aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/apcupsd/apcupsd.xml4
-rw-r--r--config/archive/clamsmtp.inc2
-rw-r--r--config/archive/jail_template.xml (renamed from config/jail_template.xml)0
-rw-r--r--config/archive/jail_template/jail_template.img.uzip (renamed from config/jail_template/jail_template.img.uzip)bin63200768 -> 63200768 bytes
-rw-r--r--config/archive/jail_template/jail_template.inc (renamed from config/jail_template/jail_template.inc)0
-rw-r--r--config/archive/jailctl.xml (renamed from config/jailctl.xml)0
-rwxr-xr-xconfig/archive/jailctl/jailctl (renamed from config/jailctl/jailctl)0
-rw-r--r--config/archive/jailctl/jailctl-utils.inc (renamed from config/jailctl/jailctl-utils.inc)0
-rw-r--r--config/archive/jailctl/jailctl.inc (renamed from config/jailctl/jailctl.inc)0
-rw-r--r--config/archive/jailctl/jailctl.xml (renamed from config/jailctl/jailctl.xml)0
-rw-r--r--config/archive/jailctl/jailctl_defaults.xml (renamed from config/jailctl/jailctl_defaults.xml)0
-rw-r--r--config/archive/jailctl/jailctl_list.inc (renamed from config/jailctl/jailctl_list.inc)0
-rw-r--r--config/archive/jailctl/jailctl_settings.xml (renamed from config/jailctl/jailctl_settings.xml)0
-rwxr-xr-xconfig/archive/jailctl/sysinstall (renamed from config/jailctl/sysinstall)bin447888 -> 447888 bytes
-rw-r--r--config/archive/viralator.inc2
-rw-r--r--config/autoconfigbackup/autoconfigbackup.inc12
-rw-r--r--config/autoconfigbackup/autoconfigbackup.xml6
-rw-r--r--config/autoconfigbackup/autoconfigbackup_backup.php4
-rw-r--r--config/bandwidthd/bandwidthd.inc11
-rw-r--r--config/bandwidthd/bandwidthd.xml2
-rw-r--r--config/bind/bind.inc2
-rw-r--r--config/bind/bind_zones.xml2
-rw-r--r--config/checkmk-agent/checkmk.xml4
-rw-r--r--config/clamav.inc8
-rw-r--r--config/clamav.xml4
-rw-r--r--config/filer/filer.xml4
-rw-r--r--config/haproxy-devel/haproxy.inc36
-rw-r--r--config/haproxy-devel/haproxy.xml3
-rwxr-xr-xconfig/haproxy-legacy/haproxy_frontends_edit.php11
-rwxr-xr-xconfig/haproxy-legacy/haproxy_global.php6
-rwxr-xr-xconfig/haproxy-legacy/haproxy_servers_edit.php6
-rwxr-xr-xconfig/haproxy/haproxy_global.php6
-rwxr-xr-xconfig/haproxy/haproxy_listeners_edit.php11
-rwxr-xr-xconfig/haproxy/haproxy_pool_edit.php6
-rw-r--r--config/imspector/imspector.inc2
-rw-r--r--config/imspector/imspector.xml4
-rw-r--r--config/imspector/imspector_acls.xml2
-rw-r--r--config/imspector/imspector_replacements.xml2
-rw-r--r--config/lcdproc-dev/lcdproc.inc8
-rw-r--r--config/lcdproc-dev/lcdproc.xml8
-rw-r--r--config/lcdproc-dev/lcdproc_client.php1
-rw-r--r--config/lcdproc-dev/lcdproc_screens.xml4
-rw-r--r--config/lcdproc/lcdproc.inc8
-rw-r--r--config/lcdproc/lcdproc.xml6
-rw-r--r--config/lcdproc/lcdproc_screens.xml4
-rw-r--r--config/mailreport/mail_reports.inc8
-rw-r--r--config/mailreport/mailreport.xml2
-rw-r--r--config/nrpe2/nrpe2.inc6
-rw-r--r--config/nrpe2/nrpe2.xml3
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.xml2
-rw-r--r--config/quagga_ospfd/quagga_ospfd.inc69
-rw-r--r--config/quagga_ospfd/quagga_ospfd.xml11
-rw-r--r--config/quagga_ospfd/quagga_ospfd_interfaces.xml4
-rw-r--r--config/quagga_ospfd/quagga_ospfd_raw.xml71
-rw-r--r--config/quagga_ospfd/status_ospfd.php4
-rw-r--r--config/sarg/sarg.inc2
-rw-r--r--config/spamd/spamd.inc2
-rw-r--r--config/spamd/spamd_settings.xml4
-rw-r--r--config/squid/squid.inc12
-rw-r--r--config/squid/squid.xml4
-rw-r--r--config/squid/squid_auth.xml2
-rw-r--r--config/squid/squid_cache.xml2
-rw-r--r--config/squid/squid_nac.xml2
-rw-r--r--config/squid/squid_traffic.xml2
-rw-r--r--config/squid/squid_upstream.xml2
-rw-r--r--config/squidGuard/squidguard.inc50
-rw-r--r--config/squidGuard/squidguard.xml6
-rw-r--r--config/squidGuard/squidguard_acl.xml4
-rw-r--r--config/squidGuard/squidguard_configurator.inc50
-rw-r--r--config/squidGuard/squidguard_default.xml4
-rw-r--r--config/squidGuard/squidguard_dest.xml4
-rw-r--r--config/squidGuard/squidguard_log.php8
-rw-r--r--config/squidGuard/squidguard_rewr.xml2
-rw-r--r--config/squidGuard/squidguard_time.xml2
-rw-r--r--config/suricata/suricata.inc9
-rw-r--r--config/suricata/suricata.xml2
-rw-r--r--config/suricata/suricata_alerts.php2
-rw-r--r--config/suricata/suricata_barnyard.php2
-rw-r--r--config/suricata/suricata_interfaces.php45
-rw-r--r--config/suricata/suricata_interfaces_edit.php55
-rw-r--r--config/suricata/suricata_logs_browser.php17
-rw-r--r--config/suricata/suricata_passlist_edit.php7
-rw-r--r--config/suricata/suricata_post_install.php6
-rw-r--r--config/suricata/suricata_suppress_edit.php7
-rw-r--r--config/suricata/suricata_uninstall.php7
-rw-r--r--config/suricata/suricata_yaml_template.inc2
-rw-r--r--config/syslog-ng/syslog-ng.inc4
-rw-r--r--config/syslog-ng/syslog-ng.xml4
-rw-r--r--config/syslog-ng/syslog-ng_advanced.xml2
-rw-r--r--config/systempatches/system_patches_edit.php2
-rw-r--r--config/systempatches/systempatches.xml2
-rw-r--r--config/tinc/status_tinc.php94
-rw-r--r--config/tinc/tinc.xml2
-rw-r--r--config/zebedee/zebedee.xml4
94 files changed, 540 insertions, 280 deletions
diff --git a/config/apcupsd/apcupsd.xml b/config/apcupsd/apcupsd.xml
index 3ed95a7a..5ef2b946 100644
--- a/config/apcupsd/apcupsd.xml
+++ b/config/apcupsd/apcupsd.xml
@@ -40,7 +40,7 @@
<name>Apcupsd</name>
<title>Services: Apcupsd (General)</title>
<category>Monitoring</category>
- <version>0.3</version>
+ <version>0.3.1</version>
<include_file>/usr/local/pkg/apcupsd.inc</include_file>
<addedit_string>Apcupsd has been created/modified.</addedit_string>
<delete_string>Apcupsd has been deleted.</delete_string>
@@ -339,7 +339,7 @@ UPSTYPE DEVICE Description <br>
<custom_php_command_before_form></custom_php_command_before_form>
<custom_php_after_head_command></custom_php_after_head_command>
<custom_php_after_form_command></custom_php_after_form_command>
- <custom_php_validation_command>validate_input_apcupsd($_POST, &amp;$input_errors);</custom_php_validation_command>
+ <custom_php_validation_command>validate_input_apcupsd($_POST, $input_errors);</custom_php_validation_command>
<custom_add_php_command></custom_add_php_command>
<custom_php_resync_config_command>sync_package_apcupsd();</custom_php_resync_config_command>
<custom_php_deinstall_command>php_deinstall_apcupsd();</custom_php_deinstall_command>
diff --git a/config/archive/clamsmtp.inc b/config/archive/clamsmtp.inc
index f23a35c1..cc16cf82 100644
--- a/config/archive/clamsmtp.inc
+++ b/config/archive/clamsmtp.inc
@@ -20,7 +20,7 @@ function clamsmtp_install_command() {
clamsmtp_resync();
}
-function clamsmtp_validate_input($post, $input_errors) {
+function clamsmtp_validate_input($post, &$input_errors) {
if (!is_ipaddr(trim($post['smtp_server'])))
$input_errors[] = 'The field \'SMTP server\' must contain a valid IP address.';
$port = trim($post['smtp_port']);
diff --git a/config/jail_template.xml b/config/archive/jail_template.xml
index fc6b2502..fc6b2502 100644
--- a/config/jail_template.xml
+++ b/config/archive/jail_template.xml
diff --git a/config/jail_template/jail_template.img.uzip b/config/archive/jail_template/jail_template.img.uzip
index 1c92fb90..1c92fb90 100644
--- a/config/jail_template/jail_template.img.uzip
+++ b/config/archive/jail_template/jail_template.img.uzip
Binary files differ
diff --git a/config/jail_template/jail_template.inc b/config/archive/jail_template/jail_template.inc
index f9c00b79..f9c00b79 100644
--- a/config/jail_template/jail_template.inc
+++ b/config/archive/jail_template/jail_template.inc
diff --git a/config/jailctl.xml b/config/archive/jailctl.xml
index ab6cf1e3..ab6cf1e3 100644
--- a/config/jailctl.xml
+++ b/config/archive/jailctl.xml
diff --git a/config/jailctl/jailctl b/config/archive/jailctl/jailctl
index 542c2db6..542c2db6 100755
--- a/config/jailctl/jailctl
+++ b/config/archive/jailctl/jailctl
diff --git a/config/jailctl/jailctl-utils.inc b/config/archive/jailctl/jailctl-utils.inc
index 36c50d23..36c50d23 100644
--- a/config/jailctl/jailctl-utils.inc
+++ b/config/archive/jailctl/jailctl-utils.inc
diff --git a/config/jailctl/jailctl.inc b/config/archive/jailctl/jailctl.inc
index d6b7344c..d6b7344c 100644
--- a/config/jailctl/jailctl.inc
+++ b/config/archive/jailctl/jailctl.inc
diff --git a/config/jailctl/jailctl.xml b/config/archive/jailctl/jailctl.xml
index 4c96f88d..4c96f88d 100644
--- a/config/jailctl/jailctl.xml
+++ b/config/archive/jailctl/jailctl.xml
diff --git a/config/jailctl/jailctl_defaults.xml b/config/archive/jailctl/jailctl_defaults.xml
index c499abcb..c499abcb 100644
--- a/config/jailctl/jailctl_defaults.xml
+++ b/config/archive/jailctl/jailctl_defaults.xml
diff --git a/config/jailctl/jailctl_list.inc b/config/archive/jailctl/jailctl_list.inc
index d1869bd6..d1869bd6 100644
--- a/config/jailctl/jailctl_list.inc
+++ b/config/archive/jailctl/jailctl_list.inc
diff --git a/config/jailctl/jailctl_settings.xml b/config/archive/jailctl/jailctl_settings.xml
index ae09adaf..ae09adaf 100644
--- a/config/jailctl/jailctl_settings.xml
+++ b/config/archive/jailctl/jailctl_settings.xml
diff --git a/config/jailctl/sysinstall b/config/archive/jailctl/sysinstall
index d4a05fb1..d4a05fb1 100755
--- a/config/jailctl/sysinstall
+++ b/config/archive/jailctl/sysinstall
Binary files differ
diff --git a/config/archive/viralator.inc b/config/archive/viralator.inc
index dc4e6041..36ceb37f 100644
--- a/config/archive/viralator.inc
+++ b/config/archive/viralator.inc
@@ -24,7 +24,7 @@ EOD;
make_dirs(VIRALATOR_DOWNLOADDIR);
}
-function viralator_validate_input($post, $input_errors) {
+function viralator_validate_input($post, &$input_errors) {
