aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/freeradius2/freeradius.inc35
-rwxr-xr-xconfig/pf-blocker/pfblocker.inc27
-rwxr-xr-xconfig/sarg/sarg_frame.php2
3 files changed, 45 insertions, 19 deletions
diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc
index 8932d7ca..92ec2e4f 100644
--- a/config/freeradius2/freeradius.inc
+++ b/config/freeradius2/freeradius.inc
@@ -2459,24 +2459,31 @@ conf_mount_ro();
function freeradius_sync_on_changes() {
global $config, $g;
$varsyncenablexmlrpc = $config['installedpackages']['freeradiussync']['config'][0]['varsyncenablexmlrpc'];
-
+
// if checkbox is NOT checked do nothing
if(!$varsyncenablexmlrpc) {
return;
}
-
- log_error("FreeRADIUS: Starting XMLRPC process (freeradius_do_xmlrpc_sync).");
+
+ log_error("FreeRADIUS: Starting XMLRPC process (freeradius_do_xmlrpc_sync).");
+ log_error("FreeRADIUS: Starting XMLRPC with time out: {$varsynctimeout}.");
// if checkbox is checked get IP and password of the destination hosts
foreach ($config['installedpackages']['freeradiussync']['config'] as $rs ){
foreach($rs['row'] as $sh){
+ // if checkbox is NOT checked do nothing
+ if($sh['varsyncdestinenable']) {
$varsyncprotocol = $sh['varsyncprotocol'];
$sync_to_ip = $sh['varsyncipaddress'];
- $password = $sh['varsyncpassword'];
+ $password = $sh['varsyncpassword'];
$varsyncport = $sh['varsyncport'];
if($password && $sync_to_ip && $varsyncport && $varsyncprotocol)
freeradius_do_xmlrpc_sync($sync_to_ip, $password, $varsyncport, $varsyncprotocol);
- }
+ }
+ else {
+ log_error("FreeRADIUS: Sync with {$sh['varsyncipaddress']} is disable");
+ }
+ }
}
log_error("FreeRADIUS: Finished XMLRPC process (freeradius_do_xmlrpc_sync).");
}
@@ -2485,6 +2492,14 @@ function freeradius_sync_on_changes() {
function freeradius_do_xmlrpc_sync($sync_to_ip, $password, $varsyncport, $varsyncprotocol) {
global $config, $g;
+ $varsynctimeout = $config['installedpackages']['freeradiussync']['config'][0]['varsynctimeout'];
+
+ if($varsynctimeout == '' || $varsynctimeout == 0) {
+ $varsynctimeout = 150;
+ }
+
+ log_error("FreeRADIUS: Starting XMLRPC with time out: {$varsynctimeout}.");
+
if(!$password)
return;
@@ -2524,15 +2539,15 @@ function freeradius_do_xmlrpc_sync($sync_to_ip, $password, $varsyncport, $varsyn
$cli->setCredentials('admin', $password);
if($g['debug'])
$cli->setDebug(1);
- /* send our XMLRPC message and timeout after 150 seconds */
- $resp = $cli->send($msg, "150");
+ /* send our XMLRPC message and timeout after $varsynctimeout seconds */
+ $resp = $cli->send($msg, $varsynctimeout);
if(!$resp) {
$error = "A communications error occurred while FreeRADIUS was attempting XMLRPC sync with {$url}:{$port}.";
log_error("FreeRADIUS: $error");
file_notice("sync_settings", $error, "freeradius Settings Sync", "");
} elseif($resp->faultCode()) {
$cli->setDebug(1);
- $resp = $cli->send($msg, "150");
+ $resp = $cli->send($msg, $varsynctimeout);
$error = "An error code was received while FreeRADIUS XMLRPC was attempting to sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
log_error("FreeRADIUS: $error");
file_notice("sync_settings", $error, "freeradius Settings Sync", "");
@@ -2556,14 +2571,14 @@ function freeradius_do_xmlrpc_sync($sync_to_ip, $password, $varsyncport, $varsyn
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials('admin', $password);
- $resp = $cli->send($msg, "150");
+ $resp = $cli->send($msg, $varsynctimeout);
if(!$resp) {
$error = "A communications error occurred while FreeRADIUS was attempting XMLRPC sync with {$url}:{$port} (exec_php).";
log_error($error);
file_notice("sync_settings", $error, "freeradius Settings Sync", "");
} elseif($resp->faultCode()) {
$cli->setDebug(1);
- $resp = $cli->send($msg, "150");
+ $resp = $cli->send($msg, $varsynctimeout);
$error = "An error code was received while FreeRADIUS XMLRPC was attempting to sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
log_error($error);
file_notice("sync_settings", $error, "freeradius Settings Sync", "");
diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc
index c0391fcc..24ffa5b9 100755
--- a/config/pf-blocker/pfblocker.inc
+++ b/config/pf-blocker/pfblocker.inc
@@ -468,23 +468,32 @@ function sync_package_pfblocker($cron="") {
}
if ($message == ""){
- $last_iface="";
$rules=$config['filter']['rule'];
$new_rules=array();
- # The assumption is that the rules in the config come in groups by interface then priority.
- # e.g. all rules for WAN (highest priority first), then for LAN then for OPT1 etc.
- # Note that floating rules (interface is "") can appear mixed in the list.
+ $interfaces_processed=array();
+ # The rules in the config come in priority order,
+ # but the interface to which each rule applies can be all mixed up in the list.
+ # e.g. some WAN rules, then some LAN rules, then some floating rules, then more
+ # LAN rules, some OPT1 rules, some more LAN rules and so on.
+ # So we have to allow for this, and only add pfBlocker rules the first time an
+ # interface is found in the rules list.
foreach ($rules as $rule){
- # If this next rule is for a non-blank interface, different to the previous interface,
+ # If this next rule is for a non-blank interface, different from any interface already processed,
# then add any needed pfblocker rules to the interface. This puts pfblocker rules at the
# top of the list for each interface, after any built-in rules (e.g. anti-lockout)
- if (($rule['interface'] != "") && ($rule['interface'] <> $last_iface)){
- $last_iface = $rule['interface'];
+ $found_new_interface = TRUE;
+ foreach ($interfaces_processed as $processed_interface){
+ if ($processed_interface = $rule['interface']){
+ $found_new_interface = FALSE;
+ }
+ }
+ if (($rule['interface'] != "") && ($found_new_interface)){
+ $interfaces_processed[] = $rule['interface'];
#apply pfblocker rules if enabled
#Inbound
foreach ($inbound_interfaces as $inbound_interface){
- if ($inbound_interface==$last_iface){
+ if ($inbound_interface==$rule['interface']){
#permit rules
if (is_array($permit_inbound)){
foreach ($permit_inbound as $cb_rules){
@@ -503,7 +512,7 @@ function sync_package_pfblocker($cron="") {
}
#Outbound
foreach ($outbound_interfaces as $outbound_interface){
- if ($outbound_interface==$last_iface){
+ if ($outbound_interface==$rule['interface']){
#permit rules
if (is_array($permit_outbound)){
foreach ($permit_outbound as $cb_rules){
diff --git a/config/sarg/sarg_frame.php b/config/sarg/sarg_frame.php
index 63cb3f3e..4d3421ab 100755
--- a/config/sarg/sarg_frame.php
+++ b/config/sarg/sarg_frame.php
@@ -27,6 +27,8 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
+require_once("authgui.inc");
+
$uname=posix_uname();
if ($uname['machine']=='amd64')
ini_set('memory_limit', '250M');