diff options
-rw-r--r-- | packages/freenas/pkg/freenas_services.inc | 90 | ||||
-rw-r--r-- | packages/freenas/pkg/freenas_utils.inc | 1 | ||||
-rw-r--r-- | packages/freenas/www/services_nfs.php | 658 |
3 files changed, 702 insertions, 47 deletions
diff --git a/packages/freenas/pkg/freenas_services.inc b/packages/freenas/pkg/freenas_services.inc index 5c206413..1bd9b980 100644 --- a/packages/freenas/pkg/freenas_services.inc +++ b/packages/freenas/pkg/freenas_services.inc @@ -40,8 +40,9 @@ */ /* ========================================================================== */ -define (FTP_BACKEND_PAM, "pam"); -define (FTP_BACKEND_PLAINTEXT, "plaintext"); +define ("FTP_BACKEND_PAM", "pam"); +define ("FTP_BACKEND_PLAINTEXT", "plaintext"); +define ("NFS_SERVICE_PORTS", "111 2049"); $freenas_config =& $config['installedpackages']['freenas']['config'][0]; @@ -410,12 +411,26 @@ function services_nfs_configure() { return 1; } - list($network,$subnet) = - explode('/', $freenas_config['nfs']['nfsnetwork']); - - $subnet = gen_subnet_mask($subnet); $a_mount = &$freenas_config['mounts']['mount']; + /* TODO: ATM network authorization does not work on a per mount basis */ + if (is_array($freenas_config['nfs']['nfsnetwork'])) { + $a_nfsnetworks = array(); + $pfnetworks = array(); + + foreach ($freenas_config['nfs']['nfsnetwork'] as $netel) { + list($network,$subnet) = + explode('/', $netel); + + $subnet = gen_subnet_mask($subnet); + $a_nfsnetworks[] = "-network {$network} -mask {$subnet}"; + $pfnetworks[] = $network; + } + + $nfsnetworks_str = implode(' ', $a_nfsnetworks); + services_setup_transparency_for("nfs", implode(" ", $pfnetworks)); + } + foreach ($a_mount as $mount) { /* -mapall and -maproot mutually exclusive */ $mapping = $freenas_config['nfs']['mapall'] == "yes" ? "-mapall=root" : "-maproot=root"; @@ -425,28 +440,83 @@ function services_nfs_configure() { EOD; $nfsconf .= <<<EOD --network {$network} -mask $subnet +{$nfsnetworks_str} EOD; } // end foreach + fwrite($fd, $nfsconf); fclose($fd); /* run rpcbind, nfsd and mountd */ - mwexec("/usr/sbin/rpcbind"); - mwexec("/usr/sbin/nfsd -u -t -n 4"); + mwexec("/usr/sbin/rpcbind -h {$freenas_config['nfs']['bindto']}"); + mwexec("/usr/sbin/nfsd -h {$freenas_config['nfs']['bindto']} -u -t -n 4"); mwexec("/usr/sbin/mountd -r {$g['varetc_path']}/exports"); mwexec("/usr/sbin/rpc.lockd"); mwexec("/usr/sbin/rpc.statd"); if ($g['booting']) { echo "done\n"; } - } // end if + } else { + services_remove_transparency_for("nfs"); + }// end if return 0; } +function services_remove_transparency_for($whom) { + $service_result = mwexec ("pfctl -a \"passin-package-freenas-{$whom}\" -F rules"); + if($service_result <> 0) { + file_notice("FREENAS", "There were error(s) flushing the exclude table", "FREENAS", ""); + } +} + +function services_setup_transparency_for($whom, $networks) { + global $config, $freenas_config; + + if ($whom == "" || $networks == "") { return; } + + $generatedLANSubnet = gen_subnet($config['interfaces']['lan']['ipaddr'], + $config['interfaces']['lan']['subnet']); + $aliases = ""; + + /* stolen from filter.inc */ + $real_wanif = get_real_wan_interface(); + $wanip = find_interface_ip($real_wanif); + + $wan_aliases = " " . link_ip_to_carp_interface($wanip); + + if (link_int_to_bridge_interface("wan")) + $wan_aliases .= " " . link_int_to_bridge_interface("wan"); + + if ($config['interfaces']['wan']['ipaddr'] == "pppoe" or $config['interfaces']['wan']['ipaddr'] == "pptp") { + $aliases .= "ng0 = \"{ {$config['interfaces']['wan']['if']} {$real_wanif} }\" \n"; + $aliases .= "wan = \"{ {$config['interfaces']['wan']['if']} {$wan_aliases} ng0 }\"\n"; + } else { + $aliases .