diff options
27 files changed, 1087 insertions, 411 deletions
diff --git a/config/bandwidthd/bandwidthd.inc b/config/bandwidthd/bandwidthd.inc index 4e0107eb..829cdf59 100644 --- a/config/bandwidthd/bandwidthd.inc +++ b/config/bandwidthd/bandwidthd.inc @@ -64,46 +64,47 @@ function bandwidthd_install_config() { config_lock(); /* user defined values */ - $meta_refresh = $config['installedpackages']['bandwidthd']['config'][0]['meta_refresh']; + $bandwidthd_config = $config['installedpackages']['bandwidthd']['config'][0]; + $meta_refresh = $bandwidthd_config['meta_refresh']; if($meta_refresh) $meta_refresh = "meta_refresh $meta_refresh\n"; - $graph = $config['installedpackages']['bandwidthd']['config'][0]['drawgraphs']; + $graph = $bandwidthd_config['drawgraphs']; if($graph) $graph = "graph true\n"; else $graph = "graph false\n"; - $filter_text = $config['installedpackages']['bandwidthd']['config'][0]['filter']; + $filter_text = $bandwidthd_config['filter']; if($filter_text) $filter_text = "filter $filter_text\n"; - $recover_cdf = $config['installedpackages']['bandwidthd']['config'][0]['recovercdf']; + $recover_cdf = $bandwidthd_config['recovercdf']; if($recover_cdf) $recover_cdf = "recover_cdf true\n"; - $output_cdf = $config['installedpackages']['bandwidthd']['config'][0]['outputcdf']; + $output_cdf = $bandwidthd_config['outputcdf']; if($output_cdf) $output_cdf_string = "output_cdf true\n"; else $output_cdf_string = ""; - $promiscuous = $config['installedpackages']['bandwidthd']['config'][0]['promiscuous']; + $promiscuous = $bandwidthd_config['promiscuous']; if($promiscuous) $promiscuous = "promiscuous true\n"; else $promiscuous = "promiscuous false\n"; - $graph_cutoff = $config['installedpackages']['bandwidthd']['config'][0]['graphcutoff']; + $graph_cutoff = $bandwidthd_config['graphcutoff']; if($graph_cutoff) $graph_cutoff = "graph_cutoff $graph_cutoff\n"; - $skip_intervals = $config['installedpackages']['bandwidthd']['config'][0]['skipintervals']; + $skip_intervals = $bandwidthd_config['skipintervals']; if($skip_intervals) $skip_intervals = "skip_intervals $skip_intervals\n"; - if($config['installedpackages']['bandwidthd']['config'][0]['active_interface']){ - $ifdescrs = array($config['installedpackages']['bandwidthd']['config'][0]['active_interface']); + if($bandwidthd_config['active_interface']){ + $ifdescrs = array($bandwidthd_config['active_interface']); } else { log_error("You should specify an interface for bandwidthd to listen on. Exiting."); } - $subnets_custom = explode(';',str_replace(' ','',$config['installedpackages']['bandwidthd']['config'][0]['subnets_custom'])); + $subnets_custom = explode(';',str_replace(' ','',$bandwidthd_config['subnets_custom'])); /* initialize to "" */ $subnets = ""; @@ -212,26 +213,40 @@ EOF; fwrite($fd, $config_file); fclose($fd); + if ($g['platform'] == 'nanobsd') { + $bandwidthd_nano_dir = "/var/bandwidthd"; + $bandwidthd_htdocs_dir = $bandwidthd_nano_dir . "/htdocs"; + if (!is_dir($bandwidthd_nano_dir)) { + if (file_exists($bandwidthd_nano_dir)) { + unlink($bandwidthd_nano_dir); + } + mkdir($bandwidthd_nano_dir); + } + } else { + $bandwidthd_htdocs_dir = $bandwidthd_base_dir . "/htdocs"; + } + $rc = array(); $rc['file'] = 'bandwidthd.sh'; $rc['stop'] = <<<EOD /usr/bin/killall bandwidthd EOD; - if ($g['platform'] == 'nanobsd') { - // On nanobsd, /var/bandwidthd is created. - // In that is a real /var/bandwidth/htdocs, where the graph data is written - // A soft link to the real bandwidth program is made - /var/bandwidthd/bandwidthd - // A soft link to the etc folder with the conf file is made - /var/bandwidthd/etc - // bandwidthd is started from /var/bandwidthd with the current dir /var/bandwidth - // This way, it: - // looks in ./etc for the conf file - // writes graph files in ./htdocs - // writes cdf log files (if selected in the config) to ./ - // All of this is on the /var filesystem, which is a read-write memory disk on nanobsd - $bandwidthd_nano_dir = "/var/bandwidthd"; - $bandwidthd_htdocs_dir = $bandwidthd_nano_dir . "/htdocs"; - $rc['start'] = <<<EOD + // If this is an old config before the enable checkbox was added, then enable by default + $bandwidthd_enable = (!isset($bandwidthd_config['enable']) || ($bandwidthd_config['enable'])); + if ($bandwidthd_enable) { + if ($g['platform'] == 'nanobsd') { + // On nanobsd, /var/bandwidthd is created. + // In that is a real /var/bandwidth/htdocs, where the graph data is written + // A soft link to the real bandwidth program is made - /var/bandwidthd/bandwidthd + // A soft link to the etc folder with the conf file is made - /var/bandwidthd/etc + // bandwidthd is started from /var/bandwidthd with the current dir /var/bandwidth + // This way, it: + // looks in ./etc for the conf file + // writes graph files in ./htdocs + // writes cdf log files (if selected in the config) to ./ + // All of this is on the /var filesystem, which is a read-write memory disk on nanobsd + $rc['start'] = <<<EOD if [ ! -d "{$bandwidthd_nano_dir}" ] ; then if [ -e "{$bandwidthd_nano_dir}" ] ; then /bin/rm -f {$bandwidthd_nano_dir} @@ -266,17 +281,15 @@ cd {$bandwidthd_nano_dir} {$bandwidthd_nano_dir}/bandwidthd cd - EOD; - if (!is_dir($bandwidthd_nano_dir)) { - if (file_exists($bandwidthd_nano_dir)) { - unlink($bandwidthd_nano_dir); - } - mkdir($bandwidthd_nano_dir); - } - } else { - $bandwidthd_htdocs_dir = $bandwidthd_base_dir . "/htdocs"; - $rc['start'] = <<<EOD + } else { + $rc['start'] = <<<EOD /usr/local/bandwidthd/bandwidthd EOD; + } + } else { + // bandwidthd is disabled, so do not put any real start commands in the script. + // This effectively disables it but keeps all the files in place (e.g. saved logs) ready to reload when it is enabled. + $rc['start'] = "return"; } /* write out rc.d start/stop file */ @@ -302,7 +315,7 @@ EOD; exec("echo \"Please start bandwidthd to populate this directory.\" > " . $bandwidthd_index_file); } - if($output_cdf) { + if (($bandwidthd_enable) && ($output_cdf)) { // Use cron job to rotate logs every day at 00:01 install_cron_job("/bin/kill -HUP `cat /var/run/bandwidthd.pid`", true, "1", "0"); } @@ -314,7 +327,9 @@ EOD; conf_mount_ro(); config_unlock(); stop_service("bandwidthd"); - start_service("bandwidthd"); + if ($bandwidthd_enable) { + start_service("bandwidthd"); + } } ?> diff --git a/config/bandwidthd/bandwidthd.xml b/config/bandwidthd/bandwidthd.xml index 161280cf..f306546a 100644 --- a/config/bandwidthd/bandwidthd.xml +++ b/config/bandwidthd/bandwidthd.xml @@ -7,7 +7,7 @@ /* $Id$ */ /* ========================================================================== */ /* - authng.xml + bandwidthd.xml part of pfSense (http://www.pfSense.com) Copyright (C) 2007 to whom it may belong All rights reserved. @@ -41,10 +41,10 @@ */ /* ========================================================================== */ ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> <name>bandwidthd</name> <version>2.0.1.4</version> <title>Bandwidthd</title> @@ -60,7 +60,7 @@ <name>bandwidthd</name> <rcfile>bandwidthd.sh</rcfile> <executable>bandwidthd</executable> - </service> + </service> <tabs> <tab> <text>BandwidthD</text> @@ -80,6 +80,12 @@ </additional_files_needed> <fields> <field> + <fielddescr>Enable bandwidthd</fielddescr> + <fieldname>enable</fieldname> + <type>checkbox</type> + <description></description> + </field> + <field> <fielddescr>Interface</fielddescr> <fieldname>active_interface</fieldname> <description>The interface that bandwidthd will bind to.</description> diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index a8fc1497..93c9ec0b 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -65,6 +65,39 @@ if ($haproxy_sni_ssloffloading) { 'mode' => 'https', 'syntax' => 'req_ssl_sni -i', 'advancedoptions' => "tcp-request inspect-delay 5s\n\ttcp-request content accept if { req_ssl_hello_type 1 }"); } +$a_checktypes['none'] = array('name' => 'none', 'syntax' => '', + 'descr' => 'No health checks will be performed.'); +$a_checktypes['Basic'] = array('name' => 'Basic', 'syntax' => '', + 'descr' => 'Basic socket connection check'); +$a_checktypes['HTTP'] = array('name' => 'HTTP', 'syntax' => 'httpchk', + 'descr' => 'HTTP protocol to check on the servers health, can also be used for HTTPS servers(requirs checking the SSL box for the servers).', 'parameters' => "uri,method,version"); +/* seams this was added in HAProxy1.5dev18, haproxy-devel package is currently using 1.5dev17 +$a_checktypes['Agent'] = array('name' => 'Agent', 'syntax' => 'lb-agent-chk', 'usedifferenport' => 'yes', + 'descr' => 'Use a TCP connection to read an ASCII string of the form 100%,75%,drain,down (others in haproxy manual)'); +*/ +$a_checktypes['LDAP'] = array('name' => 'LDAP', 'syntax' => 'ldap-check', + 'descr' => 'Use LDAPv3 health checks for server testing'); +$a_checktypes['MySQL'] = array('name' => 'MySQL', 'syntax' => 'mysql-check', + 'descr' => 'Use MySQL health checks for server testing', 'parameters' => 'username'); +$a_checktypes['PostgreSQL'] = array('name' => 'PostgreSQL', 'syntax' => 'pgsql-check', + 'descr' => 'Use PostgreSQL health checks for server testing', 'parameters' => 'username'); +$a_checktypes['Redis'] = array('name' => 'Redis', 'syntax' => 'redis-check', + 'descr' => 'Test that the server correctly talks REDIS protocol.'); +$a_checktypes['SMTP'] = array('name' => 'SMTP', 'syntax' => 'smtpchk HELO', + 'descr' => 'Use SMTP HELO health checks for server testing', 'parameters' => 'domain'); +$a_checktypes['ESMTP'] = array('name' => 'ESMTP', 'syntax' => 'smtpchk EHLO', + 'descr' => 'Use ESMTP EHLO health checks for server testing', 'parameters' => 'domain'); +$a_checktypes['SSL'] = array('name' => 'SSL', 'syntax' => 'ssl-hello-chk', + 'descr' => 'Use SSLv3 client hello health checks for server testing.'); + +$a_httpcheck_method['OPTIONS'] = array('name' => 'OPTIONS', 'syntax' => 'OPTIONS'); +$a_httpcheck_method['HEAD'] = array('name' => 'HEAD', 'syntax' => 'HEAD'); +$a_httpcheck_method['GET'] = array('name' => 'GET', 'syntax' => 'GET'); +$a_httpcheck_method['POST'] = array('name' => 'POST', 'syntax' => 'POST'); +$a_httpcheck_method['PUT'] = array('name' => 'PUT', 'syntax' => 'PUT'); +$a_httpcheck_method['DELETE'] = array('name' => 'DELETE', 'syntax' => 'DELETE'); +$a_httpcheck_method['TRACE'] = array('name' => 'TRACE', 'syntax' => 'TRACE'); + function haproxy_custom_php_deinstall_command() { exec("cd /var/db/pkg && pkg_delete `ls | grep haproxy`"); exec("rm /usr/local/pkg/haproxy.inc"); @@ -323,6 +356,7 @@ function haproxy_find_acl($name) { function write_backend($fd, $name, $pool, $frontend) { if(!is_array($pool['ha_servers']['item']) && !$pool['stats_enabled']=='yes') return; + global $a_checktypes; $a_servers = &$pool['ha_servers']['item']; @@ -344,27 +378,41 @@ function write_backend($fd, $name, $pool, $frontend) { // https is an alias for tcp for clarity purpouses if(strtolower($frontend['type']) == "https") { $backend_type = "tcp"; - $httpchk = "ssl-hello-chk"; } else { $backend_type = $frontend['type']; - if(strtolower($frontend['type']) == "http") - $httpchk = "httpchk"; - else - unset($httpchk); } fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); - + + $check_type = $pool['check_type']; + if ($check_type != 'none') + { + $optioncheck = $a_checktypes[$check_type]['syntax']; + if ($check_type == "MySQL" || $check_type == "PostgreSQL") + $optioncheck .