aboutsummaryrefslogtreecommitdiffstats
path: root/config/tinc
diff options
context:
space:
mode:
Diffstat (limited to 'config/tinc')
-rw-r--r--config/tinc/pkg_tinc.inc2
-rw-r--r--config/tinc/status_tinc.php119
-rw-r--r--config/tinc/tinc.inc323
-rw-r--r--config/tinc/tinc.xml340
-rw-r--r--config/tinc/tinc_config.xml215
-rw-r--r--config/tinc/tinc_hosts.xml129
6 files changed, 602 insertions, 526 deletions
diff --git a/config/tinc/pkg_tinc.inc b/config/tinc/pkg_tinc.inc
index b5b223b0..1ec4ebc0 100644
--- a/config/tinc/pkg_tinc.inc
+++ b/config/tinc/pkg_tinc.inc
@@ -3,7 +3,7 @@
global $shortcuts;
$shortcuts['tinc'] = array();
-$shortcuts['tinc']['main'] = "pkg_edit.php?xml=tinc_config.xml";
+$shortcuts['tinc']['main'] = "pkg_edit.php?xml=tinc.xml";
$shortcuts['tinc']['status'] = "status_tinc.php";
$shortcuts['tinc']['log'] = "diag_pkglogs.php?pkg=tinc";
$shortcuts['tinc']['service'] = "tinc";
diff --git a/config/tinc/status_tinc.php b/config/tinc/status_tinc.php
index f50ea640..59a1cb6e 100644
--- a/config/tinc/status_tinc.php
+++ b/config/tinc/status_tinc.php
@@ -1,88 +1,107 @@
<?php
+/*
+ status_tinc.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012-2015 ESF, LLC
+ All rights reserved.
-$pgtitle = array(gettext("Status"), "tinc");
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
require("guiconfig.inc");
-function tinc_status_1() {
- exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR1");
+function tinc_status_usr1() {
+ exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR1");
usleep(500000);
- $clog_path = "";
+ $clog_path = "/usr/local/sbin/clog";
$result = array();
- if (is_executable("/usr/local/sbin/clog")) {
- $clog_path = "/usr/local/sbin/clog";
- } elseif (is_executable("/usr/sbin/clog")) {
- $clog_path = "/usr/sbin/clog";
- }
- if (!empty($clog_path))
- exec("{$clog_path} /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result);
- $i=0;
- foreach($result as $line)
- {
- if(preg_match("/Connections:/",$line))
- $begin=$i;
- if(preg_match("/End of connections./",$line))
- $end=$i;
+ exec("{$clog_path} /var/log/tinc.log | /usr/bin/sed -e 's/.*tinc\[.*\]: //'", $result);
+ $i = 0;
+ foreach ($result as $line) {
+ if (preg_match("/Connections:/", $line)) {
+ $begin = $i;
+ }
+ if (preg_match("/End of connections./", $line)) {
+ $end = $i;
+ }
$i++;
}
- $output="";
- $i=0;
- foreach($result as $line)
- {
- if($i >= $begin && $i<= $end)
+ $output = "";
+ $i = 0;
+ foreach ($result as $line) {
+ if ($i >= $begin && $i<= $end) {
$output .= $line . "\n";
+ }
$i++;
}
return $output;
}
-function tinc_status_2() {
- exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR2");
+function tinc_status_usr2() {
+ exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR2");
usleep(500000);
- $clog_path = "";
+ $clog_path = "/usr/local/sbin/clog";
$result = array();
- if (is_executable("/usr/local/sbin/clog")) {
- $clog_path = "/usr/local/sbin/clog";
- } elseif (is_executable("/usr/sbin/clog")) {
- $clog_path = "/usr/sbin/clog";
- }
- if (!empty($clog_path))
- exec("{$clog_path} /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result);
- $i=0;
- foreach($result as $line)
- {
- if(preg_match("/Statistics for Generic BSD tun device/",$line))
- $begin=$i;
- if(preg_match("/End of subnet list./",$line))
- $end=$i;
+ exec("{$clog_path} /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result);
+ $i = 0;
+ foreach ($result as $line) {
+ if (preg_match("/Statistics for Generic BSD tun device/",$line)) {
+ $begin = $i;
+ }
+ if (preg_match("/End of subnet list./",$line)) {
+ $end = $i;
+ }
$i++;
}
$output="";
- $i=0;
- foreach($result as $line)
- {
- if($i >= $begin && $i<= $end)
+ $i = 0;
+ foreach ($result as $line) {
+ if ($i >= $begin && $i<= $end) {
$output .= $line . "\n";
+ }
$i++;
}
return $output;
}
$shortcut_section = "tinc";
-include("head.inc"); ?>
+$pgtitle = array(gettext("Status"), "tinc");
+include("head.inc");
+?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?=$jsevents["body"]["onload"];?>">
<?php include("fbegin.inc"); ?>
-Connection list:<BR>
+<strong>Connection list:</strong><br />
<pre>
-<?php print tinc_status_1(); ?>
+<?php print tinc_status_usr1(); ?>
</pre>
-<BR>
-Virtual network device statistics, all known nodes, edges and subnets:<BR>
+<br />
+<strong>Virtual network device statistics, all known nodes, edges and subnets:</strong><br />
<pre>
-<?php print tinc_status_2(); ?>
+<?php print tinc_status_usr2(); ?>
</pre>
<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/tinc/tinc.inc b/config/tinc/tinc.inc
index 82d5b453..65f07e32 100644
--- a/config/tinc/tinc.inc
+++ b/config/tinc/tinc.inc
@@ -1,204 +1,255 @@
<?php
-
+/*
+ tinc.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012-2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/* include_once('guiconfig.inc'); is needed for clear_log_file() during package installation while booting.