= "wan = \"{ {$real_wanif} {$wan_aliases} }\"\n"; + } + + $trans_file = fopen("/tmp/freenas-{$whom}.rules","w"); + fwrite($trans_file, "{$aliases}\n"); + + switch ($whom) { + case "nfs": + $nfs_ports = explode(" ", NFS_SERVICE_PORTS); + + foreach ($nfs_ports as $port) { + fwrite($trans_file, "pass in quick on \$wan proto { tcp udp } from { {$networks} } to {$freenas_config['nfs']['bindto']} port = {$port} keep state label \"FreeNAS related rule for {$whom}-{$port}\"\n"); + } + break; + } + fclose($trans_file); + $service_result = mwexec ("pfctl -a \"passin-package-freenas-{$whom}\" -f /tmp/freenas-{$whom}.rules"); + if($service_result <> 0) { + file_notice("FREENAS", "There were error(s) loading the transparency rules", "FREENAS", ""); + } + //add_trans_table($whom); +} + function services_ftpd_configure() { global $freenas_config, $g; // services_vsftpd_configure(); diff --git a/packages/freenas/pkg/freenas_utils.inc b/packages/freenas/pkg/freenas_utils.inc index 1e812412..6e5d8872 100644 --- a/packages/freenas/pkg/freenas_utils.inc +++ b/packages/freenas/pkg/freenas_utils.inc @@ -585,6 +585,7 @@ function get_ata_disks_list() { if ($dmesgtab[0]!="" && (strcasecmp($dmesgtab[0],$diskname) == 0) && strcmp($dmesgtab[1],"DMA") !=0) { $disklist[$diskname]['size'] = $dmesgtab[1]; + } } // end if } // end foreach } // end if diff --git a/packages/freenas/www/services_nfs.php b/packages/freenas/www/services_nfs.php index 092f71a6..ea5bbf92 100644 --- a/packages/freenas/www/services_nfs.php +++ b/packages/freenas/www/services_nfs.php @@ -55,9 +55,7 @@ if (!is_array($freenas_config['nfs'])) $pconfig['enable'] = isset($freenas_config['nfs']['enable']); $pconfig['mapall'] = $freenas_config['nfs']['mapall']; - -list($pconfig['network'],$pconfig['network_subnet']) = - explode('/', $freenas_config['nfs']['nfsnetwork']); +$pconfig['bindto'] = $freenas_config['nfs']['bindto']; if (! empty($_POST)) { @@ -68,24 +66,29 @@ if (! empty($_POST)) $pconfig = $_POST; /* input validation */ - $reqdfields = explode(" ", "network network_subnet"); - $reqdfieldsn = explode(",", "Destination network,Destination network bit count"); + $reqdfields = explode(" ", "authnetworks bindto"); + $reqdfieldsn = explode(",", "Destination network, IP address to bind to"); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - if (($_POST['network'] && !is_ipaddr($_POST['network']))) { - $error_bucket[] = array("error" => gettext("A valid network must be specified."), - "field" => "network"); - } - - if (($_POST['network_subnet'] && !is_numeric($_POST['network_subnet']))) { - $error_bucket[] = array("error" => gettext("A valid network bit count must be specified."), - "field" => "network_subnet"); - + if (isset($_POST['authnetworks']) && is_array($_POST['authnetworks'])) { + foreach ($_POST['authnetworks'] as $netel) { + list($_POST['network'], $_POST['network_subnet']) = explode('/', $netel); + + if (($_POST['network'] && !is_ipaddr($_POST['network']))) { + $error_bucket[] = array("error" => gettext("A valid network must be specified."), + "field" => "network"); + } + + if (($_POST['network_subnet'] && !is_numeric($_POST['network_subnet']))) { + $error_bucket[] = array("error" => gettext("A valid network bit count must be specified."), + "field" => "network_subnet"); + } + + $osn['nfsnetwork'][] = gen_subnet($_POST['network'], $_POST['network_subnet']) . "/" . $_POST['network_subnet']; + } } - $osn = gen_subnet($_POST['network'], $_POST['network_subnet']) . "/" . $_POST['network_subnet']; - if (is_array($error_bucket)) foreach($error_bucket as $elem) $input_errors[] =& $elem["error"]; @@ -98,9 +101,10 @@ if (! empty($_POST)) if (!