if (trim($post['http_otherexts'])) {
foreach (explode(',', $post['http_otherexts']) as $ext) {
$ext = trim($ext);
diff --git a/config/autoconfigbackup/autoconfigbackup.inc b/config/autoconfigbackup/autoconfigbackup.inc
index f67191ae..0ca3ebe9 100644
--- a/config/autoconfigbackup/autoconfigbackup.inc
+++ b/config/autoconfigbackup/autoconfigbackup.inc
@@ -130,13 +130,11 @@ function upload_config($reasonm = "") {
}
// Define some needed variables
- if(!file_exists("/cf/conf/lastpfSbackup.txt")) {
- conf_mount_rw();
- touch("/cf/conf/lastpfSbackup.txt");
- conf_mount_ro();
- }
+ if(file_exists("/cf/conf/lastpfSbackup.txt"))
+ $last_backup_date = str_replace("\n", "", file_get_contents("/cf/conf/lastpfSbackup.txt"));
+ else
+ $last_backup_date = "";
- $last_backup_date = str_replace("\n", "", file_get_contents("/cf/conf/lastpfSbackup.txt"));
$last_config_change = $config['revision']['time'];
$hostname = $config['system']['hostname'] . "." . $config['system']['domain'];
if($reasonm)
@@ -241,4 +239,4 @@ function upload_config($reasonm = "") {
}
}
-?> \ No newline at end of file
+?>
diff --git a/config/autoconfigbackup/autoconfigbackup.xml b/config/autoconfigbackup/autoconfigbackup.xml
index 1e5d44c1..b0514e6a 100644
--- a/config/autoconfigbackup/autoconfigbackup.xml
+++ b/config/autoconfigbackup/autoconfigbackup.xml
@@ -37,7 +37,7 @@
<description>Automatically backs up your pfSense configuration. All contents are encrypted on the server. Requires Gold or Support Subscription from https://portal.pfsense.org</description>
<requirements>pfSense Portal subscription</requirements>
<name>AutoConfigBackup</name>
- <version>1.24</version>
+ <version>1.25</version>
<title>Diagnostics: Auto Configuration Backup</title>
<savetext>Change</savetext>
<include_file>/usr/local/pkg/autoconfigbackup.inc</include_file>
@@ -144,7 +144,9 @@
</custom_php_validation_command>
<custom_php_resync_config_command>
<![CDATA[
- exec("echo > /cf/conf/lastpfSbackup.txt");
+ conf_mount_rw();
+ @unlink("/cf/conf/lastpfSbackup.txt");
+ conf_mount_ro();
if(!function_exists("filter_configure"))
require_once("filter.inc");
filter_configure();
diff --git a/config/autoconfigbackup/autoconfigbackup_backup.php b/config/autoconfigbackup/autoconfigbackup_backup.php
index a65fba4d..7a6b045f 100644
--- a/config/autoconfigbackup/autoconfigbackup_backup.php
+++ b/config/autoconfigbackup/autoconfigbackup_backup.php
@@ -48,7 +48,9 @@ if($_POST) {
else
write_config("Backup invoked via Auto Config Backup.");
$config = parse_config(true);
- exec("echo > /cf/conf/lastpfSbackup.txt");
+ conf_mount_rw();
+ @unlink("/cf/conf/lastpfSbackup.txt", "");
+ conf_mount_ro();
upload_config($_REQUEST['reason']);
$savemsg = "Backup completed successfully.";
$donotshowheader=true;
diff --git a/config/bandwidthd/bandwidthd.inc b/config/bandwidthd/bandwidthd.inc
index 7cdc8006..16ce4ab1 100644
--- a/config/bandwidthd/bandwidthd.inc
+++ b/config/bandwidthd/bandwidthd.inc
@@ -34,9 +34,15 @@ switch ($pfs_version) {
case "1.2":
case "2.0":
define('PKG_BANDWIDTHD_BASE', '/usr/local/bandwidthd');
+ define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', '');
break;
- default:
+ case "2.1":
define('PKG_BANDWIDTHD_BASE', '/usr/pbi/bandwidthd-' . php_uname("m") . '/bandwidthd');
+ define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', '');
+ break;
+ default:
+ define('PKG_BANDWIDTHD_BASE', '/usr/pbi/bandwidthd-' . php_uname("m") . '/local/bandwidthd');
+ define('PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV', 'LD_LIBRARY_PATH=/usr/pbi/bandwidthd-' . php_uname("m") . '/local/lib');
}
// End: Check pfSense version
@@ -63,6 +69,7 @@ function bandwidthd_install_config() {
/* the conf file must be ./etc/bandwidthd.conf relative to the current dir */
$bandwidthd_base_dir = PKG_BANDWIDTHD_BASE;
$bandwidthd_config_dir = PKG_BANDWIDTHD_BASE . "/etc";
+ $bandwidthd_runtime_library_env = PKG_BANDWIDTHD_RUNTIME_LIBRARY_ENV;
conf_mount_rw();
config_lock();
@@ -336,7 +343,7 @@ if [ ! -f "{$bandwidthd_htdocs_dir}/logo.gif" ] ; then
/bin/cp {$bandwidthd_base_dir}/htdocs/logo.gif {$bandwidthd_htdocs_dir}
fi
cd {$bandwidthd_nano_dir}
-{$bandwidthd_nano_dir}/bandwidthd
+{$bandwidthd_runtime_library_env} {$bandwidthd_nano_dir}/bandwidthd
cd -
EOD;
} else {
diff --git a/config/bandwidthd/bandwidthd.xml b/config/bandwidthd/bandwidthd.xml
index 7f0f12fe..fc768761 100644
--- a/config/bandwidthd/bandwidthd.xml
+++ b/config/bandwidthd/bandwidthd.xml
@@ -46,7 +46,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>bandwidthd</name>
- <version>2.0.1_5 pkg v.0.3</version>
+ <version>2.0.1_5 pkg v.0.4</version>
<title>Bandwidthd</title>
<aftersaveredirect>/pkg_edit.php?xml=bandwidthd.xml&amp;id=0</aftersaveredirect>
<include_file>/usr/local/pkg/bandwidthd.inc</include_file>
diff --git a/config/bind/bind.inc b/config/bind/bind.inc
index 17d171d1..9b4a444d 100644
--- a/config/bind/bind.inc
+++ b/config/bind/bind.inc
@@ -47,7 +47,7 @@ else
define('CHROOT_LOCALBASE','/cf/named');
-function bind_zone_validate($post, $input_errors){
+function bind_zone_validate($post, &$input_errors){
if (key_exists("mail",$_POST))
$_POST['mail']=preg_replace("/@/",".",$post['mail']);
diff --git a/config/bind/bind_zones.xml b/config/bind/bind_zones.xml
index 3506df63..24c3b99e 100644
--- a/config/bind/bind_zones.xml
+++ b/config/bind/bind_zones.xml
@@ -434,7 +434,7 @@
<custom_php_validation_command>
if ($_POST['type']=="master")
$_POST['serial']=(date("U")+ 1000000000);
- bind_zone_validate($_POST, &amp;$input_errors);
+ bind_zone_validate($_POST, $input_errors);
</custom_php_validation_command>
<custom_delete_php_command>
bind_sync();
diff --git a/config/checkmk-agent/checkmk.xml b/config/checkmk-agent/checkmk.xml
index 120b6634..2b4f6996 100644
--- a/config/checkmk-agent/checkmk.xml
+++ b/config/checkmk-agent/checkmk.xml
@@ -41,7 +41,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>checkmk</name>
- <version>0.5</version>
+ <version>0.1.1</version>
<title>Check_mk Agent</title>
<include_file>/usr/local/pkg/checkmk.inc</include_file>
<additional_files_needed>
@@ -110,7 +110,7 @@
<custom_php_command_before_form>
</custom_php_command_before_form>
<custom_php_validation_command>
- checkmk_validate_input($_POST, &amp;$input_errors);
+ checkmk_validate_input($_POST, $input_errors);
</custom_php_validation_command>
<custom_delete_php_command>
sync_package_checkmk();
diff --git a/config/clamav.inc b/config/clamav.inc
index 3aaaf71d..036f69cb 100644
--- a/config/clamav.inc
+++ b/config/clamav.inc
@@ -108,7 +108,7 @@ EOD;
}
}
-function clamav_before_form($pkg) {
+function clamav_before_form(&$pkg) {
global $config;
if (is_package_installed('p3scan')) {
@@ -203,15 +203,15 @@ function clamav_before_form($pkg) {
}
}
-function clamav_validate_input($post, $input_errors) {
+function clamav_validate_input($post, &$input_errors) {
if ($post['scan_smtp'] == 'on') {
require_once('clamsmtp.inc');
- clamsmtp_validate_input($post, &$input_errors);
+ clamsmtp_validate_input($post, $input_errors);
}
if (is_package_installed('viralator')) {
require_once('viralator.inc');
- viralator_validate_input($post, &$input_errors);
+ viralator_validate_input($post, $input_errors);
}
}
diff --git a/config/clamav.xml b/config/clamav.xml
index 94f8c74f..aac32d1e 100644
--- a/config/clamav.xml
+++ b/config/clamav.xml
@@ -116,13 +116,13 @@
</field>
</fields>
<custom_php_command_before_form>
- clamav_before_form(&amp;$pkg);
+ clamav_before_form($pkg);
</custom_php_command_before_form>
<custom_php_resync_config_command>
clamav_resync();
</custom_php_resync_config_command>
<custom_php_validation_command>
- clamav_validate_input($post, &amp;$input_errors);
+ clamav_validate_input($post, $input_errors);
</custom_php_validation_command>
<custom_php_install_command>
clamav_install_command();
diff --git a/config/filer/filer.xml b/config/filer/filer.xml
index ecb24bcd..71821067 100644
--- a/config/filer/filer.xml
+++ b/config/filer/filer.xml
@@ -43,7 +43,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>filer</name>
- <version>0.5</version>
+ <version>0.60.1</version>
<title>Filer</title>
<include_file>/usr/local/pkg/filer.inc</include_file>
<additional_files_needed>
@@ -156,7 +156,7 @@
<custom_php_command_before_form>
</custom_php_command_before_form>
<custom_php_validation_command>
- filer_validate_input($_POST, &amp;$input_errors);
+ filer_validate_input($_POST, $input_errors);
</custom_php_validation_command>
<custom_delete_php_command>
sync_package_filer();
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc
index 1d85cc51..1e403c48 100644
--- a/config/haproxy-devel/haproxy.inc
+++ b/config/haproxy-devel/haproxy.inc
@@ -818,15 +818,9 @@ function haproxy_writeconf($configpath) {
if(is_array($a_frontends)) {
foreach ($a_frontends as $frontend) {
if($frontend['status'] != 'active')
- {
- unlink_if_exists("var/etc/{$frontend['name']}.{$frontend['port']}.crt");
continue;
- }
if(!$frontend['backend_serverpool'])
- {
- unlink_if_exists("var/etc/{$frontend['name']}.{$frontend['port']}.crt");
continue;
- }
$primaryfrontend = get_primaryfrontend($frontend);
$bname = get_frontend_ipport($frontend);
@@ -1192,6 +1186,36 @@ function haproxy_plugin_carp($pluginparams) {
haproxy_check_run(0);
}
+function haproxy_plugin_certificates($pluginparams) {
+ global $config;
+ $result = array();
+ if ($pluginparams['type'] == 'certificates' && $pluginparams['event'] == 'used_certificates') {
+ $result['pkgname'] = "HAProxy";
+ $result['certificatelist'] = array();
+ // return a array of used certificates.