+ * However, guiconfig.inc includes authgui.inc which requires a valid php session_auth() and exits when not found.
+ * So we include the function here.
+*/
if (!function_exists('clear_log_file')) {
-//include_once('guiconfig.inc'); // needed for clear_log_file() during package installation while booting
-//however guiconfig.inc includes authgui.inc which requires a valid php session_auth(), and exits when not found..
-//so include the function here..
+
function clear_log_file($logfile = "/var/log/system.log", $restart_syslogd = true) {
global $config, $g;
- if ($restart_syslogd)
+ if ($restart_syslogd) {
exec("/usr/bin/killall syslogd");
- if(isset($config['system']['disablesyslogclog'])) {
+ }
+ if (isset($config['system']['disablesyslogclog'])) {
unlink($logfile);
touch($logfile);
} else {
$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : "511488";
- if(isset($config['system']['usefifolog']))
+ if (isset($config['system']['usefifolog'])) {
exec("/usr/sbin/fifolog_create -s {$log_size} " . escapeshellarg($logfile));
- else
+ } else {
exec("/usr/local/sbin/clog -i -s {$log_size} " . escapeshellarg($logfile));
+ }
}
- if ($restart_syslogd)
+ if ($restart_syslogd) {
system_syslogd_start();
+ }
}
}
function tinc_save() {
- global $config;
+ global $config, $configpath;
+ $configpath = '/usr/local/etc/tinc/';
+
conf_mount_rw();
- exec("/bin/mv -f /usr/local/etc/tinc /usr/local/etc/tinc.old");
- safe_mkdir("/usr/local/etc/tinc");
- safe_mkdir("/usr/local/etc/tinc/hosts");
- exec("touch /usr/local/etc/tinc/WARNING-ENTIRE_DIRECTORY_ERASED_ON_SAVE_FROM_GUI");
+
+ rename("{$configpath}", "{$configpath}.old");
+ safe_mkdir("{$configpath}");
+ safe_mkdir("{$configpath}/hosts");
+ touch("{$configpath}/WARNING-ENTIRE_DIRECTORY_ERASED_ON_SAVE_FROM_GUI");
$tincconf = &$config['installedpackages']['tinc']['config'][0];
- $fout = fopen("/usr/local/etc/tinc/tinc.conf","w");
+ $fout = fopen("{$configpath}/tinc.conf", "w");
// No proper config, bail out.
- if (!isset($tincconf['name']) || empty($tincconf['name']))
+ if (!isset($tincconf['name']) || empty($tincconf['name'])) {
+ log_error("[tinc] Cannot configure (name not set). Check your configuration.");
return;
+ }
- fwrite($fout, "name=".$tincconf['name']."\n");
- fwrite($fout, "AddressFamily=".$tincconf['addressfamily']."\n");
- if(!is_array($config['installedpackages']['tinchosts']['config'])) { $config['installedpackages']['tinchosts']['config']=Array(); }
- foreach($config['installedpackages']['tinchosts']['config'] as $host) {
- if($host['connect'])
- {
+ fwrite($fout, "name=" . $tincconf['name'] . "\n");
+ fwrite($fout, "AddressFamily=" . $tincconf['addressfamily'] . "\n");
+ if (!is_array($config['installedpackages']['tinchosts']['config'])) {
+ $config['installedpackages']['tinchosts']['config']= array();
+ }
+ foreach ($config['installedpackages']['tinchosts']['config'] as $host) {
+ if($host['connect']) {
fwrite($fout, "ConnectTo=" . $host['name'] . "\n");
}
-
- $_output = "Address=".$host['address']."\n";
- $_output .= "Subnet=".$host['subnet']."\n";
- $_output .= base64_decode($host['extra'])."\n";
- $_output .= base64_decode($host['cert_pub'])."\n";
- file_put_contents('/usr/local/etc/tinc/hosts/'.$host['name'],$_output);
- if($host['host_up'])
- {
- file_put_contents('/usr/local/etc/tinc/hosts/'.$host['name'].'-up',str_replace("\r", "", base64_decode($host['host_up']))."\n");
- chmod('/usr/local/etc/tinc/hosts/'.$host['name'].'-up', 0744);
+
+ $_output = "Address=" . $host['address'] . "\n";
+ $_output .= "Subnet=" . $host['subnet'] . "\n";
+ $_output .= base64_decode($host['extra']) . "\n";
+ $_output .= base64_decode($host['cert_pub']) . "\n";
+ file_put_contents("{$configpath}/hosts/" . $host['name'], $_output);
+ if ($host['host_up']) {
+ file_put_contents("{$configpath}/hosts/" . $host['name'] . '-up', str_replace("\r", "", base64_decode($host['host_up'])) . "\n");
+ chmod("{$configpath}/hosts/" . $host['name'] . '-up', 0744);
}
- if($host['host_down'])
- {
- file_put_contents('/usr/local/etc/tinc/hosts/'.$host['name'].'-down',str_replace("\r", "", base64_decode($host['host_down']))."\n");
- chmod('/usr/local/etc/tinc/hosts/'.$host['name'].'-down', 0744);
+ if ($host['host_down']) {
+ file_put_contents("{$configpath}/hosts/" . $host['name'] . '-down', str_replace("\r", "", base64_decode($host['host_down'])) . "\n");
+ chmod("{$configpath}/hosts/" . $host['name'] . '-down', 0744);
}
}
- fwrite($fout, base64_decode($tincconf['extra'])."\n");
+ fwrite($fout, base64_decode($tincconf['extra']) . "\n");
fclose($fout);
// Check if we need to generate a new RSA key pair.