$input_errors) { + $freenas_config['nfs'] = $osn; $freenas_config['nfs']['enable'] = $_POST['enable'] ? true : false; $freenas_config['nfs']['mapall'] = $_POST['mapall']; - $freenas_config['nfs']['nfsnetwork'] = $osn; + $freenas_config['nfs']['bindto'] = $_POST['bindto']; write_config(); $retval = 0; @@ -123,9 +127,537 @@ include("head.inc"); /* put your custom HTML head content here */ /* using some of the $pfSenseHead function calls */ +$addressTransString = gettext("Address"); +$plusimgDescTransString = gettext("add to network list"); +$minusimgDescTransString = gettext("remove from network list"); +$currentnetTransString = gettext("Current networks"); +$networksTypehintTransString = gettext("Network that is authorised to access NFS shares"); + +$networkCount = count($freenas_config['nfs']['nfsnetwork']); +$generatedWANSubnet = gen_subnet($config['interfaces']['wan']['ipaddr'], + $config['interfaces']['wan']['subnet']); +$generatedLANSubnet = gen_subnet($config['interfaces']['lan']['ipaddr'], + $config['interfaces']['lan']['subnet']); + $jscriptstr = <<<EOD <script type="text/javascript"> <!-- +function network_exists(myValue) { + for (i = 0; i < $('authnetworks').options.length; i++) { + if ($('authnetworks').options[i].value == myValue) { + return true; + } + } + + return false; +} +function selectnetel() { + for (i = 0; i < $('authnetworks').options.length; i++) { + $('authnetworks').options[i].selected = true; + } +} +function get_selected_listitems() { + var selected = new Array(); + + if (!$('authnetworks')) { return; } + + for (i = 0; i < $('authnetworks').options.length; i++) { + if ($('authnetworks').childNodes[i].selected == true) { + selected.push($('authnetworks').options[i]); + } + } + + return selected; +} + +function add_selnetwork(net, mask) { + var newOption = document.createElement("option"); + var newOptionText = document.createTextNode(net + '/' + mask); + var selectSize = $('authnetworks').size; + + if (!net || !mask) { return; } + + if (network_exists(net + '/' + mask)) { + alert('Element already exist in the network list'); + return; + } + + newOption.setAttribute('value', net + '/' + mask); + newOption.appendChild(newOptionText); + + /* add the option to the select element */ + $('authnetworks').appendChild(newOption); + $('authnetworks').setAttribute('size', '3'); + + /* clear values from HTML fields */ + if ($('network')) { $('network').value = ''; } + if ($('network_subnet')) { $('network_subnet').selectedIndex = 0; } +} + +function remove_selnetwork() { + var selectedItems = get_selected_listitems(); + + if (selectedItems.length <= 0) { + alert('No element selected!'); + return; + } + + for (i = 0; i < selectedItems.length; i++) { + $('authnetworks').removeChild(selectedItems[i]); + } +} + +function create_authnetworks_tr() { + var newTR = document.createElement("tr"); + newTR.setAttribute('id', 'authNetworksTR'); + + var newImageTR = document.createElement("tr"); + newImageTR.setAttribute('id', 'authNetworksImageTR'); + + var descTD = document.createElement("td"); + descTD.setAttribute('align', 'left'); + descTD.setAttribute('valign', 'top'); + descTD.setAttribute('style', 'padding-top: 10px; border-top: solid 1px grey;'); + + var selectTD = document.createElement("td"); + selectTD.setAttribute('align', 'left'); + selectTD.setAttribute('valign', 'middle'); + selectTD.setAttribute('style', 'padding-top: 10px; border-top: solid 1px grey;'); + + var typehintTD = document.createElement("td"); + typehintTD.setAttribute('align', 'left'); + typehintTD.setAttribute('valign', 'middle'); + typehintTD.setAttribute('colspan', '2'); + typehintTD.setAttribute('style', 'padding-top: 10px; border-top: solid 1px grey;'); + + var blankTD = document.createElement("td"); + blankTD.setAttribute('align', 'left'); + blankTD.setAttribute('valign', 'top'); + + var imageTD = document.createElement("td"); + imageTD.setAttribute('align', 