= " user " . $pool['monitor_username']; + if ($check_type == "SMTP" || $check_type == "ESMTP") + $optioncheck .= " " . $pool['monitor_domain']; + if ($check_type == "HTTP") + { + $uri = $pool['monitor_uri']; + if (!$uri) + $uri = "/"; + $optioncheck .= " {$pool['httpcheck_method']} {$uri} {$pool['monitor_httpversion']}"; + } + } else { + $optioncheck = "httpchk"; + } + if($pool['balance']) fwrite ($fd, "\tbalance\t\t\t" . $pool['balance'] . "\n"); if(!$pool['connection_timeout']) $pool['connection_timeout'] = 30000; - fwrite ($fd, "\tcontimeout\t\t" . $pool['connection_timeout'] . "\n"); + fwrite ($fd, "\ttimeout connect\t\t" . $pool['connection_timeout'] . "\n"); if(!$pool['server_timeout']) $pool['server_timeout'] = 30000; - fwrite ($fd, "\tsrvtimeout\t\t" . $pool['server_timeout'] . "\n"); + fwrite ($fd, "\ttimeout server\t\t" . $pool['server_timeout'] . "\n"); if(!$pool['retries']) $pool['retries'] = 3; @@ -375,10 +423,13 @@ function write_backend($fd, $name, $pool, $frontend) { if($pool['stats_uri']) fwrite ($fd, "\tstats\t\t\turi ".$pool['stats_uri']."\n"); if($pool['stats_realm']) - fwrite ($fd, "\tstats\t\t\trealm " . $pool['stats_realm'] . "\n"); + fwrite ($fd, "\tstats\t\t\trealm " . haproxy_escapestring($pool['stats_realm']) . "\n"); else fwrite ($fd, "\tstats\t\t\trealm .\n"); - fwrite ($fd, "\tstats\t\t\tauth " . $pool['stats_username'].":". $pool['stats_password']."\n"); + fwrite ($fd, "\tstats\t\t\tauth " . haproxy_escapestring($pool['stats_username']).":". haproxy_escapestring($pool['stats_password'])."\n"); + + if($pool['stats_admin']=='yes') + fwrite ($fd, "\tstats\t\t\tadmin if TRUE" . "\n"); if($pool['stats_node_enabled']=='yes') fwrite ($fd, "\tstats\t\t\tshow-node " . $pool['stats_node'] . "\n"); @@ -394,8 +445,8 @@ function write_backend($fd, $name, $pool, $frontend) { else $uri = "/"; - if ($httpchk) - fwrite ($fd, "\toption\t\t\t{$httpchk} HEAD " . $uri . " HTTP/1.0\n"); + if ($optioncheck) + fwrite ($fd, "\toption\t\t\t{$optioncheck}\n"); if ($pool['advanced_backend']) { $adv_be = explode("\n", base64_decode($pool['advanced_backend'])); @@ -407,7 +458,7 @@ function write_backend($fd, $name, $pool, $frontend) { } } - if($pool['cookie'] && strtolower($frontend['type']) == "http") + if($pool['cookie'] && strtolower($frontend['type']) == "http") $cookie = " cookie {$pool['cookie']} "; else $cookie = ""; @@ -417,12 +468,14 @@ function write_backend($fd, $name, $pool, $frontend) { } else { $advanced_txt = ""; } - if($pool['checkinter']) - $checkinter = "check inter {$pool['checkinter']}"; - else if (strtolower($frontend['type']) != "tcp") - $checkinter = "check inter 1000"; - else - $checkinter = ""; + + if ($check_type != 'none') + { + if($pool['checkinter']) + $checkinter = "check inter {$pool['checkinter']}"; + else + $checkinter = "check inter 1000"; + } if (is_array($a_servers)) { @@ -437,7 +490,11 @@ function write_backend($fd, $name, $pool, $frontend) { } else { $isbackup = ""; } - $ssl = ($backend_type == "http" && $be['ssl'] == 'yes') ? ' ssl' : ""; + $ssl = ""; + if ($be['ssl'] == 'yes') + { + $ssl = $backend_type == "http" ? ' ssl' : ' check-ssl'; + } fwrite ($fd, "\tserver\t\t\t" . $be['name'] . " " . $be['address'].":" . $be['port'] . "$ssl $cookie $checkinter $isbackup weight " . $be['weight'] . "{$advanced_txt} {$be['advanced']}\n"); } } @@ -477,8 +534,6 @@ function haproxy_writeconf() { if(is_array($a_global)) { fwrite ($fd, "global\n"); - if($a_global['advanced']) - fwrite ($fd, "\t" . base64_decode($a_global['advanced']) . "\n"); fwrite ($fd, "\tmaxconn\t\t\t".$a_global['maxconn']."\n"); if($a_global['remotesyslog']) fwrite ($fd, "\tlog\t\t\t{$a_global['remotesyslog']}\t{$a_global['logfacility']}\t{$a_global['loglevel']}\n"); @@ -488,10 +543,18 @@ function haproxy_writeconf() { if($a_global['nbproc']) $numprocs = $a_global['nbproc']; else - $numprocs = trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); + $numprocs ="1"; fwrite ($fd, "\tnbproc\t\t\t$numprocs\n"); fwrite ($fd, "\tchroot\t\t\t/var/empty\n"); fwrite ($fd, "\tdaemon\n"); + + // Keep the advanced options on the bottom of the global settings, to allow additional sections to be easely added + if($a_global['advanced']) { + $adv = explode("\n", base64_decode($a_global['advanced'])); + foreach($adv as $adv_line) { + fwrite($fd, "\t" . $adv_line . "\n"); + } + } fwrite ($fd, "\n"); } @@ -515,7 +578,7 @@ function haproxy_writeconf() { //ssl crt ./server.pem ca-file ./ca.crt verify optional crt-ignore-err all crl-file ./ca_crl.pem $ssl_crt=" crt /var/etc/{$backend['name']}.{$backend['port']}.crt"; $cert = lookup_cert($backend['ssloffloadcert']); - $certcontent = base64_decode($cert['crt']).base64_decode($cert['prv']); + $certcontent = base64_decode($cert['crt'])."\r\n".base64_decode($cert['prv']); file_put_contents("/var/etc/{$backend['name']}.{$backend['port']}.crt", $certcontent); unset($certcontent); }else{ @@ -548,6 +611,7 @@ function haproxy_writeconf() { $b['client_timeout'] = $backend['client_timeout']; $b['advanced'] = $backend['advanced']; $b['ssloffload'] = $backend['ssloffload']; + $b['advanced_bind'] = $backend['advanced_bind']; } if ($ssl_crt != "") { @@ -577,6 +641,7 @@ function haproxy_writeconf() { $portss = "{$bind['port']},"; $ports = split(",", $portss); $ssl_info = $bind['ssl_info']; + $advanced_bind = $bind['advanced_bind']; // Initialize variable $listenip = ""; @@ -584,11 +649,11 @@ function haproxy_writeconf() { foreach($ports as $port) { if($port) { if($bind['extaddr'] == "any") - $listenip .= "\tbind\t\t\t0.0.0.0:{$port} {$ssl_info}\n"; + $listenip .= "\tbind\t\t\t0.0.0.0:{$port} {$ssl_info} {$advanced_bind}\n"; elseif($bind['extaddr']) - $listenip .= "\tbind\t\t\t{$bind['extaddr']}:{$port} {$ssl_info}\n"; + $listenip .= "\tbind\t\t\t{$bind['extaddr']}:{$port} {$ssl_info} {$advanced_bind}\n"; else - $listenip .= "\tbind\t\t\t" . get_current_wan_address('wan') . ":{$port} {$ssl_info}\n"; + $listenip .= "\tbind\t\t\t" . get_current_wan_address('wan') . ":{$port} {$ssl_info} {$advanced_bind}\n"; } } @@ -632,7 +697,7 @@ function haproxy_writeconf() { if(!$bind['client_timeout']) $bind['client_timeout'] = 30000; - fwrite ($fd, "\tclitimeout\t\t" . $bind['client_timeout'] . "\n"); + fwrite ($fd, "\ttimeout client\t\t" . $bind['client_timeout'] . "\n"); // Combine the rest of the listener configs @@ -1026,9 +1091,30 @@ function phparray_to_javascriptarray_recursive($nestID, $path, $items, $nodeName } } -function phparray_to_javascriptarray($items, $javaMapName, $includeitems) -{ +function phparray_to_javascriptarray($items, $javaMapName, $includeitems) { phparray_to_javascriptarray_recursive(1,'',$items, $javaMapName, $includeitems); } +function haproxy_escapestring($configurationsting) { + $result = str_replace('\\', '\\\\', $configurationsting); + $result = str_replace(' ', '\\ ', $result); + return str_replace('#', '\\#', $result); +} + +function echo_html_select($name, $keyvaluelist, $selected, $listEmptyMessage="", $onchangeEvent="") +{ + if (count($keyvaluelist)>0){ + if ($onchangeEvent != "") + $onchangeEvent .= " onchange=$onchangeEvent"; + echo "<select name=\"$name\" id=\"$name\" class=\"formselect\"$onchangeEvent>"; + foreach($keyvaluelist as $key => $desc){ + $selectedhtml = $key == $selected ? "selected" : ""; + echo "<option value=\"{$key}\" {$selectedhtml}>{$desc['name']}</option>"; + } + echo "</select>"; + } else { + echo $listEmptyMessage; + } +} + ?> diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php index 8e2949fd..c906cda0 100755 --- a/config/haproxy-devel/haproxy_global.php +++ b/config/haproxy-devel/haproxy_global.php @@ -227,7 +227,9 @@ function enable_change(enable_change) { <td class="vtable"> <input name="nbproc" type="text" class="formfld" id="nbproc" size="18" value="<?=htmlspecialchars($pconfig['nbproc']);?>"> <br/> - Defaults to number of cores/processors installed if left blank (<?php echo trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); ?> detected). + Defaults to 1 if left blank (<?php echo trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); ?> CPU core(s) detected).<br/> + Note : Consider leaving this value empty or 1 because in multi-process mode (nbproc > 1) memory is not shared between the processes, which could result in random behaviours for several options like ACL's, sticky connections and some others.<br/> + For more information about the <b>"nbproc"</b> option please see <b><a href='http://haproxy.1wt.eu/download/1.5/doc/configuration.txt' target='_new'>HAProxy Documentation</a> </b> </td> </tr> <tr> @@ -235,7 +237,8 @@ function enable_change(enable_change) { Remote syslog host </td> <td class="vtable"> - <input name="remotesyslog" type="text" class="formfld" id="remotesyslog" size="18" value="<?=htmlspecialchars($pconfig['remotesyslog']);?>"> + <input name="remotesyslog" type="text" class="formfld" id="remotesyslog" size="18" value="<?=htmlspecialchars($pconfig['remotesyslog']);?>"><br/> + To log to the local pfSense systemlog fill the host with the value <b>/var/run/log</b>, however if a lot of messages are generated logging is likely to be incomplete. (Also currently no informational logging gets shown in the systemlog.) </td> </tr> <tr> diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php index afd424c7..b6d6b85d 100644 --- a/config/haproxy-devel/haproxy_listeners_edit.php +++ b/config/haproxy-devel/haproxy_listeners_edit.php @@ -106,22 +106,6 @@ function get_certificates_server($get_includeWebCert=false) { return $certificates; } -function echo_html_select($name, $keyvaluelist, $selected, $listEmptyMessage="", $onchangeEvent="") -{ - if (count($keyvaluelist)>0){ - if ($onchangeEvent != "") - $onchangeEvent .= " onchange=$onchangeEvent"; - echo "<select name=\"$name\" id=\"$name\" class=\"formselect\"$onchangeEvent>"; - foreach($keyvaluelist as $key => $desc){ - $selectedhtml = $key == $selected ? "selected" : ""; - echo "<option value=\"{$key}\" {$selectedhtml}>{$desc['name']}</option>"; - } - echo "</select>"; - } else { - echo $listEmptyMessage; - } -} - function haproxy_acl_select($mode) { global $a_acltypes; @@ -144,7 +128,7 @@ $a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; global $simplefields; $simplefields = array('name','desc','status','secondary','primary_frontend','type','forwardfor','httpclose','extaddr','backend_serverpool', - 'max_connections','client_timeout','port','ssloffloadcert','dcertadv','ssloffload','ssloffloadacl'); + 'max_connections','client_timeout','port','ssloffloadcert','dcertadv','ssloffload','ssloffloadacl','advanced_bind'); if (isset($_POST['id'])) $id = $_POST['id']; @@ -708,9 +692,17 @@ include("head.inc"); </td> </tr> <tr align="left"> + <td width="22%" valign="top" class="vncell">Bind pass thru</td> + <td width="78%" class="vtable" colspan="2"> + <input name="advanced_bind" type="text" <?if(isset($pconfig['advanced_bind'])) echo "value=\"".htmlspecialchars($pconfig['advanced_bind'])."\"";?> size="64"> + <br/> + NOTE: paste text into this box that you would like to pass behind the bind option. + </td> + </tr> + <tr align="left"> <td width="22%" valign="top" class="vncell">Advanced pass thru</td> <td width="78%" class="vtable" colspan="2"> - <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo $pconfig['advanced']; ?></textarea> + <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo htmlspecialchars($pconfig['advanced']); ?