- if ($tincconf['gen_rsa'])
- {
- safe_mkdir("/usr/local/etc/tinc/tmp");
- exec("/usr/local/sbin/tincd -c /usr/local/etc/tinc/tmp -K");
- $tincconf['cert_pub'] = base64_encode(file_get_contents('/usr/local/etc/tinc/tmp/rsa_key.pub'));
- $tincconf['cert_key'] = base64_encode(file_get_contents('/usr/local/etc/tinc/tmp/rsa_key.priv'));
+ if ($tincconf['gen_rsa']) {
+ safe_mkdir("{$configpath}/tmp");
+ exec("/usr/local/sbin/tincd -c {$configpath}/tmp -K");
+ $tincconf['cert_pub'] = base64_encode(file_get_contents("{$configpath}/tmp/rsa_key.pub"));
+ $tincconf['cert_key'] = base64_encode(file_get_contents("{$configpath}/tmp/rsa_key.priv"));
$tincconf['gen_rsa'] = false;
$config['installedpackages']['tinc']['config'][0]['cert_pub'] = $tincconf['cert_pub'];
$config['installedpackages']['tinc']['config'][0]['cert_key'] = $tincconf['cert_key'];
$config['installedpackages']['tinc']['config'][0]['gen_rsa'] = $tincconf['gen_rsa'];
- rmdir_recursive("/usr/local/etc/tinc/tmp");
- write_config();
+ rmdir_recursive("{$configpath}/tmp");
+ write_config("[tinc] New RSA key pair generated.");
}
$_output = "Subnet=" . $tincconf['localsubnet'] . "\n";
$_output .= base64_decode($tincconf['host_extra']) . "\n";
$_output .= base64_decode($tincconf['cert_pub']) . "\n";
- file_put_contents('/usr/local/etc/tinc/hosts/' . $tincconf['name'],$_output);
- file_put_contents('/usr/local/etc/tinc/rsa_key.priv',base64_decode($tincconf['cert_key'])."\n");
- chmod("/usr/local/etc/tinc/rsa_key.priv", 0600);
- if($tincconf['tinc_up'])
- {
+ file_put_contents("{$configpath}/hosts/" . $tincconf['name'], $_output);
+ file_put_contents("{$configpath}/rsa_key.priv", base64_decode($tincconf['cert_key']) . "\n");
+ chmod("{$configpath}/rsa_key.priv", 0600);
+ if ($tincconf['tinc_up']) {
$_output = base64_decode($tincconf['tinc_up']) . "\n";
- }
- else
- {
+ } else {
$_output = "ifconfig \$INTERFACE " . $tincconf['localip'] . " netmask " . $tincconf['vpnnetmask'] . "\n";
$_output .= "ifconfig \$INTERFACE group tinc\n";
}
- file_put_contents('/usr/local/etc/tinc/tinc-up',$_output);
- chmod("/usr/local/etc/tinc/tinc-up", 0744);
- if($tincconf['tinc_down'])
- {
- file_put_contents('/usr/local/etc/tinc/tinc-down',str_replace("\r", "", base64_decode($tincconf['tinc_down'])) . "\n");
- chmod("/usr/local/etc/tinc/tinc-down", 0744);
- }
- if($tincconf['host_up'])
- {
- file_put_contents('/usr/local/etc/tinc/host-up',str_replace("\r", "", base64_decode($tincconf['host_up'])) . "\n");
- chmod("/usr/local/etc/tinc/host-up", 0744);
- }
- if($tincconf['host_down'])
- {
- file_put_contents('/usr/local/etc/tinc/host-down',str_replace("\r", "", base64_decode($tincconf['host_down'])) . "\n");
- chmod("/usr/local/etc/tinc/host-down", 0744);
- }
- if($tincconf['subnet_up'])
- {
- file_put_contents('/usr/local/etc/tinc/subnet-up',str_replace("\r", "", base64_decode($tincconf['subnet_up'])) . "\n");
- chmod("/usr/local/etc/tinc/subnet-up", 0744);
- }
- if($tincconf['subnet_down'])
- {
- file_put_contents('/usr/local/etc/tinc/subnet-down',str_replace("\r", "", base64_decode($tincconf['subnet_down'])) . "\n");
- chmod("/usr/local/etc/tinc/subnet-down", 0744);
- }
- system("/usr/local/etc/rc.d/tinc.sh restart 2>/dev/null");
- rmdir_recursive("/usr/local/etc/tinc.old");
+ file_put_contents("{$configpath}/tinc-up", $_output);
+ chmod("{$configpath}/tinc-up", 0744);
+ if ($tincconf['tinc_down']) {
+ file_put_contents("{$configpath}/tinc-down", str_replace("\r", "", base64_decode($tincconf['tinc_down'])) . "\n");
+ chmod("{$configpath}/tinc-down", 0744);
+ }
+ if ($tincconf['host_up']) {
+ file_put_contents("{$configpath}/host-up", str_replace("\r", "", base64_decode($tincconf['host_up'])) . "\n");
+ chmod("{$configpath}/host-up", 0744);
+ }
+ if ($tincconf['host_down']) {
+ file_put_contents("{$configpath}/host-down", str_replace("\r", "", base64_decode($tincconf['host_down'])) . "\n");
+ chmod("{$configpath}/host-down", 0744);
+ }
+ if ($tincconf['subnet_up']) {
+ file_put_contents("{$configpath}/subnet-up", str_replace("\r", "", base64_decode($tincconf['subnet_up'])) . "\n");
+ chmod("{$configpath}/subnet-up", 0744);
+ }
+ if ($tincconf['subnet_down']) {
+ file_put_contents("{$configpath}/subnet-down", str_replace("\r", "", base64_decode($tincconf['subnet_down'])) . "\n");
+ chmod("{$configpath}/subnet-down", 0744);
+ }
+
+ $pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
+ if ($pfs_version == "2.2") {
+ $pbietcpath = '/usr/pbi/tinc-' . php_uname("m") . '/local/etc';
+ unlink_if_exists("{$pbietcpath}/tinc");
+ symlink($configpath, "{$pbietcpath}/tinc");
+ }
+
+ if ($tincconf['enable'] != "") {
