellspacing='0' >";
+ $leftitem = true;
+ foreach($itemdetails as $item) {
+ echo "<tr id='tr_edititemdetails_$counter' ondblclick='editRow($counter); return false;'>";
+ $tdclass = "";//$leftitem ? "vtable listlr" : "vtable listr";
+ echo "<td style='border-right:0' class='$tdclass'>";
+ echo "{$item['columnheader']}: ";
+ echo "</td>";
+ echo "<td style='border-left:0' class='$tdclass'>";
+ $itemname = $item['name'];
+ $itemvalue = $value[$itemname];
+ echo "{$item['description']}<br/>";
+ if (isset($item['customdrawcell'])) {
+ $item['customdrawcell']($item, $itemvalue, true, $itemname . $counter);
+ } else
+ $this->haproxy_htmllist_drawcell($item, $itemvalue, true, $itemname, $counter);
+ echo "</td>";
+ $leftitem = false;
+ echo "</tr>";
+ }
+ echo "</table>";
echo "</div>";
- }
- echo "</div>";
- echo "<div id='htmltable_{$tablename}_{$counter}_details_edit' style='display:none;'>";
- echo "<table class='tabcont' style='border-collapse:collapse' border='1' cellspacing='0' >";
- $leftitem = true;
- foreach($itemdetails as $item) {
- echo "<tr id='tr_edititemdetails_$counter' ondblclick='editRow($counter); return false;'>";
- $tdclass = "";//$leftitem ? "vtable listlr" : "vtable listr";
- echo "<td style='border-right:0' class='$tdclass'>";
- echo "{$item['columnheader']}: ";
echo "</td>";
- echo "<td style='border-left:0' class='$tdclass'>";
- $itemname = $item['name'];
- $itemvalue = $value[$itemname];
- $itemnamenr = $itemname . $counter;
- echo "{$item['description']}<br/>";
- if (isset($item['customdrawcell'])) {
- $item['customdrawcell']($item, $itemvalue, true, $itemnamenr);
- } else
- haproxy_htmllist_drawcell($item, $itemvalue, true, $itemnamenr);
+ echo "</tr>";
+ }
+ if (isset($itemdetails)) {
+ $colspan = count($items)-1;
+ echo "<tr id='htmltable_{$tablename}_{$counter}_details' style='$displaystyle' >";
+ echo "<td class='vtable listlr' style='border-bottom-width: medium;'> </td>";
+ echo "<td class='vtable listr' colspan='$colspan' style='border-bottom-width: medium;'>";
echo "</td>";
- $leftitem = false;
- echo "</tr>";
+ echo "</tr>";
}
- echo "</table>";
- echo "</div>";
- echo "</td>";
- echo "</tr>";
- }
- if (isset($itemdetails)) {
- $colspan = count($items)-1;
- echo "<tr id='htmltable_{$tablename}_{$counter}_details' style='$displaystyle' >";
- echo "<td class='vtable listlr' style='border-bottom-width: medium;'> </td>";
- echo "<td class='vtable listr' colspan='$colspan' style='border-bottom-width: medium;'>";
- echo "</td>";
- echo "</tr>";
- }
-
-
-
- $counter++;
+
+ $counter++;
+ }
}
+ echo "</table>
+ <a onclick='javascript:addRowTo(\"$tablename\"); return false;' href='#'>
+ <img border='0' src='/themes/{$g['theme']}/images/icons/icon_plus.gif' alt='' title='add another entry' />
+ </a>";
}
- echo "</table>
- <a onclick='javascript:addRowTo(\"$tablename\"); return false;' href='#'>
- <img border='0' src='/themes/{$g['theme']}/images/icons/icon_plus.gif' alt='' title='add another entry' />
- </a>";
+}
+
+function haproxy_htmllist($tablename,$rowvalues,$items,$editstate=false,$itemdetails=null){
+ $list = new HaproxyHtmlList($tablename, $items);