'left'); + imageTD.setAttribute('valign', 'middle'); + imageTD.setAttribute('style', 'vertical-align: middle;'); + imageTD.setAttribute('colspan', '3'); + + var newSpan = document.createElement("span"); + newSpan.setAttribute('style', 'padding-left: 5px; vertical-align: middle;'); + + var newTypehintSpan = document.createElement("span"); + newTypehintSpan.setAttribute('style', 'padding-left: 5px; vertical-align: middle;'); + + var newDescription = document.createTextNode('{$currentnetTransString}:'); + var newImgDescription = document.createTextNode('{$minusimgDescTransString}'); + var typehint = document.createTextNode('{$networksTypehintTransString}'); + + var newSelect = document.createElement("select"); + newSelect.setAttribute('name', 'authnetworks[]'); + newSelect.setAttribute('class', 'formselect'); + newSelect.setAttribute('id', 'authnetworks'); + newSelect.setAttribute('multiple', 'multiple'); + newSelect.setAttribute('size', '{$networkCount}'); + + /* divs are used to achieve proper alignement */ + newImageDiv = document.createElement("div"); + newImageDiv.setAttribute('style', 'float: left;'); + + newImageDescDiv = document.createElement("div"); + newImageDescDiv.setAttribute('style', 'padding-top: 1px;'); + + /* try to add each network to the select element */ + +EOD; + +if (is_array($freenas_config['nfs']['nfsnetwork'])) { + foreach ($freenas_config['nfs']['nfsnetwork'] as $networkel) { + list($netaddress, $netmask) = explode('/', $networkel); + $networkSanitized = htmlspecialchars($netaddress); + + $jscriptstr .= <<<EOD + var newOption = document.createElement("option"); + var newOptionText = document.createTextNode('{$networkSanitized}/{$netmask}'); + + newOption.setAttribute('value', '{$networkSanitized}/{$netmask}'); + newOption.appendChild(newOptionText); + + /* add the option to the select element */ + newSelect.appendChild(newOption); + +EOD; + } // end if +} // end foreach + +$jscriptstr .= <<<EOD + var newImage = document.createElement("img"); + newImage.setAttribute('src', '/themes/{$g['theme']}/images/misc/bullet_toggle_minus.png'); + newImage.setAttribute('alt', 'remove network'); + newImage.setAttribute('border', '0'); + newImage.setAttribute('style', 'margin-right: 5px; border: solid 1px silver; cursor: pointer;'); + newImage.setAttribute('onclick', 'remove_selnetwork();'); + + /* assemble everything */ + newTypehintSpan.appendChild(typehint); + + descTD.appendChild(newDescription); + selectTD.appendChild(newSelect); + typehintTD.appendChild(newTypehintSpan); + + newImageDiv.appendChild(newImage); + newImageDescDiv.appendChild(newImgDescription); + + imageTD.appendChild(newImageDiv); + imageTD.appendChild(newImageDescDiv); + + newTR.appendChild(descTD); + newTR.appendChild(selectTD); + newTR.appendChild(typehintTD); + + newImageTR.appendChild(blankTD); + newImageTR.appendChild(imageTD); + + $('networkopttab').appendChild(newTR); + $('networkopttab').appendChild(newImageTR); +} + +function create_network_tr() { + var newTR = document.createElement("tr"); + newTR.setAttribute('id', 'typeDetailsTR'); + + var descTD = document.createElement("td"); + descTD.setAttribute('align', 'left'); + descTD.setAttribute('valign', 'top'); + + var inputTD = document.createElement("td"); + inputTD.setAttribute('align', 'left'); + inputTD.setAttribute('valign', 'top'); + + var selectTD = document.createElement("td"); + selectTD.setAttribute('align', 'left'); + selectTD.setAttribute('valign', 'middle'); + + var imageTD = document.createElement("td"); + imageTD.setAttribute('align', 'left'); + imageTD.setAttribute('valign', 'middle'); + + var newDescription = document.createTextNode('{$addressTransString}:'); + var newImgDescription = document.createTextNode('{$plusimgDescTransString}'); + + var