+ restart_service("tinc");
+ } elseif (is_process_running("tincd")); {
+ stop_service("tinc");
+ }
+ rmdir_recursive("/usr/local/etc/tinc.old");
conf_mount_ro();
}
function tinc_install() {
global $config;
+
safe_mkdir("/usr/local/etc/tinc");
safe_mkdir("/usr/local/etc/tinc/hosts");
- $_rcfile['file']='tinc.sh';
- $_rcfile['start'].="/usr/local/sbin/tincd --config=/usr/local/etc/tinc\n\t";
- $_rcfile['stop'].="/usr/local/sbin/tincd --kill \n\t";
- write_rcfile($_rcfile);
+ $rc['file'] = 'tinc.sh';
+ $rc['start'] .= "/usr/local/sbin/tincd --config=/usr/local/etc/tinc\n\t";
+ $rc['stop'] .= "/usr/local/sbin/tincd --kill \n\t";
+ write_rcfile($rc);
unlink_if_exists("/usr/local/etc/rc.d/tincd");
clear_log_file("/var/log/tinc.log");
-
- conf_mount_rw();
- /* Create Interface Group */
- if (!is_array($config['ifgroups']['ifgroupentry']))
- $config['ifgroups']['ifgroupentry'] = array();
-
- $a_ifgroups = &$config['ifgroups']['ifgroupentry'];
- $ifgroupentry = array();
- $ifgroupentry['members'] = '';
- $ifgroupentry['descr'] = 'tinc mesh VPN interface group';
- $ifgroupentry['ifname'] = 'tinc';
- $a_ifgroups[] = $ifgroupentry;
+ /* Create Interface Group */
+ if (!is_array($config['ifgroups']['ifgroupentry'])) {
+ $config['ifgroups']['ifgroupentry'] = array();
+ }
- /* XXX: Do not remove this. */
- mwexec("/bin/rm -f /tmp/config.cache");
+ $a_ifgroups = &$config['ifgroups']['ifgroupentry'];
+ $ifgroupentry = array();
+ $ifgroupentry['members'] = '';
+ $ifgroupentry['descr'] = 'tinc mesh VPN interface group';
+ $ifgroupentry['ifname'] = 'tinc';
+ $a_ifgroups[] = $ifgroupentry;
- write_config();
+ /* XXX: Do not remove this. WTH?! */
+ mwexec("/bin/rm -f /tmp/config.cache");
- conf_mount_ro();
+ write_config("[tinc] Package installed.");
}
function tinc_deinstall() {
global $config;
- /* Remove Interface Group */
- conf_mount_rw();
- if (!is_array($config['ifgroups']['ifgroupentry']))
- $config['ifgroups']['ifgroupentry'] = array();
-
- $a_ifgroups = &$config['ifgroups']['ifgroupentry'];
-
- $myid=-1;
- $i = 0;
- foreach ($a_ifgroups as $ifgroupentry)
- {
- if($ifgroupentry['ifname']=='tinc')
- {
- $myid=$i;
- break;
- }
- $i++;
- }
-
- if ($myid >= 0 && $a_ifgroups[$myid])
- {
- $members = explode(" ", $a_ifgroups[$_GET['id']]['members']);
- foreach ($members as $ifs)
- {
- $realif = get_real_interface($ifs);
- if ($realif)
- mwexec("/sbin/ifconfig {$realif} -group " . escapeshellarg($a_ifgroups[$_GET['id']]['ifname']));
- }
- unset($a_ifgroups[$myid]);
- mwexec("/bin/rm -f /tmp/config.cache");
- write_config();
- }
- conf_mount_ro();
+ /* Remove Interface Group */
+ if (!is_array($config['ifgroups']['ifgroupentry'])) {
+ $config['ifgroups']['ifgroupentry'] = array();
+ }
+
+ $a_ifgroups = &$config['ifgroups']['ifgroupentry'];
+
+ $myid = -1;
+ $i = 0;
+ foreach ($a_ifgroups as $ifgroupentry) {
+ if ($ifgroupentry['ifname'] == 'tinc') {
+ $myid = $i;
+ break;
+ }
+ $i++;
+ }
+
+ if ($myid >= 0 && $a_ifgroups[$myid]) {
+ $members = explode(" ", $a_ifgroups[$_GET['id']]['members']);
+ foreach ($members as $ifs) {
+ $realif = get_real_interface($ifs);
+ if ($realif) {
+ mwexec("/sbin/ifconfig {$realif} -group " . escapeshellarg($a_ifgroups[$_GET['id']]['ifname']));
+ }
+ }
+ unset($a_ifgroups[$myid]);
+ /* WTH?! */
+ mwexec("/bin/rm -f /tmp/config.cache");
+ write_config("[tinc] Package uninstalled.");
+ }
rmdir_recursive("/var/tmp/tinc");
rmdir_recursive("/usr/local/etc/tinc*");
- unlink_if_exists("/usr/local/etc/rc.d/tinc.sh");
}
+function tinc_validate_input($post, &$input_errors) {
+ if ($post['localip']) {
+ if ((!is_ipaddr($post['localip'])) && (!is_hostname($post['localip']))) {
+ $input_errors[] = gettext("'Local IP' must be a valid IP address or hostname.");
+ }
+ }
+ if ($post['address']) {
+ if ((!is_ipaddr($post['address'])) && (!is_hostname($post['address']))) {
+ $input_errors[] = gettext("'Host Address' must be a valid IP address or hostname.");
+ }
+ }
+ if (($post['localsubnet']) && (!is_subnet($post['localsubnet']))) {
+ $input_errors[] = gettext("'Local Subnet' must be a valid subnet.");
+ }
+ if (($post['subnet']) && (!is_subnet($post['subnet']))) {
+ $input_errors[] = gettext("'Subnet' must be a valid subnet.");
+ }
+}
?>
diff --git a/config/tinc/tinc.xml b/config/tinc/tinc.xml
index 183ae161..89d1e8ce 100644
--- a/config/tinc/tinc.xml
+++ b/config/tinc/tinc.xml
@@ -1,103 +1,317 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
+ <copyright>
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- tinc.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2007-2008 Scott Ullrich
- All rights reserved.