+ foreach($config['installedpackages']['haproxy']['ha_backends']['item'] as &$frontend) {
+ $mainfrontend = get_primaryfrontend($frontend);
+ if (strtolower($mainfrontend['type']) == "http" && $mainfrontend['ssloffload']) {
+ if ($frontend['ssloffloadacl']){
+ $item = array();
+ $cert = $frontend['ssloffloadcert'];
+ $item['usedby'] = $frontend['name'];
+ $result['certificatelist'][$cert][] = $item;
+ }
+ if ($frontend['ssloffloadacladditional']){
+ foreach($frontend['ha_certificates']['item'] as $certref){
+ $item = array();
+ $cert = $certref['ssl_certificate'];
+ $item['usedby'] = $frontend['name'];
+ $result['certificatelist'][$cert][] = $item;
+ }
+ }
+ }
+ }
+ }
+ return $result;
+}
+
function haproxy_check_run($reload) {
global $config, $g, $haproxy_run_message;
diff --git a/config/haproxy-devel/haproxy.xml b/config/haproxy-devel/haproxy.xml
index 5c534522..acd934a7 100644
--- a/config/haproxy-devel/haproxy.xml
+++ b/config/haproxy-devel/haproxy.xml
@@ -62,6 +62,9 @@
<item>
<type>plugin_carp</type>
</item>
+ <item>
+ <type>plugin_certificates</type>
+ </item>
</plugins>
<configpath>installedpackages->haproxy->config</configpath>
<additional_files_needed>
diff --git a/config/haproxy-legacy/haproxy_frontends_edit.php b/config/haproxy-legacy/haproxy_frontends_edit.php
index db1c71be..b32cb762 100755
--- a/config/haproxy-legacy/haproxy_frontends_edit.php
+++ b/config/haproxy-legacy/haproxy_frontends_edit.php
@@ -96,12 +96,19 @@ if ($_POST) {
$reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout");
}
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
$reqdfields = explode(" ", "name type port max_connections client_timeout");
$reqdfieldsn = explode(",", "Name,Type,Port,Max connections,Client timeout");
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name']))
$input_errors[] = "The field 'Name' contains invalid characters.";
diff --git a/config/haproxy-legacy/haproxy_global.php b/config/haproxy-legacy/haproxy_global.php
index 509fdfe2..4ea03c75 100755
--- a/config/haproxy-legacy/haproxy_global.php
+++ b/config/haproxy-legacy/haproxy_global.php
@@ -57,7 +57,11 @@ if ($_POST) {
$reqdfieldsn = explode(",", "Maximum connections");
}
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if ($_POST['maxconn'] && (!is_numeric($_POST['maxconn'])))
$input_errors[] = "The maximum number of connections should be numeric.";
diff --git a/config/haproxy-legacy/haproxy_servers_edit.php b/config/haproxy-legacy/haproxy_servers_edit.php
index 86431992..843ecca5 100755
--- a/config/haproxy-legacy/haproxy_servers_edit.php
+++ b/config/haproxy-legacy/haproxy_servers_edit.php
@@ -70,7 +70,11 @@ if ($_POST) {
$reqdfields = explode(" ", "name address weight");
$reqdfieldsn = explode(",", "Name,Address,Weight");
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name']))
$input_errors[] = "The field 'Name' contains invalid characters.";
diff --git a/config/haproxy/haproxy_global.php b/config/haproxy/haproxy_global.php
index 16f5152d..40b5cd90 100755
--- a/config/haproxy/haproxy_global.php
+++ b/config/haproxy/haproxy_global.php
@@ -59,7 +59,11 @@ if ($_POST) {
if ($_POST['carpdev'] == "disabled")
unset($_POST['carpdev']);
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if ($_POST['maxconn'] && (!is_numeric($_POST['maxconn'])))
$input_errors[] = "The maximum number of connections should be numeric.";
diff --git a/config/haproxy/haproxy_listeners_edit.php b/config/haproxy/haproxy_listeners_edit.php
index 2b71c7ea..be45fd8b 100755
--- a/config/haproxy/haproxy_listeners_edit.php
+++ b/config/haproxy/haproxy_listeners_edit.php
@@ -113,12 +113,19 @@ if ($_POST) {
$reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout");
}
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
$reqdfields = explode(" ", "name type port max_connections client_timeout");
$reqdfieldsn = explode(",", "Name,Type,Port,Max connections,Client timeout");
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name']))
$input_errors[] = "The field 'Name' contains invalid characters.";
diff --git a/config/haproxy/haproxy_pool_edit.php b/config/haproxy/haproxy_pool_edit.php
index 4da508f2..6feab2ff 100755
--- a/config/haproxy/haproxy_pool_edit.php
+++ b/config/haproxy/haproxy_pool_edit.php
@@ -71,7 +71,11 @@ if ($_POST) {
$reqdfields = explode(" ", "name");
$reqdfieldsn = explode(",", "Name");
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name']))
$input_errors[] = "The field 'Name' contains invalid characters.";
diff --git a/config/imspector/imspector.inc b/config/imspector/imspector.inc
index 7ade2e68..2d672e87 100644
--- a/config/imspector/imspector.inc
+++ b/config/imspector/imspector.inc
@@ -91,7 +91,7 @@
}
}
- function validate_form_imspector($post, $input_errors) {
+ function validate_form_imspector($post, &$input_errors) {
if($post['iface_array'])
foreach($post['iface_array'] as $iface)
if($iface == 'wanx')
diff --git a/config/imspector/imspector.xml b/config/imspector/imspector.xml
index fad8d656..11d5e7ad 100644
--- a/config/imspector/imspector.xml
+++ b/config/imspector/imspector.xml
@@ -43,7 +43,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>imspector</name>
- <version>20111108</version>
+ <version>20111108_1 pkg v 0.3.2</version>
<title>Services: IMSpector</title>
<savetext>Save</savetext>
<include_file>/usr/local/pkg/imspector.inc</include_file>
@@ -239,7 +239,7 @@
</field>
</fields>
<custom_php_validation_command>
- validate_form_imspector($_POST, &amp;$input_errors);
+ validate_form_imspector($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_imspector();
diff --git a/config/imspector/imspector_acls.xml b/config/imspector/imspector_acls.xml
index a8aeecc9..79feb64e 100644
--- a/config/imspector/imspector_acls.xml
+++ b/config/imspector/imspector_acls.xml
@@ -161,7 +161,7 @@
</fields>
<custom_php_validation_command>
- validate_form_imspector($_POST, &amp;$input_errors);
+ validate_form_imspector($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_imspector();
diff --git a/config/imspector/imspector_replacements.xml b/config/imspector/imspector_replacements.xml
index 7f53bbd4..65e3d078 100644
--- a/config/imspector/imspector_replacements.xml
+++ b/config/imspector/imspector_replacements.xml
@@ -175,7 +175,7 @@
</field>
</fields>
<custom_php_validation_command>
- validate_form_imspector($_POST, &amp;$input_errors);
+ validate_form_imspector($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_imspector();
diff --git a/config/lcdproc-dev/lcdproc.inc b/config/lcdproc-dev/lcdproc.inc
index 8b3ce28f..00768cd7 100644
--- a/config/lcdproc-dev/lcdproc.inc
+++ b/config/lcdproc-dev/lcdproc.inc
@@ -58,17 +58,17 @@
fclose($handle);
chmod($file, 0755);
}
- function before_form_lcdproc($pkg) {
+ function before_form_lcdproc(&$pkg) {
global $config;
config_lock();
config_unlock();
}
- function before_form_lcdproc_screens($pkg) {
+ function before_form_lcdproc_screens(&$pkg) {
global $config;
config_lock();
config_unlock();
}
- function validate_form_lcdproc($post, $input_errors) {
+ function validate_form_lcdproc($post, &$input_errors) {
if($post['comport']) {
switch($post['comport']) {
case "none":
@@ -126,7 +126,7 @@
}
}
}
- function validate_form_lcdproc_screens($post, $input_errors) {
+ function validate_form_lcdproc_screens($post, &$input_errors) {
// No validation required ?!
}
function sync_package_lcdproc_screens() {
diff --git a/config/lcdproc-dev/lcdproc.xml b/config/lcdproc-dev/lcdproc.xml
index cf816d53..588b898b 100644
--- a/config/lcdproc-dev/lcdproc.xml
+++ b/config/lcdproc-dev/lcdproc.xml
@@ -1,8 +1,8 @@
<?xml version="1.0" encoding="utf-8" ?>
<packagegui>
- <title>Services: LCDproc 0.5.6 pkg v. 0.9.7</title>
+ <title>Services: LCDproc 0.5.6 pkg v. 0.9.9</title>
<name>lcdproc</name>
- <version>0.5.6 pkg v. 0.9.7</version>
+ <version>0.5.6 pkg v. 0.9.9</version>
<savetext>Save</savetext>
<include_file>/usr/local/pkg/lcdproc.inc</include_file>
<tabs>
@@ -658,10 +658,10 @@
</field>
</fields>
<custom_php_command_before_form>
- before_form_lcdproc(&amp;$pkg);
+ before_form_lcdproc($pkg);
</custom_php_command_before_form>
<custom_php_validation_command>
- validate_form_lcdproc($_POST, &amp;$input_errors);
+ validate_form_lcdproc($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_lcdproc();
diff --git a/config/lcdproc-dev/lcdproc_client.php b/config/lcdproc-dev/lcdproc_client.php
index 3337052c..5306c903 100644
--- a/config/lcdproc-dev/lcdproc_client.php
+++ b/config/lcdproc-dev/lcdproc_client.php
@@ -513,6 +513,7 @@
1 = All gateway up */
global $g;
global $config;
+ $a_gateways = return_gateways_array();
$gateways_status = array();
$gateways_status = return_gateways_status(true);
foreach ($a_gateways as $gname => $gateway)
diff --git a/config/lcdproc-dev/lcdproc_screens.xml b/config/lcdproc-dev/lcdproc_screens.xml
index f7c70086..9f4a8e2e 100644
--- a/config/lcdproc-dev/lcdproc_screens.xml
+++ b/config/lcdproc-dev/lcdproc_screens.xml
@@ -106,10 +106,10 @@
</field>
</fields>
<custom_php_command_before_form>
- before_form_lcdproc_screens(&amp;$pkg);
+ before_form_lcdproc_screens($pkg);
</custom_php_command_before_form>
<custom_php_validation_command>
- validate_form_lcdproc_screens($_POST, &amp;$input_errors);
+ validate_form_lcdproc_screens($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_lcdproc_screens();
diff --git a/config/lcdproc/lcdproc.inc b/config/lcdproc/lcdproc.inc
index 1c628c6a..760732df 100644
--- a/config/lcdproc/lcdproc.inc
+++ b/config/lcdproc/lcdproc.inc
@@ -72,7 +72,7 @@
chmod($file, 0755);
}
- function before_form_lcdproc($pkg) {
+ function before_form_lcdproc(&$pkg) {
global $config;
config_lock();
@@ -80,7 +80,7 @@
config_unlock();
}
- function before_form_lcdproc_screens($pkg) {
+ function before_form_lcdproc_screens(&$pkg) {
global $config;
config_lock();
@@ -88,7 +88,7 @@
config_unlock();
}
- function validate_form_lcdproc($post, $input_errors) {
+ function validate_form_lcdproc($post, &$input_errors) {
if($post['comport']) {
switch($post['comport']) {
case "none":
@@ -155,7 +155,7 @@
}
}
}
- function validate_form_lcdproc_screens($post, $input_errors) {
+ function validate_form_lcdproc_screens($post, &$input_errors) {
// No validation required ?!
}
diff --git a/config/lcdproc/lcdproc.xml b/config/lcdproc/lcdproc.xml
index ba46e941..8f268b49 100644
--- a/config/lcdproc/lcdproc.xml
+++ b/config/lcdproc/lcdproc.xml
@@ -2,7 +2,7 @@
<packagegui>
<title>Services: LCDproc</title>
<name>lcdproc</name>
- <version>0.5.2_1-p12</version>
+ <version>0.5.5 pkg.v.1.0.1</version>
<savetext>Save</savetext>
<include_file>/usr/local/pkg/lcdproc.inc</include_file>
<tabs>
@@ -363,10 +363,10 @@
</field>
</fields>
<custom_php_command_before_form>
- before_form_lcdproc(&amp;$pkg);
+ before_form_lcdproc($pkg);
</custom_php_command_before_form>
<custom_php_validation_command>
- validate_form_lcdproc($_POST, &amp;$input_errors);
+ validate_form_lcdproc($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_lcdproc();
diff --git a/config/lcdproc/lcdproc_screens.xml b/config/lcdproc/lcdproc_screens.xml
index b807d9f0..d8cc2382 100644
--- a/config/lcdproc/lcdproc_screens.xml
+++ b/config/lcdproc/lcdproc_screens.xml
@@ -90,10 +90,10 @@
</field>
</fields>
<custom_php_command_before_form>
- before_form_lcdproc_screens(&amp;$pkg);
+ before_form_lcdproc_screens($pkg);
</custom_php_command_before_form>
<custom_php_validation_command>
- validate_form_lcdproc_screens($_POST, &amp;$input_errors);
+ validate_form_lcdproc_screens($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_lcdproc_screens();
diff --git a/config/mailreport/mail_reports.inc b/config/mailreport/mail_reports.inc
index 5d9e74b2..0119457a 100644
--- a/config/mailreport/mail_reports.inc
+++ b/config/mailreport/mail_reports.inc
@@ -1243,7 +1243,13 @@ function mail_report_get_log($logfile, $tail, $grepfor) {
if(isset($config['system']['usefifolog'])) {
exec("/usr/sbin/fifolog_reader {$logfile}{$grepline} | /usr/bin/tail -n {$tail}", $logarr);
} else {
- exec("/usr/sbin/clog {$logfile}{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail -n {$tail}", $logarr);
+ if (is_executable("/usr/local/sbin/clog")) {
+ exec("/usr/local/sbin/clog {$logfile}{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail -n {$tail}", $logarr);
+ } elseif (is_executable("/usr/sbin/clog")) {