+ $list->haproxy_htmllist($rowvalues, $items, $editstate, $itemdetails);
+}
+
+function haproxy_htmllist_get_values($html_list){
+ $list = new HaproxyHtmlList("-", $html_list);
+ return $list->haproxy_htmllist_get_values();
}
function haproxy_htmllist_js(){
-?><script type="text/javascript">
+?><script type="text/javascript">
+ function html_listitem_change(tableId, fieldId, rowNr, field) {
+ javascript_event = tableId + "_listitem_change";
+ var fn = window[javascript_event];
+ if (typeof fn === 'function'){
+ fn(tableId, fieldId, rowNr, field);
+ }
+ }
+
function htmllist_get_select_items(prefix,tableId) {
var items;
var i = tableId.lastIndexOf('_');
@@ -251,11 +291,14 @@ function haproxy_htmllist_js(){
} else if(items[i]['type'] == 'select') {
seltext = htmllist_get_select_options(tableId, items[i]['name']);
td.innerHTML="<select style='width:" + items[i]['size'] + "' name='" + items[i]['name'] + totalrows +
- "' id='" + items[i]['name'] + totalrows +
- "'>" + seltext + "<\/select> ";
+ "' id='" + items[i]['name'] + totalrows + "' "+
+ "onchange='html_listitem_change(\""+tableId+"\",\""+items[i]['name']+"\",\""+totalrows+"\",this);' " +
+ ">" + seltext + "<\/select> ";
} else {
- td.innerHTML="<input type='checkbox' name='" + items[i]['name'] + totalrows +
- "' id='" + items[i]['name'] + totalrows + "' value='yes'><\/input> ";
+ td.innerHTML="<input type='checkbox' name='" + items[i]['name'] + totalrows +"'"+
+ "id='" + items[i]['name'] + totalrows + "' "+
+ "onclick='html_listitem_change(\""+tableId+"\",\""+items[i]['name']+"\",\""+totalrows+"\",this);' " +
+ "value='yes'><\/input> ";
}
tr.appendChild(td);
}
@@ -290,6 +333,12 @@ function haproxy_htmllist_js(){
td.appendChild(btable);
tr.appendChild(td);
tbody.appendChild(tr);
+
+ javascript_row_added = tableId + "_row_added";
+ var fn = window[javascript_row_added];
+ if (typeof fn === 'function'){
+ fn(tableId, totalrows);
+ }
});
})();
function dupRow(rowId, tableId) {
@@ -316,6 +365,11 @@ function haproxy_htmllist_js(){
else
newEl.value = dupEl.value;
}
+ javascript_row_added = tableId + "_row_added";
+ var fn = window[javascript_row_added];
+ if (typeof fn === 'function'){
+ fn(tableId, totalrows);
+ }
}
function editRow(num) {
var trview = document.getElementById('tr_view_' + num);
diff --git a/config/haproxy-devel/haproxy_listeners.php b/config/haproxy-devel/haproxy_listeners.php
index 1deabdbb..8105345e 100644
--- a/config/haproxy-devel/haproxy_listeners.php
+++ b/config/haproxy-devel/haproxy_listeners.php
@@ -124,10 +124,11 @@ include("head.inc");
$a_frontend_grouped = array();
foreach($a_frontend as &$frontend2) {
$mainfrontend = get_primaryfrontend($frontend2);
+ $mainname = $mainfrontend['name'];
$ipport = get_frontend_ipport($frontend2, true);
$frontend2['ipport'] = $ipport;
$frontend2['type'] = $mainfrontend['type'];
- $a_frontend_grouped[$ipport][] = $frontend2;
+ $a_frontend_grouped[$mainname][] = $frontend2;
}
ksort($a_frontend_grouped);
@@ -142,6 +143,7 @@ include("head.inc");
if ((count($a_frontend) > 1 || $last_frontend_shared) && !$first) {
?> <tr class="<?=$textgray?>"><td colspan="7">&nbsp;</td></tr> <?