></textarea> <br/> NOTE: paste text into this box that you would like to pass thru. </td> @@ -752,7 +744,7 @@ include("head.inc"); <input id="ssloffloadacl" name="ssloffloadacl" type="checkbox" value="yes" <?php if ($pconfig['ssloffloadacl']=='yes') echo "checked";?> onclick="updatevisibility();">Add ACL for certificate CommonName.</input> </td> </tr> - <tr class="haproxy_ssloffloading_enabled" align="left"> + <tr class="haproxy_ssloffloading_enabled haproxy_primary" align="left"> <td width="22%" valign="top" class="vncell">Advanced ssl options</td> <td width="78%" class="vtable" colspan="2"> <input type='text' name='dcertadv' size="64" id='dcertadv' <?if(isset($pconfig['dcertadv'])) echo "value=\"{$pconfig['dcertadv']}\"";?> size="10" maxlength="64"> diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php index 446c8e35..c3707903 100644 --- a/config/haproxy-devel/haproxy_pool_edit.php +++ b/config/haproxy-devel/haproxy_pool_edit.php @@ -30,6 +30,7 @@ */ require("guiconfig.inc"); +require_once("haproxy.inc"); $d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; @@ -48,13 +49,13 @@ if (isset($_GET['dup'])) $id = $_GET['dup']; global $simplefields; -$simplefields = array("retries","balance","connection_timeout","server_timeout", "stats_enabled","stats_username","stats_password","stats_uri","stats_realm","stats_node_enabled","stats_node","stats_desc","stats_refresh"); +$simplefields = array( +"name","cookie","balance", +"check_type","checkinter","httpcheck_method","monitor_uri","monitor_httpversion","monitor_username","monitor_domain", +"connection_timeout","server_timeout","retries", +"stats_enabled","stats_username","stats_password","stats_uri","stats_realm","stats_admin","stats_node_enabled","stats_node","stats_desc","stats_refresh"); if (isset($id) && $a_pools[$id]) { - $pconfig['name'] = $a_pools[$id]['name']; - $pconfig['checkinter'] = $a_pools[$id]['checkinter']; - $pconfig['monitor_uri'] = $a_pools[$id]['monitor_uri']; - $pconfig['cookie'] = $a_pools[$id]['cookie']; $pconfig['advanced'] = base64_decode($a_pools[$id]['advanced']); $pconfig['advanced_backend'] = base64_decode($a_pools[$id]['advanced_backend']); $pconfig['a_servers']=&$a_pools[$id]['ha_servers']['item']; @@ -87,7 +88,10 @@ if ($_POST) { if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) $input_errors[] = "The field 'Name' contains invalid characters."; - + + if ($_POST['checkinter'] !== "" && !is_numeric($_POST['checkinter'])) + $input_errors[] = "The field 'Check frequency' value is not a number."; + if ($_POST['connection_timeout'] !== "" && !is_numeric($_POST['connection_timeout'])) $input_errors[] = "The field 'Connection timeout' value is not a number."; @@ -97,10 +101,12 @@ if ($_POST) { if ($_POST['retries'] !== "" && !is_numeric($_POST['retries'])) $input_errors[] = "The field 'Retries' value is not a number."; - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_username'])) + // the colon ":" is invalid in the username, other than that pretty much any character can be used. + if (preg_match("/[^a-zA-Z0-9!-\/;-~ ]/", $_POST['stats_username'])) $input_errors[] = "The field 'Stats Username' contains invalid characters."; - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_password'])) + // the colon ":" can also be used in the password + if (preg_match("/[^a-zA-Z0-9!-~ ]/", $_POST['stats_password'])) $input_errors[] = "The field 'Stats Password' contains invalid characters."; /* Ensure that our pool names are unique */ @@ -214,13 +220,21 @@ include("head.inc"); row_helper(); +// 'processing' done, make all simple fields usable in html. +foreach($simplefields as $field){ + $pconfig[$field] = htmlspecialchars($pconfig[$field]); +} ?> <input type='hidden' name='address_type' value='textbox' /> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC""> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <style type="text/css"> .haproxy_stats_visible{display:none;} + .haproxy_check_enabled{display:none;} + .haproxy_check_http{display:none;} + .haproxy_check_username{display:none;} + .haproxy_check_smtp{display:none;} </style> <script language="javascript"> function clearcombo(){ @@ -245,7 +259,20 @@ row_helper(); function updatevisibility() { + d = document; setCSSdisplay(".haproxy_stats_visible", stats_enabled.checked); + + check_type = d.getElementById("check_type").value; + check_type_description = d.getElementById("check_type_description"); + check_type_description.innerHTML=checktypes[check_type]["descr"]; + setCSSdisplay(".haproxy_check_enabled", check_type != 'none'); + setCSSdisplay(".haproxy_check_http", check_type == 'HTTP'); + setCSSdisplay(".haproxy_check_username", check_type == 'MySQL' || check_type == 'PostgreSQL'); + setCSSdisplay(".haproxy_check_smtp", check_type == 'SMTP' || check_type == 'ESMTP'); + + monitor_username = d.getElementById("monitor_username"); + sqlcheckusername = d.getElementById("sqlcheckusername"); + sqlcheckusername.innerHTML=monitor_username.value; } @@ -256,7 +283,7 @@ row_helper(); rowsize[0] = "30"; rowname[1] = "server_address"; rowtype[1] = "textbox"; - rowsize[1] = "30"; + rowsize[1] = "20"; rowname[2] = "server_port"; rowtype[2] = "textbox"; rowsize[2] = "5"; @@ -269,6 +296,9 @@ row_helper(); rowname[5] = "server_status"; rowtype[5] = "select"; rowsize[5] = "1"; + rowname[6] = "server_advanced"; + rowtype[6] = "textbox"; + rowsize[6] = "20"; </script> <?php include("fbegin.inc"); ?> <?php if ($input_errors) print_input_errors($input_errors); ?> @@ -452,20 +482,6 @@ row_helper(); </td> </tr> <tr align="left"> - <td width="22%" valign="top" class="vncell">Check freq</td> - <td width="78%" class="vtable" colspan="2"> - <input name="checkinter" type="text" <?if(isset($pconfig['checkinter'])) echo "value=\"{$pconfig['checkinter']}\"";?>size="20"> milliseconds - <br/>For HTTP/HTTPS defaults to 1000 if left blank. For TCP no check will be performed if left empty. - </td> - </tr> - <tr align="left"> - <td width="22%" valign="top" class="vncell">Health check URI</td> - <td width="78%" class="vtable" colspan="2"> - <input name="monitor_uri" type="text" <?if(isset($pconfig['monitor_uri'])) echo "value=\"{$pconfig['monitor_uri']}\"";?>size="64"> - <br/>Defaults to / if left blank. - </td> - </tr> - <tr align="left"> <td width="22%" valign="top" class="vncell">Per server pass thru</td> <td width="78%" class="vtable" colspan="2"> <input type="text" name='advanced' id='advanced' value='<?php echo $pconfig['advanced']; ?>' size="64"> @@ -483,7 +499,74 @@ row_helper(); </td> </tr> - + </table> + <br/> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" valign="top" class="listtopic">Health checking</td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Health check method</td> + <td width="78%" class="vtable" colspan="2"> + <? + echo_html_select("check_type",$a_checktypes,$pconfig['check_type']?$pconfig['check_type']:"HTML","","updatevisibility();"); + ?><br/> + <textarea readonly="yes" cols="60" rows="2" id="check_type_description" name="check_type_description" style="padding:5px; border:1px dashed #990000; background-color: #ffffff; color: #000000; font-size: 8pt;"></textarea> + </td> + </tr> + <tr align="left" class="haproxy_check_enabled"> + <td width="22%" valign="top" class="vncell">Check frequency</td> + <td width="78%" class="vtable" colspan="2"> + <input name="checkinter" type="text" <?if(isset($pconfig['checkinter'])) echo "value=\"{$pconfig['checkinter']}\"";?>size="20"> milliseconds + <br/>For HTTP/HTTPS defaults to 1000 if left blank. For TCP no check will be performed if left empty. + </td> + </tr> + <tr align="left" class="haproxy_check_http"> + <td width="22%" valign="top" class="vncell">Http check method</td> + <td width="78%" class="vtable" colspan="2"> + <? + echo_html_select("httpcheck_method",$a_httpcheck_method,$pconfig['httpcheck_method']); + ?> + <br/>OPTIONS is the method usually best to perform server checks, HEAD and GET can also be used + </td> + </tr> + <tr align="left" class="haproxy_check_http"> + <td width="22%" valign="top" class="vncell">Http check URI</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_uri" type="text" <?if(isset($pconfig['monitor_uri'])) echo "value=\"{$pconfig['monitor_uri']}\"";?>size="64"> + <br/>Defaults to / if left blank. + </td> + </tr> + <tr align="left" class="haproxy_check_http"> + <td width="22%" valign="top" class="vncell">Http check version</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_httpversion" type="text" <?if(isset($pconfig['monitor_httpversion'])) echo "value=\"{$pconfig['monitor_httpversion']}\"";?>size="64"> + <br/>Defaults to "HTTP/1.0" if left blank. + Note that the Host field is mandatory in HTTP/1.1, and as a trick, it is possible to pass it + after "\r\n" following the version string like this:<br/> + "<i>HTTP/1.1\r\nHost:\ www</i>"<br/> + Also some hosts might require an accept parameter like this:<br/> + "<i>HTTP/1.0\r\nHost:\ webservername:8080\r\nAccept:\ */*</i>" + </td> + </tr> + <tr align="left" class="haproxy_check_username"> + <td width="22%" valign="top" class="vncell">Check with Username</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_username" id="monitor_username" type="text" <?if(isset($pconfig['monitor_username'])) echo "value=\"{$pconfig['monitor_username']}\"";?>size="64" onchange="updatevisibility();" onkeyup="updatevisibility();"> + <br/> + This is the username which will be used when connecting to MySQL/PostgreSQL server. + <pre> +USE mysql; +CREATE USER '<span id="sqlcheckusername" name="sqlcheckusername"></span>'@'<pfSenseIP>'; +FLUSH PRIVILEGES;</pre> + </td> + </tr> + <tr align="left" class="haproxy_check_smtp"> + <td width="22%" valign="top" class="vncell">Domain</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_domain" type="text" <?if(isset($pconfig['monitor_domain'])) echo "value=\"{$pconfig['monitor_domain']}\"";?>size="64"> + </td> + </tr> </table> <br/> <table width="100%" border="0" cellpadding="6" cellspacing="0"> @@ -543,14 +626,24 @@ set by the 'retries' parameter.</div> <tr class="haproxy_stats_visible" align="left" id='stats_username_row' name='stats_username_row'> <td width="22%" valign="top" class="vncellreq">Stats Username</td> <td width="78%" class="vtable" colspan="2"> - <input id="stats_username" name="stats_username" type="text" <?if(isset($pconfig['stats_username'])) echo "value=\"{$pconfig['stats_username']}\"";?> size="64"> + <input id="stats_username" name="stats_username" type="text" <?if(isset($pconfig['stats_username'])) echo "value=\"".$pconfig['stats_username']."\"";?> size="64"> </td> </tr> <tr class="haproxy_stats_visible" align="left" id='stats_password_row' name='stats_password_row'> <td width="22%" valign="top" class="vncellreq">Stats Password</td> <td width="78%" class="vtable" colspan="2"> - <input id="stats_password" name="stats_password" type="password" <?if(isset($pconfig['stats_password'])) echo "value=\"{$pconfig['stats_password']}\"";?> size="64"> + <input id="stats_password" name="stats_password" type="password" <? + if(isset($pconfig['stats_password'])) + echo "value=\"".$pconfig['stats_password']."\""; + ?> size="64"> + <br/> + </td> + </tr> + <tr class="haproxy_stats_visible" align="left" id='stats_node_admin_row' name='stats_node_enabled_row'> + <td width="22%" valign="top" class="vncell">Stats Admin</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_admin" name="stats_admin" type="checkbox" value="yes" <?php if ($pconfig['stats_admin']=='yes') echo "checked"; ?