- */
-/* ========================================================================== */
+ tinc.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012-2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>A self-contained VPN solution designed to connect multiple sites together in a secure way.</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
+ <description>A self-contained VPN solution designed to connect multiple sites together in a secure way.</description>
<name>tinc</name>
- <version>1.0.23 v1.2.1</version>
- <title>VPN: tinc</title>
- <!-- Menu is where this packages menu will appear -->
+ <version>1.2.2</version>
+ <title>VPN: tinc - Config</title>
+ <include_file>/usr/local/pkg/tinc.inc</include_file>
+ <configpath>['installedpackages']['package']['$packagename']['config']</configpath>
<menu>
<name>tinc</name>
- <tooltiptext>tinc is a mesh VPN daemon.</tooltiptext>
<section>VPN</section>
- <configfile>tinc_config.xml</configfile>
- <url>/pkg_edit.php?xml=tinc_config.xml</url>
+ <configfile>tinc.xml</configfile>
+ <url>/pkg_edit.php?xml=tinc.xml</url>
</menu>
<menu>
- <name>tincd</name>
- <tooltiptext>Status of tinc VPN Daemon</tooltiptext>
+ <name>tinc VPN</name>
<section>Status</section>
<url>/status_tinc.php</url>
</menu>
-
+ <service>
+ <name>tinc</name>
+ <rcfile>tinc.sh</rcfile>
+ <executable>tincd</executable>
+ <description>Tinc Mesh VPN</description>
+ </service>
+ <tabs>
+ <tab>
+ <text>Config</text>
+ <url>/pkg_edit.php?xml=tinc.xml</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Hosts</text>
+ <url>/pkg.php?xml=tinc_hosts.xml</url>
+ </tab>
+ </tabs>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0644</chmod>
<item>https://packages.pfsense.org/packages/config/tinc/tinc.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0644</chmod>
- <item>https://packages.pfsense.org/packages/config/tinc/tinc_config.xml</item>
- </additional_files_needed>
- <additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
- <chmod>0644</chmod>
<item>https://packages.pfsense.org/packages/config/tinc/tinc_hosts.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/tinc/status_tinc.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/shortcuts/</prefix>
- <chmod>0644</chmod>
<item>https://packages.pfsense.org/packages/config/tinc/pkg_tinc.inc</item>
</additional_files_needed>
-
- <service>
- <name>tinc</name>
- <rcfile>tinc.sh</rcfile>
- <executable>tincd</executable>
- <description>tinc mesh VPN</description>
- </service>
- <include_file>/usr/local/pkg/tinc.inc</include_file>
-
+ <advanced_options>enabled</advanced_options>
+ <fields>
+ <field>
+ <name>Basic Settings</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable Tinc VPN</fielddescr>
+ <fieldname>enable</fieldname>
+ <description>Check this to enable tinc mesh VPN.</description>
+ <type>checkbox</type>
+ </field>
+ <field>
+ <fielddescr>Name</fielddescr>
+ <fieldname>name</fieldname>
+ <description>
+ <![CDATA[
+ This is the name which identifies this tinc daemon.<br />
+ It must be unique for the virtual private network this daemon will connect to.