}
+ $first = false;
$last_frontend_shared = count($a_frontend) > 1;
foreach ($a_frontend as $frontend) {
$frontendname = $frontend['name'];
@@ -161,7 +163,7 @@ include("head.inc");
if ($isaclset)
echo "<img src=\"$img_acl\" title=\"" . gettext("acl's used") . ": {$isaclset}\" border=\"0\" />";
- if (strtolower($frontend['type']) == "http" && $frontend['ssloffload']) {
+ if (get_frontend_uses_ssl($frontend)) {
$cert = lookup_cert($frontend['ssloffloadcert']);
$descr = htmlspecialchars($cert['descr']);
if (is_array($frontend['ha_certificates']) && is_array($frontend['ha_certificates']['item'])) {
@@ -205,10 +207,35 @@ include("head.inc");
<?=$frontend['desc'];?>
</td>
<td class="listlr" ondblclick="document.location='haproxy_listeners_edit.php?id=<?=$frontendname;?>';">
- <?=str_replace(" ","&nbsp;",$frontend['ipport']);?>
+ <?
+ $first = true;
+ foreach($frontend['ipport'] as $addr) {
+ if (!$first)
+ print "<br/>";
+ print "<div style='white-space:nowrap;'>";
+ print "{$addr['addr']}:{$addr['port']}";
+ if ($addr['ssl'] == 'yes') {
+ echo '<img src="'.$img_cert.'" title="SSL offloading" alt="SSL" border="0" height="11" width="11" />';
+ }
+ print "</div";
+ $first = false;
+ }
+ ?>
</td>
<td class="listlr" ondblclick="document.location='haproxy_listeners_edit.php?id=<?=$frontendname;?>';">
- <?=$frontend['type']?>
+ <?
+ if ($frontend['type'] == 'http') {
+ $mainfrontend = get_primaryfrontend($frontend);
+ $sslused = get_frontend_uses_ssl($mainfrontend);
+ $httpused = !get_frontend_uses_ssl_only($frontend);
+ if ($httpused)
+ echo "http";
+ if ($sslused) {
+ echo ($httpused ? "/" : "") . "https";
+ }
+ } else
+ echo $a_frontendmode[$frontend['type']]['shortname'];
+ ?>
</td>
<td class="listlr" ondblclick="document.location='haproxy_listeners_edit.php?id=<?=$frontendname;?>';">
<div title='<?=$backend_serverpool_hint;?>'>
diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php
index b0930f77..bfc39f87 100644
--- a/config/haproxy-devel/haproxy_listeners_edit.php
+++ b/config/haproxy-devel/haproxy_listeners_edit.php
@@ -85,6 +85,10 @@ if (!is_numeric($id))
{
//default value for new items.
$pconfig['ssloffloadacl'] = "yes";
+ $new_item = array();
+ $new_item['extaddr'] = "wan_ipv4";
+ $new_item['extaddr_port'] = "80";
+ $pconfig['a_extaddr'][] = $new_item;
}
$servercerts = haproxy_get_certificates('server,user');
@@ -139,7 +143,7 @@ $fields_aclSelectionList[2]['type']="textbox";
$fields_aclSelectionList[2]['size']="35";
$interfaces = haproxy_get_bindable_interfaces();
-$interfaces_custom['']['name']="Use custom address:";
+$interfaces_custom['custom']['name']="Use custom address:";
$interfaces = $interfaces_custom + $interfaces;
$fields_externalAddress=array();
@@ -197,8 +201,8 @@ if ($_POST) {
$pconfig = $_POST;
if ($pconfig['secondary'] != "yes") {
- $reqdfields = explode(" ", "name type port");
- $reqdfieldsn = explode(",", "Name,Type,Port");
+ $reqdfields = explode(" ", "name type");
+ $reqdfieldsn = explode(",", "Name,Type");
