aboutsummaryrefslogtreecommitdiffstats
path: root/config/bandwidthd
diff options
context:
space:
mode:
authordoktornotor <notordoktor@gmail.com>2015-08-15 15:57:12 +0200
committerdoktornotor <notordoktor@gmail.com>2015-08-15 15:57:12 +0200
commit108afc97e279cca541b313fb8c4a299e98d8c99e (patch)
tree526e7e02d8d7c60acd015e691f33c4eef13b2a74 /config/bandwidthd
parente72b4b344a3ef047c59cae8c1f946764a0a9f6dc (diff)
downloadpfsense-packages-108afc97e279cca541b313fb8c4a299e98d8c99e.tar.gz
pfsense-packages-108afc97e279cca541b313fb8c4a299e98d8c99e.tar.bz2
pfsense-packages-108afc97e279cca541b313fb8c4a299e98d8c99e.zip
bandwidthd - code style and major improvements
- Update copyright headers - Fix code style and indentation - Provide input validation for most of the configuration options -- Check for IPv4 configured on selected interfaces -- Check for PPPoE type interfaces -- Require relevant options to be filled in when PostgreSQL is enabled (also check that the hostname is valid) -- Require sane numeric input for graphs options -- Limit Sensor ID to sane chars - PostgreSQL DB password is now base64-encoded to deal with special chars and not break config.xml - The filtering moved to advanced options, also base64-encoded - The stats interface(s) are now a multiselect instead of asking users to type subnets directly - Upgrade function provided to preserve the old settings - Use {start,stop,restart}_service() functions instead of calling the rc script directly - Probably other small things...
Diffstat (limited to 'config/bandwidthd')
-rw-r--r--config/bandwidthd/bandwidthd.inc420
1 files changed, 220 insertions, 200 deletions
diff --git a/config/bandwidthd/bandwidthd.inc b/config/bandwidthd/bandwidthd.inc
index b57b2732..6edd255b 100644
--- a/config/bandwidthd/bandwidthd.inc
+++ b/config/bandwidthd/bandwidthd.inc
@@ -1,9 +1,11 @@
<?php
-/* $Id$ */
/*
bandwidthd.inc
+ part of pfSense (https://www.pfSense.org/)
Copyright (C) 2006 Scott Ullrich
- part of pfSense
+ Copyright (C) 2009 Bill Marquette
+ Copyright (C) 2012-2013 Phil Davis
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -27,181 +29,92 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
-
-// Check pfSense version
-$pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
+$pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
switch ($pfs_version) {
- case "2.1":
- define('PKG_BANDWIDTHD_BASE', '/usr/pbi/bandwidthd-' . php_uname("m") . '/bandwidthd');
- define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', '');
- break;
- case "2.2":
- define('PKG_BANDWIDTHD_BASE', '/usr/pbi/bandwidthd-' . php_uname("m") . '/local/bandwidthd');
- define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', 'LD_LIBRARY_PATH=/usr/pbi/bandwidthd-' . php_uname("m") . '/local/lib');
- break;
- default:
- define('PKG_BANDWIDTHD_BASE', '/usr/local/bandwidthd');
- define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', '');
- }
-// End: Check pfSense version
-
-function is_blank($value) {
- return empty($value) && !is_numeric($value);
+ case "2.1":
+ define('PKG_BANDWIDTHD_BASE', '/usr/pbi/bandwidthd-' . php_uname("m") . '/bandwidthd');
+ define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', '');
+ break;
+ case "2.2":
+ define('PKG_BANDWIDTHD_BASE', '/usr/pbi/bandwidthd-' . php_uname("m") . '/local/bandwidthd');