>> <br/> </td> </tr> @@ -600,7 +693,11 @@ set by the 'retries' parameter.</div> <br> <?php include("fend.inc"); ?> <script type="text/javascript"> - field_counter_js = 6; +<? + phparray_to_javascriptarray($a_checktypes,"checktypes",Array('/*','/*/name','/*/descr')); +?> + + field_counter_js = 7; rows = 1; totalrows = <?php echo $counter; ?>; loaded = <?php echo $counter; ?>; diff --git a/config/haproxy-devel/haproxy_pools.php b/config/haproxy-devel/haproxy_pools.php index 57b056b3..a0c6b176 100644 --- a/config/haproxy-devel/haproxy_pools.php +++ b/config/haproxy-devel/haproxy_pools.php @@ -92,10 +92,10 @@ include("head.inc"); <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td class="tabnavtbl"> <?php - /* active tabs */ - $tab_array = array(); + /* active tabs */ + $tab_array = array(); $tab_array[] = array("Settings", false, "haproxy_global.php"); - $tab_array[] = array("Listener", false, "haproxy_listeners.php"); + $tab_array[] = array("Listener", false, "haproxy_listeners.php"); $tab_array[] = array("Server Pool", true, "haproxy_pools.php"); display_top_tabs($tab_array); ?> @@ -103,72 +103,89 @@ include("head.inc"); <tr> <td> <div id="mainarea"> - <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td width="30%" class="listhdrr">Name</td> - <td width="10%" class="listhdrr">Servers</td> - <td width="40%" class="listhdrr">Listener</td> - <td width="10%" class="list"></td> - </tr> + <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="5%" class="listhdrr">Advanced</td> + <td width="25%" class="listhdrr">Name</td> + <td width="10%" class="listhdrr">Servers</td> + <td width="10%" class="listhdrr">Check</td> + <td width="30%" class="listhdrr">Listener</td> + <td width="10%" class="list"></td> + </tr> <?php - $i = 0; - foreach ($a_pools as $pool): - - $fe_list = ""; - $sep = ""; - foreach ($a_backends as $backend) { - if($backend['backend_serverpool'] == $pool['name']) { - $fe_list .= $sep . $backend['name']; - $sep = ", "; - } - } - $textss = $textse = ""; - if ($fe_list == "") { - $textss = "<span class=\"gray\">"; - $textse = "</span>"; - } - if (is_array($pool['ha_servers'])) - $count = count($pool['ha_servers']['item']); - else - $count = 0; + $img_adv = "/themes/{$g['theme']}/images/icons/icon_advanced.gif"; + $i = 0; + foreach ($a_pools as $pool){ + $fe_list = ""; + $sep = ""; + foreach ($a_backends as $backend) { + if($backend['backend_serverpool'] == $pool['name']) { + $fe_list .= $sep . $backend['name']; + $sep = ", "; + } + } + $textgray = $fe_list == "" ? " gray" : ""; + + if (is_array($pool['ha_servers'])) + $count = count($pool['ha_servers']['item']); + else + $count = 0; +?> + <tr class="<?=$textgray?>"> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <? + if ($pool['stats_enabled']=='yes'){ + echo "<img src=\"./themes/{$g['theme']}/images/icons/icon_log_s.gif\"" . ' title="stats enabled" width="11" height="15" border="0">'; + } + $isadvset = ""; + if ($pool['advanced']) $isadvset .= "Per server pass thru\r\n"; + if ($pool['advanced_backend']) $isadvset .= "Backend pass thru\r\n"; + if ($isadvset) + echo "<img src=\"$img_adv\" title=\"" . gettext("advanced settings set") . ": {$isadvset}\" border=\"0\">"; + ?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <?=$pool['name'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <?=$count;?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <?=$a_checktypes[$pool['check_type']]['name'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <?=$fe_list;?> + </td> + <td class="list" nowrap> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="haproxy_pool_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="haproxy_pools.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="haproxy_pool_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> +<?php + $i++; + } ?> - <tr> - <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> - <?=$textss . $pool['name'] . $textse;?> - </td> - <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> - <?=$textss . $count . $textse;?> - </td> - <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> - <?=$textss . $fe_list . $textse;?> - </td> - <td class="list" nowrap> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"><a href="haproxy_pool_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a></td> - <td valign="middle"><a href="haproxy_pools.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> - <td valign="middle"><a href="haproxy_pool_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> - </td> - </tr> - <?php $i++; endforeach; ?> - <tfoot> - <tr> - <td class="list" colspan="3"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"><a href="haproxy_pool_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> - </td> - </tr> - </tfoot> - </table> - </div> + <tfoot> + <tr> + <td class="list" colspan="5"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="haproxy_pool_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + </tfoot> + </table> + </div> </table> - </form> + </form> <?php include("fend.inc"); ?> </body> </html> diff --git a/config/mailreport/mail_reports.inc b/config/mailreport/mail_reports.inc index 8ab31301..85b67ddf 100644 --- a/config/mailreport/mail_reports.inc +++ b/config/mailreport/mail_reports.inc @@ -29,6 +29,7 @@ POSSIBILITY OF SUCH DAMAGE. */ +require_once("globals.inc"); require_once("config.inc"); require_once("filter.inc"); require_once("rrd.inc"); @@ -42,6 +43,28 @@ $graph_length = array( "year" => 31622400, "4year" => 126489600); +$logfile_friendly = array( + "dhcpd" => "DHCP", + "filter" => "Firewall (raw)", + "gateways" => "Gateway Events", + "installer" => "Installation", + "ipsec" => "IPsec VPN", + "l2tps" => "L2TP Server (raw)", + "lighttpd" => "Web Server (lighttpd)", + "ntpd" => "NTP", + "openvpn" => "OpenVPN", + "poes" => "PPPoE Server (raw)", + "portalauth" => "Captive Portal Authentication", + "ppp" => "PPP", + "pptps" => "PPTP Server (raw)", + "relayd" => "Load Balancer (relayd)", + "resolver" => "DNS Resolver", + "routing" => "Routing", + "system" => "System", + "vpn" => "PPTP/L2TP/PPPoE Server Login Events", + "wireless" => "Wireless" +); + function get_dates($curperiod, $graph) { global $graph_length; $now = time(); @@ -162,7 +185,7 @@ function set_mail_report_cron_jobs($a_mailreports) { include('phpmailer/class.phpmailer.php'); -function mail_report_send($headertext, $attachments) { +function mail_report_send($headertext, $cmdtext, $logtext, $attachments) { global $config, $g; if (empty($config['notifications']['smtp']['ipaddress'])) @@ -191,7 +214,11 @@ function mail_report_send($headertext, $attachments) { $address = $config['notifications']['smtp']['notifyemailaddress']; $mail->AddAddress($address, "Report Recipient"); $mail->Subject = "{$config['system']['hostname']}.{$config['system']['domain']} Graph Report: {$headertext}"; - $mail->Body .= "This is a periodic graph report from your firewall, {$config['system']['hostname']}.{$config['system']['domain']}.<br/><br/>Current report: {$headertext}\n"; + $mail->Body .= "This is a periodic report from your firewall, {$config['system']['hostname']}.{$config['system']['domain']}.<br /><br />Current report: {$headertext}<br />\n<br />\n"; + if (!empty($cmdtext)) + $mail->Body .= $cmdtext; + if (!empty($logtext)) + $mail->Body .= $logtext; if(is_array($attachments)) { foreach($attachments as $filename) { $shortname = basename($filename); @@ -203,7 +230,7 @@ function mail_report_send($headertext, $attachments) { if(!$mail->Send()) { echo "Mailer Error: " . $mail->ErrorInfo; } else { - echo "<strong>Message sent to {$userid}!</strong>\n"; + echo "<strong>Message sent to {$address}!</strong>\n"; } } @@ -1201,4 +1228,32 @@ function timeDiff($time, $opt = array()) { return $str; } +function mail_report_get_log($logfile, $tail, $grepfor) { + global $g, $config; + $logfile = "{$g['varlog_path']}/{$logfile}"; + $logarr = ""; + $grepline = " "; + if(is_array($grepfor)) + foreach($grepfor as $agrep) + $grepline .= " | grep \"$agrep\""; + if($config['system']['disablesyslogclog']) { + exec("cat {$logfile}{$grepline} | /usr/bin/tail -n {$tail}", $logarr); + } else { + if(isset($config['system']['usefifolog'])) { + exec("/usr/sbin/fifolog_reader {$logfile}{$grepline} | /usr/bin/tail -n {$tail}", $logarr); + } else { + exec("/usr/sbin/clog {$logfile}{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail -n {$tail}", $logarr); + } + } + return($logarr); +} + +function get_friendly_log_name($logfile) { + global $logfile_friendly; + $friendly = str_replace(".log", "", $logfile); + if (!empty($logfile_friendly[$friendly])) + $friendly = $logfile_friendly[$friendly]; + return $friendly; +} + ?> diff --git a/config/mailreport/mail_reports_generate.php b/config/mailreport/mail_reports_generate.php index 7ff7b71e..a784c596 100644 --- a/config/mailreport/mail_reports_generate.php +++ b/config/mailreport/mail_reports_generate.php @@ -53,17 +53,42 @@ if (!$config['mailreports']['schedule'][$id]) exit; $thisreport = $config['mailreports']['schedule'][$id]; +$cmds = $thisreport['cmd']['row']; +$logs = $thisreport['log']['row']; $graphs = $thisreport['row']; -// No graphs on the report, bail! -if (!is_array($graphs) || !(count($graphs) > 0)) - exit; +// If there is nothing to do, bail! +if ((!is_array($cmds) || !(count($cmds) > 0)) + && (!is_array($logs) || !(count($logs) > 0)) + && (!is_array($graphs) || !(count($graphs) > 0))) + return; // Print report header +// Print command output +$cmdtext = ""; +foreach ($cmds as $cmd) { + $output = ""; + $cmdtext .= "Command output: {$cmd['descr']} (" . htmlspecialchars($cmd['detail']) . ")<br />\n"; + exec($cmd['detail'], $output); + $cmdtext .= "<pre>\n"; + $cmdtext .= implode("\n", $output); + $cmdtext .= "\n</pre>"; +} + +// Print log output +$logtext = ""; +foreach ($logs as $log) { + $lines = empty($log['lines']) ? 50 : $log['lines']; + $filter = empty($log['detail']) ? null : array($log['detail']); + $logtext .= "Log output: " . get_friendly_log_name($log['logfile']) . " ({$log['logfile']})<br />\n"; + $logtext .= "<pre>\n"; + $logtext .= implode("\n", mail_report_get_log($log['logfile'], $lines, $filter)); + $logtext .= "\n</pre>"; +} + // For each graph, print a header and the graph $attach = array(); -$idx=0; foreach ($graphs as $thisgraph) { $dates = get_dates($thisgraph['period'], $thisgraph['timespan']); $start = $dates['start']; @@ -71,6 +96,6 @@ foreach ($graphs as $thisgraph) { $attach[] = mail_report_generate_graph($thisgraph['graph'], $thisgraph['style'], $thisgraph['timespan'], $start, $end); } -mail_report_send($thisreport['descr'], $attach); +mail_report_send($thisreport['descr'], $cmdtext, $logtext, $attach); ?>