+ exec("/usr/sbin/clog {$logfile}{$grepline}| grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail -n {$tail}", $logarr);
+ } else {
+ $logarr = array("Cannot locate clog which is required for reading log files.");
+ }
}
}
return($logarr);
diff --git a/config/mailreport/mailreport.xml b/config/mailreport/mailreport.xml
index fe6899d4..9239f82e 100644
--- a/config/mailreport/mailreport.xml
+++ b/config/mailreport/mailreport.xml
@@ -37,7 +37,7 @@
]]>
</copyright>
<name>mailreport</name>
- <version>2.0.11</version>
+ <version>2.0.12</version>
<title>Status: Email Reports</title>
<additional_files_needed>
<prefix>/usr/local/bin/</prefix>
diff --git a/config/nrpe2/nrpe2.inc b/config/nrpe2/nrpe2.inc
index 25964b16..7b249368 100644
--- a/config/nrpe2/nrpe2.inc
+++ b/config/nrpe2/nrpe2.inc
@@ -169,7 +169,6 @@ function nrpe2_custom_php_write_config() {
$commands = implode($cmds);
$server_port = $config['installedpackages']['nrpe2']['config'][0]['server_port'];
- $server_address = $config['installedpackages']['nrpe2']['config'][0]['server_address'];
$allowed_hosts = $config['installedpackages']['nrpe2']['config'][0]['allowed_hosts'];
$fd = fopen(NRPE_CONFIG_DIR . '/nrpe.cfg', 'w');
@@ -177,7 +176,6 @@ function nrpe2_custom_php_write_config() {
log_facility=daemon
pid_file=/var/run/nrpe2.pid
server_port={$server_port}
-server_address={$server_address}
nrpe_user=nagios
nrpe_group=nagios
allowed_hosts={$allowed_hosts}
@@ -187,6 +185,10 @@ command_timeout=60
connection_timeout=300
{$commands}
EOD;
+ if (defined($config['installedpackages']['nrpe2']['config'][0]['server_address'])) {
+ $server_address = $config['installedpackages']['nrpe2']['config'][0]['server_address'];
+ $nrpe_cfg .= "server_address={$server_address}";
+ }
fwrite($fd, $nrpe_cfg);
fclose($fd);
conf_mount_ro();
diff --git a/config/nrpe2/nrpe2.xml b/config/nrpe2/nrpe2.xml
index 8d65c97b..fec09d06 100644
--- a/config/nrpe2/nrpe2.xml
+++ b/config/nrpe2/nrpe2.xml
@@ -52,9 +52,8 @@
<field>
<fielddescr>Bind IP Address</fielddescr>
<fieldname>server_address</fieldname>
- <description>Set this to the IP address of the interface you want the daemon to listen on.</description>
+ <description>Set this to the IP address of the interface you want the daemon to listen on. (optional)</description>
<type>input</type>
- <required/>
</field>
<field>
<fielddescr>Nagios Server(s)</fielddescr>
diff --git a/config/openvpn-client-export/openvpn-client-export.xml b/config/openvpn-client-export/openvpn-client-export.xml
index a6a46649..ee04b0cc 100755
--- a/config/openvpn-client-export/openvpn-client-export.xml
+++ b/config/openvpn-client-export/openvpn-client-export.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="utf-8" ?>
<packagegui>
<name>OpenVPN Client Export</name>
- <version>1.2.9</version>
+ <version>1.2.11</version>
<title>OpenVPN Client Export</title>
<include_file>/usr/local/pkg/openvpn-client-export.inc</include_file>
<backup_file></backup_file>
diff --git a/config/quagga_ospfd/quagga_ospfd.inc b/config/quagga_ospfd/quagga_ospfd.inc
index 782baf0f..17c13246 100644
--- a/config/quagga_ospfd/quagga_ospfd.inc
+++ b/config/quagga_ospfd/quagga_ospfd.inc
@@ -74,20 +74,20 @@ function quagga_ospfd_install_conf() {
$quagga_config_base = PKG_QUAGGA_CONFIG_BASE;
$noaccept = "";
+
+ // generate ospfd.conf based on the assistant
+ if(is_array($config['installedpackages']['quaggaospfd']['config']))
+ $ospfd_conf = &$config['installedpackages']['quaggaospfd']['config'][0];
+ else {
+ log_error("Quagga OSPFd: No config data found.");
+ return;
+ }
- if ($config['installedpackages']['quaggaospfd']['rawconfig'] && $config['installedpackages']['quaggaospfd']['rawconfig']['item']) {
+ if (isset($config['installedpackages']['quaggaospfdraw']['config'][0]['ospfd'])
+ && !empty($config['installedpackages']['quaggaospfdraw']['config'][0]['ospfd'])) {
// if there is a raw config specifyed in tthe config.xml use that instead of the assisted config
- $conffile = implode("\n",$config['installedpackages']['quaggaospfd']['rawconfig']['item']);
- //$conffile = $config['installedpackages']['quaggaospfd']['rawconfig'];
+ $conffile = str_replace("\r","",base64_decode($config['installedpackages']['quaggaospfdraw']['config'][0]['ospfd']));
} else {
- // generate ospfd.conf based on the assistant
- if($config['installedpackages']['quaggaospfd']['config'])
- $ospfd_conf = &$config['installedpackages']['quaggaospfd']['config'][0];
- else {
- log_error("Quagga OSPFd: No config data found.");
- return;
- }
-
$conffile = "# This file was created by the pfSense package manager. Do not edit!\n\n";
if($ospfd_conf['password'])
@@ -100,7 +100,7 @@ function quagga_ospfd_install_conf() {
$passive_interfaces = array();
$interface_networks = array();
- if ($config['installedpackages']['quaggaospfdinterfaces']['config']) {
+ if (is_array($config['installedpackages']['quaggaospfdinterfaces']['config'])) {
foreach ($config['installedpackages']['quaggaospfdinterfaces']['config'] as $conf) {
$realif = get_real_interface($conf['interface']);
$conffile .= "interface {$realif}\n" ;
@@ -242,17 +242,23 @@ function quagga_ospfd_install_conf() {
fclose($fd);
/* Make zebra config */
- $zebraconffile = "# This file was created by the pfSense package manager. Do not edit!\n\n";
- if($ospfd_conf['password'])
- $zebraconffile .= "password {$ospfd_conf['password']}\n";
- if ($ospfd_conf['logging'])
- $zebraconffile .= "log syslog\n";
- if (!empty($noaccept)) {
- $zebraconffile .= $noaccept;
- $zebraconffile .= "ip prefix-list ACCEPTFILTER permit any\n";
- $zebraconffile .= "route-map ACCEPTFILTER permit 10\n";
- $zebraconffile .= "match ip address prefix-list ACCEPTFILTER\n";
- $zebraconffile .= "ip protocol ospf route-map ACCEPTFILTER\n";
+ if (isset($config['installedpackages']['quaggaospfdraw']['config'][0]['zebra'])
+ && !empty($config['installedpackages']['quaggaospfdraw']['config'][0]['zebra'])) {
+ // if there is a raw config specifyed in tthe config.xml use that instead of the assisted config
+ $zebraconffile = str_replace("\r","",base64_decode($config['installedpackages']['quaggaospfdraw']['config'][0]['zebra']));
+ } else {
+ $zebraconffile = "# This file was created by the pfSense package manager. Do not edit!\n\n";
+ if($ospfd_conf['password'])
+ $zebraconffile .= "password {$ospfd_conf['password']}\n";
+ if ($ospfd_conf['logging'])
+ $zebraconffile .= "log syslog\n";
+ if (!empty($noaccept)) {
+ $zebraconffile .= $noaccept;
+ $zebraconffile .= "ip prefix-list ACCEPTFILTER permit any\n";
+ $zebraconffile .= "route-map ACCEPTFILTER permit 10\n";
+ $zebraconffile .= "match ip address prefix-list ACCEPTFILTER\n";
+ $zebraconffile .= "ip protocol ospf route-map ACCEPTFILTER\n";
+ }
}
$fd = fopen("{$quagga_config_base}/zebra.conf", "w");
fwrite($fd, $zebraconffile);
@@ -375,23 +381,6 @@ function quagga_ospfd_validate_input() {
$input_errors[] = "Please select an interface to use for Quagga OSPFd.";
}
-// get the raw ospfd confi file for manual inspection/editing
-function quagga_ospfd_get_raw_config() {
- return file_get_contents(PKG_QUAGGA_CONFIG_BASE . "/ospfd.conf");
-}
-
-// serialize the raw ospfd confi file to config.xml
-function quagga_ospfd_put_raw_config($conffile) {
- global $config;
- if ($conffile == "")
- unset($config['installedpackages']['quaggaospfd']['rawconfig']);
- else {
- $config['installedpackages']['quaggaospfd']['rawconfig'] = array();
- $config['installedpackages']['quaggaospfd']['rawconfig']['item'] = explode("\n",$_POST['quagga_ospfd_raw']);
- $config['installedpackages']['quaggaospfd']['rawconfig'] = $conffile;
- }
-}
-
function quagga_get_carp_status_by_ip($ipaddr) {
$iface = trim(find_carp_interface($ipaddr));
if ($iface) {
diff --git a/config/quagga_ospfd/quagga_ospfd.xml b/config/quagga_ospfd/quagga_ospfd.xml
index 76a396fa..8edfcc3f 100644
--- a/config/quagga_ospfd/quagga_ospfd.xml
+++ b/config/quagga_ospfd/quagga_ospfd.xml
@@ -15,6 +15,11 @@
<item>https://packages.pfsense.org/packages/config/quagga_ospfd/quagga_ospfd_interfaces.xml</item>
</additional_files_needed>
<additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>644</chmod>
+ <item>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd_raw.xml</item>
+ </additional_files_needed>
+ <additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>644</chmod>
<item>https://packages.pfsense.org/packages/config/quagga_ospfd/status_ospfd.php</item>
@@ -42,6 +47,10 @@
<url>pkg.php?xml=quagga_ospfd_interfaces.xml</url>
</tab>
<tab>
+ <text>Raw Config</text>
+ <url>pkg_edit.php?xml=quagga_ospfd_raw.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Status</text>
<url>/status_ospfd.php</url>
</tab>
@@ -199,4 +208,4 @@
<custom_php_validation_command>
quagga_ospfd_validate_input();
</custom_php_validation_command>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/quagga_ospfd/quagga_ospfd_interfaces.xml b/config/quagga_ospfd/quagga_ospfd_interfaces.xml
index 09635597..f9953112 100644
--- a/config/quagga_ospfd/quagga_ospfd_interfaces.xml
+++ b/config/quagga_ospfd/quagga_ospfd_interfaces.xml
@@ -27,6 +27,10 @@
<active/>
</tab>
<tab>
+ <text>Raw Config</text>
+ <url>pkg_edit.php?xml=quagga_ospfd_raw.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Status</text>
<url>/status_ospfd.php</url>
</tab>
diff --git a/config/quagga_ospfd/quagga_ospfd_raw.xml b/config/quagga_ospfd/quagga_ospfd_raw.xml
new file mode 100644
index 00000000..b34558de
--- /dev/null
+++ b/config/quagga_ospfd/quagga_ospfd_raw.xml
@@ -0,0 +1,71 @@
+<packagegui>
+ <name>quagga_ospfd_raw</name>
+ <version>0.1</version>
+ <title>Services: Quagga OSPFd</title>
+ <include_file>/usr/local/pkg/quagga_ospfd.inc</include_file>
+ <aftersaveredirect>pkg_edit.php?xml=quagga_ospfd_raw.xml&amp;id=0</aftersaveredirect>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.inc</item>
+ </additional_files_needed>
+ <menu>
+ <name>OSPF</name>
+ <tooltiptext>Modify Quagga RAW Config.</tooltiptext>
+ <section>Services</section>
+ <configfile>quagga_ospfd.xml</configfile>
+ <url>/pkg_edit.php?xml=quagga_ospfd.xml&amp;id=0</url>
+ </menu>
+ <tabs>
+ <tab>
+ <text>Global Settings</text>
+ <url>pkg_edit.php?xml=quagga_ospfd.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Interface Settings</text>
+ <url>pkg.php?xml=quagga_ospfd_interfaces.xml</url>
+ </tab>
+ <tab>
+ <text>Raw Config</text>
+ <url>pkg_edit.php?xml=quagga_ospfd_raw.xml&amp;id=0</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Status</text>
+ <url>/status_ospfd.php</url>
+ </tab>
+ </tabs>
+ <service>
+ <name>Quagga OSPFd</name>
+ <rcfile>quagga.sh</rcfile>
+ <executable>ospfd</executable>
+ </service>
+ <service>
+ <name>Quagga Zebra</name>
+ <rcfile>quagga.sh</rcfile>
+ <executable>zebra</executable>
+ </service>
+ <fields>
+ <field>
+ <fielddescr>ospfd.conf</fielddescr>
+ <fieldname>ospfd</fieldname>
+ <description>Note: Once you click "Save" below, the assistant (in the "Global Settings" and "Interface Settings" tabs above) will be overridden with whatever you type here. To get back the assisted config save this form below once with both empty input fields.</description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>30</rows>
+ <cols>65</cols>
+ </field>
+ <field>
+ <fielddescr>zebra.conf</fielddescr>
+ <fieldname>zebra</fieldname>
+ <description>Note: Once you click "Save" below, the assistant (in the "Global Settings" and "Interface Settings" tabs above) will be overridden with whatever you type here. To get back the assisted config save this form below once with both empty input fields.</description>
+ <type>textarea</type>
+ <encoding>base64</encoding>
+ <rows>30</rows>
+ <cols>65</cols>
+ </field>
+ </fields>
+ <custom_php_resync_config_command>
+ quagga_ospfd_install_conf();
+ </custom_php_resync_config_command>
+</packagegui>
diff --git a/config/quagga_ospfd/status_ospfd.php b/config/quagga_ospfd/status_ospfd.php
index dc6c6aea..8ecf19d0 100644
--- a/config/quagga_ospfd/status_ospfd.php
+++ b/config/quagga_ospfd/status_ospfd.php
@@ -33,6 +33,7 @@ $pgtitle = "Quagga OSPF: Status";
include("head.inc");
$control_script = "/usr/local/bin/quaggactl";
+$pkg_homedir = "/var/etc/quagga";
/* List all of the commands as an index. */
function listCmds() {
@@ -90,6 +91,7 @@ function doCmdT($title, $command) {
$tab_array = array();
$tab_array[] = array(gettext("Settings"), false, "/pkg_edit.php?xml=quagga_ospfd.xml&id=0");