+ define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', 'LD_LIBRARY_PATH=/usr/pbi/bandwidthd-' . php_uname("m") . '/local/lib');
+ break;
+ default:
+ define('PKG_BANDWIDTHD_BASE', '/usr/local/bandwidthd');
+ define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', '');
}
function bandwidthd_install_deinstall() {
conf_mount_rw();
- exec("rm -f /usr/local/etc/rc.d/bandwidthd*");
- exec("rm -rf " . PKG_BANDWIDTHD_BASE . "/htdocs");
- exec("rm -f /usr/local/www/bandwidthd");
+ stop_service("bandwidthd");
+ mwexec("/bin/rm -rf " . PKG_BANDWIDTHD_BASE . "/htdocs");
+ mwexec("/bin/rm -f /usr/local/www/bandwidthd");
// Remove the cron job, if it is there
install_cron_job("/bin/kill -HUP `cat /var/run/bandwidthd.pid`", false);
conf_mount_ro();
}
function bandwidthd_install_config() {
- global $config, $g;
+ global $config, $g, $bandwidthd_config;
+ conf_mount_rw();
/* bandwidthd doesn't have a way to pass a custom config path, unfortunately */
- /* the conf file must be ./etc/bandwidthd.conf relative to the current dir */
+ /* So, the .conf file must be ./etc/bandwidthd.conf relative to the current dir */
$bandwidthd_base_dir = PKG_BANDWIDTHD_BASE;
$bandwidthd_config_dir = PKG_BANDWIDTHD_BASE . "/etc";
$bandwidthd_runtime_library_env = PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV;
- conf_mount_rw();
-
- /* user defined values */
+ /* General Options */
$bandwidthd_config = $config['installedpackages']['bandwidthd']['config'][0];
- $meta_refresh = $bandwidthd_config['meta_refresh'];
- if (is_numeric($meta_refresh))
- $meta_refresh = "meta_refresh $meta_refresh\n";
- else
- $meta_refresh = "";
-
- $graph = $bandwidthd_config['drawgraphs'];
- if ($graph)
- $graph = "graph true\n";
- else
- $graph = "graph false\n";
-
- $filter_text = $bandwidthd_config['filter'];
- if (!is_blank($filter_text))
- $filter_text = "filter $filter_text\n";
- else
- $filter_text = "";
-
- $recover_cdf = $bandwidthd_config['recovercdf'];
- if ($recover_cdf)
- $recover_cdf = "recover_cdf true\n";
- else
- $recover_cdf = "";
-
- $output_cdf = $bandwidthd_config['outputcdf'];
- if ($output_cdf)
- $output_cdf_string = "output_cdf true\n";
- else
- $output_cdf_string = "";
-
- $output_postgresql = $bandwidthd_config['outputpostgresql'];
- $postgresql_host = $bandwidthd_config['postgresqlhost'];
- $postgresql_database = $bandwidthd_config['postgresqldatabase'];
- $postgresql_username = $bandwidthd_config['postgresqlusername'];
- $postgresql_password = $bandwidthd_config['postgresqlpassword'];
- $postgresql_string = "";
- if ($output_postgresql) {
- if (!is_blank($postgresql_host) && !is_blank($postgresql_username) && !is_blank($postgresql_database) && !is_blank($postgresql_password))
- $postgresql_string = "pgsql_connect_string \"user = $postgresql_username dbname = $postgresql_database password = $postgresql_password host = $postgresql_host\"\n";
- else
- log_error("bandwidthd: You have to specify the postgreSQL Host, Database, Username and Password. postgreSQL details have been ignored.");
- }
-
- $sensor_id = $bandwidthd_config['sensorid'];
-
- if (!is_blank($sensor_id))
- $sensor_id_string = "sensor_id \"$sensor_id\"";
- else
- $sensor_id_string = "";
-
- $promiscuous = $bandwidthd_config['promiscuous'];
- if ($promiscuous)
- $promiscuous = "promiscuous true\n";
- else
- $promiscuous = "promiscuous false\n";