\ No newline at end of file diff --git a/config/mailreport/mailreport.xml b/config/mailreport/mailreport.xml index 613ac42f..d27d3a28 100644 --- a/config/mailreport/mailreport.xml +++ b/config/mailreport/mailreport.xml @@ -37,7 +37,7 @@ ]]> </copyright> <name>mailreport</name> - <version>1.0</version> + <version>2.0.4</version> <title>Status: Mail Reports</title> <additional_files_needed> <prefix>/usr/local/bin/</prefix> @@ -70,11 +70,19 @@ </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> + <item>http://www.pfsense.com/packages/config/mailreport/status_mail_report_add_cmd.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <item>http://www.pfsense.com/packages/config/mailreport/status_mail_report_add_log.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> <item>http://www.pfsense.com/packages/config/mailreport/status_mail_report_add_graph.php</item> </additional_files_needed> <menu> - <name>RRD E-Mail Reports</name> - <tooltiptext>Setup periodic e-mail reports with RRD graphs.</tooltiptext> + <name>E-Mail Reports</name> + <tooltiptext>Setup periodic e-mail reports.</tooltiptext> <section>Status</section> <url>/status_mail_report.php</url> </menu> diff --git a/config/mailreport/status_mail_report.php b/config/mailreport/status_mail_report.php index 4dc195bc..b1705fac 100644 --- a/config/mailreport/status_mail_report.php +++ b/config/mailreport/status_mail_report.php @@ -74,11 +74,13 @@ include("head.inc"); <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td><div id="mainarea"> <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr><td colspan="4">Here you can define a list of reports, containing multiple RRD graphs, to be sent by e-mail. </td></tr> + <tr><td colspan="4">Here you can define a list of reports to be sent by e-mail. </td></tr> <tr><td> </td></tr> <tr> - <td width="45%" class="listhdr"><?=gettext("Description");?></td> - <td width="35%" class="listhdr"><?=gettext("Schedule");?></td> + <td width="35%" class="listhdr"><?=gettext("Description");?></td> + <td width="25%" class="listhdr"><?=gettext("Schedule");?></td> + <td width="10%" class="listhdr"><?=gettext("Cmds");?></td> + <td width="10%" class="listhdr"><?=gettext("Logs");?></td> <td width="10%" class="listhdr"><?=gettext("Graphs");?></td> <td width="10%" class="list"><a href="status_mail_report_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> </tr> @@ -86,6 +88,8 @@ include("head.inc"); <tr ondblclick="document.location='status_mail_report_edit.php?id=<?=$i;?>'"> <td class="listlr"><?php echo $mailreport['descr']; ?></td> <td class="listlr"><?php echo $mailreport['schedule_friendly']; ?></td> + <td class="listlr"><?php echo count($mailreport['cmd']['row']); ?></td> + <td class="listlr"><?php echo count($mailreport['log']['row']); ?></td> <td class="listlr"><?php echo count($mailreport['row']); ?></td> <td valign="middle" nowrap class="list"> <a href="status_mail_report_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> @@ -95,7 +99,7 @@ include("head.inc"); </tr> <?php $i++; endforeach; ?> <tr> - <td class="list" colspan="3"></td> + <td class="list" colspan="5"></td> <td class="list"><a href="status_mail_report_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> </tr> <tr> diff --git a/config/mailreport/status_mail_report_add_cmd.php b/config/mailreport/status_mail_report_add_cmd.php new file mode 100644 index 00000000..7693f7a4 --- /dev/null +++ b/config/mailreport/status_mail_report_add_cmd.php @@ -0,0 +1,146 @@ +<?php +/* $Id$ */ +/* + status_rrd_graph.php + Part of pfSense + Copyright (C) 2011 Jim Pingle <jimp@pfsense.org> + Portions Copyright (C) 2007-2011 Seth Mos <seth.mos@dds.nl> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: system +*/ + +##|+PRIV +##|*IDENT=page-status-rrdgraphs +##|*NAME=Status: RRD Graphs page +##|*DESCR=Allow access to the 'Status: RRD Graphs' page. +##|*MATCH=status_rrd_graph.php* +##|-PRIV + +require("guiconfig.inc"); +require_once("mail_reports.inc"); + +$reportid = $_REQUEST['reportid']; +$id = $_REQUEST['id']; + +if (!is_array($config['mailreports']['schedule'])) + $config['mailreports']['schedule'] = array(); + +$a_mailreports = &$config['mailreports']['schedule']; + +if (!isset($reportid) || !isset($a_mailreports[$reportid])) { + header("Location: status_mail_report.php"); + return; +} + +if (!is_array($a_mailreports[$reportid]['cmd']['row'])) { + $a_mailreports[$reportid]['cmd'] = array(); + $a_mailreports[$reportid]['cmd']['row'] = array(); +} +$a_cmds = $a_mailreports[$reportid]['cmd']['row']; + +if (isset($id) && $a_cmds[$id]) { + $pconfig = $a_cmds[$id]; +} else { + $pconfig = array(); +} + +if (isset($id) && !($a_cmds[$id])) { + header("Location: status_mail_report_edit.php?id={$reportid}"); + return; +} + +if ($_POST) { + unset($_POST['__csrf_magic']); + $pconfig = $_POST; + + if (isset($id) && $a_cmds[$id]) + $a_cmds[$id] = $pconfig; + else + $a_cmds[] = $pconfig; + + $a_mailreports[$reportid]['cmd']['row'] = $a_cmds; + + write_config(); + header("Location: status_mail_report_edit.php?id={$reportid}"); + return; +} + + +$pgtitle = array(gettext("Status"),gettext("Add Mail Report Command")); +include("head.inc"); +?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td><div id="mainarea"> + <form action="status_mail_report_add_cmd.php" method="post" name="iform" id="iform"> + <table class="tabcont" width="100%" border="0" cellpadding="1" cellspacing="1"> + <tr> + <td class="listtopic" colspan="2">Command Settings</td> + </tr> + <tr> + <td width="20%" class="listhdr"> + <?=gettext("Name:");?> + </td> + <td width="80%" class="listhdr"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>"> + </td> + </tr> + <tr> + <td class="listhdr"> + <?=gettext("Command:");?> + </td> + <td class="listhdr"> + <input name="detail" type="text" class="formfld unknown" id="detail" size="60" value="<?=htmlspecialchars($pconfig['detail']);?>"> + </td> + </tr> + <tr> + <td> </td> + <td> + <br/>NOTE: Use full paths to commands to ensure they run properly. The command will be run during the report and its stdout output will be included in the report body. Be extremely careful what commands you choose to run, the same warnings apply as those when using Diagnostics > Command. + <br/> + <br/>Do not use this solely as a way to run a command on a schedule, use the Cron package for that purpose instead. + </td> + </tr> + <tr> + <td colspan="2" align="center"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> + <a href="status_mail_report_edit.php?id=<?php echo $reportid;?>"><input name="cancel" type="button" class="formbtn" value="<?=gettext("Cancel");?>"></a> + <input name="reportid" type="hidden" value="<?=htmlspecialchars($reportid);?>"> + <?php if (isset($id) && $a_graphs[$id]): ?> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> + <?php endif; ?> + </td> + <td></td> + </tr> + </table> + </form> + </div></td></tr> +</table> + +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/mailreport/status_mail_report_add_graph.php b/config/mailreport/status_mail_report_add_graph.php index c0287367..165124f3 100644 --- a/config/mailreport/status_mail_report_add_graph.php +++ b/config/mailreport/status_mail_report_add_graph.php @@ -50,13 +50,8 @@ if(! isset($config['rrd']['enable'])) { header("Location: status_rrd_graph_settings.php"); } -$reportid = $_GET['reportid']; -if (isset($_POST['reportid'])) - $reportid = $_POST['reportid']; - -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; +$reportid = $_REQUEST['reportid']; +$id = $_REQUEST['id']; if (!is_array($config['mailreports']['schedule'])) $config['mailreports']['schedule'] = array(); @@ -65,7 +60,7 @@ $a_mailreports = &$config['mailreports']['schedule']; if (!isset($reportid) || !isset($a_mailreports[$reportid])) { header("Location: status_mail_report.php"); - exit; + return; } if (!is_array($a_mailreports[$reportid]['row'])) @@ -80,7 +75,7 @@ if (isset($id) && $a_graphs[$id]) { if (isset($id) && !($a_graphs[$id])) { header("Location: status_mail_report_edit.php?id={$reportid}"); - exit; + return; } @@ -159,7 +154,7 @@ if ($_POST) { write_config(); header("Location: status_mail_report_edit.php?id={$reportid}"); - exit; + return; } diff --git a/config/mailreport/status_mail_report_add_log.php b/config/mailreport/status_mail_report_add_log.php new file mode 100644 index 00000000..75d092b5 --- /dev/null +++ b/config/mailreport/status_mail_report_add_log.php @@ -0,0 +1,162 @@ +<?php +/* $Id$ */ +/* + status_rrd_graph.php + Part of pfSense + Copyright (C) 2011 Jim Pingle <jimp@pfsense.org> + Portions Copyright (C) 2007-2011 Seth Mos <seth.mos@dds.nl> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: system +*/ + +##|+PRIV +##|*IDENT=page-status-rrdgraphs +##|*NAME=Status: RRD Graphs page +##|*DESCR=Allow access to the 'Status: RRD Graphs' page. +##|*MATCH=status_rrd_graph.php* +##|-PRIV + +require("guiconfig.inc"); +require_once("mail_reports.inc"); + +$reportid = $_REQUEST['reportid']; +$id = $_REQUEST['id']; + +if (!is_array($config['mailreports']['schedule'])) + $config['mailreports']['schedule'] = array(); + +$a_mailreports = &$config['mailreports']['schedule']; + +if (!isset($reportid) || !isset($a_mailreports[$reportid])) { + header("Location: status_mail_report.php"); + return; +} + +if (!is_array($a_mailreports[$reportid]['log']['row'])) { + $a_mailreports[$reportid]['log'] = array(); + $a_mailreports[$reportid]['log']['row'] = array(); +} +$a_logs = $a_mailreports[$reportid]['log']['row']; + +if (isset($id) && $a_logs[$id]) { + $pconfig = $a_logs[$id]; +} else { + $pconfig = array(); +} + +if (isset($id) && !($a_logs[$id])) { + header("Location: status_mail_report_edit.php?id={$reportid}"); + return; +} + +$logpath = "/var/log/"; +chdir($logpath); +$logfiles = glob("*.log"); + +sort($logfiles); + +if ($_POST) { + unset($_POST['__csrf_magic']); + $pconfig = $_POST; + + if (isset($id) && $a_logs[$id]) + $a_logs[$id] = $pconfig; + else + $a_logs[] = $pconfig; + + $a_mailreports[$reportid]['log']['row'] = $a_logs; + + write_config(); + header("Location: status_mail_report_edit.php?id={$reportid}"); + return; +} + + +$pgtitle = array(gettext("Status"),gettext("Add Mail Report Log")); +include("head.inc"); +?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td><div id="mainarea"> + <form action="status_mail_report_add_log.php" method="post" name="iform" id="iform"> + <table class="tabcont" width="100%" border="0" cellpadding="1" cellspacing="1"> + <tr> + <td class="listtopic" colspan="2">Log Settings</td> + </tr> + <tr> + <td width="20%" class="listhdr"> + <?=gettext("Logs:");?> + </td> + <td width="80%" class="listhdr"> + <select name="logfile" class="formselect" style="z-index: -10;"> + <?php + foreach ($logfiles as $logfile) { + echo "<option value=\"{$logfile}\""; + if ($pconfig['logfile'] == $logfile) { + echo " selected"; + } + echo ">" . htmlspecialchars(get_friendly_log_name($logfile)) . "</option>\n"; + } + ?> + </select> + </td> + </tr> + <tr> + <td width="20%" class="listhdr"> + <?=gettext("# Rows:");?> + </td> + <td width="80%" class="listhdr"> + <input name="lines" type="text" class="formfld unknown" id="lines" size="10" value="<?=htmlspecialchars($pconfig['lines']);?>"> + </td> + </tr> + <tr> + <td class="listhdr"> + <?=gettext("Filter:");?> + </td> + <td class="listhdr"> + <input name="detail" type="text" class="formfld unknown" id="detail" size="60" value="<?=htmlspecialchars($pconfig['detail']);?>"> + </td> + </tr> + <tr> + <td colspan="2" align="center"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>"> + <a href="status_mail_report_edit.php?id=<?php echo $reportid;?>"><input name="cancel" type="button" class="formbtn" value="<?=gettext("Cancel");?>"></a> + <input name="reportid" type="hidden" value="<?=htmlspecialchars($reportid);?>"> + <?php if (isset($id) && $a_logs[$id]): ?> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> + <?php endif; ?