diff options
| -rw-r--r-- | config/nut/nut.inc | 37 | ||||
| -rw-r--r-- | config/nut/nut.xml | 7 | ||||
| -rw-r--r-- | pkg_config.8.xml | 2 | ||||
| -rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
4 files changed, 16 insertions, 32 deletions
diff --git a/config/nut/nut.inc b/config/nut/nut.inc index d5c81884..0c1235dd 100644 --- a/config/nut/nut.inc +++ b/config/nut/nut.inc @@ -163,8 +163,6 @@ $input_errors[] = 'You must select a driver in the \'Local UPS Driver\' field'; if(!$post['port']) $input_errors[] = 'You must select a port in the \'Local UPS Port\' field'; - if($post['allowaddr'] && !nut_validate_ip($post['allowaddr'],true)) - $input_errors[] = 'You must specify a valid address \'Local Remote Access Address\' field'; } } @@ -229,7 +227,6 @@ EOD; $port = nut_config('port'); $upstype = nut_config_sub('upstype', 3); $cable = nut_config_sub('cable', 3); - $allowaddr = nut_config('allowaddr'); $allowuser = nut_config('allowuser'); $allowpass = nut_config('allowpass'); $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h'; @@ -267,30 +264,23 @@ EOD; $ups_conf .= "upstype={$upstype}\n"; /* upsd.conf */ - $upsd_conf = "ACL all 0.0.0.0/0\n"; - $upsd_conf .= "ACL localhost 127.0.0.1/32\n"; - if($allowaddr && $allowuser) { - $upsd_conf .= "ACL remote {$allowaddr}\n"; - $upsd_conf .= "ACCEPT remote\n"; - } - $upsd_conf .= "ACCEPT localhost\n"; - $upsd_conf .= "REJECT all\n"; + $upsd_conf = "LISTEN 127.0.0.1\n"; + $upsd_conf .= "LISTEN ::1\n"; + $password = uniqid("nut"); /* upsd.users */ $upsd_users = "[monuser]\n"; - $upsd_users .= "password = mypass\n"; - $upsd_users .= "allowfrom = localhost\n"; + $upsd_users .= "password = {$password}\n"; $upsd_users .= "upsmon master\n"; if($allowaddr && $allowuser) { $upsd_users .= "\n[$allowuser]\n"; $upsd_users .= "password = $allowpass\n"; - $upsd_users .= "allowfrom = remote\n"; $upsd_users .= "upsmon master\n"; } /* upsmon.conf */ $upsmon_conf = <<<EOD -MONITOR {$name}@localhost 1 monuser mypass master +MONITOR {$name}@localhost 1 monuser {$password} master MINSUPPLIES 1 SHUTDOWNCMD "/sbin/shutdown {$shutdownflag} +0" POWERDOWNFLAG /etc/killpower @@ -391,30 +381,23 @@ EOD; $ups_conf .= "notransferoids=true\n"; /* upsd.conf */ - $upsd_conf = "ACL all 0.0.0.0/0\n"; - $upsd_conf .= "ACL localhost 127.0.0.1/32\n"; - if($allowaddr && $allowuser) { - $upsd_conf .= "ACL remote {$allowaddr}\n"; - $upsd_conf .= "ACCEPT remote\n"; - } - $upsd_conf .= "ACCEPT localhost\n"; - $upsd_conf .= "REJECT all\n"; + $upsd_conf = "LISTEN 127.0.0.1\n"; + $upsd_conf .= "LISTEN ::1\n"; + $password = uniqid("nut"); /* upsd.users */ $upsd_users = "[monuser]\n"; - $upsd_users .= "password = mypass\n"; - $upsd_users .= "allowfrom = localhost\n"; + $upsd_users .= "password = {$password}\n"; $upsd_users .= "upsmon master\n"; if($allowaddr && $allowuser) { $upsd_users .= "\n[$allowuser]\n"; $upsd_users .= "password = $allowpass\n"; - $upsd_users .= "allowfrom = remote\n"; $upsd_users .= "upsmon master\n"; } /* upsmon.conf */ $upsmon_conf = <<<EOD -MONITOR {$name}@localhost 1 monuser mypass master +MONITOR {$name}@localhost 1 monuser {$password} master MINSUPPLIES 1 SHUTDOWNCMD "/sbin/shutdown {$shutdownflag} +0" POWERDOWNFLAG /etc/killpower diff --git a/config/nut/nut.xml b/config/nut/nut.xml index b1fb705a..75a5c246 100644 --- a/config/nut/nut.xml +++ b/config/nut/nut.xml @@ -7,7 +7,7 @@ /* $Id$ */ /* ========================================================================== */ /* - authng.xml + nut.xml part of pfSense (http://www.pfSense.com) Copyright (C) 2007 to whom it may belong All rights reserved. @@ -46,7 +46,7 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>nut</name> - <version>2.0.4</version> + <version>2.6.4 pkg 2.0</version> <title>Services: NUT</title> <savetext>Change</savetext> <aftersaveredirect>/status_nut.php</aftersaveredirect> @@ -122,7 +122,8 @@ <type>listtopic</type> </field> <field> - <fielddescr>Remote Access Address <br>(ex: 192.168.1.0/24)</fielddescr> + <fielddescr>Remote Access Address</fielddescr> + <description><strong>NOTE: Previous versions of NUT supported internal ACLs, these no longer work. The new default is to bind to localhost ONLY - you should add NAT rules for the NUT port (3493) to allow remote access. This field no longer has any effect, but was left intact for reference.</strong></description> <fieldname>allowaddr</fieldname> <type>input</type> </field> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 6d6683de..7d2781c9 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -941,7 +941,7 @@ <descr>Network UPS Tools</descr> <website>http://www.networkupstools.org/</website> <category>Network Management</category> - <version>2.6.4 pkg 1.4</version> + <version>2.6.4 pkg 2.0</version> <status>BETA</status> <required_version>2.0</required_version> <maintainer>rswagoner@gmail.com</maintainer> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index c4f0287d..3bb1c37b 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -928,7 +928,7 @@ <descr>Network UPS Tools</descr> <website>http://www.networkupstools.org/</website> <category>Network Management</category> - <version>2.6.4 pkg 1.4</version> + <version>2.6.4 pkg 2.0</version> <status>BETA</status> <required_version>2.0</required_version> <maintainer>rswagoner@gmail.com</maintainer> |