diff options
-rw-r--r-- | config/ipguard/ipguard.inc | 37 | ||||
-rw-r--r-- | config/ipguard/ipguard.xml | 16 | ||||
-rwxr-xr-x | config/ipguard/ipguard_sync.xml | 2 |
3 files changed, 28 insertions, 27 deletions
diff --git a/config/ipguard/ipguard.inc b/config/ipguard/ipguard.inc index 052f6f31..1891b24b 100644 --- a/config/ipguard/ipguard.inc +++ b/config/ipguard/ipguard.inc @@ -44,7 +44,9 @@ function ipguard_custom_php_deinstall_command(){ conf_mount_rw(); stop_service('ipguard'); - chmod("/usr/local/etc/rc.d/ipguard.sh",0444); + $ipguard_sh_file = "/usr/local/etc/rc.d/ipguard.sh"; + if (is_file($ipguard_sh_file)) + chmod($ipguard_sh_file,0444); conf_mount_ro(); } @@ -60,9 +62,6 @@ function ipguard_custom_php_write_config(){ if (is_array($config['installedpackages']['ipguard']['config'])){ - // Mount Read-write - conf_mount_rw(); - // Read config $new_config=array(); foreach ($config['installedpackages']['ipguard']['config'] as $ipguard){ @@ -96,7 +95,9 @@ function ipguard_custom_php_write_config(){ else{ #remove config files stop_service('ipguard'); - chmod("/usr/local/etc/rc.d/ipguard.sh",0444); + $ipguard_sh_file = "/usr/local/etc/rc.d/ipguard.sh"; + if (is_file($ipguard_sh_file)) + chmod($ipguard_sh_file,0444); } // Mount Read-only conf_mount_ro(); @@ -109,20 +110,20 @@ function ipguard_custom_php_write_config(){ function ipguard_sync_on_changes() { global $config, $g; - if (is_array($config['installedpackages']['ipguardsync'])) - if (!$config['installedpackages']['ipguardsync']['config'][0]['synconchanges']) - return; - - log_error("[ipguard] xmlrpc sync is starting."); - foreach ($config['installedpackages']['ipguardsync']['config'] as $rs ){ - foreach($rs['row'] as $sh){ - $sync_to_ip = $sh['ipaddress']; - $password = $sh['password']; - if($password && $sync_to_ip) - ipguard_do_xmlrpc_sync($sync_to_ip, $password); + if (is_array($config['installedpackages']['ipguardsync'])) { + if ($config['installedpackages']['ipguardsync']['config'][0]['synconchanges']) { + log_error("[ipguard] xmlrpc sync is starting."); + foreach ($config['installedpackages']['ipguardsync']['config'] as $rs ){ + foreach($rs['row'] as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + if($password && $sync_to_ip) + ipguard_do_xmlrpc_sync($sync_to_ip, $password); + } } + log_error("[ipguard] xmlrpc sync is ending."); + } } - log_error("[ipguard] xmlrpc sync is ending."); } /* Do the actual XMLRPC sync */ @@ -185,7 +186,7 @@ function ipguard_do_xmlrpc_sync($sync_to_ip, $password) { log_error("ipguard XMLRPC sync successfully completed with {$url}:{$port}."); } - /* tell ipguard to reload our settings on the destionation sync host. */ + /* tell ipguard to reload our settings on the destination sync host. */ $method = 'pfsense.exec_php'; $execcmd = "require_once('/usr/local/pkg/ipguard.inc');\n"; $execcmd .= "ipguard_custom_php_write_config();"; diff --git a/config/ipguard/ipguard.xml b/config/ipguard/ipguard.xml index ac096522..cafc6e4e 100644 --- a/config/ipguard/ipguard.xml +++ b/config/ipguard/ipguard.xml @@ -49,7 +49,7 @@ <include_file>/usr/local/pkg/ipguard.inc</include_file> <menu> <name>Ipguard</name> - <tooltiptext>Tool designed to protect LAN IP adress space by ARP spoofing</tooltiptext> + <tooltiptext>Tool designed to protect LAN IP address space by ARP spoofing</tooltiptext> <section>Firewall</section> <url>/pkg.php?xml=ipguard.xml</url> </menu> @@ -57,7 +57,7 @@ <name>ipguard</name> <rcfile>ipguard.sh</rcfile> <executable>ipguard</executable> - <description>Tool designed to protect LAN IP adress space by ARP spoofing.</description> + <description>Tool designed to protect LAN IP address space by ARP spoofing.</description> </service> <configpath>installedpackages->package->ipguard</configpath> <additional_files_needed> @@ -100,11 +100,11 @@ <fieldname>ip</fieldname> </columnitem> <columnitem> - <fielddescr>description</fielddescr> + <fielddescr>Description</fielddescr> <fieldname>description</fieldname> </columnitem> <movable>on</movable> - <description><![CDATA[If firewall receives traffic with MAC/IP pair not listed here, it will send ARP reply with configured fake address.<br>This will prevent not permitted host to work properly in the specified ethernet segment.]]></description> + <description><![CDATA[If firewall receives traffic with MAC/IP pair not listed here, it will send ARP reply with configured fake address.<br>This will prevent not permitted host from working properly in the specified ethernet segment.]]></description> </adddeleteeditpagefields> <fields> <field> @@ -125,7 +125,7 @@ <regex>/%FILTERTEXT%/i</regex> </item> <item> - <name>Ip Adress</name> + <name>Ip Address</name> <fieldname>ip</fieldname> <regex>/%FILTERTEXT%/i</regex> </item> @@ -135,12 +135,12 @@ <fielddescr>Enable</fielddescr> <fieldname>enable</fieldname> <type>checkbox</type> - <description><![CDATA[Enable this mac rule.<br><strong>Important Note:</strong> Always create rules to pfsense mac and ip address to avoid denying access to pfsense gui.]]></description> + <description><![CDATA[Enable this mac rule.<br><strong>Important Note:</strong> Always create rules for pfsense mac and ip address to avoid denying access to pfsense gui.]]></description> </field> <field> <fielddescr>Interface</fielddescr> <fieldname>interface</fieldname> - <description>The interface ipguard server will check this mac</description> + <description>The interface on which ipguard server will check this mac</description> <type>interfaces_selection</type> <required/> <default_value>lan</default_value> @@ -156,7 +156,7 @@ <field> <fielddescr>Mac address</fielddescr> <fieldname>mac</fieldname> - <description><![CDATA[Insert mac address you what to filter.<br> + <description><![CDATA[Insert mac address you want to filter.<br> <strong>To include a permit rule, use mac=00:00:00:00:00:00</strong>]]></description> <type>input</type> <size>25</size> diff --git a/config/ipguard/ipguard_sync.xml b/config/ipguard/ipguard_sync.xml index 645ba413..0b5ffecb 100755 --- a/config/ipguard/ipguard_sync.xml +++ b/config/ipguard/ipguard_sync.xml @@ -43,7 +43,7 @@ <faq>Currently there are no FAQ items provided.</faq> <name>ipguardsync</name> <version>1.0</version> - <title>SSH Conditional - Sync</title> + <title>Ipguard - Sync</title> <include_file>/usr/local/pkg/ipguard.inc</include_file> <tabs> <tab> |