> + </td> + <td></td> + </tr> + </table> + </form> + </div></td></tr> +</table> + +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/mailreport/status_mail_report_edit.php b/config/mailreport/status_mail_report_edit.php index 3102e958..7ddb4c36 100644 --- a/config/mailreport/status_mail_report_edit.php +++ b/config/mailreport/status_mail_report_edit.php @@ -44,16 +44,13 @@ require_once("mail_reports.inc"); /* if the rrd graphs are not enabled redirect to settings page */ if(! isset($config['rrd']['enable'])) { header("Location: status_rrd_graph_settings.php"); - exit; + return; } -$graphid = $_GET['graphid']; -if (isset($_POST['graphid'])) - $graphid = $_POST['graphid']; - -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; +$cmdid = $_REQUEST['cmdid']; +$logid = $_REQUEST['logid']; +$graphid = $_REQUEST['graphid']; +$id = $_REQUEST['id']; if (!is_array($config['mailreports']['schedule'])) $config['mailreports']['schedule'] = array(); @@ -63,19 +60,40 @@ if (isset($id) && $a_mailreports[$id]) { if (!is_array($a_mailreports[$id]['row'])) $a_mailreports[$id]['row'] = array(); $pconfig = $a_mailreports[$id]; + $a_cmds = $a_mailreports[$id]['cmd']['row']; + $a_logs = $a_mailreports[$id]['log']['row']; $a_graphs = $a_mailreports[$id]['row']; -} else { +} + +if (!is_array($pconfig)) $pconfig = array(); +if (!is_array($a_cmds)) + $a_cmds = array(); +if (!is_array($a_logs)) + $a_logs = array(); +if (!is_array($a_graphs)) $a_graphs = array(); -} + if ($_GET['act'] == "del") { - if ($a_graphs[$graphid]) { + if (is_numeric($cmdid) && $a_cmds[$cmdid]) { + unset($a_cmds[$cmdid]); + $a_mailreports[$id]['cmd']['row'] = $a_cmds; + write_config(); + header("Location: status_mail_report_edit.php?id={$id}"); + return; + } elseif (is_numeric($logid) && $a_logs[$logid]) { + unset($a_logs[$logid]); + $a_mailreports[$id]['log']['row'] = $a_logs; + write_config(); + header("Location: status_mail_report_edit.php?id={$id}"); + return; + } elseif (is_numeric($graphid) && $a_graphs[$graphid]) { unset($a_graphs[$graphid]); $a_mailreports[$id]['row'] = $a_graphs; write_config(); header("Location: status_mail_report_edit.php?id={$id}"); - exit; + return; } } @@ -97,7 +115,7 @@ if ($_POST) { if ($_POST['Submit'] == "Send Now") { mwexec_bg("/usr/local/bin/mail_reports_generate.php {$id}"); header("Location: status_mail_report_edit.php?id={$id}"); - exit; + return; } $friendly = ""; @@ -124,7 +142,9 @@ if ($_POST) { unset($pconfig['dayofmonth']); } - // Copy graphs back into the schedule. + // Copy back into the schedule. + $pconfig['cmd']["row"] = $a_cmds; + $pconfig['log']["row"] = $a_logs; $pconfig["row"] = $a_graphs; $pconfig['schedule_friendly'] = $friendly; @@ -139,7 +159,7 @@ if ($_POST) { write_config(); configure_cron(); header("Location: status_mail_report.php"); - exit; + return; } $pgtitle = array(gettext("Status"),gettext("Edit Mail Reports")); @@ -220,6 +240,78 @@ include("head.inc"); <td></td> </tr> <tr> + <td class="listtopic" colspan="4">Report Commands</td> + <td></td> + </tr> + <tr> + <td width="30%" class="listhdr"><?=gettext("Name");?></td> + <td width="60%" colspan="3" class="listhdr"><?=gettext("Command");?></td> + <td width="10%" class="list"> + <?php if (isset($id) && $a_mailreports[$id]): ?> + <a href="status_mail_report_add_cmd.php?reportid=<?php echo $id ;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a> + </td> + <?php else: ?> + </td> + <tr><td colspan="5" align="center"><br/>Save the report first, then items may be added.<br/></td></tr> + <?php endif; ?> + </tr> + <?php $i = 0; foreach ($a_cmds as $cmd): ?> + <tr ondblclick="document.location='status_mail_report_add_cmd.php?reportid=<?php echo $id ;?>&id=<?=$i;?>'"> + <td class="listlr"><?php echo htmlspecialchars($cmd['descr']); ?></td> + <td colspan="3" class="listlr"><?php echo htmlspecialchars($cmd['detail']); ?></td> + <td valign="middle" nowrap class="list"> + <a href="status_mail_report_add_cmd.php?reportid=<?php echo $id ;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> + + <a href="status_mail_report_edit.php?act=del&id=<?php echo $id ;?>&cmdid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this entry?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a> + </td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="4"></td> + <td class="list"> + <?php if (isset($id) && $a_mailreports[$id]): ?> + <a href="status_mail_report_add_cmd.php?reportid=<?php echo $id ;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a> + <?php endif; ?> + </td> + </tr> + <tr> + <td class="listtopic" colspan="4">Report Logs</td> + <td></td> + </tr> + <tr> + <td width="30%" class="listhdr"><?=gettext("Log");?></td> + <td width="20%" class="listhdr"><?=gettext("# Rows");?></td> + <td width="40%" colspan="2" class="listhdr"><?=gettext("Filter");?></td> + <td width="10%" class="list"> + <?php if (isset($id) && $a_mailreports[$id]): ?> + <a href="status_mail_report_add_log.php?reportid=<?php echo $id ;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a> + </td> + <?php else: ?> + </td> + <tr><td colspan="5" align="center"><br/>Save the report first, then items may be added.<br/></td></tr> + <?php endif; ?> + </tr> + <?php $i = 0; foreach ($a_logs as $log): ?> + <tr ondblclick="document.location='status_mail_report_add_log.php?reportid=<?php echo $id ;?>&id=<?=$i;?>'"> + <td class="listlr"><?php echo get_friendly_log_name($log['logfile']); ?></td> + <td class="listlr"><?php echo $log['lines']; ?></td> + <td colspan="2" class="listlr"><?php echo $log['detail']; ?></td> + <td valign="middle" nowrap class="list"> + <a href="status_mail_report_add_cmd.php?reportid=<?php echo $id ;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> + + <a href="status_mail_report_edit.php?act=del&id=<?php echo $id ;?>&logid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this entry?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a> + </td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="4"></td> + <td class="list"> + <?php if (isset($id) && $a_mailreports[$id]): ?> + <a href="status_mail_report_add_log.php?reportid=<?php echo $id ;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a> + <?php endif; ?> + </td> + </tr> + <tr> <td class="listtopic" colspan="4">Report Graphs</td> <td></td> </tr> @@ -234,7 +326,7 @@ include("head.inc"); </td> <?php else: ?> </td> - <tr><td colspan="5" align="center"><br/>Save the report first, then you may add graphs.<br/></td></tr> + <tr><td colspan="5" align="center"><br/>Save the report first, then items may be added.<br/></td></tr> <?php endif; ?> </tr> <?php $i = 0; foreach ($a_graphs as $graph): @@ -246,7 +338,7 @@ include("head.inc"); } $prettyprint = ucwords(implode(" :: ", $optionc)); ?> - <tr ondblclick="document.location='status_mail_report_edit.php?id=<?=$i;?>'"> + <tr ondblclick="document.location='status_mail_report_add_graph.php?reportid=<?php echo $id ;?>&id=<?=$i;?>'"> <td class="listlr"><?php echo $prettyprint; ?></td> <td class="listlr"><?php echo $graph['style']; ?></td> <td class="listlr"><?php echo $graph['timespan']; ?></td> diff --git a/config/openbgpd/openbgpd.inc b/config/openbgpd/openbgpd.inc index 2d1f47fd..45449793 100644 --- a/config/openbgpd/openbgpd.inc +++ b/config/openbgpd/openbgpd.inc @@ -79,7 +79,6 @@ function openbgpd_install_conf() { $openbgpd_neighbors = &$config['installedpackages']['openbgpdneighbors']['config']; $conffile = "# This file was created by the package manager. Do not edit!\n\n"; - $setkeycf = ""; // Setup AS # if($openbgpd_conf['asnum']) @@ -114,20 +113,24 @@ function openbgpd_install_conf() { if(is_array($openbgpd_neighbors)) { foreach($openbgpd_neighbors as $neighbor) { if($neighbor['groupname'] == $group['name']) { - $conffile .= " neighbor {$neighbor['neighbor']} {\n"; - $conffile .= " descr \"{$neighbor['descr']}\"\n"; - $setkeycf .= "delete {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000;\n"; + $conffile .= "\tneighbor {$neighbor['neighbor']} {\n"; + $conffile .= "\t\tdescr \"{$neighbor['descr']}\"\n"; if($neighbor['md5sigpass']) { - $setkeycf .= "add {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000 -A tcp-md5 \"{$neighbor['md5sigpass']}\";\n"; - $conffile .= " tcp md5sig password {$neighbor['md5sigpass']}\n"; + $conffile .= "\t\ttcp md5sig password {$neighbor['md5sigpass']}\n"; } if($neighbor['md5sigkey']) { - $setkeycf .= "add {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000 -A tcp-md5 0x{$neighbor['md5sigkey']};\n"; - $conffile .= " tcp md5sig key {$neighbor['md5sigkey']}\n"; + $conffile .= "\t\ttcp md5sig key {$neighbor['md5sigkey']}\n"; } - foreach($neighbor['row'] as $row) { - $conffile .= " {$row['parameters']} {$row['parmvalue']} \n"; - } + $setlocaladdr = true; + if (is_array($neighbor['row'])) { + foreach($neighbor['row'] as $row) { + if ($row['parameters'] == "local-address") + $setlocaladdr = false; + $conffile .= "\t\t{$row['parameters']} {$row['parmvalue']} \n"; + } + } + if ($setlocaladdr == true) + $conffile .= "\t\tlocal-address {$openbgpd_conf['listenip']}\n"; $conffile .= "}\n"; } } @@ -142,23 +145,25 @@ function openbgpd_install_conf() { $used_this_item = false; if($neighbor['groupname'] == "") { $conffile .= "neighbor {$neighbor['neighbor']} {\n"; - $conffile .= " descr \"{$neighbor['descr']}\"\n"; - $setkeycf .= "delete {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000;\n"; + $conffile .= "\tdescr \"{$neighbor['descr']}\"\n"; if ($neighbor['md5sigpass']) { - $setkeycf .= "add {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000 -A tcp-md5 \"{$neighbor['md5sigpass']}\";\n"; - $conffile .= " tcp md5sig password {$neighbor['md5sigpass']}\n"; + $conffile .= "\ttcp md5sig password {$neighbor['md5sigpass']}\n"; } if ($neighbor['md5sigkey']) { - $setkeycf .= "add {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000 -A tcp-md5 0x{$neighbor['md5sigkey']};\n"; - $conffile .= " tcp md5sig key {$neighbor['md5sigkey']}\n"; + $conffile .= "\ttcp md5sig key {$neighbor['md5sigkey']}\n"; } - $used_this_item = true; - foreach($neighbor['row'] as $row) { - $conffile .= " {$row['parameters']} {$row['parmvalue']} \n"; - } + $setlocaladdr = true; + if (is_array($neighbor['row'])) { + foreach($neighbor['row'] as $row) { + if ($row['parameters'] == "local-address") + $setlocaladdr = false; + $conffile .= "\t{$row['parameters']} {$row['parmvalue']} \n"; + } + } + if ($setlocaladdr == true) + $conffile .= "\tlocal-address {$openbgpd_conf['listenip']}\n"; } - if($used_this_item) - $conffile .= "}\n"; + $conffile .= "}\n"; } } @@ -173,17 +178,13 @@ function openbgpd_install_conf() { } } safe_mkdir($bgpd_config_base); - $fd = fopen("{$bgpd_config_base}/bgpd.conf", "w"); - - // Write out the configuration file - fwrite($fd, $conffile); - - // Close file handle - fclose($fd); + // Write out the configuration file + @file_put_contents("{$bgpd_config_base}/bgpd.conf", $conffile); + @chmod("{$bgpd_config_base}/bgpd.conf", 0600); // Create rc.d file $rc_file_stop = <<<EOF -killall -9 bgpd +killall -TERM bgpd EOF; $rc_file_start = <<<EOF @@ -195,12 +196,14 @@ if [ `pw usershow {$pkg_login} 2>&1 | grep -c "pw: no such user"` -gt 0 ]; then fi /bin/mkdir -p {$bgpd_config_base} -chmod u+rw,go-rw {$bgpd_config_base}/bgpd.conf /usr/sbin/chown -R root:wheel {$bgpd_config_base} +/bin/chmod 0600 {$bgpd_config_base}/bgpd.conf NUMBGPD=`ps auxw | grep -c '[b]gpd.