aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/autoconfigbackup/autoconfigbackup.inc4
-rw-r--r--config/autoconfigbackup/autoconfigbackup.xml5
-rw-r--r--config/dashboard/dashboard.inc11
-rw-r--r--config/dashboard/dashboard.xml2
-rw-r--r--config/onatproto/onatproto.inc18
-rw-r--r--config/onatproto/onatproto.patch267
-rw-r--r--config/onatproto/onatproto.xml65
-rw-r--r--config/siproxd.inc3
-rw-r--r--config/siproxd.xml7
9 files changed, 372 insertions, 10 deletions
diff --git a/config/autoconfigbackup/autoconfigbackup.inc b/config/autoconfigbackup/autoconfigbackup.inc
index fd0d3169..ac8038d2 100644
--- a/config/autoconfigbackup/autoconfigbackup.inc
+++ b/config/autoconfigbackup/autoconfigbackup.inc
@@ -133,8 +133,8 @@ function upload_config($reasonm = "") {
if(!file_exists("/cf/conf/autoconfigback.notice")) {
$notice_text = "Either the username, password or encryption password is not set for Automatic Configuration Backup. ";
$notice_text .= "Please correct this in Diagnostics -> AutoConfigBackup -> Settings.";
- log_error($notice_text);
- file_notice("AutoConfigBackup", $notice_text, $notice_text, "");
+ //log_error($notice_text);
+ //file_notice("AutoConfigBackup", $notice_text, $notice_text, "");
conf_mount_rw();
touch("/cf/conf/autoconfigback.notice");
conf_mount_ro();
diff --git a/config/autoconfigbackup/autoconfigbackup.xml b/config/autoconfigbackup/autoconfigbackup.xml
index 5e5eaf73..869cd747 100644
--- a/config/autoconfigbackup/autoconfigbackup.xml
+++ b/config/autoconfigbackup/autoconfigbackup.xml
@@ -49,11 +49,6 @@
<url>/autoconfigbackup.php</url>
</menu>
<additional_files_needed>
- <prefix>/usr/local/pkg/pf/</prefix>
- <chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/autoconfigbackup/upload_config_filter.php</item>
- </additional_files_needed>
- <additional_files_needed>
<prefix>/usr/local/pkg/parse_config/</prefix>
<chmod>0755</chmod>
<item>http://www.pfsense.com/packages/config/autoconfigbackup/parse_config_upload.php</item>
diff --git a/config/dashboard/dashboard.inc b/config/dashboard/dashboard.inc
index b147632e..a97954ae 100644
--- a/config/dashboard/dashboard.inc
+++ b/config/dashboard/dashboard.inc
@@ -4,10 +4,11 @@ function dashboard_install() {
global $g, $config;
assign_privs();
if(!file_exists("/usr/local/www/index.php.before_dashboard")) {
- /* backup the pre-dashboard index.php file */
+ /* backup the pre-dashboard files */
mwexec("cp /usr/local/www/index.php /usr/local/www/index.php.before_dashboard");
- /* backup the pre-dashboard fbegin.inc file */
mwexec("cp /usr/local/www/fbegin.inc /usr/local/www/fbegin.inc.before_dashboard");
+ mwexec("cp /usr/local/www/diag_logs_filter.php /usr/local/www/diag_logs_filter.php.before_dashboard");
+ mwexec("cp /usr/local/www/diag_logs_filter_dynamic.php /usr/local/www/diag_logs_filter_dynamic.php.before_dashboard");
}
mwexec("tar xzvpf /usr/local/pkg/widgets.tgz -C /");
assign_privs();
@@ -20,6 +21,8 @@ function dashboard_deinstall() {
/* restore the files prior to the dashboard package installation */
mwexec("cp /usr/local/www/index.php.before_dashboard /usr/local/www/index.php");
mwexec("cp /usr/local/www/fbegin.inc.before_dashboard /usr/local/www/fbegin.inc");
+ mwexec("cp /usr/local/www/diag_logs_filter.php.before_dashboard /usr/local/www/diag_logs_filter.php");
+ mwexec("cp /usr/local/www/diag_logs_filter_dynamic.php.before_dashboard /usr/local/www/diag_logs_filter_dynamic.php");
}
assign_privs();
}
@@ -29,10 +32,14 @@ function assign_privs() {
mwexec("chown root:wheel /usr/local/www/fbegin.php");
mwexec("chown root:wheel /usr/local/www/graph_cpu.php");
mwexec("chown root:wheel /usr/local/www/stats.php");
+ mwexec("chown root:wheel /usr/local/www/diag_logs_filter.php");