+ ]]>
+ </description>
+ <type>input</type>
+ <required/>
+ </field>
+ <field>
+ <fielddescr>Local IP</fielddescr>
+ <fieldname>localip</fieldname>
+ <description>
+ <![CDATA[
+ IP Address of local tunnel interface.<br />
+ This is often the same IP as your routers LAN address. (Example: 192.168.2.1)
+ ]]>
+ </description>
+ <type>input</type>
+ <required/>
+ </field>
+ <field>
+ <fielddescr>Local Subnet</fielddescr>
+ <fieldname>localsubnet</fieldname>
+ <description>
+ <![CDATA[
+ Subnet behind this router that should be advertised to the mesh.<br />
+ This is usually your LAN subnet. (Example: 192.168.2.0/24)
+ ]]>
+ </description>
+ <type>input</type>
+ <required/>
+ </field>
+ <field>
+ <fielddescr>VPN Netmask</fielddescr>
+ <fieldname>vpnnetmask</fieldname>
+ <description>
+ <![CDATA[
+ This is the Netmask that defines what traffic is routed to the VPNs tunnel interface.<br />
+ It is usually broader then your local netmask. (Example: 255.255.0.0)
+ ]]>
+ </description>
+ <type>input</type>
+ <required/>
+ </field>
+ <field>
+ <fielddescr>Address Family</fielddescr>
+ <fieldname>addressfamily</fieldname>
+ <description>
+ <![CDATA[
+ This option affects the address family of listening and outgoing sockets.<br />
+ If "Any" is selected, then - depending on the operating system - either both IPv4 and IPv6 or just IPv6 listening sockets will be created.
+ ]]>
+ </description>
+ <type>select</type>
+ <options>
+ <option>
+ <name>IPv4</name>
+ <value>ipv4</value>
+ </option>
+ <option>
+ <name>IPv6</name>
+ <value>ipv6</value>
+ </option>
+ <option>
+ <name>Any</name>
+ <value>any</value>
+ </option>
+ </options>
+ </field>
+ <field>
+ <fielddescr>RSA Private Key</fielddescr>
+ <fieldname>cert_key</fieldname>
+ <description>
+ <![CDATA[
+ RSA private key used for this host. <strong>Include the BEGIN and END lines.</strong><br />
+ ]]>
+ </description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>7</rows>
+ <cols>70</cols>
+ </field>
+ <field>
+ <fielddescr>RSA Public Key</fielddescr>
+ <fieldname>cert_pub</fieldname>
+ <description>
+ <![CDATA[
+ RSA public key used for this host. <strong>Include the BEGIN and END lines.</strong><br />
+ ]]>
+ </description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>7</rows>
+ <cols>70</cols>
+ </field>
+ <field>
+ <fielddescr>Generate RSA Key Pair</fielddescr>
+ <fieldname>gen_rsa</fieldname>
+ <description>This will generate a new RSA key pair in the fields above.</description>
+ <type>checkbox</type>
+ </field>
+ <field>
+ <fielddescr>Extra Tinc Parameters</fielddescr>
+ <fieldname>extra</fieldname>
+ <description>
+ <![CDATA[
+ Anything entered here will be added at the end of the tinc.conf configuration file.<br />
+ ]]>
+ </description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>8</rows>
+ <cols>70</cols>
+ <advancedfield/>
+ </field>
+ <field>
+ <fielddescr>Extra Host Parameters</fielddescr>
+ <fieldname>host_extra</fieldname>
+ <description>
+ <![CDATA[
+ Anything entered here will be added just prior to the public certiciate in the host configuration file for this machine.<br />
+ ]]>
+ </description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>8</rows>
+ <cols>70</cols>
+ <advancedfield/>
+ </field>
+ <field>
+ <fielddescr>Interface Up Script</fielddescr>
+ <fieldname>tinc_up</fieldname>
+ <description>
+ <![CDATA[
+ This script is executed right after the tinc daemon has connected to the virtual network device.<br />
+ By default, a tinc-up file is created that brings up the tinc interface with the IP Address and Netmask specified above and adds it to the tinc interface group.<br />
+ <strong>Note: Entering a value here complely replaces the default script; be sure to bring up the interface in this script!</strong>
+ ]]>
+ </description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>8</rows>
+ <cols>70</cols>
+ <advancedfield/>
+ </field>
+ <field>
+ <fielddescr>Interface Down Script</fielddescr>
+ <fieldname>tinc_down</fieldname>
+ <description>This script is executed right before the tinc daemon is going to close.</description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>8</rows>
+ <cols>70</cols>
+ <advancedfield/>
+ </field>
+ <field>
+ <fielddescr>Host Up Script</fielddescr>
+ <fieldname>host_up</fieldname>
+ <description>This script is executed when any host becomes reachable.</description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>8</rows>
+ <cols>70</cols>
+ <advancedfield/>
+ </field>
+ <field>
+ <fielddescr>Host Down Script</fielddescr>
+ <fieldname>host_down</fieldname>
+ <description>This script is executed when any host becomes unreachable.</description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>8</rows>
+ <cols>70</cols>
+ <advancedfield/>
+ </field>
+ <field>
+ <fielddescr>Subnet Up Script</fielddescr>
+ <fieldname>subnet_up</fieldname>
+ <description>This script is executed when any subnet becomes reachable.</description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>8</rows>
+ <cols>70</cols>
+ <advancedfield/>
+ </field>
+ <field>
+ <fielddescr>Subnet Down Script</fielddescr>
+ <fieldname>subnet_down</fieldname>
+ <description>This script is executed when any subnet becomes unreachable.</description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>8</rows>
+ <cols>70</cols>
+ <advancedfield/>
+ </field>
+ </fields>
<custom_php_install_command>
tinc_install();
</custom_php_install_command>
<custom_php_deinstall_command>
tinc_deinstall();
</custom_php_deinstall_command>
-
+ <custom_php_resync_config_command>
+ tinc_save();
+ </custom_php_resync_config_command>
+ <custom_php_validation_command>
+ tinc_validate_input($_POST, $input_errors);
+ </custom_php_validation_command>
</packagegui>
diff --git a/config/tinc/tinc_config.xml b/config/tinc/tinc_config.xml
deleted file mode 100644
index d6ee9c26..00000000
--- a/config/tinc/tinc_config.xml
+++ /dev/null
@@ -1,215 +0,0 @@
-<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
-<packagegui>
- <copyright>
- <![CDATA[
-/* $Id$ */
-/* ========================================================================== */
-/*
- tinc_config.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2007-2008 Scott Ullrich