*parent'` if [ \${NUMBGPD} -lt 1 ] ; then {$pkg_bin}/bgpd -f {$bgpd_config_base}/bgpd.conf +else + {$pkg_bin}/bgpctl reload fi EOF; write_rcfile(array( @@ -210,17 +213,11 @@ EOF; ) ); - // TCP-MD5 support on freebsd. See tcp(5) for more - $fd = fopen("{$g['tmp_path']}/bgpdsetkey.conf", "w"); - fwrite($fd, $setkeycf ); - fclose($fd); - exec("setkey -f {$g['tmp_path']}/bgpdsetkey.conf"); - // bgpd process running? if so reload, else start. if(is_openbgpd_running() == true) { - exec("bgpctl reload"); + exec("{$pkg_bin}/bgpctl reload"); } else { - exec("bgpd"); + exec("{$pkg_bin}/bgpd -f {$bgpd_config_base}/bgpd.conf"); } conf_mount_ro(); @@ -250,21 +247,6 @@ function openbgpd_put_raw_config($conffile) { function deinstall_openbgpd() { global $config, $g; - if($config['installedpackages']['openbgpd']['config']) - $openbgpd_conf = &$config['installedpackages']['openbgpd']['config'][0]; - if($config['installedpackages']['openbgpdneighbors']['config']) - $openbgpd_neighbors = &$config['installedpackages']['openbgpdneighbors']['config']; - $setkeycf = ""; - if(is_array($openbgpd_neighbors)) { - foreach($openbgpd_neighbors as $neighbor) - $setkeycf .= "delete {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000;\n"; - } - // Clear all SADB entries used. - $fd = fopen("{$g['tmp_path']}/bgpdsetkey.conf", "w"); - fwrite($fd, $setkeycf ); - fclose($fd); - exec("setkey -f {$g['tmp_path']}/bgpdsetkey.conf"); - exec("rm /usr/local/etc/rc.d/bgpd.sh"); exec("rm /usr/local/www/openbgpd_status.php"); exec("killall bgpd"); @@ -320,11 +302,11 @@ function bgpd_validate_group() { if ($_POST['name'] == "") $input_errors[] = "You must enter a name."; - $_POST['name'] = openbgpd_remove_bad_chars($_POST['name']); + $_POST['name'] = remove_bad_chars($_POST['name']); } -function openbgpd_remove_bad_chars($string) { +function remove_bad_chars($string) { return preg_replace('/[^a-z|_|0-9]/i','',$string); } diff --git a/config/openbgpd/openbgpd_neighbors.xml b/config/openbgpd/openbgpd_neighbors.xml index e45baa1a..5553c022 100644 --- a/config/openbgpd/openbgpd_neighbors.xml +++ b/config/openbgpd/openbgpd_neighbors.xml @@ -100,13 +100,13 @@ <field> <fielddescr>TCP-MD5 key</fielddescr> <fieldname>md5sigkey</fieldname> - <description>The md5 key to communicate with the peer. Does not work with Cisco BGP routers. You need the Local Addr option to be set.</description> + <description>The md5 key to communicate with the peer. Does not work with Cisco BGP routers. If the Local Addr option is not set listening ip will be used.</description> <type>input</type> </field> <field> <fielddescr>TCP-MD5 password</fielddescr> <fieldname>md5sigpass</fieldname> - <description>The md5 password to communicate with the peer. Use this when communicating with a Cisco BGP router. You need the Local Addr option to be set.</description> + <description>The md5 password to communicate with the peer. Use this when communicating with a Cisco BGP router. If the Local Addr option is not set listenning ip will be used.</description> <type>input</type> </field> <field> diff --git a/config/openbgpd/openbgpd_status.php b/config/openbgpd/openbgpd_status.php index 3db2781a..e6f69d07 100644 --- a/config/openbgpd/openbgpd_status.php +++ b/config/openbgpd/openbgpd_status.php @@ -62,6 +62,7 @@ function doCmdT($title, $command) { $fd = popen("{$command} 2>&1", "r"); while (($line = fgets($fd)) !== FALSE) { echo htmlspecialchars($line, ENT_NOQUOTES); + ob_flush(); } pclose($fd); } diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index 58b93bb5..c40d742e 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -52,29 +52,6 @@ function cb_get_real_interface_address($iface) { return array($ip, long2ip(hexdec($netmask))); } -function pfblocker_Range2CIDR($ip_min, $ip_max) { - #function called without any args - if ($ip_min == "" || $ip_max == "") - return ""; - #function called with same ip in min and max - if ($ip_min == $ip_max) - return $ip_min. "/32"; - #convert ip to decimal numbers - $ip_min_long=ip2long($ip_min); - $ip_max_long=ip2long($ip_max); - #check long results - if ($ip_min_long == -1 || $ip_max_long == -1) - return ""; - #identify bits mask - $bits=(32 -strlen(decbin($ip_max_long - $ip_min_long))); - if ($bits < 0) - return ""; - #identify first ip on range network - $network=long2ip( $ip_min_long & ((1<<32)-(1<<(32-$bits))-1) ); - #print decbin($ip_min_long)."\n".$network."\n"; - return $network . "/". $bits; -} - function sync_package_pfblocker($cron="") { global $g,$config; @@ -290,10 +267,12 @@ function sync_package_pfblocker($cron="") { foreach ($url_list as $line){ # Network range 192.168.0.0-192.168.0.254 if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches)){ - $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]); - if ($cidr != ""){ - ${$alias}.= $cidr."\n"; - $new_file.= $cidr."\n"; + $a_cidr = ip_range_to_subnet_array($matches[1],$matches[2]); + if (is_array($a_cidr)) { + foreach ($a_cidr as $cidr) { + ${$alias}.= $cidr."\n"; + $new_file.= $cidr."\n"; + } } } # CIDR format 192.168.0.0/16 diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc index 81f9cd96..e57b7597 100644 --- a/config/squidGuard/squidguard_configurator.inc +++ b/config/squidGuard/squidguard_configurator.inc @@ -414,7 +414,6 @@ function squid_reconfigure($remove_only = '') global $squidguard_config; $conf = ''; $cust_opt = $config['installedpackages']['squid']['config'][0]['custom_options']; - # remove old options if (!empty($cust_opt)) { $conf = explode(";", $cust_opt); @@ -444,7 +443,7 @@ function squid_reconfigure($remove_only = '') if (is_array($conf)) $conf = implode(";", $conf); /* Only update squid options if we have something to do, otherwise this can interfere with squid's default options in a new install. */ - if (!empty($conf)) { + if ($conf != $cust_opt) { $config['installedpackages']['squid']['config'][0]['custom_options'] = $conf; write_config('Update redirector options to squid config.'); } diff --git a/config/systempatches/apply_patches.php b/config/systempatches/apply_patches.php new file mode 100644 index 00000000..3ac0d671 --- /dev/null +++ b/config/systempatches/apply_patches.php @@ -0,0 +1,11 @@ +#!/usr/local/bin/php +<?php +require_once("config.inc"); +require_once("patches.inc"); + +global $g, $config; + +echo "Applying patches..."; +bootup_apply_patches(); +echo "Done.\n"; +?>
\ No newline at end of file diff --git a/config/systempatches/patches.inc b/config/systempatches/patches.inc index e9bd2814..9b347620 100644 --- a/config/systempatches/patches.inc +++ b/config/systempatches/patches.inc @@ -34,6 +34,14 @@ $patch_suffix = ".patch"; $patch_dir = "/var/patches"; $patch_cmd = "/usr/bin/patch"; +function patch_package_install() { + patch_add_shellcmd(); +} + +function patch_package_deinstall() { + patch_remove_shellcmd(); +} + function patch_commit($patch, $action, $test=false, $fulldetail=false) { global $patch_dir, $patch_cmd, $patch_suffix; $directory = empty($patch['basedir']) ? "/" : $patch['basedir']; @@ -139,4 +147,55 @@ function is_github_url($url) { $urlbits = explode("/", $url); return (substr($urlbits[2], -10) == "github.com"); } + +function bootup_apply_patches() { + global $config; + + $a_patches = &$config['installedpackages']['patches']['item']; + + foreach ($a_patches as $patch) { + /* Skip the patch if it should not be automatically applied. */ + if (!isset($patch['autoapply'])) + continue; + /* If the patch can be reverted it is already applied, so skip it. */ + if (!patch_test_revert($patch)) { + /* Only attempt to apply if it can be applied. */ + if (patch_test_apply($patch)) { + patch_apply($patch); + } + } + } +} + +function patch_add_shellcmd() { + global $config; + $a_earlyshellcmd = &$config['system']['earlyshellcmd']; + if (!is_array($a_earlyshellcmd)) + $a_earlyshellcmd = array(); + $found = false; + foreach ($a_earlyshellcmd as $idx => $cmd) + if (stristr($cmd, "apply_patches.php")) + $found = true; + if (!$found) { + $a_earlyshellcmd[] = "/usr/local/bin/php -f /usr/local/bin/apply_patches.php"; + write_config("System Patches package added a shellcmd"); + } +} + +function patch_remove_shellcmd() { + global $config; + $a_earlyshellcmd = &$config['system']['earlyshellcmd']; + if (!is_array($a_earlyshellcmd)) + $a_earlyshellcmd = array(); + $removed = false; + foreach ($a_earlyshellcmd as $idx => $cmd) { + if (stristr($cmd, "apply_patches.php")) { + unset($a_earlyshellcmd[$idx]); + $removed = true; + } + } + if ($removed) + write_config("System Patches package removed a shellcmd"); +} + ?> diff --git a/config/systempatches/system_patches.php b/config/systempatches/system_patches.php index 1dd6470b..70260e4b 100644 --- a/config/systempatches/system_patches.php +++ b/config/systempatches/system_patches.php @@ -179,11 +179,12 @@ include("head.inc"); <tr id="frheader"> <td width="5%" class="list"> </td> <td width="5%" class="listhdrr"><?=gettext("Description");?></td> -<td width="65%" class="listhdrr"><?=gettext("URL/ID");?></td> +<td width="60%" class="listhdrr"><?=gettext("URL/ID");?></td> <td width="5%" class="listhdrr"><?=gettext("Fetch");?></td> <td width="5%" class="listhdrr"><?=gettext("Test");?></td> <td width="5%" class="listhdrr"><?=gettext("Apply");?></td> <td width="5%" class="listhdr"><?=gettext("Revert");?></td> +<td width="5%" class="listhdr"><?=gettext("Auto Apply");?></td> <td width="5%" class="list"> <table border="0" cellspacing="0" cellpadding="1" summary="buttons"> <tr><td width="17"> @@ -242,6 +243,9 @@ foreach ($a_patches as $thispatch): <a href="system_patches.php?id=<?=$i;?>&act=revert"><?php echo gettext("Revert"); ?></a> <?php endif; ?> </td> + <td class="listr" onclick="fr_toggle(<?=$npatches;?>)" id="frd<?=$npatches;?>" ondblclick="document.location='system_patches_edit.php?id=<?=$npatches;?>';"> + <?= isset($thispatch['autoapply']) ? "Yes" : "No" ?> + </td> <td valign="middle" class="list" nowrap> <table border="0" cellspacing="0" cellpadding="1" summary="edit"> <tr> diff --git a/config/systempatches/system_patches_edit.php b/config/systempatches/system_patches_edit.php index 3dd5e349..5b30c9c5 100644 --- a/config/systempatches/system_patches_edit.php +++ b/config/systempatches/system_patches_edit.php @@ -127,6 +127,8 @@ if ($_POST) { } write_config(); + if ($thispatch['autoapply']) + patch_add_shellcmd(); header("Location: system_patches.php"); return; } @@ -192,7 +194,6 @@ include("head.inc"); <span class="vexpl"><?=gettext("Set this option to ignore whitespace in the patch."); ?></span> </td> </tr> -<!-- This isn't ready yet <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Auto Apply"); ?></td> <td width="78%" class="vtable"> @@ -201,7 +202,6 @@ include("head.inc"); <span class="vexpl"><?=gettext("Set this option to apply the patch automatically when possible, useful for patches to survive after firmware updates."); ?></span> </td> </tr> ---> <tr> <td width="22%" valign="top"> </td> <td width="78%">Patch id: <?php echo $pconfig['uniqid']; ?></td> diff --git a/config/systempatches/systempatches.xml b/config/systempatches/systempatches.xml index 3802ba58..ea0eee78 100644 --- a/config/systempatches/systempatches.xml +++ b/config/systempatches/systempatches.xml @@ -40,8 +40,9 @@ <requirements>None</requirements> <faq>Applies patches supplied by the user to the firewall.</faq> <name>System Patches</name> - <version>0.5.1</version> + <version>0.8</version> <title>System: Patches</title> + <include_file>/usr/local/pkg/patches.inc</include_file> <menu> <name>Patches</name> <tooltiptext></tooltiptext> @@ -59,8 +60,19 @@ <item>http://www.pfsense.com/packages/config/systempatches/system_patches_edit.php</item> </additional_files_needed> <additional_files_needed> + <prefix>/usr/local/bin/</prefix> + <chmod>755</chmod> + <item>http://www.pfsense.com/packages/config/systempatches/apply_patches.php</item> + </additional_files_needed> + <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>644</chmod> <item>http://www.pfsense.com/packages/config/systempatches/patches.inc</item> </additional_files_needed> + <custom_php_install_command> + patch_package_install(); + </custom_php_install_command> + <custom_php_deinstall_command> + patch_package_deinstall(); + </custom_php_deinstall_command> </packagegui>