newInput = document.createElement("input"); + newInput.setAttribute('name', 'network'); + newInput.setAttribute('type', 'text'); + newInput.setAttribute('class', 'formfld host'); + newInput.setAttribute('id', 'network'); + newInput.setAttribute('size', '20'); + newInput.setAttribute('value', ''); + + var newSelect = document.createElement("select"); + newSelect.setAttribute('name', 'network_subnet'); + newSelect.setAttribute('class', 'formselect'); + newSelect.setAttribute('id', 'network_subnet'); + + var newImage = document.createElement("img"); + newImage.setAttribute('src', '/themes/{$g['theme']}/images/misc/bullet_toggle_plus.png'); + newImage.setAttribute('alt', 'add network'); + newImage.setAttribute('border', '0'); + newImage.setAttribute('style', 'margin-right: 5px; border: solid 1px silver; cursor: pointer;'); + newImage.setAttribute('onclick', 'add_selnetwork($("network").value, $("network_subnet").value);'); + + /* divs are used to achieve proper alignement */ + newImageDiv = document.createElement("div"); + newImageDiv.setAttribute('style', 'float: left;'); + + newImageDescDiv = document.createElement("div"); + newImageDescDiv.setAttribute('style', 'padding-top: 1px;'); + + /* add options to select */ + for (i = 31; i > 0; i--) { + var newOption = document.createElement("option"); + var newOptionText = document.createTextNode(i.toString()); + + newOption.setAttribute('value', i); + newOption.appendChild(newOptionText); + + /* add the option to the select element */ + newSelect.appendChild(newOption); + } + + /* assemble everything */ + descTD.appendChild(newDescription); + inputTD.appendChild(newInput); + selectTD.appendChild(newSelect); + + newImageDiv.appendChild(newImage); + newImageDescDiv.appendChild(newImgDescription); + + imageTD.appendChild(newImageDiv); + imageTD.appendChild(newImageDescDiv); + + newTR.appendChild(descTD); + newTR.appendChild(inputTD); + newTR.appendChild(selectTD); + newTR.appendChild(imageTD); + + $('networkopttab').appendChild(newTR); +} + +function create_wan_tr() { + var wanSubnet = '{$config['interfaces']['wan']['subnet']}'; + + var newTR = document.createElement("tr"); + newTR.setAttribute('id', 'typeDetailsTR'); + + var descTD = document.createElement("td"); + descTD.setAttribute('align', 'left'); + descTD.setAttribute('valign', 'top'); + + var nettextTD = document.createElement("td"); + nettextTD.setAttribute('align', 'left'); + nettextTD.setAttribute('valign', 'top'); + + var imageTD = document.createElement("td"); + imageTD.setAttribute('align', 'left'); + imageTD.setAttribute('valign', 'middle'); + imageTD.setAttribute('colspan', '2'); + + var newDescription = document.createTextNode('{$addressTransString}:'); + var newWanDescription = document.createTextNode('{$generatedWANSubnet}/' + wanSubnet); + + var newNetTextSpan = document.createElement("span"); + newNetTextSpan.setAttribute('style', 'font-weight: bold; font-style: italic; vertical-align: middle;'); + + var newImage = document.createElement("img"); + newImage.setAttribute('src', '/themes/{$g['theme']}/images/misc/bullet_toggle_plus.png'); + newImage.setAttribute('alt', 'add network'); + newImage.setAttribute('border', '0'); + newImage.setAttribute('style', 'margin-right: 5px; border: solid 1px silver; cursor: pointer;'); + newImage.setAttribute('onclick', 'add_selnetwork("{$generatedWANSubnet}", ' + wanSubnet + ');'); + + /* divs are used to achieve proper alignement */ + newImageDiv = document.createElement("div"); + newImageDiv.setAttribute('style', 'float: left;'); + + newImageDescDiv = document.createElement("div"); + newImageDescDiv.setAttribute('style', 'padding-top: 1px;'); + + var newImgDescription = document.createTextNode('{$plusimgDescTransString}'); + + /* assemble