-
- $graph_cutoff = $bandwidthd_config['graphcutoff'];
- if (!is_blank($graph_cutoff))
- $graph_cutoff = "graph_cutoff $graph_cutoff\n";
- else
- $graph_cutoff = "";
-
- $skip_intervals = $bandwidthd_config['skipintervals'];
- if ($skip_intervals) {
- $skip_intervals = "skip_intervals $skip_intervals\n";
- } else {
- /* Includes the case where 0 is explicitly specified, which is the default anyway. */
- $skip_intervals = "";
- }
-
- if (!is_blank($bandwidthd_config['active_interface'])){
- $ifdescrs = array($bandwidthd_config['active_interface']);
- } else {
- log_error("You should specify an interface for bandwidthd to listen on. Exiting.");
+ /* Configure bandwidthd web interface */
+ $dev = "";
+ $ifdescrs = array($bandwidthd_config['active_interface']);
+ foreach ($ifdescrs as $ifdescr) {
+ $descr = convert_friendly_interface_to_real_interface_name($ifdescr);
+ $dev .= "dev \"{$descr}\"\n";
}
-
- $subnets_custom = explode(';',str_replace(' ','',$bandwidthd_config['subnets_custom']));
-
- /* initialize to "" */
+ /* Configure stats interface(s) */
$subnets = "";
- //$ifdescrs = array("lan", "wan");
- //for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) {
- //$ifdescrs['opt' . $j] = "opt" . $j;
- //}
- if (is_array($ifdescrs)) {
- foreach ($ifdescrs as $int) {
- /* calculate interface subnet information */
- $ifcfg = $config['interfaces'][$int];
- $subnet = gen_subnet($ifcfg['ipaddr'], $ifcfg['subnet']);
- $subnetmask = gen_subnet_mask($ifcfg['subnet']);
- $subnet_with_mask = "";
- if ($subnet == "pppoe") {
- $subnet = find_interface_ip("ng0");
- if ($subnet) {
- $subnet_with_mask = $subnet . "/32";
- }
- } else {
- if ($subnet) {
- $subnet_with_mask = $subnet . "/" . $ifcfg['subnet'];
- }
- }
- if (!empty($subnet_with_mask)) {
- /* Only add the subnet if the user has not specified it in the custom subnets. */
- /* This avoids generating an unnecessary syntax error message from the config. */
- if (!in_array($subnet_with_mask, $subnets_custom))
- $subnets .= "subnet {$subnet_with_mask}\n";
- }
+ $stats_interfaces = $bandwidthd_config['interface_array'] ?: 'lan';
+ foreach ($stats_interfaces as $iface) {
+ if (is_ipaddr(get_interface_ip($iface))) {
+ $subnets .= "subnet " . gen_subnet(get_interface_ip($iface),get_interface_subnet($iface)) . "/" . get_interface_subnet($iface) . "\n";
}
}
-
- if (is_array($subnets_custom)) {
- foreach ($subnets_custom as $sub) {
- if (!empty($sub) && is_subnet($sub))
- $subnets .= "subnet {$sub}\n";
- }
+ $promiscuous_val = ($bandwidthd_config['promiscuous'] != "" ? "promiscuous true" : "promiscuous false");
+ $sensor_id_string_val = ($bandwidthd_config['sensorid'] != "" ? "sensor_id \"{$bandwidthd_config['sensorid']}\"" : "");
+
+ /* Graphs Options */
+ $graph_val = ($bandwidthd_config['drawgraphs'] != "" ? "graph true" : "graph false");
+ $meta_refresh_val = ($bandwidthd_config['meta_refresh'] != "" ? "meta_refresh {$bandwidthd_config['meta_refresh']}" : "");
+ $skip_intervals_val = ($bandwidthd_config['skipintervals'] != "" ? "skip_intervals {$bandwidthd_config['skipintervals']}" : "");
+ $graph_cutoff_val = ($bandwidthd_config['graphcutoff'] != "" ? "graph_cutoff {$bandwidthd_config['graphcutoff']}" : "");
+ $output_cdf_val = ($bandwidthd_config['outputcdf'] != "" ? "output_cdf true" : "");