+ mwexec("chown root:wheel /usr/local/www/diag_logs_filter_dynamic.php");
mwexec("chmod a+rw /usr/local/www/index.php");
mwexec("chmod a+rw /usr/local/www/fbegin.php");
mwexec("chmod a+rw /usr/local/www/graph_cpu.php");
mwexec("chmod a+rw /usr/local/www/stats.php");
+ mwexec("chmod a+rw /usr/local/www/diag_logs_filter.php");
+ mwexec("chmod a+rw /usr/local/www/diag_logs_filter_dynamic.php");
}
?> \ No newline at end of file
diff --git a/config/dashboard/dashboard.xml b/config/dashboard/dashboard.xml
index a0e1b35a..26e41cef 100644
--- a/config/dashboard/dashboard.xml
+++ b/config/dashboard/dashboard.xml
@@ -46,7 +46,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>dashboard</name>
- <version>0.2</version>
+ <version>0.7.1</version>
<title>Dashboard</title>
<include_file>/usr/local/pkg/dashboard.inc</include_file>
<additional_files_needed>
diff --git a/config/onatproto/onatproto.inc b/config/onatproto/onatproto.inc
new file mode 100644
index 00000000..93454107
--- /dev/null
+++ b/config/onatproto/onatproto.inc
@@ -0,0 +1,18 @@
+<?php
+
+function onatproto_install() {
+ global $g, $config;
+
+ // Test to make sure the patch is not already applied.
+ $out = `patch -fslC --reverse -p1 -b .before_onatproto -d / -i /usr/local/pkg/onatproto.patch |& grep -ci reject`;
+ if ($out == 0) {
+ // If the patch has not already been applied, test to see if it will apply cleanly.
+ $out = `patch -fsNlC -p1 -b .before_onatproto -d / -i /usr/local/pkg/onatproto.patch |& grep -ci reject`;
+ if ($out == 0) {
+ // The patch should apply cleanly, let 'er rip.
+ mwexec("patch -fsNl -p1 -b .before_onatproto -d / -i /usr/local/pkg/onatproto.patch ");
+ }
+ }
+}
+
+?> \ No newline at end of file
diff --git a/config/onatproto/onatproto.patch b/config/onatproto/onatproto.patch
new file mode 100644
index 00000000..c8d802f3
--- /dev/null
+++ b/config/onatproto/onatproto.patch
@@ -0,0 +1,267 @@
+--- /etc/inc/filter.inc.orig 2009-02-24 15:11:55.000000000 -0500
++++ /etc/inc/filter.inc 2009-02-24 19:38:51.000000000 -0500
+@@ -494,7 +494,7 @@
+ }
+
+ /* Generate a 'nat on' or 'no nat on' rule for given interface */
+-function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "any", $dstport = "", $natip = "", $natport = "", $nonat = false, $staticnatport = false) {
++function filter_nat_rules_generate_if($if, $src = "any", $proto = "any", $srcport = "", $dst = "any", $dstport = "", $natip = "", $natport = "", $nonat = false, $staticnatport = false) {
+ global $config;
+
+ /* XXX: billm - any idea if this code is needed? */
+@@ -507,6 +507,12 @@
+ else
+ $tgt = "($if)";
+
++ /* Add the protocol, if defined */
++ if (($proto != "") && ($proto != "any"))
++ $protocol = " proto {$proto}";
++ else
++ $protocol = "";
++
+ /* Add the hard set source port (useful for ISAKMP) */
+ if ($natport != "")
+ $tgt .= " port {$natport}";
+@@ -546,7 +552,7 @@
+
+ /* Put all the pieces together */
+ if($if_friendly)
+- $natrule = "{$nat} on \${$if_friendly} from {$src} to {$dst} {$target}{$staticnatport_txt}\n";
++ $natrule = "{$nat} on \${$if_friendly} {$protocol} from {$src} to {$dst} {$target}{$staticnatport_txt}\n";
+
+ return $natrule;
+ }
+@@ -654,6 +660,7 @@
+
+ $natrules .= filter_nat_rules_generate_if($natif,
+ $src,
++ $obent['protocol'],
+ $obent['sourceport'],
+ $dst,
+ $obent['dstport'],
+@@ -669,9 +676,9 @@
+ update_filter_reload_status("Creating outbound NAT rules");
+
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$lansa}/{$lancfg['subnet']}", 500, "", 500, null, 500, false);
++ "{$lansa}/{$lancfg['subnet']}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$lansa}/{$lancfg['subnet']}", 5060, "", 5060, null, 5060, false);