$tab_array[] = array(gettext("Interface Settings"), false, "/pkg.php?xml=quagga_ospfd_interfaces.xml");
+ $tab_array[] = array(gettext("RAW Config"), false, "/pkg_edit.php?xml=quagga_ospfd_raw.xml&id=0");
$tab_array[] = array(gettext("Status"), true, "/status_ospfd.php");
display_top_tabs($tab_array);
?>
@@ -110,6 +112,8 @@ function doCmdT($title, $command) {
defCmdT("Quagga OSPF Interfaces", "{$control_script} ospf interfaces");
defCmdT("Quagga OSPF CPU Usage", "{$control_script} ospf cpu");
defCmdT("Quagga OSPF Memory", "{$control_script} ospf mem");
+ defCmdT("Quagga ospfd.conf", "/bin/cat {$pkg_homedir}/ospfd.conf");
+ defCmdT("Quagga zebra.conf", "/bin/cat {$pkg_homedir}/zebra.conf");
?>
<div id="cmdspace" style="width:100%">
<?php listCmds(); ?>
diff --git a/config/sarg/sarg.inc b/config/sarg/sarg.inc
index 1a4db315..2788dab9 100644
--- a/config/sarg/sarg.inc
+++ b/config/sarg/sarg.inc
@@ -354,7 +354,7 @@ function sync_package_sarg() {
else
$new_cron['item'][]=$cron;
}
- $cron_cmd="/usr/local/bin/php /usr/local/www/sarg.php";
+ $cron_cmd="/usr/local/bin/php --no-header /usr/local/www/sarg.php";
$sarg_schedule_id=0;
if (is_array($config['installedpackages']['sargschedule']['config']))
foreach ($config['installedpackages']['sargschedule']['config'] as $sarg_schedule){
diff --git a/config/spamd/spamd.inc b/config/spamd/spamd.inc
index 18b4e241..0bd29bd8 100644
--- a/config/spamd/spamd.inc
+++ b/config/spamd/spamd.inc
@@ -324,7 +324,7 @@ function spamd_install_cron($should_install) {
}
}
-function spamd_validate_input($post, $input_errors) {
+function spamd_validate_input($post, &$input_errors) {
global $config, $g;
$nextmta = str_replace("$", "", $post['nextmta']);
if(stristr($nextmta, "{")) {
diff --git a/config/spamd/spamd_settings.xml b/config/spamd/spamd_settings.xml
index 2607e87f..7ed4c572 100644
--- a/config/spamd/spamd_settings.xml
+++ b/config/spamd/spamd_settings.xml
@@ -42,7 +42,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>spamdsettings</name>
- <version>0.1.0</version>
+ <version>1.1.1</version>
<title>SpamD Settings</title>
<aftersaveredirect>pkg_edit.php?xml=spamd_settings.xml&amp;id=0</aftersaveredirect>
<include_file>/usr/local/pkg/spamd.inc</include_file>
@@ -185,7 +185,7 @@
</field>
</fields>
<custom_php_validation_command>
- spamd_validate_input($_POST, &amp;$input_errors);
+ spamd_validate_input($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_spamd();
diff --git a/config/squid/squid.inc b/config/squid/squid.inc
index e136d9f8..9f7fe2b0 100644
--- a/config/squid/squid.inc
+++ b/config/squid/squid.inc
@@ -299,7 +299,7 @@ function squid_before_form_general($pkg) {
$field['options']['option'][] = array('name' => $names[$i], 'value' => $values[$i]);
}
-function squid_validate_general($post, $input_errors) {
+function squid_validate_general($post, &$input_errors) {
global $config;
$settings = $config['installedpackages']['squid']['config'][0];
$port = ($settings['proxy_port'] ? $settings['proxy_port'] : 3128);
@@ -356,7 +356,7 @@ function squid_validate_general($post, $input_errors) {
}}
}
-function squid_validate_upstream($post, $input_errors) {
+function squid_validate_upstream($post, &$input_errors) {
if ($post['proxy_forwarding'] == 'on') {
$addr = trim($post['proxy_addr']);
if (empty($addr))
@@ -378,7 +378,7 @@ function squid_validate_upstream($post, $input_errors) {
}
}
-function squid_validate_cache($post, $input_errors) {
+function squid_validate_cache($post, &$input_errors) {
$num_fields = array( 'harddisk_cache_size' => 'Hard disk cache size',
'memory_cache_size' => 'Memory cache size',
'maximum_object_size' => 'Maximum object size',
@@ -417,7 +417,7 @@ function squid_validate_cache($post, $input_errors) {
}
-function squid_validate_nac($post, $input_errors) {
+function squid_validate_nac($post, &$input_errors) {
$allowed_subnets = explode("\n", $post['allowed_subnets']);
foreach ($allowed_subnets as $subnet) {
$subnet = trim($subnet);
@@ -456,7 +456,7 @@ function squid_validate_nac($post, $input_errors) {
}
}
-function squid_validate_traffic($post, $input_errors) {
+function squid_validate_traffic($post, &$input_errors) {
$num_fields = array( 'max_download_size' => 'Maximum download size',
'max_upload_size' => 'Maximum upload size',
'perhost_throttling' => 'Per-host bandwidth throttling',
@@ -488,7 +488,7 @@ function squid_validate_traffic($post, $input_errors) {
}
-function squid_validate_auth($post, $input_errors) {
+function squid_validate_auth($post, &$input_errors) {
$num_fields = array( array('auth_processes', 'Authentication processes', 1),
array('auth_ttl', 'Authentication TTL', 0),
);
diff --git a/config/squid/squid.xml b/config/squid/squid.xml
index 32a65589..88bd94ec 100644
--- a/config/squid/squid.xml
+++ b/config/squid/squid.xml
@@ -46,7 +46,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>squid</name>
- <version>2.6.STABLE18</version>
+ <version>2.7.9 pkg v.4.3.4</version>
<title>Proxy server: General settings</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<menu>
@@ -326,7 +326,7 @@
squid_resync();
</custom_add_php_command>
<custom_php_validation_command>
- squid_validate_general($_POST, &amp;$input_errors);
+ squid_validate_general($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
squid_resync();
diff --git a/config/squid/squid_auth.xml b/config/squid/squid_auth.xml
index d28beb02..e20d5609 100644
--- a/config/squid/squid_auth.xml
+++ b/config/squid/squid_auth.xml
@@ -220,7 +220,7 @@
</field>
</fields>
<custom_php_validation_command>
- squid_validate_auth($_POST, &amp;$input_errors);
+ squid_validate_auth($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_after_form_command>
squid_print_javascript_auth2();
diff --git a/config/squid/squid_cache.xml b/config/squid/squid_cache.xml
index 35c9a934..e4338ca8 100644
--- a/config/squid/squid_cache.xml
+++ b/config/squid/squid_cache.xml
@@ -222,7 +222,7 @@
}
</custom_php_command_before_form>
<custom_php_validation_command>
- squid_validate_cache($_POST, &amp;$input_errors);
+ squid_validate_cache($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
squid_resync();
diff --git a/config/squid/squid_nac.xml b/config/squid/squid_nac.xml
index 4ad3800c..96ac2fe8 100644
--- a/config/squid/squid_nac.xml
+++ b/config/squid/squid_nac.xml
@@ -151,7 +151,7 @@
</field>
</fields>
<custom_php_validation_command>
- squid_validate_nac($_POST, &amp;$input_errors);
+ squid_validate_nac($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
squid_resync();
diff --git a/config/squid/squid_traffic.xml b/config/squid/squid_traffic.xml
index c660a1ea..263615dd 100644
--- a/config/squid/squid_traffic.xml
+++ b/config/squid/squid_traffic.xml
@@ -169,7 +169,7 @@
</field>
</fields>
<custom_php_validation_command>
- squid_validate_traffic($_POST, &amp;$input_errors);
+ squid_validate_traffic($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
squid_resync();
diff --git a/config/squid/squid_upstream.xml b/config/squid/squid_upstream.xml
index cd87edef..4d9b2ca2 100644
--- a/config/squid/squid_upstream.xml
+++ b/config/squid/squid_upstream.xml
@@ -125,7 +125,7 @@
</field>
</fields>
<custom_php_validation_command>
- squid_validate_upstream($_POST, &amp;$input_errors);
+ squid_validate_upstream($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
squid_resync();
diff --git a/config/squidGuard/squidguard.inc b/config/squidGuard/squidguard.inc
index d58dfb79..0fd450b7 100644
--- a/config/squidGuard/squidguard.inc
+++ b/config/squidGuard/squidguard.inc
@@ -101,26 +101,26 @@ sg_init(convert_pfxml_to_sgxml());
# ==============================================================================
# Validations
# ==============================================================================
-function squidguard_validate($post, $input_errors)
+function squidguard_validate(&$post, &$input_errors)
{
$submit = isset($_GET['submit']) ? $_GET['submit'] : $_POST['submit'];
# check config if 'Apply'
- if ($submit === APPLY_BTN) sg_check_config_data(&$input_errors);
+ if ($submit === APPLY_BTN) sg_check_config_data($input_errors);
}
# ------------------------------------------------------------------------------
# validate default
# ------------------------------------------------------------------------------
-function squidguard_validate_default($post, $input_errors)
+function squidguard_validate_default(&$post, &$input_errors)
{
- squidguard_validate_acl($post, &$input_errors);
+ squidguard_validate_acl($post, $input_errors);
}
# ------------------------------------------------------------------------------
# validate acl
# ------------------------------------------------------------------------------
-function squidguard_validate_acl($post, $input_errors)
+function squidguard_validate_acl(&$post, &$input_errors)
{
$pass_up = array();
$deny_up = array();
@@ -134,7 +134,7 @@ function squidguard_validate_acl($post, $input_errors)
$name = trim($post[F_NAME]);
if(!empty($name)) {
# validate name format
- check_name_format($name, &$input_errors);
+ check_name_format($name, $input_errors);
# check unique name
if (!sg_check_unique_name(F_ACLS, $name))
@@ -148,7 +148,7 @@ function squidguard_validate_acl($post, $input_errors)
$sgx = array();
$sgx[F_NAME] = $post[F_NAME];
$sgx[F_SOURCE] = $post[F_SOURCE];
- sg_check_src($sgx, &$input_errors);
+ sg_check_src($sgx, $input_errors);
}
# store destinations to 'dest' value
@@ -192,7 +192,7 @@ function squidguard_validate_acl($post, $input_errors)
# check redirect
$errmsg = '';
- if (!sg_check_redirect($post[F_RMOD], $post[F_REDIRECT], &$errmsg)) {
+ if (!sg_check_redirect($post[F_RMOD], $post[F_REDIRECT], $errmsg)) {
$input_errors[] = "Redirect info error. $errmsg";
}
}
@@ -203,14 +203,14 @@ function squidguard_validate_acl($post, $input_errors)
# date: <date(or range)><time (or range)> -- days not parsed (reset to *)
# weekly: <day or *><time or range> -- dates not parsed (reset to '')
# ------------------------------------------------------------------------------
-function squidguard_validate_times($post, $input_errors)
+function squidguard_validate_times(&$post, &$input_errors)
{
$id = get_item_id();
# check name
$name = trim($post[F_NAME]);
if(!empty($name)) {
- check_name_format($name, &$input_errors);
+ check_name_format($name, $input_errors);
# check unique name
if (!sg_check_unique_name(F_TIMES, $name))
@@ -246,18 +246,18 @@ function squidguard_validate_times($post, $input_errors)
$sgx[F_ITEM][] = $sgx_row;
}
#
- sg_check_time($sgx, &$input_errors);
+ sg_check_time($sgx, $input_errors);
}
# ------------------------------------------------------------------------------
# validate destinations
# ------------------------------------------------------------------------------
-function squidguard_validate_destination($post, $input_errors) {
+function squidguard_validate_destination($post, &$input_errors) {
# check name
$name = trim($post[F_NAME]);
if(!empty($name)) {
- check_name_format($name, &$input_errors);
+ check_name_format($name, $input_errors);
# check unique name
if (!sg_check_unique_name(F_DESTINATIONS, $name))
@@ -277,18 +277,18 @@ function squidguard_validate_destination($post, $input_errors) {
$sgx[F_RMOD] = $post[F_RMOD];
$sgx[F_REDIRECT] = $post[F_REDIRECT];
#
- sg_check_dest($sgx, &$input_errors);
+ sg_check_dest($sgx, $input_errors);
}
# ------------------------------------------------------------------------------
# validate rewrites
# ------------------------------------------------------------------------------
-function squidguard_validate_rewrite($post, $input_errors) {
+function squidguard_validate_rewrite($post, &$input_errors) {
# check name
$name = trim($post[F_NAME]);
if(!empty($name)) {
# check name format <char><symbols without space> - Ab123
- check_name_format($name, &$input_errors);
+ check_name_format($name, $input_errors);
# check unique name
if (!sg_check_unique_name(F_REWRITES, $name))
@@ -447,7 +447,7 @@ function get_sgconf_items_list($data_group, $fieldname) {
# ==============================================================================
# squidguard_before_form
# ------------------------------------------------------------------------------
-function squidguard_before_form($pkg) {
+function squidguard_before_form(&$pkg) {
$i=0;
foreach($pkg['fields']['field'] as $field) {
@@ -470,7 +470,7 @@ function squidguard_before_form($pkg) {