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <name>tinc</name>
- <version>1.0.19</version>
- <title>VPN: tinc</title>
-
- <!-- configpath gets expanded out automatically and config items will be
- stored in that location -->
- <configpath>['installedpackages']['package']['$packagename']['config']</configpath>
-
- <tabs>
- <tab>
- <text>Config</text>
- <url>/pkg_edit.php?xml=tinc_config.xml</url>
- <active/>
- </tab>
- <tab>
- <text>Hosts</text>
- <url>/pkg.php?xml=tinc_hosts.xml</url>
- </tab>
- </tabs>
- <advanced_options>enabled</advanced_options>
- <fields>
- <field>
- <fielddescr>Name</fielddescr>
- <fieldname>name</fieldname>
- <description>This is the name which identifies this tinc daemon. It must be unique for the virtual private network this daemon will connect to.</description>
- <type>input</type>
- </field>
- <field>
- <fielddescr>Local IP</fielddescr>
- <fieldname>localip</fieldname>
- <description>IP Address of local tunnel interface. This is often the same IP as your routers LAN address, for example 192.168.2.1</description>
- <type>input</type>
- </field>
- <field>
- <fielddescr>Local Subnet</fielddescr>
- <fieldname>localsubnet</fieldname>
- <description>Subnet behind this router that should be advertised to the mesh. This is usually your LAN subnet, for example 192.168.2.0/24</description>
- <type>input</type>
- </field>
- <field>
- <fielddescr>VPN Netmask</fielddescr>
- <fieldname>vpnnetmask</fieldname>
- <description>This is the Netmask that defines what traffic is routed to the VPNs tunnel interface. It is usually broader then your local netmask, for example 255.255.0.0</description>
- <type>input</type>
- </field>
- <field>
- <fielddescr>AddressFamily</fielddescr>
- <fieldname>addressfamily</fieldname>
- <description>This option affects the address family of listening and outgoing sockets. If "any" is selected, then depending on the operating system both IPv4 and IPv6 or just IPv6 listening sockets will be created.</description>
- <type>select</type>
- <options>
- <option>
- <name>ipv4</name>
- <value>ipv4</value>
- </option>
- <option>
- <name>ipv6</name>
- <value>ipv6</value>
- </option>
- <option>
- <name>any</name>
- <value>any</value>
- </option>
- </options>
- </field>
- <field>
- <fielddescr>RSA private key</fielddescr>
- <fieldname>cert_key</fieldname>
- <description>RSA private key used for this host. Include the BEGIN and END lines. &lt;br&gt;</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>7</rows>
- <cols>65</cols>
- </field>
- <field>
- <fielddescr>RSA public key</fielddescr>
- <fieldname>cert_pub</fieldname>
- <description>RSA public key used for this host. Include the BEGIN and END lines. &lt;br&gt;</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>7</rows>
- <cols>65</cols>
- </field>
- <field>
- <fielddescr>Generate RSA key pair</fielddescr>
- <fieldname>gen_rsa</fieldname>
- <description>This will generate a new RSA key pair in the fields above.</description>
- <type>checkbox</type>
- </field>
- <field>
- <fielddescr>Extra Tinc Parameters</fielddescr>
- <fieldname>extra</fieldname>
- <description>Anything entered here will be added at the end of the tinc.conf configuration file. &lt;br&gt;</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>8</rows>
- <cols>65</cols>
- <advancedfield/>
- </field>
- <field>
- <fielddescr>Extra Host Parameters</fielddescr>
- <fieldname>host_extra</fieldname>
- <description>Anything entered here will be added just prior to the public certiciate in the host configuration file for this machine. &lt;br&gt;</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>8</rows>
- <cols>65</cols>
- <advancedfield/>
- </field>
- <field>
- <fielddescr>Interface Up Script</fielddescr>
- <fieldname>tinc_up</fieldname>
- <description>This script is executed right after the tinc daemon has connected to the virtual network device. By default a tinc-up file is created that brings up the tinc interface with the IP Address and Netmask specified above and adds it to the tinc interface group. Entering a value here complely replaces the default script so be sure to bring up the interface in this script.</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>8</rows>
- <cols>65</cols>
- <advancedfield/>
- </field>
- <field>
- <fielddescr>Interface Down Script</fielddescr>
- <fieldname>tinc_down</fieldname>
- <description>This script is executed right before the tinc daemon is going to close.</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>8</rows>
- <cols>65</cols>
- <advancedfield/>
- </field>
- <field>
- <fielddescr>Host Up Script</fielddescr>
- <fieldname>host_up</fieldname>
- <description>This script is executed when any host becomes reachable.</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>8</rows>
- <cols>65</cols>
- <advancedfield/>
- </field>
- <field>
- <fielddescr>Host Down Script</fielddescr>
- <fieldname>host_down</fieldname>
- <description>This script is executed when any host becomes unreachable.</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>8</rows>
- <cols>65</cols>
- <advancedfield/>
- </field>
- <field>
- <fielddescr>Subnet Up Script</fielddescr>
- <fieldname>subnet_up</fieldname>
- <description>This script is executed when any subnet becomes reachable.</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>8</rows>
- <cols>65</cols>
- <advancedfield/>
- </field>
- <field>
- <fielddescr>Subnet Down Script</fielddescr>
- <fieldname>subnet_down</fieldname>
- <description>This script is executed when any subnet becomes unreachable.</description>
- <type>textarea</type>
- <encoding>base64</encoding>
- <rows>8</rows>
- <cols>65</cols>
- <advancedfield/>
- </field>
- </fields>
- <include_file>/usr/local/pkg/tinc.inc</include_file>
- <custom_php_resync_config_command>
- tinc_save();
- </custom_php_resync_config_command>
-</packagegui>
diff --git a/config/tinc/tinc_hosts.xml b/config/tinc/tinc_hosts.xml
index 7741b7be..b521d4a2 100644
--- a/config/tinc/tinc_hosts.xml
+++ b/config/tinc/tinc_hosts.xml
@@ -1,57 +1,54 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
+ <copyright>
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- tinc_hosts.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2007-2009 Scott Ullrich
- All rights reserved.