} else {
$reqdfields = explode(" ", "name");
$reqdfieldsn = explode(",", "Name");
@@ -383,20 +387,26 @@ $primaryfrontends = get_haproxy_frontends($excludefrontend);
}
}
}
-
function updatevisibility() {
d = document;
+ ssl = false;
ssloffload = d.getElementById("ssloffload");
+ for (i = 0; i < 99; i++) {
+ customEdit = document.getElementById("extaddr_ssl"+i);
+ if (customEdit && customEdit.checked)
+ ssl = true;
+ }
var type;
var secondary = d.getElementById("secondary");
var primary_frontend = d.getElementById("primary_frontend");
- if ((secondary !== null) && (secondary.checked))
+ if ((secondary !== null) && (secondary.checked)) {
type = primaryfrontends[primary_frontend.value]['ref']['type'];
- else
+ ssl = ssloffload.checked;
+ } else
type = d.getElementById("type").value;
- setCSSdisplay(".haproxy_ssloffloading_enabled", ssloffload.checked);
+ setCSSdisplay(".haproxy_ssloffloading_enabled", ssl);
setCSSdisplay(".haproxy_mode_http", type == "http");
if (secondary !== null) {
setCSSdisplay(".haproxy_primary", !secondary.checked);
@@ -521,31 +531,45 @@ $primaryfrontends = get_haproxy_frontends($excludefrontend);
<tr class="haproxy_primary">
<td width="22%" valign="top" class="vncellreq">External address</td>
<td width="78%" class="vtable">
- <?
- echo_html_select('extaddr', $interfaces, $pconfig['extaddr']);
- ?>
- <br />
<?
$counter=0;
$a_extaddr = $pconfig['a_extaddr'];
- haproxy_htmllist("table_extaddr", $a_extaddr, $fields_externalAddress, true);
+ $htmllist_extadd = new HaproxyHtmlList("table_extaddr", $fields_externalAddress);
+ $htmllist_extadd->editmode = true;
+ $htmllist_extadd->Draw($a_extaddr);
?>
+ <script type="text/javascript">
+ function table_extaddr_row_added(tableid, rowid){
+ new AutoSuggestControl(document.getElementById("extaddr_custom"+rowid), new StateSuggestions(address_array));
+ new AutoSuggestControl(document.getElementById("extaddr_port"+rowid), new StateSuggestions(port_array));
+ table_extaddr_listitem_change(tableid,"",rowid, null);//disables address when not set to custom.
+ }
+
+ function table_extaddr_listitem_change(tableId, fieldId, rowNr, field) {
+ if (fieldId == "extaddr" || fieldId == "") {
+ field = field || document.getElementById("extaddr"+rowNr);
+ customEdit = document.getElementById("extaddr_custom"+rowNr);
+ customdisabled = field.value == "custom" ? 0 : 1;
+ customEdit.disabled = customdisabled;
+ }
+ if (fieldId == "extaddr_ssl") {
+ updatevisibility();
+ }
+ }
+
+ </script>
<br />
<span class="vexpl">
If you want this rule to apply to another IP address than the IP address of the interface chosen above,
select it here (you need to define <a href="firewall_virtual_ip.php">Virtual IP</a> addresses on the first).
Also note that if you are trying to redirect connections on the LAN select the "any" option.
+
+ In the port to listen to, if you want to specify multiple ports, separate them with a comma (,). EXAMPLE: 80,8000
+ Or to listen on both 80 and 443 create 2 rows in the table.