# -----------------------------------------------------------------------------
# squidguard_before_form_acl
# -----------------------------------------------------------------------------
-function squidguard_before_form_acl($pkg, $is_acl=true) {
+function squidguard_before_form_acl(&$pkg, $is_acl=true) {
global $g;
global $squidguard_config;
@@ -638,7 +638,7 @@ function squidguard_before_form_acl($pkg, $is_acl=true) {
# -----------------------------------------------------------------------------
# squidguard_before_form_dest
# -----------------------------------------------------------------------------
-function squidguard_before_form_dest($pkg) {
+function squidguard_before_form_dest(&$pkg) {
global $g, $squidguard_config;
$destination_items = get_sgconf_items_list(F_DESTINATIONS, 'name');
//var_dump($squidguard_config);
@@ -1301,12 +1301,12 @@ function squidguard_adt_rewrite_safesrch()
$res[F_NAME] = SAFESEARCH;
$res[F_DESCRIPTION] = "Google, Yandex safesearch";
$res[F_LOG] = 'on';
- squidguard_adt_safesrch_add(&$res[F_ITEM]);
+ squidguard_adt_safesrch_add($res[F_ITEM]);
return $res;
}
-function squidguard_adt_safesrch_add($rewrite_item)
+function squidguard_adt_safesrch_add(&$rewrite_item)
{
if (!is_array($rewrite_item)) $rewrite_item = array();
@@ -1331,7 +1331,7 @@ function squidguard_adt_safesrch_add($rewrite_item)
}
# log dump
-function squidguard_logdump($filename, $lnoffset, $lncount, $reverse)
+function squidguard_logdump($filename, &$lnoffset, $lncount, $reverse)
{
define('LOGSHOW_BUFSIZE', '262144');
$cnt = '';
@@ -1374,7 +1374,7 @@ function squidguard_logdump($filename, $lnoffset, $lncount, $reverse)
function squidguard_filterdump($lnoffset, $lncount, $reverse)
{
$res = array();
- $cont = squidguard_logdump(SQUIDGUARD_LOGDIR . '/squidGuard.log', &$lnoffset, $lncount, $reverse);
+ $cont = squidguard_logdump(SQUIDGUARD_LOGDIR . '/squidGuard.log', $lnoffset, $lncount, $reverse);
foreach($cont as $cn) {
$cn = explode(" ", trim($cn), 4);
@@ -1388,7 +1388,7 @@ function squidguard_filterdump($lnoffset, $lncount, $reverse)
function squidguard_guidump($lnoffset, $lncount, $reverse)
{
$res = array();
- $cont = squidguard_logdump(SQUIDGUARD_LOGDIR . SQUIDGUARD_CONFLOGFILE, &$lnoffset, $lncount, $reverse);
+ $cont = squidguard_logdump(SQUIDGUARD_LOGDIR . SQUIDGUARD_CONFLOGFILE, $lnoffset, $lncount, $reverse);
foreach($cont as $cn) {
$cn = explode(" ", trim($cn), 4);
@@ -1402,7 +1402,7 @@ function squidguard_guidump($lnoffset, $lncount, $reverse)
function squidguard_blockdump($lnoffset, $lncount, $reverse)
{
$res = array();
- $cont = squidguard_logdump(SQUIDGUARD_LOGDIR . '/' . SQUIDGUARD_LOGFILE, &$lnoffset, $lncount, $reverse);
+ $cont = squidguard_logdump(SQUIDGUARD_LOGDIR . '/' . SQUIDGUARD_LOGFILE, $lnoffset, $lncount, $reverse);
foreach($cont as $cn) {
$cn = explode(" ", trim($cn), 9);
diff --git a/config/squidGuard/squidguard.xml b/config/squidGuard/squidguard.xml
index ee7302f4..62882539 100644
--- a/config/squidGuard/squidguard.xml
+++ b/config/squidGuard/squidguard.xml
@@ -6,7 +6,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>squidguardgeneral</name>
- <version>1.4_4 pkg v.1.9.3</version>
+ <version>1.4_4 pkg v.1.9.6</version>
<title>Proxy filter SquidGuard: General settings</title>
<include_file>/usr/local/pkg/squidguard.inc</include_file>
<!-- Installation -->
@@ -239,10 +239,10 @@
</fields>
<custom_add_php_command/>
<custom_php_validation_command>
- squidguard_validate(&amp;$_POST, &amp;$input_errors);
+ squidguard_validate($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_command_before_form>
- squidguard_before_form(&amp;$pkg);
+ squidguard_before_form($pkg);
</custom_php_command_before_form>
<custom_php_after_form_command>
squidGuard_print_javascript();
diff --git a/config/squidGuard/squidguard_acl.xml b/config/squidGuard/squidguard_acl.xml
index 243576e8..8ddd6c35 100644
--- a/config/squidGuard/squidguard_acl.xml
+++ b/config/squidGuard/squidguard_acl.xml
@@ -224,10 +224,10 @@
</field>
</fields>
<custom_php_validation_command>
- squidguard_validate_acl(&amp;$_POST, &amp;$input_errors);
+ squidguard_validate_acl($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_command_before_form>
- squidguard_before_form_acl(&amp;$pkg);
+ squidguard_before_form_acl($pkg);
</custom_php_command_before_form>
<custom_php_after_form_command>
squidGuard_print_javascript();
diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc
index 5dbfcc43..006cf083 100644
--- a/config/squidGuard/squidguard_configurator.inc
+++ b/config/squidGuard/squidguard_configurator.inc
@@ -846,7 +846,7 @@ function sg_create_config()
}
# check configuration data
- if (!sg_check_config_data(&$error_res)) {
+ if (!sg_check_config_data($error_res)) {
sg_addlog("sg_create_config", "Bad config data. It's all error_res: $error_res", SQUIDGUARD_ERROR);
sg_addlog("sg_create_config", "Terminated.", SQUIDGUARD_ERROR);
return sg_create_simple_config('', '', "Error! Check squidGuard configuration data." . " (sg_create_config: [2]).");
@@ -1071,8 +1071,8 @@ function sg_create_config()
# delete blacklist entries from 'pass' if blacklist disabled
if ($squidguard_config[F_BLACKLISTENABLED] !== 'on') {
- acl_remove_blacklist_items(&$acl[F_DESTINATIONNAME]);
- acl_remove_blacklist_items(&$acl[F_OVERDESTINATIONNAME]);
+ acl_remove_blacklist_items($acl[F_DESTINATIONNAME]);
+ acl_remove_blacklist_items($acl[F_OVERDESTINATIONNAME]);
}
# not allowing IP in URL
@@ -1128,7 +1128,7 @@ function sg_create_config()
# delete blacklist entries from 'pass' if blacklist disabled
if ($squidguard_config[F_BLACKLISTENABLED] !== 'on')
- acl_remove_blacklist_items(&$def[F_DESTINATIONNAME]);
+ acl_remove_blacklist_items($def[F_DESTINATIONNAME]);
# not allowing IP in URL
if ($def[F_NOTALLOWINGIP])
@@ -1254,7 +1254,7 @@ function sg_redirector_base_url($rdr_info, $redirect_mode)
# check redirect
$errmsg = '';
- if (!sg_check_redirect($redirect_mode, $rdr_info, &$errmsg)) {
+ if (!sg_check_redirect($redirect_mode, $rdr_info, $errmsg)) {
$redirect_mode = RMOD_INT_ERRORPAGE;
$rdr_info = "Bad redirect settings. $errmsg Check you configuration.";
sg_addlog("sg_redirector_base_url", "$errmsg", SQUIDGUARD_ERROR);
@@ -1310,7 +1310,7 @@ function sg_aclpass_reorder($pass)
# ------------------------------------------------------------
# sg_check_config_data
# ------------------------------------------------------------
-function sg_check_config_data ($input_errors)
+function sg_check_config_data (&$input_errors)
{
global $squidguard_config;
$elog = array();
@@ -1327,14 +1327,14 @@ function sg_check_config_data ($input_errors)
# check name as unique and name format
$tm_name = $tm[F_NAME];
$err_s = '';
- if (!check_name_format($tm_name, &$err_s))
+ if (!check_name_format($tm_name, $err_s))
$elog[] = "(T1) TIME '$tm_name' error: >>> $err_s";
if ($key_tm[$tm_name] > 1)
$elog[] = "(T2) TIME '$tm_name' error: duplicate time name '$tm_name'";
# check time items format
- sg_check_time($tm, &$elog);
+ sg_check_time($tm, $elog);
}
}
@@ -1345,7 +1345,7 @@ function sg_check_config_data ($input_errors)
# check name as unique and name format
$src_name = $src[F_NAME];
$err_s = '';
- if (!check_name_format($src_name, &$err_s))
+ if (!check_name_format($src_name, $err_s))
$elog[] = "(A1) ACL '$src_name'error: $err_s";
if ($key_src[$src_name] > 1)
@@ -1362,13 +1362,13 @@ function sg_check_config_data ($input_errors)
# check name as unique and name format
$dst_name = $dst[F_NAME];
$err_s = '';
- if (!check_name_format($dst_name, &$err_s))
+ if (!check_name_format($dst_name, $err_s))
$elog[] = "(D1) DEST '$dst_name' error: $err_s";
if ($key_dst[$dst_name] > 1)
$elog[] = "(D2) DEST '$dst_name' error: duplicate destination name '$dst_name'";
#
- sg_check_dest($dst, &$elog);
+ sg_check_dest($dst, $elog);
}
}
@@ -1396,7 +1396,7 @@ function sg_check_config_data ($input_errors)
# check check name as unique and name format
$rw_name = $rw[F_NAME];
$err_s = '';
- if (!check_name_format($rw_name, &$err_s))
+ if (!check_name_format($rw_name, $err_s))
$elog[] = "(R1) REWRITE '$rw_name' error: $err_s";
if ($key_rw[$rw_name] > 1)
@@ -1674,7 +1674,7 @@ function is_username($username)
# ------------------------------------------------------------------------------
# check name
# ------------------------------------------------------------------------------
-function check_name_format ($name, $input_errors)
+function check_name_format ($name, &$input_errors)
{
$elog = array();
$val = trim($name);
@@ -1698,7 +1698,7 @@ function check_name_format ($name, $input_errors)
# ******************************************************************************
# check redirect
# ------------------------------------------------------------------------------
-function sg_check_redirect($rdr_mode, $rdr_info, $err_msg)
+function sg_check_redirect($rdr_mode, $rdr_info, &$err_msg)
{
$res = true;
switch($rdr_mode) {
@@ -1720,7 +1720,7 @@ function sg_check_redirect($rdr_mode, $rdr_info, $err_msg)
# ------------------------------------------------------------------------------
# sg_check_time
# ------------------------------------------------------------------------------
-function sg_check_time($sgtime, $input_errors)
+function sg_check_time($sgtime, &$input_errors)
{
$err = '';
$days = array("*", "mon", "tue", "wed", "thu", "fri", "sat", "sun");
@@ -1746,14 +1746,14 @@ function sg_check_time($sgtime, $input_errors)
# ------------------------------------------------------------------------------
# sg_check_dest
# ------------------------------------------------------------------------------
-function sg_check_dest($sgx, $input_errors)
+function sg_check_dest($sgx, &$input_errors)
{
$elog = array();
$dm = explode(" ", $sgx[F_DOMAINS]);
# $ex = explode(" ", $sgx[F_EXPRESSIONS]);
$ur = explode(" ", $sgx[F_URLS]);
- array_packitems(&$dm);
- array_packitems(&$ur);
+ array_packitems($dm);
+ array_packitems($ur);
# domain or ip
foreach ($dm as $d_it) {
@@ -1765,7 +1765,7 @@ function sg_check_dest($sgx, $input_errors)
if ($u_it && !is_dest_url($u_it)) $elog[] = "Item '$u_it' is not a url.";
# check redirect
- sg_check_redirect($sgx[F_RMOD], $sgx[F_REDIRECT], &$elog);
+ sg_check_redirect($sgx[F_RMOD], $sgx[F_REDIRECT], $elog);
# update log
if (!empty($elog)) {
@@ -1780,7 +1780,7 @@ function sg_check_dest($sgx, $input_errors)
# ------------------------------------------------------------------------------
# sg_check_src
# ------------------------------------------------------------------------------
-function sg_check_src($sgx, $input_errors)
+function sg_check_src($sgx, &$input_errors)
{
$elog = array();
@@ -1822,7 +1822,7 @@ function str_packspaces($str)
while(strpos($str, ' ')) $str = str_replace(' ', ' ', $str);
}
-function array_packitems($arval)
+function array_packitems(&$arval)
{
if (is_array($arval)) {
$arval = array_map("trim", $arval); # trim all items
@@ -1894,7 +1894,7 @@ function check_time($time)
# -----------------------------------------------------------------------------
# acl_remove_blacklist_items
# -----------------------------------------------------------------------------
-function acl_remove_blacklist_items($items)
+function acl_remove_blacklist_items(&$items)
{
# add !items and ^items
$db_entries = sg_entries_blacklist();
@@ -2207,7 +2207,7 @@ function sg_update_blacklist($from_file)
$blk_list = array();
# scan blacklist items
- scan_blacklist_cat($tmp_unpack_dir, "blk", & $blk_items);
+ scan_blacklist_cat($tmp_unpack_dir, "blk", $blk_items);
# move blacklist catalog structure to 'one level' (from tmp_DB to arch_DB)
foreach ($blk_items as $key => $val) {
@@ -2416,7 +2416,7 @@ function squidguard_blacklist_restore_arcdb()
# ["urls"] urls file path
# ["expressions"] expressions file path
# ------------------------------------------------------------------------------
-function scan_blacklist_cat($curdir, $key_name, $cat_array)
+function scan_blacklist_cat($curdir, $key_name, &$cat_array)
{
if (file_exists($curdir) and is_dir($curdir)) {
@@ -2449,7 +2449,7 @@ function scan_blacklist_cat($curdir, $key_name, $cat_array)
$fls_key = $key_name . "_" . $fls;
# recursive call
- scan_blacklist_cat($fls_file, $fls_key, & $cat_array);
+ scan_blacklist_cat($fls_file, $fls_key, $cat_array);
}
}
}
diff --git a/config/squidGuard/squidguard_default.xml b/config/squidGuard/squidguard_default.xml