everything */ + newNetTextSpan.appendChild(newWanDescription); + + descTD.appendChild(newDescription); + nettextTD.appendChild(newNetTextSpan); + + newImageDiv.appendChild(newImage); + newImageDescDiv.appendChild(newImgDescription); + + imageTD.appendChild(newImageDiv); + imageTD.appendChild(newImageDescDiv); + + newTR.appendChild(descTD); + newTR.appendChild(nettextTD); + newTR.appendChild(imageTD); + + $('networkopttab').appendChild(newTR); +} + +function create_lan_tr() { + var lanSubnet = '{$config['interfaces']['lan']['subnet']}'; + + var newTR = document.createElement("tr"); + newTR.setAttribute('id', 'typeDetailsTR'); + + var descTD = document.createElement("td"); + descTD.setAttribute('align', 'left'); + descTD.setAttribute('valign', 'top'); + + var nettextTD = document.createElement("td"); + nettextTD.setAttribute('align', 'left'); + nettextTD.setAttribute('valign', 'top'); + + var imageTD = document.createElement("td"); + imageTD.setAttribute('align', 'left'); + imageTD.setAttribute('valign', 'middle'); + imageTD.setAttribute('colspan', '2'); + + var newDescription = document.createTextNode('{$addressTransString}:'); + var newLanDescription = document.createTextNode('{$generatedLANSubnet}/' + lanSubnet); + + var newNetTextSpan = document.createElement("span"); + newNetTextSpan.setAttribute('style', 'font-weight: bold; font-style: italic; vertical-align: middle;'); + + var newImage = document.createElement("img"); + newImage.setAttribute('src', '/themes/{$g['theme']}/images/misc/bullet_toggle_plus.png'); + newImage.setAttribute('alt', 'add network'); + newImage.setAttribute('border', '0'); + newImage.setAttribute('style', 'margin-right: 5px; border: solid 1px silver; cursor: pointer;'); + newImage.setAttribute('onclick', 'add_selnetwork("{$generatedLANSubnet}", ' + lanSubnet + ');'); + + /* divs are used to achieve proper alignement */ + newImageDiv = document.createElement("div"); + newImageDiv.setAttribute('style', 'float: left;'); + + newImageDescDiv = document.createElement("div"); + newImageDescDiv.setAttribute('style', 'padding-top: 1px;'); + + var newImgDescription = document.createTextNode('{$plusimgDescTransString}'); + + /* assemble everything */ + newNetTextSpan.appendChild(newLanDescription); + + descTD.appendChild(newDescription); + nettextTD.appendChild(newNetTextSpan); + + newImageDiv.appendChild(newImage); + newImageDescDiv.appendChild(newImgDescription); + + imageTD.appendChild(newImageDiv); + imageTD.appendChild(newImageDescDiv); + + newTR.appendChild(descTD); + newTR.appendChild(nettextTD); + newTR.appendChild(imageTD); + + $('networkopttab').appendChild(newTR); +} + +function get_optnetwork() { + var slashIndex= $('opt_iface_desc').firstChild.nodeValue.indexOf('/'); + var myNetwork = $('opt_iface_desc').firstChild.nodeValue.substring(0, slashIndex); + + return myNetwork; +} + +function get_optsubnet() { + var slashIndex= $('opt_iface_desc').firstChild.nodeValue.indexOf('/'); + var mySubnet = $('opt_iface_desc').firstChild.nodeValue.substring(slashIndex + 1, $('opt_iface_desc').firstChild.nodeValue.length); + + return mySubnet; +} + +function create_opt_tr() { + var newTR = document.createElement("tr"); + newTR.setAttribute('id', 'typeDetailsTR'); + + var descTD = document.createElement("td"); + descTD.setAttribute('align', 'left'); + descTD.setAttribute('valign', 'top'); + + var nettextTD = document.createElement("td"); + nettextTD.setAttribute('align', 'left'); + nettextTD.setAttribute('valign', 'top'); + + var imageTD = document.createElement("td"); + imageTD.setAttribute('align', 'left'); + imageTD.setAttribute('valign', 'middle'); + imageTD.setAttribute('colspan', '2'); + + var newDescription = document.createTextNode('{$addressTransString}:'); + var