++ "{$lansa}/{$lancfg['subnet']}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+ "{$lansa}/{$lancfg['subnet']}");
+
+@@ -683,9 +690,9 @@
+ $opt_interface = $oc['if'];
+ if (interface_has_gateway("$opt_interface")) {
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$lansa}/{$lancfg['subnet']}", 500, "", 500, null, 500, false);
++ "{$lansa}/{$lancfg['subnet']}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$lansa}/{$lancfg['subnet']}", 5060, "", 5060, null, 5060, false);
++ "{$lansa}/{$lancfg['subnet']}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+ "{$lansa}/{$lancfg['subnet']}");
+ }
+@@ -701,22 +708,22 @@
+
+ /* create outbound nat entries for primary wan */
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$optsa}/{$optcfg['subnet']}", 500, "", 500, null, 500, false);
++ "{$optsa}/{$optcfg['subnet']}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$optsa}/{$optcfg['subnet']}", 5060, "", 5060, null, 5060, false);
++ "{$optsa}/{$optcfg['subnet']}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$optsa}/{$optcfg['subnet']}", null, "", null, null, null, isset($optcfg['nonat']));
++ "{$optsa}/{$optcfg['subnet']}", "any", null, "", null, null, null, isset($optcfg['nonat']));
+
+ /* create outbound nat entries for all opt wans */
+ foreach($optints as $oc) {
+ $opt_interface = $oc['if'];
+ if (interface_has_gateway("$opt_interface")) {
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$optsa}/{$optcfg['subnet']}", 500, "", 500, null, 500, false);
++ "{$optsa}/{$optcfg['subnet']}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$optsa}/{$optcfg['subnet']}", 5060, "", 5060, null, 5060, false);
++ "{$optsa}/{$optcfg['subnet']}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$optsa}/{$optcfg['subnet']}", null, "", null, null, null, isset($optcfg['nonat']));
++ "{$optsa}/{$optcfg['subnet']}", "any", null, "", null, null, null, isset($optcfg['nonat']));
+ }
+ }
+ }
+@@ -728,9 +735,9 @@
+ if($config['pptp']['pptp_subnet'] <> "")
+ $pptp_subnet = $config['pptp']['pptp_subnet'];
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$pptpdcfg['remoteip']}/{$pptp_subnet}", 500, "", 500, null, 500, false);
++ "{$pptpdcfg['remoteip']}/{$pptp_subnet}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$pptpdcfg['remoteip']}/{$pptp_subnet}", 5060, "", 5060, null, 5060, false);
++ "{$pptpdcfg['remoteip']}/{$pptp_subnet}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+ "{$pptpdcfg['remoteip']}/{$pptp_subnet}");
+
+@@ -739,9 +746,9 @@
+ $opt_interface = $oc['if'];
+ if ((is_private_ip($pptpdcfg['remoteip'])) && (interface_has_gateway($opt_interface))) {
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$pptpdcfg['remoteip']}/{$pptp_subnet}", 500, "", 500, null, 500, false);
++ "{$pptpdcfg['remoteip']}/{$pptp_subnet}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$pptpdcfg['remoteip']}/{$pptp_subnet}", 5060, "", 5060, null, 5060, false);
++ "{$pptpdcfg['remoteip']}/{$pptp_subnet}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+ "{$pptpdcfg['remoteip']}/{$pptp_subnet}");
+ }
+@@ -754,20 +761,20 @@
+ if($config['pppoe']['pppoe_subnet'] <> "")
+ $pppoe_subnet = $config['pppoe']['pppoe_subnet'];
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$pppoecfg['remoteip']}/{$pppoe_subnet}", 500, "", 500, null, 500, false);
++ "{$pppoecfg['remoteip']}/{$pppoe_subnet}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$pppoecfg['remoteip']}/{$pppoe_subnet}", 5060, "", 5060, null, 5060, false);
++ "{$pppoecfg['remoteip']}/{$pppoe_subnet}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$pppoecfg['remoteip']}/{$pppoe_subnet}");
++ "{$pppoecfg['remoteip']}/{$pppoe_subnet}", "any");
+