index 01380ea5..4a03c2b6 100644
--- a/config/squidGuard/squidguard_default.xml
+++ b/config/squidGuard/squidguard_default.xml
@@ -134,10 +134,10 @@
</field>
</fields>
<custom_php_validation_command>
- squidguard_validate_acl(&amp;$_POST, &amp;$input_errors);
+ squidguard_validate_acl($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_command_before_form>
- squidguard_before_form_acl(&amp;$pkg, false);
+ squidguard_before_form_acl($pkg, false);
</custom_php_command_before_form>
<custom_php_after_form_command>
squidGuard_print_javascript();
diff --git a/config/squidGuard/squidguard_dest.xml b/config/squidGuard/squidguard_dest.xml
index 3525098e..5f128a49 100644
--- a/config/squidGuard/squidguard_dest.xml
+++ b/config/squidGuard/squidguard_dest.xml
@@ -172,10 +172,10 @@
</field>
</fields>
<custom_php_command_before_form>
- squidguard_before_form_dest(&amp;$pkg);
+ squidguard_before_form_dest($pkg);
</custom_php_command_before_form>
<custom_php_validation_command>
- squidguard_validate_destination($_POST, &amp;$input_errors);
+ squidguard_validate_destination($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
squidguard_resync_dest();
diff --git a/config/squidGuard/squidguard_log.php b/config/squidGuard/squidguard_log.php
index 8eba2311..fae61a8c 100644
--- a/config/squidGuard/squidguard_log.php
+++ b/config/squidGuard/squidguard_log.php
@@ -77,14 +77,14 @@ function squidguard_log_AJAX_response( $request )
$res = squidguard_prep_textareacont($cont);
break;
case 'guilog':
- $res = squidguard_logrep(squidguard_guidump( &$offset, 50, true));
+ $res = squidguard_logrep(squidguard_guidump( $offset, 50, true));
break;
case 'filterlog':
- $res = squidguard_logrep(squidguard_filterdump( &$offset, 50, true));
+ $res = squidguard_logrep(squidguard_filterdump( $offset, 50, true));
break;
case "blocked":
default:
- $res = squidguard_logrep(squidguard_blockdump( &$offset, 50, true));
+ $res = squidguard_logrep(squidguard_blockdump( $offset, 50, true));
break;
}
@@ -93,7 +93,7 @@ function squidguard_log_AJAX_response( $request )
return $res;
}
-function squidguard_logrep( $dump )
+function squidguard_logrep( &$dump )
{
$res = '';
diff --git a/config/squidGuard/squidguard_rewr.xml b/config/squidGuard/squidguard_rewr.xml
index c21cb1c0..4b55292d 100644
--- a/config/squidGuard/squidguard_rewr.xml
+++ b/config/squidGuard/squidguard_rewr.xml
@@ -136,7 +136,7 @@
squidGuard_print_javascript();
</custom_php_after_form_command>
<custom_php_validation_command>
- squidguard_validate_rewrite($_POST, &amp;$input_errors);
+ squidguard_validate_rewrite($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
// squidguard_resync_rewrite();
diff --git a/config/squidGuard/squidguard_time.xml b/config/squidGuard/squidguard_time.xml
index dfd589aa..7f682174 100644
--- a/config/squidGuard/squidguard_time.xml
+++ b/config/squidGuard/squidguard_time.xml
@@ -136,7 +136,7 @@
squidGuard_print_javascript();
</custom_php_after_form_command>
<custom_php_validation_command>
- squidguard_validate_times(&amp;$_POST, &amp;$input_errors);
+ squidguard_validate_times($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
// squidguard_resync_time();
diff --git a/config/suricata/suricata.inc b/config/suricata/suricata.inc
index c767f2d0..89bb572f 100644
--- a/config/suricata/suricata.inc
+++ b/config/suricata/suricata.inc
@@ -60,7 +60,12 @@ define('SURICATA_PKG_VER', $suricata_package_version);
define('SURICATA_PF_TABLE', 'snort2c');
// Create some other useful defines
-define('SURICATADIR', '/usr/pbi/suricata-' . php_uname("m") . '/etc/suricata/');
+$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+if ($pf_version >= 2.2)
+ define('SURICATADIR', '/usr/pbi/suricata-' . php_uname("m") . '/local/etc/suricata/');
+else
+ define('SURICATADIR', '/usr/pbi/suricata-' . php_uname("m") . '/etc/suricata/');
+
define('SURICATALOGDIR', '/var/log/suricata/');
define('RULES_UPD_LOGFILE', SURICATALOGDIR . 'suricata_rules_update.log');
define('ENFORCING_RULES_FILENAME', 'suricata.rules');
@@ -933,7 +938,7 @@ function suricata_build_sid_msg_map($rules_path, $sid_file) {
natcasesort($sidMap);
// Now print the result to the supplied file
- @file_put_contents($sid_file, "#v2\n# sid-msg.map file auto-generated by Snort.\n\n");
+ @file_put_contents($sid_file, "#v2\n# sid-msg.map file auto-generated by Suricata.\n\n");
@file_put_contents($sid_file, array_values($sidMap), FILE_APPEND);
}
diff --git a/config/suricata/suricata.xml b/config/suricata/suricata.xml
index 1a64d619..a2acd49e 100644
--- a/config/suricata/suricata.xml
+++ b/config/suricata/suricata.xml
@@ -51,7 +51,7 @@
<description>Suricata IDS/IPS Package</description>
<requirements>None</requirements>
<name>suricata</name>
- <version>1.4.6 pkg v1.0</version>
+ <version>1.4.6 pkg v1.0.2</version>
<title>Services: Suricata IDS</title>
<include_file>/usr/local/pkg/suricata/suricata.inc</include_file>
<menu>
diff --git a/config/suricata/suricata_alerts.php b/config/suricata/suricata_alerts.php
index 07e4eb1f..2f0f114f 100644
--- a/config/suricata/suricata_alerts.php
+++ b/config/suricata/suricata_alerts.php
@@ -410,7 +410,7 @@ if ($savemsg) {
<td width="78%" class="vtable">
<input name="save" type="submit" class="formbtns" value=" Save " title="<?=gettext("Save auto-refresh and view settings");?>"/>
&nbsp;<?php echo gettext('Refresh');?>&nbsp;&nbsp;<input name="arefresh" type="checkbox" value="on"
- <?php if ($config['installedpackages']['snortglobal']['alertsblocks']['arefresh']=="on") echo "checked"; ?>/>
+ <?php if ($config['installedpackages']['suricata']['alertsblocks']['arefresh']=="on") echo "checked"; ?>/>
<?php printf(gettext('%sDefault%s is %sON%s.'), '<strong>', '</strong>', '<strong>', '</strong>'); ?>&nbsp;&nbsp;
<input name="alertnumber" type="text" class="formfld unknown" id="alertnumber" size="5" value="<?=htmlspecialchars($anentries);?>"/>
&nbsp;<?php printf(gettext('Enter number of log entries to view. %sDefault%s is %s250%s.'), '<strong>', '</strong>', '<strong>', '</strong>'); ?>
diff --git a/config/suricata/suricata_barnyard.php b/config/suricata/suricata_barnyard.php
index d4afe4f4..c7488fe4 100644
--- a/config/suricata/suricata_barnyard.php
+++ b/config/suricata/suricata_barnyard.php
@@ -86,8 +86,6 @@ if (isset($id) && $a_nat[$id]) {
$pconfig['barnyard_bro_ids_dport'] = "47760";
if (empty($a_nat[$id]['barnyard_sensor_id']))
$pconfig['barnyard_sensor_id'] = "0";
- if (empty($a_nat[$id]['barnyard_sensor_name']))
- $pconfig['barnyard_sensor_name'] = php_uname("n");
}
if ($_POST['save']) {
diff --git a/config/suricata/suricata_interfaces.php b/config/suricata/suricata_interfaces.php
index 26d57b71..205a872b 100644
--- a/config/suricata/suricata_interfaces.php
+++ b/config/suricata/suricata_interfaces.php
@@ -57,6 +57,10 @@ if (!is_array($config['installedpackages']['suricata']['rule']))
$a_nat = &$config['installedpackages']['suricata']['rule'];
$id_gen = count($config['installedpackages']['suricata']['rule']);
+// Get list of configured firewall interfaces
+$ifaces = get_configured_interface_list();
+
+
if ($_POST['del_x']) {
/* delete selected interfaces */
if (is_array($_POST['rule'])) {
@@ -207,9 +211,22 @@ include_once("head.inc");
<th class="listhdrr"><?php echo gettext("Block"); ?></th>
<th class="listhdrr"><?php echo gettext("Barnyard2"); ?></th>
<th class="listhdr"><?php echo gettext("Description"); ?></th>
- <th class="list"><a href="suricata_interfaces_edit.php?id=<?php echo $id_gen;?>">
- <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif"
- width="17" height="17" border="0" title="<?php echo gettext('Add Suricata interface mapping');?>"></a>
+ <th class="list">
+ <?php if ($id_gen < count($ifaces)): ?>
+ <a href="suricata_interfaces_edit.php?id=<?php echo $id_gen;?>">
+ <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif"
+ width="17" height="17" border="0" title="<?php echo gettext('Add Suricata interface mapping');?>"></a>
+ <?php else: ?>
+ <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" width="17" height="17" border="0"
+ title="<?php echo gettext('No available interfaces for a new Suricata mapping');?>">
+ <?php endif; ?>
+ <?php if ($id_gen == 0): ?>
+ <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" " border="0">
+ <?php else: ?>
+ <input name="del" type="image" src="../themes/<?= $g['theme']; ?>/images/icons/icon_x.gif"
+ width="17" height="17" title="<?php echo gettext("Delete selected Suricata interface mapping(s)"); ?>"
+ onclick="return intf_del()">
+ <?php endif; ?>
</th>
</tr>
</thead>
@@ -342,7 +359,15 @@ include_once("head.inc");
<td valign="middle" class="list" nowrap>
<a href="suricata_interfaces_edit.php?id=<?=$i;?>">
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"
- width="17" height="17" border="0" title="<?php echo gettext('Edit Suricata interface mapping'); ?>"></a>
+ width="17" height="17" border="0" title="<?php echo gettext('Edit this Suricata interface mapping'); ?>"></a>
+ <?php if ($id_gen < count($ifaces)): ?>
+ <a href="suricata_interfaces_edit.php?id=<?=$i;?>&action=dup">
+ <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif"
+ width="17" height="17" border="0" title="<?php echo gettext('Add new interface mapping based on this one'); ?>"></a>
+ <?php else: ?>
+ <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" width="17" height="17" border="0"
+ title="<?php echo gettext('No available interfaces for a new Suricata mapping');?>">
+ <?php endif; ?>
</td>
</tr>
<?php $i++; $nnats++; endforeach; ob_end_flush(); ?>
@@ -354,8 +379,16 @@ include_once("head.inc");
<?php else: ?>&nbsp;
<?php endif; ?>
</td>
- <td class="list" valign="middle" nowrap>
- <?php if ($nnats == 0): ?>
+ <td class="list">
+ <?php if ($id_gen < count($ifaces)): ?>
+ <a href="suricata_interfaces_edit.php?id=<?php echo $id_gen;?>">
+ <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif"
+ width="17" height="17" border="0" title="<?php echo gettext('Add Suricata interface mapping');?>"></a>
+ <?php else: ?>
+ <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" width="17" height="17" border="0"
+ title="<?php echo gettext('No available interfaces for a new Suricata mapping');?>">
+ <?php endif; ?>
+ <?php if ($id_gen == 0): ?>
<img src="../themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" " border="0">
<?php else: ?>
<input name="del" type="image" src="../themes/<?= $g['theme']; ?>/images/icons/icon_x.gif"
diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php
index 3b61755c..dcf6fe3f 100644
--- a/config/suricata/suricata_interfaces_edit.php
+++ b/config/suricata/suricata_interfaces_edit.php
@@ -62,6 +62,13 @@ elseif (isset($_GET['id']) && is_numericint($_GET['id']));
if (is_null($id))
$id = 0;
+if (isset($_POST['action']))
+ $action = htmlspecialchars($_POST['action'], ENT_QUOTES | ENT_HTML401);
+elseif (isset($_GET['action']))
+ $action = htmlspecialchars($_GET['action'], ENT_QUOTES | ENT_HTML401);
+else
+ $action = "";
+
$pconfig = array();
if (empty($suricataglob['rule'][$id]['uuid'])) {
/* Adding new interface, so flag rules to build. */
@@ -142,7 +149,37 @@ if (empty($pconfig['max_pcap_log_size']))
if (empty($pconfig['max_pcap_log_files']))
$pconfig['max_pcap_log_files'] = "1000";
-if ($_POST["save"]) {
+// See if creating a new interface by duplicating an existing one
+if (strcasecmp($action, 'dup') == 0) {
+
+ // Try to pick the next available physical interface to use
+ $ifaces = get_configured_interface_list();
+ $ifrules = array();
+ foreach($a_rule as $r)
+ $ifrules[] = $r['interface'];
+ foreach ($ifaces as $i) {
+ if (!in_array($i, $ifrules)) {
+ $pconfig['interface'] = $i;
+ $pconfig['enable'] = 'on';
+ $pconfig['descr'] = strtoupper($i);
+ $pconfig['inspect_recursion_limit'] = '3000';
+ break;
+ }
+ }
+ if (count($ifrules) == count($ifaces)) {
+ $input_errors[] = gettext("No more available interfaces to configure for Suricata!");
+ $interfaces = array();
+ $pconfig = array();
+ }
+
+ // Set Home Net, External Net, Suppress List and Pass List to defaults
+ unset($pconfig['suppresslistname']);
+ unset($pconfig['passlistname']);
+ unset($pconfig['homelistname']);
+ unset($pconfig['externallistname']);
+}
+
+if ($_POST["save"] && !$input_errors) {
// If the interface is not enabled, stop any running Suricata
// instance on it, save the new state and exit.