newImgDescription = document.createTextNode('{$plusimgDescTransString}'); + + var newImage = document.createElement("img"); + newImage.setAttribute('src', '/themes/{$g['theme']}/images/misc/bullet_toggle_plus.png'); + newImage.setAttribute('alt', 'add network'); + newImage.setAttribute('border', '0'); + newImage.setAttribute('style', 'margin-right: 5px; border: solid 1px silver; cursor: pointer;'); + newImage.setAttribute('onclick', 'add_selnetwork(get_optnetwork(), get_optsubnet());'); + + /* divs are used to achieve proper alignement */ + newImageDiv = document.createElement("div"); + newImageDiv.setAttribute('style', 'float: left;'); + + newImageDescDiv = document.createElement("div"); + newImageDescDiv.setAttribute('style', 'padding-top: 1px;'); + + /* add options to select */ + +EOD; + +for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { + $optSubnet = $config['interfaces']['opt' . $i]['subnet']; + $generatedOPTSubnet = gen_subnet($config['interfaces']['opt' . $i]['ipaddr'], + $config['interfaces']['opt' . $i]['subnet']); + + if (empty($optSubnet) || empty($generatedOPTSubnet)) { continue; } + + $jscriptstr .= <<<EOD + var selOptIndex = $('authnettype').selectedIndex; + var optNumber = $('authnettype').options[selOptIndex].value.substr(3, $('authnettype').options[selOptIndex].value.length); + var newOptDescription = null; + var newNetTextSpan = null; + + if (optNumber == {$i}) { + newOptDescription = document.createTextNode('{$generatedOPTSubnet}/{$optSubnet}'); + + newNetTextSpan = document.createElement("span"); + newNetTextSpan.setAttribute('id', 'opt_iface_desc'); + newNetTextSpan.setAttribute('style', 'font-weight: bold; font-style: italic; vertical-align: middle;'); + } + +EOD; +} + +$jscriptstr .= <<<EOD + /* assemble everything */ + if (newNetTextSpan) + newNetTextSpan.appendChild(newOptDescription); + + descTD.appendChild(newDescription); + if (newNetTextSpan) + nettextTD.appendChild(newNetTextSpan); + + newImageDiv.appendChild(newImage); + newImageDescDiv.appendChild(newImgDescription); + + imageTD.appendChild(newImageDiv); + imageTD.appendChild(newImageDescDiv); + + newTR.appendChild(descTD); + newTR.appendChild(nettextTD); + newTR.appendChild(imageTD); + + $('networkopttab').appendChild(newTR); +} + +function authnet_change() { + if ($('typeDetailsTR')) { $('networkopttab').removeChild($('typeDetailsTR')); } + if ($('authNetworksTR')) { $('networkopttab').removeChild($('authNetworksTR')); } + if ($('authNetworksImageTR')) { $('networkopttab').removeChild($('authNetworksImageTR')); } + + switch ($('authnettype').selectedIndex) { + case 0: + /* Network */ + create_network_tr(); + break; + case 1: + /* WAN subnet */ + create_wan_tr(); + break; + case 2: + /* LAN subnet */ + create_lan_tr(); + break; + +EOD; + +for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { + $case_count = 2 + $i; + + $jscriptstr .= <<<EOD + case {$case_count}: + /* OPT subnet */ + create_opt_tr(); + break; + +EOD; + +} // end for + +$jscriptstr .= <<<EOD + } // end switch + + create_authnetworks_tr(); +} // end function authnet_change + function enable_change(enable_change) { var endis; @@ -133,12 +665,10 @@ function enable_change(enable_change) { endis ? color = '#D4D0C8' : color = '#FFFFFF'; document.iform.mapall.disabled = endis; - document.iform.network.disabled = endis; - document.iform.network_subnet.disabled = endis; + document.iform.authnettype.disabled = endis; /* color adjustments */ document.iform.mapall.style.backgroundColor = color; - document.iform.network.style.backgroundColor = color; - document.iform.network_subnet.style.backgroundColor = color; + document.iform.authnettype.style.backgroundColor = color; } //--> </script> @@ -167,6 +697,28 @@ echo $pfSenseHead->getHTML(); </td> </tr> <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Bind to IP address");?