+ $recover_cdf_val = ($bandwidthd_config['recovercdf'] != "" ? "recover_cdf true" : "");
+
+ /* PostgreSQL Options */
+ if ($bandwidthd_config['outputpostgresql']) {
+ $postgresql_host = $bandwidthd_config['postgresqlhost'];
+ $postgresql_database = $bandwidthd_config['postgresqldatabase'];
+ $postgresql_username = $bandwidthd_config['postgresqlusername'];
+ $postgresql_password = base64_decode($bandwidthd_config['postgresqlpasswordenc']);
+ $postgresql_string_val = "pgsql_connect_string \"user = $postgresql_username dbname = $postgresql_database password = $postgresql_password host = $postgresql_host\"\n";
+ } else {
+ $postgresql_string_val = "";
}
- /* initialize to "" */
- $dev = "";
- if (is_array($ifdescrs)) {
- foreach ($ifdescrs as $ifdescr) {
- $descr = convert_friendly_interface_to_real_interface_name($ifdescr);
- $dev .= "dev \"$descr\"\n";
- }
+ /* Advanced Filter */
+ if ($bandwidthd_config['advfilter']) {
+ $filter_text_val = "filter " . escapeshellarg(base64_decode($bandwidthd_config['advfilter']));
+ } else {
+ $filter_text_val = "";
}
+ /* Write out the config file */
$config_file = <<<EOF
#
# This file was automatically generated by the pfSense
-# package management system. Changing this file
+# package management system. Changing this file
# will lead to it being overwritten again when
# the package manager resyncs.
#
@@ -211,62 +124,62 @@ function bandwidthd_install_config() {
# Commented out options are here to provide
# documentation and represent defaults
-# Subnets to collect statistics on. Traffic that
+# Subnets to collect statistics on. Traffic that
# matches none of these subnets will be ignored.
# Syntax is either IP Subnet Mask or CIDR
-$subnets
+{$subnets}
# Device to listen on
# Bandwidthd listens on the first device it detects
-# by default. Run "bandwidthd -l" for a list of
+# by default. Run "bandwidthd -l" for a list of
# devices.
-$dev
+{$dev}
###################################################
# Options that don't usually get changed
# An interval is 2.5 minutes, this is how many
# intervals to skip before doing a graphing run
-$skip_intervals
+{$skip_intervals_val}
# Graph cutoff is how many k must be transferred by an
# ip before we bother to graph it
-$graph_cutoff
+{$graph_cutoff_val}
#Put interface in promiscuous mode to score to traffic
#that may not be routing through the host machine.
-$promiscuous
+{$promiscuous_val}
#Log data to cdf file htdocs/log.cdf
-$output_cdf_string
+{$output_cdf_val}
#Read back the cdf file on startup
-$recover_cdf
+{$recover_cdf_val}
# Standard postgres connect string, just like php, see postgres docs for
# details
-$postgresql_string
+{$postgresql_string_val}
# Arbitrary sensor name, I recommend the sensors fully qualified domain
# name
-$sensor_id_string
+{$sensor_id_string_val}
#Libpcap format filter string used to control what bandwidthd sees
#Please always include "ip" in the string to avoid strange problems
-$filter_text
+{$filter_text_val}
#Draw Graphs - This defaults to true to graph the traffic bandwidthd is recording
#Usually set this to false if you only want cdf output or
-#you are using the database output option. Bandwidthd will use very little
+#you are using the database output option. Bandwidthd will use very little
#ram and cpu if this is set to false.
-$graph
+{$graph_val}
#Set META REFRESH seconds (default 150, use 0 to disable).