if (!isset($_POST['enable'])) {
@@ -237,7 +274,7 @@ if ($_POST["save"]) {
if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode($_POST['configpassthru']); else unset($natent['configpassthru']);
$if_real = get_real_interface($natent['interface']);
- if (isset($id) && $a_rule[$id]) {
+ if (isset($id) && $a_rule[$id] && $action == '') {
// See if moving an existing Suricata instance to another physical interface
if ($natent['interface'] != $a_rule[$id]['interface']) {
$oif_real = get_real_interface($a_rule[$id]['interface']);
@@ -253,7 +290,15 @@ if ($_POST["save"]) {
conf_mount_ro();
}
$a_rule[$id] = $natent;
- } else {
+ }
+ elseif (strcasecmp($action, 'dup') == 0) {
+ // Duplicating a new interface, so set flag to build new rules
+ $rebuild_rules = true;
+
+ // Add the new duplicated interface configuration to the [rule] array in config
+ $a_rule[] = $natent;
+ }
+ else {
// Adding new interface, so set interface configuration parameter defaults
$natent['ip_max_frags'] = "65535";
$natent['ip_frag_timeout'] = "60";
@@ -358,6 +403,9 @@ if ($savemsg) {
?>
<form action="suricata_interfaces_edit.php<?php echo "?id=$id";?>" method="post" name="iform" id="iform">
+<input name="id" type="hidden" value="<?=$id;?>"/>
+<input name="action" type="hidden" value="<?=$action;?>"/>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
@@ -773,7 +821,6 @@ if ($savemsg) {
<tr>
<td colspan="2" align="center" valign="middle"><input name="save" type="submit" class="formbtn" value="Save" title="<?php echo
gettext("Click to save settings and exit"); ?>"/>
- <input name="id" type="hidden" value="<?=$id;?>"/>
</td>
</tr>
<tr>
diff --git a/config/suricata/suricata_logs_browser.php b/config/suricata/suricata_logs_browser.php
index 04edf373..cbe5ee7b 100644
--- a/config/suricata/suricata_logs_browser.php
+++ b/config/suricata/suricata_logs_browser.php
@@ -55,21 +55,22 @@ $suricata_uuid = $a_instance[$instanceid]['uuid'];
$if_real = get_real_interface($a_instance[$instanceid]['interface']);
// Construct a pointer to the instance's logging subdirectory
-$suricatalogdir = SURICATALOGDIR . "suricata_{$if_real}{$suricata_uuid}";
+$suricatalogdir = SURICATALOGDIR . "suricata_{$if_real}{$suricata_uuid}/";
-$logfile = $_POST['file'];
+// Limit all file access to just the currently selected interface's logging subdirectory
+$logfile = htmlspecialchars($suricatalogdir . basename($_POST['file']));
if ($_POST['action'] == 'load') {
- if(!is_file($_POST['file'])) {
+ if(!is_file($logfile)) {
echo "|3|" . gettext("Log file does not exist or that logging feature is not enabled") . ".|";
}
else {
- $data = file_get_contents($_POST['file']);
+ $data = file_get_contents($logfile);
if($data === false) {
echo "|1|" . gettext("Failed to read log file") . ".|";
} else {
$data = base64_encode($data);
- echo "|0|{$_POST['file']}|{$data}|";
+ echo "|0|{$logfile}|{$data}|";
}
}
exit;
@@ -101,7 +102,7 @@ if ($input_errors) {
jQuery.ajax(
"<?=$_SERVER['SCRIPT_NAME'];?>", {
type: 'POST',
- data: "action=load&file=" + jQuery("#logFile").val(),
+ data: "instance=" + jQuery("#instance").val() + "&action=load&file=" + jQuery("#logFile").val(),
complete: loadComplete
}
);
@@ -180,7 +181,7 @@ if ($input_errors) {
$selected = "";
if ($log == basename($logfile))
$selected = "selected";
- echo "<option value='{$suricatalogdir}/{$log}' {$selected}>" . $log . "</option>\n";
+ echo "<option value='{$suricatalogdir}{$log}' {$selected}>" . $log . "</option>\n";
}
?>
</select>&nbsp;&nbsp;<?php echo gettext('Choose which log you want to view.'); ?>
@@ -222,7 +223,7 @@ if ($input_errors) {
</table>
</form>
-<?php if(empty($logfile)): ?>
+<?php if(empty($_POST['file'])): ?>
<script type="text/javascript">
document.getElementById("logFile").selectedIndex=-1;
</script>
diff --git a/config/suricata/suricata_passlist_edit.php b/config/suricata/suricata_passlist_edit.php
index 35c7b66e..437ae9a8 100644
--- a/config/suricata/suricata_passlist_edit.php
+++ b/config/suricata/suricata_passlist_edit.php
@@ -114,7 +114,12 @@ if ($_POST['save']) {
/* input validation */
$reqdfields = explode(" ", "name");
$reqdfieldsn = explode(",", "Name");
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if(strtolower($_POST['name']) == "defaultpasslist")
$input_errors[] = gettext("Pass List file names may not be named defaultpasslist.");
diff --git a/config/suricata/suricata_post_install.php b/config/suricata/suricata_post_install.php
index c44b392f..eb193d58 100644
--- a/config/suricata/suricata_post_install.php
+++ b/config/suricata/suricata_post_install.php
@@ -60,14 +60,14 @@ if(is_process_running("suricata")) {
killbyname("suricata");
sleep(2);
// Delete any leftover suricata PID files in /var/run
- unlink_if_exists("/var/run/suricata_*.pid");
+ unlink_if_exists("{$g['varrun_path']}/suricata_*.pid");
}
// Hard kill any running Barnyard2 processes
if(is_process_running("barnyard")) {
killbyname("barnyard2");
sleep(2);
// Delete any leftover barnyard2 PID files in /var/run
- unlink_if_exists("/var/run/barnyard2_*.pid");
+ unlink_if_exists("{$g['varrun_path']}/barnyard2_*.pid");
}
// Set flag for post-install in progress
@@ -148,7 +148,7 @@ if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] =
}
// Update Suricata package version in configuration
-$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "v1.0.1";
+$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "v1.0.2";
write_config();
// Done with post-install, so clear flag
diff --git a/config/suricata/suricata_suppress_edit.php b/config/suricata/suricata_suppress_edit.php
index a46e9e99..d4549e56 100644
--- a/config/suricata/suricata_suppress_edit.php
+++ b/config/suricata/suricata_suppress_edit.php
@@ -88,7 +88,12 @@ if ($_POST['save']) {
$reqdfields = explode(" ", "name");
$reqdfieldsn = array("Name");
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version < 2.1)
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
+ else
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if(strtolower($_POST['name']) == "defaultwhitelist")
$input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
diff --git a/config/suricata/suricata_uninstall.php b/config/suricata/suricata_uninstall.php
index 2317578e..2a82e473 100644
--- a/config/suricata/suricata_uninstall.php
+++ b/config/suricata/suricata_uninstall.php
@@ -58,7 +58,7 @@ killbyname("suricata");
sleep(1);
// Delete any leftover suricata PID files in /var/run
-array_map('@unlink', glob("/var/run/suricata_*.pid"));
+unlink_if_exists("{$g['varrun_path']}/suricata_*.pid");
/* Make sure all active Barnyard2 processes are terminated */
/* Log a message only if a running process is detected */
@@ -68,10 +68,7 @@ killbyname("barnyard2");
sleep(1);
// Delete any leftover barnyard2 PID files in /var/run
-array_map('@unlink', glob("/var/run/barnyard2_*.pid"));
-
-/* Remove the suricata user and group */
-mwexec('/usr/sbin/pw userdel suricata; /usr/sbin/pw groupdel suricata', true);
+unlink_if_exists("{$g['varrun_path']}/barnyard2_*.pid");
/* Remove the Suricata cron jobs. */
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/www/suricata/suricata_check_for_rule_updates.php", false);
diff --git a/config/suricata/suricata_yaml_template.inc b/config/suricata/suricata_yaml_template.inc
index c20ca8db..44fd1d5f 100644
--- a/config/suricata/suricata_yaml_template.inc
+++ b/config/suricata/suricata_yaml_template.inc
@@ -29,7 +29,7 @@ default-log-dir: {$suricatalogdir}suricata_{$if_real}{$suricata_uuid}
# Configure the type of alert (and other) logging.
outputs:
- # alert_pf blocking plugin
+ # alert-pf blocking plugin
- alert-pf:
enabled: {$suri_blockoffenders}
kill-state: {$suri_killstates}
diff --git a/config/syslog-ng/syslog-ng.inc b/config/syslog-ng/syslog-ng.inc
index f821e75d..395a97d6 100644
--- a/config/syslog-ng/syslog-ng.inc
+++ b/config/syslog-ng/syslog-ng.inc
@@ -61,7 +61,7 @@ function syslogng_deinstall_command() {
filter_configure();
}
-function syslogng_validate_general($post, $input_errors) {
+function syslogng_validate_general($post, &$input_errors) {
global $config;
$objects = $config['installedpackages']['syslogngadvanced']['config'];
@@ -100,7 +100,7 @@ function syslogng_validate_general($post, $input_errors) {
$input_errors[] = "Syslog-ng syntax test failed:\n" . $errors;
}
-function syslogng_validate_advanced($post, $input_errors) {
+function syslogng_validate_advanced($post, &$input_errors) {
global $config;
$objects = $config['installedpackages']['syslogngadvanced']['config'];
diff --git a/config/syslog-ng/syslog-ng.xml b/config/syslog-ng/syslog-ng.xml
index 37df86ec..7d58a2ef 100644
--- a/config/syslog-ng/syslog-ng.xml
+++ b/config/syslog-ng/syslog-ng.xml
@@ -42,7 +42,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>Syslog-ng</name>
- <version>3.3.4_1</version>
+ <version>3.5.4.1_1 pkg.v.1.0.1</version>
<title>Services: Syslog-ng</title>
<include_file>/usr/local/pkg/syslog-ng.inc</include_file>
<menu>
@@ -177,7 +177,7 @@
</field>
</fields>
<custom_php_validation_command>
- syslogng_validate_general($_POST, &amp;$input_errors);
+ syslogng_validate_general($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
syslogng_resync();
diff --git a/config/syslog-ng/syslog-ng_advanced.xml b/config/syslog-ng/syslog-ng_advanced.xml
index 2ddcf1e0..b1290544 100644
--- a/config/syslog-ng/syslog-ng_advanced.xml
+++ b/config/syslog-ng/syslog-ng_advanced.xml
@@ -128,7 +128,7 @@
syslogng_resync();
</custom_delete_php_command>
<custom_php_validation_command>
- syslogng_validate_advanced($_POST, &amp;$input_errors);
+ syslogng_validate_advanced($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
syslogng_resync();
diff --git a/config/systempatches/system_patches_edit.php b/config/systempatches/system_patches_edit.php
index 0d45ce92..3e63038e 100644
--- a/config/systempatches/system_patches_edit.php
+++ b/config/systempatches/system_patches_edit.php
@@ -88,7 +88,7 @@ if ($_POST) {
$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
if ($pf_version < 2.1)
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+ $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;');
else
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
diff --git a/config/systempatches/systempatches.xml b/config/systempatches/systempatches.xml
index 23b0795b..b9875140 100644
--- a/config/systempatches/systempatches.xml
+++ b/config/systempatches/systempatches.xml
@@ -40,7 +40,7 @@
<requirements>None</requirements>
<faq>Applies patches supplied by the user to the firewall.</faq>
<name>System Patches</name>
- <version>1.0</version>
+ <version>1.0.2</version>
<title>System: Patches</title>
<include_file>/usr/local/pkg/patches.inc</include_file>
<menu>
diff --git a/config/tinc/status_tinc.php b/config/tinc/status_tinc.php
index 725ccce6..f50ea640 100644
--- a/config/tinc/status_tinc.php
+++ b/config/tinc/status_tinc.php
@@ -6,49 +6,67 @@ require("guiconfig.inc");
function tinc_status_1() {
exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR1");
usleep(500000);
- exec("/usr/sbin/clog /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result);
- $i=0;
- foreach($result as $line)
- {
- if(preg_match("/Connections:/",$line))
- $begin=$i;
- if(preg_match("/End of connections./",$line))
- $end=$i;
- $i++;
- }
- $output="";
- $i=0;
- foreach($result as $line)
- {
- if($i >= $begin && $i<= $end)
- $output .= $line . "\n";
- $i++;
- }
- return $output;
+ $clog_path = "";
+ $result = array();
+ if (is_executable("/usr/local/sbin/clog")) {
+ $clog_path = "/usr/local/sbin/clog";
+ } elseif (is_executable("/usr/sbin/clog")) {
+ $clog_path = "/usr/sbin/clog";
+ }
+
+ if (!empty($clog_path))
+ exec("{$clog_path} /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result);
+ $i=0;
+ foreach($result as $line)
+ {
+ if(preg_match("/Connections:/",$line))
+ $begin=$i;
+ if(preg_match("/End of connections./",$line))
+ $end=$i;
+ $i++;
+ }
+ $output="";
+ $i=0;
+ foreach($result as $line)
+ {
+ if($i >= $begin && $i<= $end)
+ $output .= $line . "\n";
+ $i++;
+ }
+ return $output;
}
function tinc_status_2() {
exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR2");
usleep(500000);
- exec("/usr/sbin/clog /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result);
- $i=0;
- foreach($result as $line)
- {
- if(preg_match("/Statistics for Generic BSD tun device/",$line))
- $begin=$i;
- if(preg_match("/End of subnet list./",$line))
- $end=$i;
- $i++;
- }
- $output="";
- $i=0;
- foreach($result as $line)
- {
- if($i >= $begin && $i<= $end)
- $output .= $line . "\n";
- $i++;
- }
- return $output;
+ $clog_path = "";
+ $result = array();
+ if (is_executable("/usr/local/sbin/clog")) {
+ $clog_path = "/usr/local/sbin/clog";
+ } elseif (is_executable("/usr/sbin/clog")) {
+ $clog_path = "/usr/sbin/clog";
+ }
+
+ if (!empty($clog_path))
+ exec("{$clog_path} /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result);
+ $i=0;
+ foreach($result as $line)
+ {
+ if(preg_match("/Statistics for Generic BSD tun device/",$line))
+ $begin=$i;
+ if(preg_match("/End of subnet list./",$line))
+ $end=$i;
+ $i++;
+ }
+ $output="";
+ $i=0;
+ foreach($result as $line)
+ {
+ if($i >= $begin && $i<= $end)
+ $output .= $line . "\n";
+ $i++;
+ }
+ return $output;
}
$shortcut_section = "tinc";
diff --git a/config/tinc/tinc.xml b/config/tinc/tinc.xml
index f016dd41..183ae161 100644
--- a/config/tinc/tinc.xml
+++ b/config/tinc/tinc.xml
@@ -42,7 +42,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>tinc</name>
- <version>1.0.21 v1.1</version>
+ <version>1.0.23 v1.2.1</version>
<title>VPN: tinc</title>
<!-- Menu is where this packages menu will appear -->
<menu>
diff --git a/config/zebedee/zebedee.xml b/config/zebedee/zebedee.xml
index db7bfddf..2a208b27 100644
--- a/config/zebedee/zebedee.xml
+++ b/config/zebedee/zebedee.xml
@@ -46,7 +46,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>zebedee</name>
- <version>0.1</version>
+ <version>1.2.1</version>
<title>Zebedee Tunneling</title>
<include_file>/usr/local/pkg/zebedee.inc</include_file>
<menu>
@@ -296,7 +296,7 @@
zebedee_php_deinstall_command();
</custom_php_deinstall_command>
<custom_php_validation_command>
- zebedee_validate_input($_POST, &amp;$input_errors);
+ zebedee_validate_input($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_zebedee();