></td> + <td width="78%" class="vtable" align="left" valign="middle"> + <select name="bindto" id="bindto" class="formselect"> + <option value="<?= $config['interfaces']['lan'][ipaddr] ?>"> + <?= $config['interfaces']['wan'][ipaddr] ?> + </option> + <option value="<?= $config['interfaces']['lan'][ipaddr] ?>"> + <?= $config['interfaces']['lan'][ipaddr] ?> + </option> + <?php + for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++): + ?> + <option value="<?= $config['interfaces']['opt' . $i][ipaddr] ?>"> + <?= $config['interfaces']['opt' . $i][ipaddr] ?> + </option> + <?php endfor; ?> + </select> + <br /> + <?= gettext("Use an address from the list to make nfsd and rpcbind bind to a specific address."); ?> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("map all user to root");?></td> <td width="78%" class="vtable"> <select name="mapall" class="formselect" id="mapall"> @@ -189,34 +741,65 @@ echo $pfSenseHead->getHTML(); <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Authorised network");?></td> <td width="78%" class="vtable" align="left" valign="middle"> - <input name="network" type="text" class="formfld host" id="network" size="20" value="<?=htmlspecialchars($pconfig['network']);?>" /> - / - <select name="network_subnet" class="formselect" id="network_subnet"> - <?php for ($i = 32; $i >= 1; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['network_subnet']) echo "selected=\"selected\""; ?>> - <?=$i;?> - </option> - <?php endfor; ?> - </select> - <br /> - <?= gettext("Network that is authorised to access to NFS share"); ?> + <table border="0" cellspacing="0" cellpadding="4" id="networkopttab"> + <tr> + <td align="left" valign="middle"><?=gettext("Type");?>:</td> + <td align="left" valign="middle" colspan="4"> + <select name="authnettype" id="authnettype" class="formselect" onchange="authnet_change();"> + <option value="network"> + <?=gettext("Network")?> + </option> + <option value="wan"> + <?=gettext("WAN subnet");?> + </option> + <option value="lan"> + <?=gettext("LAN subnet");?> + </option> + <?php + for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++): + ?> + <option value="opt<?=$i;?>"> + <?=htmlspecialchars($config['interfaces']['opt' . $i]['descr']);?> + <?=gettext("subnet");?> + </option> + <?php endfor; ?> + </select> + </td> + </tr> + </table> </td> </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input id="submit" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> + <!-- Note: Cause Prototype is observing the onclick event, we are using onmousedown and onkeydown instead --> + <input id="submit" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" onmousedown="selectnetel();" onkeydown="selectnetel();" /> </td> </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> <span class="red"> - <strong><?= gettext("WARNING"); ?></strong> - </span> - <span class="vexpl"> - <?= gettext("The name of the exported directories are : /mnt/sharename"); ?> + <strong><?= gettext("NOTE"); ?>:</strong> </span> + <br /> + <ul> + <li> + <span class="vexpl"> + <?= gettext("The name of each exported directory is: /mnt/sharename"); ?> + </span> + </li> + <li> + <span class="vexpl"> + <?= gettext("Try adding networks to the 'current networks' list to authorize each particular network."); ?> + </span> + </li> + <li> + <span class="vexpl"> + <?= gettext("Use ctrl-click (or command-click on the Mac) to select and de-select elements from the 'current networks' list."); ?> + </span> + </li> + </ul> </td> </tr> </table> @@ -226,6 +809,7 @@ echo $pfSenseHead->getHTML(); <script type="text/javascript"> <!-- enable_change(false); +authnet_change(); //--> </script> </body> |