-$meta_refresh
+{$meta_refresh_val}
EOF;
- $fd = fopen("{$bandwidthd_config_dir}/bandwidthd.conf","w");
+ $fd = fopen("{$bandwidthd_config_dir}/bandwidthd.conf", "w");
if (!$fd) {
log_error("could not open {$bandwidthd_config_dir}/bandwidthd.conf for writing");
exit;
@@ -274,13 +187,12 @@ EOF;
fwrite($fd, $config_file);
fclose($fd);
+ /* nanobsd hacks */
if ($g['platform'] == 'nanobsd') {
$bandwidthd_nano_dir = "/var/bandwidthd";
$bandwidthd_htdocs_dir = $bandwidthd_nano_dir . "/htdocs";
if (!is_dir($bandwidthd_nano_dir)) {
- if (file_exists($bandwidthd_nano_dir)) {
- unlink($bandwidthd_nano_dir);
- }
+ unlink_if_exists($bandwidthd_nano_dir);
mkdir($bandwidthd_nano_dir);
}
} else {
@@ -289,24 +201,19 @@ EOF;
$rc = array();
$rc['file'] = 'bandwidthd.sh';
- $rc['stop'] = <<<EOD
-/usr/bin/killall bandwidthd
-EOD;
+ $rc['stop'] = '/usr/bin/killall bandwidthd';
- // If this is an old config before the enable checkbox was added, then enable by default
- $bandwidthd_enable = (!isset($bandwidthd_config['enable']) || ($bandwidthd_config['enable']));
- if ($bandwidthd_enable) {
+ if ($bandwidthd_config['enable']) {
if ($g['platform'] == 'nanobsd') {
- // On nanobsd, /var/bandwidthd is created.
- // In that is a real /var/bandwidth/htdocs, where the graph data is written
- // A soft link to the real bandwidth program is made - /var/bandwidthd/bandwidthd
- // A soft link to the etc folder with the conf file is made - /var/bandwidthd/etc
- // bandwidthd is started from /var/bandwidthd with the current dir /var/bandwidth
- // This way, it:
- // looks in ./etc for the conf file
- // writes graph files in ./htdocs
- // writes cdf log files (if selected in the config) to ./
- // All of this is on the /var filesystem, which is a read-write memory disk on nanobsd
+ /* On nanobsd:
+ * first, /var/bandwidthd is created, with real /var/bandwidth/htdocs inside, where the graph data is written;
+ * soft link to the real bandwidth program is made - /var/bandwidthd/bandwidthd;
+ * soft link to the etc folder with the conf file is made - /var/bandwidthd/etc;
+ * bandwidthd is started from /var/bandwidthd with the current dir /var/bandwidth.
+ * This way, it looks in ./etc for the conf file, writes graph files in ./htdocs
+ * writes cdf log files (if selected in the config) to ./
+ * All of these are on the /var filesystem, which is a read-write memory disk on nanobsd */
+
$rc['start'] = <<<EOD
if [ ! -d "{$bandwidthd_nano_dir}" ] ; then
if [ -e "{$bandwidthd_nano_dir}" ] ; then
@@ -355,21 +262,17 @@ EOD;
$rc['start'] = "return";
}
- /* write out rc.d start/stop file */
+ /* Write out rc.d file */
write_rcfile($rc);
if (!is_dir($bandwidthd_htdocs_dir)) {
- if (file_exists($bandwidthd_htdocs_dir)) {
- unlink($bandwidthd_htdocs_dir);
- }
- mkdir($bandwidthd_htdocs_dir);
+ unlink_if_exists($bandwidthd_htdocs_dir);
+ safe_mkdir($bandwidthd_htdocs_dir);
}
+
$bandwidthd_www_link = $g["www_path"] . "/bandwidthd";
if (!is_link($bandwidthd_www_link)) {
- if (file_exists($bandwidthd_www_link)) {
- // It is a file and not a link - clean it up.