</span>
</td>
</tr>
<tr class="haproxy_primary" align="left">
- <td width="22%" valign="top" class="vncellreq">External port</td>
- <td width="78%" class="vtable" colspan="2">
- <input name="port" id="port" type="text" <?if(isset($pconfig['port'])) echo "value=\"{$pconfig['port']}\"";?> size="10" maxlength="500" />
- <div>The port to listen to. To specify multiple ports, separate with a comma (,). EXAMPLE: 80,8000</div>
- </td>
- </tr>
- <tr class="haproxy_primary" align="left">
<td width="22%" valign="top" class="vncell">Max connections</td>
<td width="78%" class="vtable" colspan="2">
<input name="max_connections" type="text" <?if(isset($pconfig['max_connections'])) echo "value=\"{$pconfig['max_connections']}\"";?> size="10" maxlength="10" />
@@ -572,8 +596,8 @@ $primaryfrontends = get_haproxy_frontends($excludefrontend);
<td width="22%" valign="top" class="vncellreq">Type</td>
<td width="78%" class="vtable" colspan="2">
<select name="type" id="type" onchange="updatevisibility();">
- <option value="http"<?php if($pconfig['type'] == "http") echo " SELECTED"; ?>>HTTP</option>
- <option value="https"<?php if($pconfig['type'] == "https") echo " SELECTED"; ?>>HTTPS</option>
+ <option value="http"<?php if($pconfig['type'] == "http") echo " SELECTED"; ?>>HTTP / HTTPS(offloading)</option>
+ <option value="https"<?php if($pconfig['type'] == "https") echo " SELECTED"; ?>>SSL / HTTPS(TCP mode)</option>
<option value="tcp"<?php if($pconfig['type'] == "tcp") echo " SELECTED"; ?>>TCP</option>
<option value="health"<?php if($pconfig['type'] == "health") echo " SELECTED"; ?>>Health</option>
</select><br/>
@@ -699,16 +723,19 @@ $primaryfrontends = get_haproxy_frontends($excludefrontend);
<td colspan="2" valign="top" class="listtopic">SSL Offloading</td>
</tr>
<tr align="left">
- <td width="22%" valign="top" class="vncell">Use Offloading</td>
<td width="78%" class="vtable" colspan="2">
- <input id="ssloffload" name="ssloffload" type="checkbox" value="yes" <?php if ($pconfig['ssloffload']=='yes') echo "checked";?> onclick="updatevisibility();" /><strong>Use Offloading</strong>
- <br/>
SSL Offloading will reduce web servers load by maintaining and encrypting connection with users on internet while sending and retrieving data without encrytion to internal servers.
Also more ACL rules and http logging may be configured when this option is used.
Certificates can be imported into the <a href="/system_camanager.php" target="_blank">pfSense "Certificate Authority Manager"</a>
Please be aware this possibly will not work with all web applications. Some applications will require setting the SSL checkbox on the backend server configurations so the connection to the webserver will also be a encrypted connection, in that case there will be a slight overall performance loss.
</td>
</tr>
+ <tr align="left" class="haproxy_secondary" >
+ <td width="22%" valign="top" class="vncell">Use Offloading</td>
+ <td width="78%" class="vtable" colspan="2">
+ <input id="ssloffload" name="ssloffload" type="checkbox" value="yes" <?php if ($pconfig['ssloffload']=='yes') echo "checked";?> onclick="updatevisibility();" /><strong>Use Offloading</strong>
+ </td>
+ </tr>
<tr class="haproxy_ssloffloading_enabled" align="left">
<td width="22%" valign="top" class="vncell">Certificate</td>
<td width="78%" class="vtable" colspan="2">
@@ -804,10 +831,19 @@ $primaryfrontends = get_haproxy_frontends($excludefrontend);
</script>
<script type="text/javascript">
totalrows = <?php echo $counter; ?>;
- updatevisibility();
- var customarray = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>;
- var oTextbox1 = new AutoSuggestControl(document.getElementById("port"), new StateSuggestions(customarray));
+ var port_array = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>;
+ var address_array = <?= json_encode(get_alias_list(array("host", "network", "openvpn", "urltable"))) ?>;
+
+
+ for(i=0;i < <?=count($a_extaddr)?>;i++){
+ new AutoSuggestControl(document.getElementById('extaddr_custom'+i), new StateSuggestions(address_array));
+ new AutoSuggestControl(document.getElementById('extaddr_port'+i), new StateSuggestions(port_array));
+ // Initially set fields disabled where needed
+ table_extaddr_listitem_change('table_extaddr','',i,null);
+ }
+
+ updatevisibility();
</script>
<?php
haproxy_htmllist_js();