- */
-/* ========================================================================== */
+ tinc_hosts.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012-2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>tinc Hosts</description>
- <requirements></requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>tinchosts</name>
- <version>1.0.19</version>
+ <version>1.2.2</version>
<title>VPN: tinc - Hosts</title>
- <!-- configpath gets expanded out automatically and config items will be
- stored in that location -->
+ <include_file>/usr/local/pkg/tinc.inc</include_file>
<configpath>['installedpackages']['package']['$packagename']['config']</configpath>
-
<tabs>
<tab>
<text>Config</text>
- <url>/pkg_edit.php?xml=tinc_config.xml</url>
+ <url>/pkg_edit.php?xml=tinc.xml</url>
</tab>
<tab>
<text>Hosts</text>
@@ -60,9 +57,6 @@
</tab>
</tabs>
<advanced_options>enabled</advanced_options>
-
- <!-- adddeleteeditpagefields items will appear on the first page where you can add / delete or edit
- items. An example of this would be the nat page where you add new nat redirects -->
<adddeleteeditpagefields>
<columnitem>
<fielddescr>Name</fielddescr>
@@ -83,20 +77,20 @@
</columnitem>
</adddeleteeditpagefields>
- <!-- fields gets invoked when the user adds or edits a item. the following items
- will be parsed and rendered for the user as a gui with input, and selectboxes. -->
<fields>
<field>
<fielddescr>Name</fielddescr>
<fieldname>name</fieldname>
<description>Name of this host.</description>
<type>input</type>
+ <required/>
</field>
<field>
<fielddescr>Address</fielddescr>
<fieldname>address</fieldname>
<description>IP address or hostname of server.</description>
<type>input</type>
+ <required/>
</field>
<field>
<fielddescr>Subnet</fielddescr>
@@ -104,6 +98,7 @@
<description>Subnet behind host (like 192.168.254.0/24)</description>
<type>input</type>
<size>50</size>
+ <required/>
</field>
<field>
<fielddescr>Connect at Startup</fielddescr>
@@ -114,54 +109,66 @@
<field>
<fielddescr>RSA public key</fielddescr>
<fieldname>cert_pub</fieldname>
- <description>RSA public key used for this host. Include the BEGIN and END lines.&lt;br&gt;</description>
+ <description>
+ <![CDATA[
+ RSA public key used for this host. <strong>Include the BEGIN and END lines.</strong><br />
+ ]]>
+ </description>
<type>textarea</type>
<encoding>base64</encoding>
<rows>7</rows>
- <cols>65</cols>
+ <cols>70</cols>
</field>
<field>
<fielddescr>Extra Parameters</fielddescr>
<fieldname>extra</fieldname>
- <description>Anything entered here will be added just prior to the public certiciate in the host configuration file. &lt;br&gt;</description>
+ <description>
+ <![CDATA[
+ Anything entered here will be added just prior to the public certiciate in the host configuration file.<br />
+ ]]>
+ </description>
<type>textarea</type>
<encoding>base64</encoding>
<rows>8</rows>
- <cols>65</cols>
+ <cols>70</cols>
<advancedfield/>
</field>
<field>
<fielddescr>Host Up Script</fielddescr>
<fieldname>host_up</fieldname>
- <description>This script will be run when this host becomes reachable. &lt;br&gt;</description>
+ <description>
+ <![CDATA[
+ This script will be run when this host becomes reachable.<br />
+ ]]>
+ </description>
<type>textarea</type>
<encoding>base64</encoding>
<rows>8</rows>
- <cols>65</cols>
+ <cols>70</cols>
<advancedfield/>
</field>
<field>
<fielddescr>Host Down Script</fielddescr>
<fieldname>host_down</fieldname>
- <description>This script will be run when this host becomes unreachable. &lt;br&gt;</description>
+ <description>
+ <![CDATA[
+ This script will be run when this host becomes unreachable.<br />
+ ]]>
+ </description>
<type>textarea</type>
<encoding>base64</encoding>
<rows>8</rows>
- <cols>65</cols>
+ <cols>70</cols>
<advancedfield/>
</field>
- </fields>
- <include_file>/usr/local/pkg/tinc.inc</include_file>
- <custom_add_php_command>
- </custom_add_php_command>
+ </fields>
<custom_php_resync_config_command>
tinc_save();
</custom_php_resync_config_command>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
- <custom_php_after_form_command>
- </custom_php_after_form_command>
<custom_delete_php_command>
tinc_save();
</custom_delete_php_command>
+ <custom_php_validation_command>
+ tinc_validate_input($_POST, $input_errors);
+ </custom_php_validation_command>
</packagegui>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 20:37:28 +0000