+ /* generate nat mappings for opts with a gateway opts */
+ foreach($optints as $oc) {
+ $opt_interface = $oc['if'];
+ if ((is_private_ip($pppoecfg['remoteip'])) && (interface_has_gateway($opt_interface))) {
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$pppoecfg['remoteip']}/{$pppoe_subnet}", 500, "", 500, null, 500, false);
++ "{$pppoecfg['remoteip']}/{$pppoe_subnet}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$pppoecfg['remoteip']}/{$pppoe_subnet}", 5060, "", 5060, null, 5060, false);
++ "{$pppoecfg['remoteip']}/{$pppoe_subnet}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+ "{$pppoecfg['remoteip']}/{$pppoe_subnet}");
+ }
+@@ -780,22 +787,22 @@
+ $netip = explode("/", $route['network']);
+ if ((! interface_has_gateway($route['interface'])) && (is_private_ip($netip[0]))) {
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$route['network']}", 500, "", 500, null, 500, false);
++ "{$route['network']}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$route['network']}", 5060, "", 5060, null, 5060, false);
++ "{$route['network']}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($wanif,
+- "{$route['network']}", "", null);
++ "{$route['network']}", "any", "", null);
+ }
+ /* generate nat mapping for static routes on opts */
+ foreach($optints as $oc) {
+ $opt_interface = $oc['if'];
+ if ((! interface_has_gateway($route['interface'])) && (is_private_ip($netip[0])) && (interface_has_gateway($opt_interface))) {
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$route['network']}", 500, "", 500, null, 500, false);
++ "{$route['network']}", "any", 500, "", 500, null, 500, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$route['network']}", 5060, "", 5060, null, 5060, false);
++ "{$route['network']}", "any", 5060, "", 5060, null, 5060, false);
+ $natrules .= filter_nat_rules_generate_if($opt_interface,
+- "{$route['network']}", "", null);
++ "{$route['network']}", "any", "", null);
+ }
+ }
+
+--- /usr/local/www-orig/firewall_nat_out.php 2008-01-07 21:14:44.000000000 -0500
++++ /usr/local/www/firewall_nat_out.php 2009-02-24 18:21:20.000000000 -0500
+@@ -102,6 +102,7 @@
+ $natent['interface'] = "wan";
+ $natent['destination']['any'] = true;
+ $natent['natport'] = "";
++ $natent['protocol'] = "any";
+ $a_out[] = $natent;
+ }
+ $savemsg = "Default rules for each interface have been created.";
+@@ -265,6 +266,11 @@
+ echo "LAN";
+ else
+ echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
++
++ if (($natent['protocol'] != "any") && ($natent['protocol'] != ""))
++ $proto = $natent['protocol'] . "/";
++ else
++ $proto = "";
+ ?>
+ &nbsp;
+ </td>
+@@ -273,10 +279,11 @@
+ </td>
+ <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
+ <?php
++
+ if (!$natent['sourceport'])
+- echo "*";
++ echo $proto . "*";
+ else
+- echo $natent['sourceport'];
++ echo $proto . $natent['sourceport'];
+ ?>
+ </td>
+ <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
+@@ -293,9 +300,9 @@
+ <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
+ <?php
+ if (!$natent['dstport'])
+- echo "*";
++ echo $proto . "*";
+ else
+- echo $natent['dstport'];
++ echo $proto . $natent['dstport'];
+ ?>
+ </td>
+ <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
+--- /usr/local/www-orig/firewall_nat_out_edit.php 2008-11-08 17:53:23.000000000 -0500
++++ /usr/local/www/firewall_nat_out_edit.php 2009-02-25 12:07:33.000000000 -0500
+@@ -49,6 +49,7 @@
+ }
+
+ if (isset($id) && $a_out[$id]) {
++ $pconfig['proto'] = $a_out[$id]['protocol'];
+ list($pconfig['source'],$pconfig['source_subnet']) = explode('/', $a_out[$id]['source']['network']);
+ $pconfig['sourceport'] = $a_out[$id]['sourceport'];
+ address_to_pconfig($a_out[$id]['destination'], $pconfig['destination'],