- unlink($bandwidthd_www_link);
- }
+ unlink_if_exists($bandwidthd_www_link);
symlink($bandwidthd_htdocs_dir, $bandwidthd_www_link);
}
@@ -378,19 +281,136 @@ EOD;
exec("echo \"Please start bandwidthd to populate this directory.\" > " . $bandwidthd_index_file);
}
- if (($bandwidthd_enable) && ($output_cdf)) {
+ /* Cron job for graphs */
+ if (($bandwidthd_config['enable']) && ($output_cdf)) {
// Use cron job to rotate logs every day at 00:01
install_cron_job("/bin/kill -HUP `cat /var/run/bandwidthd.pid`", true, "1", "0");
- }
- else
- {
- // Remove the cron job, if it is there
+ } else {
+ // Remove the cron job if it is there
install_cron_job("/bin/kill -HUP `cat /var/run/bandwidthd.pid`", false);
}
+
conf_mount_ro();
- stop_service("bandwidthd");
- if ($bandwidthd_enable) {
- start_service("bandwidthd");
+
+ /* Restart the service if enabled; otherwise stop it */
+ if ($bandwidthd_config['enable']) {
+ restart_service("bandwidthd");
+ } else {
+ stop_service("bandwidthd");
+ }
+}
+
+function bandwidthd_upgrade_config() {
+ global $config, $changes;
+ // The 'Advanced Filter' options and 'Database Password' are now base64-encoded
+ // in order to now break config.xml if they contain some special chars.
+ // If this is an old config, pick up the original unencoded values and upgrade
+ $changes = 0;
+ $bandwidthd_config = $config['installedpackages']['bandwidthd']['config'][0];
+ if (isset($bandwidthd_config['filter'])) {
+ $config['installedpackages']['bandwidthd']['config'][0]['advfilter'] = base64_encode($bandwidthd_config['filter']);
+ unset($config['installedpackages']['bandwidthd']['config'][0]['filter']);
+ $changes++;
+ }
+ if (isset($bandwidthd_config['postgresqlpassword'])) {
+ $config['installedpackages']['bandwidthd']['config'][0]['postgresqlpasswordenc'] = base64_encode($bandwidthd_config['postgresqlpassword']);
+ unset($config['installedpackages']['bandwidthd']['config'][0]['postgresqlpassword']);
+ $changes++;
+ }
+ // Subnet(s) for Statistics Collection - convert old subnets_custom to interface_array here as well.
+ if (isset($bandwidthd_config['subnets_custom'])) {
+ $i = 0;
+ $subnets_custom = explode(';', $bandwidthd_config['subnets_custom']);
+ // For each configured interface on this box...
+ $iflist = get_configured_interface_list_by_realif();
+ foreach ($iflist as $if) {
+ // first, gets its subnet...
+ $sn = gen_subnet(get_interface_ip($if), get_interface_subnet($if));
+ foreach ($subnets_custom as $subnet_custom) {
+ // next, strip the subnet mask from the old settings value...
+ $subnet_custom = substr($subnet_custom, 0, strpos($subnet_custom, '/'));
+ // next, try to match the originally configured subnet against configured interfaces...
+ if ($subnet_custom != "" && $subnet_custom == $sn) {
+ // skip PPPoE interfaces if any...