\ No newline at end of file diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 1c930fcb..95d194a7 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -190,13 +190,14 @@ <configurationfile>haproxy.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>haproxy-1.4.21.tbz</depends_on_package> - <depends_on_package_pbi>haproxy-devel-1.5-dev17-i386.pbi</depends_on_package_pbi> + <depends_on_package_pbi>haproxy-devel-1.5-dev18-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/haproxy-devel</build_port_path> <build_pbi> + <ports_before>security/openssl</ports_before> <custom_name>haproxy-devel</custom_name> <port>/usr/ports/net/haproxy-devel</port> </build_pbi> - <build_options>OPTIONS_UNSET=PCRE DPCRE;OPTIONS_SET=OPENSSL SPCRE</build_options> + <build_options>WITH_PORTS_OPENSSL=yes;OPTIONS_UNSET=PCRE DPCRE;OPTIONS_SET=OPENSSL SPCRE</build_options> </package> <package> <name>Apache with mod_security-dev</name> @@ -502,7 +503,7 @@ <build_port_path>/usr/ports/net/daq</build_port_path> <build_port_path>/usr/ports/net/libnet</build_port_path> <build_port_path>/usr/ports/security/barnyard2</build_port_path> - <build_port_path>/usr/ports/databases/mysql51-client</build_port_path> + <build_port_path>/usr/ports/databases/mysql55-client</build_port_path> <build_port_path>/usr/ports/security/snort</build_port_path> <build_pbi> <port>security/snort</port> @@ -518,44 +519,6 @@ <after_install_info>Please visit the Snort settings tab and enter your oinkid code. Afterwards visit the update rules tab to download the snort rules.</after_install_info> </package> <package> - <name>snort-dev</name> - <internal_name>snort</internal_name> - <pkginfolink>http://forum.pfsense.org/index.php/topic,16847.0.html</pkginfolink> - <website>http://www.snort.org</website> - <descr>Snort-dev is a development branch.</descr> - <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <depends_on_package_pbi>snort-2.9.2.3-i386.pbi</depends_on_package_pbi> - <depends_on_package>mysql-client-5.1.53.tbz</depends_on_package> - <depends_on_package>barnyard2-1.9_2.tbz</depends_on_package> - <depends_on_package>libnet11-1.1.2.1_3,1.tbz</depends_on_package> - <depends_on_package>libdnet-1.11_3.tbz</depends_on_package> - <depends_on_package>libpcap-1.1.1_1.tbz</depends_on_package> - <depends_on_package>daq-0.6.2.tbz</depends_on_package> - <depends_on_package>snort-2.9.2.3.tbz</depends_on_package> - <depends_on_package>perl-threaded-5.12.4_4.tbz</depends_on_package> - <build_port_path>/usr/ports/devel/pcre</build_port_path> - <build_port_path>/usr/ports/net/daq</build_port_path> - <build_port_path>/usr/ports/net/libnet</build_port_path> - <build_port_path>/usr/ports/lang/perl5.14</build_port_path> - <build_port_path>/usr/ports/security/barnyard2</build_port_path> - <build_port_path>/usr/ports/databases/mysql51-client</build_port_path> - <build_port_path>/usr/ports/security/snort</build_port_path> - <build_pbi> - <custom_name>snort-dev</custom_name> - <port>security/snort</port> - <ports_after>security/barnyard2</ports_after> - </build_pbi> - <!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. --> - <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL;snort_UNSET=TARGETBASED PERFPROFILE REACT;snort_SET=DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER PERFPROFILE ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITHOUT_TARGETBASED=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITHOUT_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options> - <config_file>http://www.pfsense.com/packages/config/snort-dev/snort.xml</config_file> - <version>2.9.2.3 pkg v. 3.0</version> - <required_version>2.0</required_version> - <status>Stable</status> - <configurationfile>/snort.xml</configurationfile> - <after_install_info>Please visit the Snort settings tab and enter your oinkid code. Afterwards visit the update rules tab to download the snort rules.</after_install_info> - </package> - <package> <name>olsrd</name> <website>http://www.olsr.org/</website> <descr>The olsr.org OLSR daemon is an implementation of the Optimized Link State Routing protocol. OLSR is a routing protocol for mobile ad-hoc networks. The protocol is pro-active, table driven and utilizes a technique called multipoint relaying for message flooding.</descr> @@ -1431,7 +1394,7 @@ <depends_on_package_pbi>zip-3.0-i386.pbi p7zip-9.20.1-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/archivers/p7zip</build_port_path> <build_port_path>/usr/ports/archivers/zip</build_port_path> - <version>1.0.4</version> + <version>1.0.5</version> <status>RELEASE</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> @@ -1664,9 +1627,9 @@ </package> <package> <name>mailreport</name> - <descr>Allows you to setup periodic e-mail reports containing RRD graphs.</descr> + <descr>Allows you to setup periodic e-mail reports containing command output, log file contents, and RRD graphs.</descr> <category>Network Management</category> - <version>1.2</version> + <version>2.0.4</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/mailreport/mailreport.xml</config_file> @@ -1720,7 +1683,7 @@ <name>System Patches</name> <descr>A package to apply and maintain custom system patches.</descr> <maintainer>jimp@pfsense.org</maintainer> - <version>0.7.3</version> + <version>0.8</version> <category>System</category> <status>BETA</status> <config_file>http://www.pfsense.com/packages/config/systempatches/systempatches.xml</config_file> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 42a0faa3..4d1c0e47 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -177,13 +177,14 @@ <configurationfile>haproxy.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>haproxy-1.4.21.tbz</depends_on_package> - <depends_on_package_pbi>haproxy-devel-1.5-dev17-amd64.pbi</depends_on_package_pbi> + <depends_on_package_pbi>haproxy-devel-1.5-dev18-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/haproxy-devel</build_port_path> <build_pbi> + <ports_before>security/openssl</ports_before> <custom_name>haproxy-devel</custom_name> <port>/usr/ports/net/haproxy-devel</port> </build_pbi> - <build_options>OPTIONS_UNSET=PCRE DPCRE;OPTIONS_SET=OPENSSL SPCRE</build_options> + <build_options>WITH_PORTS_OPENSSL=yes;OPTIONS_UNSET=PCRE DPCRE;OPTIONS_SET=OPENSSL SPCRE</build_options> </package> <package> <name>Apache with mod_security-dev</name> @@ -489,7 +490,7 @@ <build_port_path>/usr/ports/net/daq</build_port_path> <build_port_path>/usr/ports/net/libnet</build_port_path> <build_port_path>/usr/ports/security/barnyard2</build_port_path> - <build_port_path>/usr/ports/databases/mysql51-client</build_port_path> + <build_port_path>/usr/ports/databases/mysql55-client</build_port_path> <build_port_path>/usr/ports/security/snort</build_port_path> <build_pbi> <port>security/snort</port> @@ -505,44 +506,6 @@ <after_install_info>Please visit the Snort settings tab and enter your oinkid code. Afterwards visit the update rules tab to download the snort rules.</after_install_info> </package> <package> - <name>snort-dev</name> - <internal_name>snort</internal_name> - <pkginfolink>http://forum.pfsense.org/index.php/topic,16847.0.html</pkginfolink> - <website>http://www.snort.org</website> - <descr>Snort-dev is a development branch.</descr> - <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <depends_on_package_pbi>snort-2.9.2.3-amd64.pbi</depends_on_package_pbi> - <depends_on_package>mysql-client-5.1.53.tbz</depends_on_package> - <depends_on_package>barnyard2-1.9_2.tbz</depends_on_package> - <depends_on_package>libnet11-1.1.2.1_3,1.tbz</depends_on_package> - <depends_on_package>libdnet-1.11_3.tbz</depends_on_package> - <depends_on_package>libpcap-1.1.1_1.tbz</depends_on_package> - <depends_on_package>daq-0.6.2.tbz</depends_on_package> - <depends_on_package>snort-2.9.2.3.tbz</depends_on_package> - <depends_on_package>perl-threaded-5.12.4_4.tbz</depends_on_package> - <build_port_path>/usr/ports/devel/pcre</build_port_path> - <build_port_path>/usr/ports/net/daq</build_port_path> - <build_port_path>/usr/ports/net/libnet</build_port_path> - <build_port_path>/usr/ports/lang/perl5.14</build_port_path> - <build_port_path>/usr/ports/security/barnyard2</build_port_path> - <build_port_path>/usr/ports/databases/mysql51-client</build_port_path> - <build_port_path>/usr/ports/security/snort</build_port_path> - <build_pbi> - <custom_name>snort-dev</custom_name> - <port>security/snort</port> - <ports_after>security/barnyard2</ports_after> - </build_pbi> - <!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. --> - <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL;snort_UNSET=TARGETBASED PERFPROFILE;snort_SET=DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER REACT ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITHOUT_TARGETBASED=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options> - <config_file>http://www.pfsense.com/packages/config/snort-dev/snort.xml</config_file> - <version>2.9.2.3 pkg v. 3.0</version> - <required_version>2.0</required_version> - <status>Stable</status> - <configurationfile>/snort.xml</configurationfile> - <after_install_info>Please visit the Snort settings tab and enter your oinkid code. Afterwards visit the update rules tab to download the snort rules.</after_install_info> - </package> - <package> <name>olsrd</name> <website>http://www.olsr.org/</website> <descr>The olsr.org OLSR daemon is an implementation of the Optimized Link State Routing protocol. OLSR is a routing protocol for mobile ad-hoc networks. The protocol is pro-active, table driven and utilizes a technique called multipoint relaying for message flooding.</descr> @@ -1418,7 +1381,7 @@ <depends_on_package_pbi>p7zip-9.20.1-amd64.pbi zip-3.0-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/archivers/p7zip</build_port_path> <build_port_path>/usr/ports/archivers/zip</build_port_path> - <version>1.0.4</version> + <version>1.0.5</version> <status>RELEASE</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> @@ -1651,9 +1614,9 @@ </package> <package> <name>mailreport</name> - <descr>Allows you to setup periodic e-mail reports containing RRD graphs.</descr> + <descr>Allows you to setup periodic e-mail reports containing command output, log file contents, and RRD graphs.</descr> <category>Network Management</category> - <version>1.2</version> + <version>2.0.4</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/mailreport/mailreport.xml</config_file> @@ -1707,7 +1670,7 @@ <name>System Patches</name> <descr>A package to apply and maintain custom system patches.</descr> <maintainer>jimp@pfsense.org</maintainer> - <version>0.7.3</version> + <version>0.8</version> <category>System</category> <status>BETA</status> <config_file>http://www.pfsense.com/packages/config/systempatches/systempatches.xml</config_file> |