+@@ -170,6 +171,9 @@
+ if (!$natent['interface'])
+ $natent['interface'] == "wan";
+
++ if ($natent['proto'] != $_POST['proto'])
++ continue;
++
+ if (($natent['interface'] == $_POST['interface']) && ($natent['source']['network'] == $osn)) {
+ if (isset($natent['destination']['not']) == isset($_POST['destination_not'])) {
+ if ((isset($natent['destination']['any']) && ($ext == "any")) ||
+@@ -188,6 +192,7 @@
+ $natent['descr'] = $_POST['descr'];
+ $natent['target'] = $_POST['target'];
+ $natent['interface'] = $_POST['interface'];
++ $natent['protocol'] = $_POST['proto'];
+
+ /* static-port */
+ if(isset($_POST['staticnatport']))
+@@ -316,6 +321,17 @@
+ Hint: in most cases, you'll want to use WAN here.</span></td>
+ </tr>
+ <tr>
++ <td width="22%" valign="top" class="vncellreq">Protocol</td>
++ <td width="78%" class="vtable">
++ <select name="proto" class="formfld" onChange="proto_change(); check_for_aliases();">
++ <?php $protocols = explode(" ", "any TCP UDP GRE ESP AH L2TP ICMP"); foreach ($protocols as $proto): ?>
++ <option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['proto']) echo "selected"; ?>><?=htmlspecialchars($proto);?></option>
++ <?php endforeach; ?>
++ </select> <br> <span class="vexpl">Choose which IP protocol
++ this rule should match.<br>
++ Hint: in most cases, you should specify <em>any</em> &nbsp;here.</span></td>
++ </tr>
++ <tr>
+ <td width="22%" valign="top" class="vncellreq">Source</td>
+ <td width="78%" class="vtable">
+ <table border="0" cellspacing="1" cellpadding="1">
diff --git a/config/onatproto/onatproto.xml b/config/onatproto/onatproto.xml
new file mode 100644
index 00000000..e4e4e8b9
--- /dev/null
+++ b/config/onatproto/onatproto.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ onatproto.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2007 to whom it may belong
+ All rights reserved.
+
+ Based on m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Patch to add Protocol options to Manual Outbound NAT</description>
+ <requirements>pfSense 1.2.x</requirements>
+ <faq>Only needed if you want to NAT outbound based on protocol as well as port.</faq>
+ <name>onatproto</name>
+ <version>0.1</version>
+ <title>onatproto</title>
+ <include_file>/usr/local/pkg/onatproto.inc</include_file>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/onatproto/onatproto.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/onatproto/onatproto.patch</item>
+ </additional_files_needed>
+ <custom_php_install_command>
+ onatproto_install();
+ </custom_php_install_command>
+</packagegui>
diff --git a/config/siproxd.inc b/config/siproxd.inc
index bfa5529b..fee47a90 100644
--- a/config/siproxd.inc
+++ b/config/siproxd.inc
@@ -153,6 +153,9 @@ function sync_package_siproxd() {
}
}
+ if($_POST['expeditedforwarding'] != "")
+ fwrite($fout, "rtp_dscp = 46\n");
+
fclose($fout);
write_rcfile(array(
diff --git a/config/siproxd.xml b/config/siproxd.xml
index 5fb56f5e..deccf90d 100644
--- a/config/siproxd.xml
+++ b/config/siproxd.xml
@@ -155,6 +155,13 @@
<description>Enter the port of the outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross.</description>
<type>input</type>
</field>
+ <field>
+ <fielddescr>Expedited Forwarding</fielddescr>
+ <fieldname>expeditedforwarding</fieldname>
+ <description>This service is designed to allow ISPs to offer a service with attributes similar to a "leased line". This service offers the ULTIMATE IN LOW LOSS, LOW LATENCY AND LOW JITTER by ensuring that there is always sufficient room in output queues for the contracted expedited forwarding traffic.
+ </description>
+ <type>checkbox</type>
+ </field>
</fields>
<custom_php_global_functions>
</custom_php_global_functions>