+ $realif = get_real_interface($if);
+ if (!preg_match("/pppoe[0-9]+/i", $realif)) {
+ // and finally, set the new config value for config.xml
+ echo $if;
+ $config['installedpackages']['bandwidthd']['config'][0]['interface_array'][$i] = $if;
+ $i++;
+ }
+ }
+ }
+ }
+ // Remove the old settings value now that we are done with config upgrade
+ unset($config['installedpackages']['bandwidthd']['config'][0]['subnets_custom']);
+ }
+ // Write the upgraded config.xml if something changed
+ write_config("[bandwidthd] Upgraded old package configuration.");
+}
+
+function bandwidthd_validate_input($post, &$input_errors) {
+ if ($post['active_interface']) {
+ $realif = get_real_interface($post['active_interface']);
+ $ip = find_interface_ip($realif);
+ if (!is_ipaddrv4($ip)) {
+ // IPv6-only interfaces are not supported
+ $errif = convert_friendly_interface_to_friendly_descr($post['active_interface']);
+ $input_errors[] = gettext("The \"{$errif}\" interface selected under 'BandwidthD Web Interface' has no IPv4 configured. Configured IPv4 is required.");
+ }
+ } else {
+ $input_errors[] = "You must select the 'BandwidthD Web Interface'.";
+ }
+ // bandwidthd does not work with PPPoE; IPv6 is also not supported
+ if ($post['interface_array']) {
+ foreach ($post['interface_array'] as $ifname) {
+ $realif = get_real_interface($ifname);
+ $ip = find_interface_ip($realif);
+ $errif = convert_friendly_interface_to_friendly_descr($ifname);
+ if (preg_match("/pppoe[0-9]+/i", $realif)) {
+ $input_errors[] = gettext("Sorry, BandwidthD does not support PPPoE interfaces. Remove \"{$errif}\" from 'Subnet(s) for Statistics Collection'.");
+ }
+ if (!is_ipaddrv4($ip)) {
+ $input_errors[] = gettext("The \"{$errif}\" interface selected under 'Subnet(s) for Statistics Collection' has no IPv4 configured. Configured IPv4 is required.");
+ }
+ }
+ } else {
+ $input_errors[] = "You must select at least on interface under 'Subnet(s) for Statistics Collection'.";
+ }
+ // Only support sane characters in Sensor ID
+ if ($post['sensorid']) {
+ if ((!is_hostname($post['sensorid'])) && !preg_match("/^[a-zA-Z0-9\-\=\(\):. ]*$/", $post['sensorid'])) {
+ $input_errors[] .= gettext('Sensor ID must be either a hostname or a string which may only contain characters matching ^[a-zA-Z0-9\-\(\):. ]*$ regexp.');
+ }
+ }
+ if (($post['meta_refresh']) && (!is_numericint($post['meta_refresh']))) {
+ $input_errors[] = gettext("The value for 'Meta Refresh' must be a positive integer.");
+ }
+ if (($post['skipintervals']) && (!is_numericint($post['skipintervals']))) {
+ $input_errors[] = gettext("The value for 'Skip Intervals' must be a positive integer.");
+ }
+ if (($post['graphcutoff']) && (!is_numericint($post['graphcutoff']))) {
+ $input_errors[] = gettext("The value for 'Graph Cutoff' must be a positive integer.");
+ }
+ if ($post['outputpostgresql']) {
+ if (!$post['postgresqlhost']) {
+ $input_errors[] = gettext("The value for 'Database Host' must not be empty when 'Output to PostgreSQL' is enabled.");
+ }
+ if (!$post['postgresqldatabase']) {
+ $input_errors[] = gettext("The value for 'Database Name' must not be empty when 'Output to PostgreSQL' is enabled.");
+ }
+ if (!$post['postgresqlusername']) {
+ $input_errors[] = gettext("The value for 'Database User' must not be empty when 'Output to PostgreSQL' is enabled.");
+ }
+ if (!$post['postgresqlpasswordenc']) {
+ $input_errors[] = gettext("The value for 'Database Password' must not be empty when 'Output to PostgreSQL' is enabled.");
+ }
+ }
+ if (($post['postgresqlhost']) && (!is_hostname($post['postgresqlhost']))) {
+ $input_errors[] = gettext("The value for 'Database Host' must be a valid hostname or IPv4.");
+ }
+ if (($post['advfilter']) && !preg_match("/^[a-zA-Z0-9\+\-\=\(\):. ]*$/", $post['advfilter'])) {
+ $input_errors[] = gettext('Advanced traffic filtering options may only contain characters matching ^[a-zA-Z0-9\+\-\=\(\):. ]*$ regexp.');
}
}