lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-13 16:14:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

upnp: remove from core

Browse Source
This commit is contained in:
Franco Fichtner 2017-01-03 23:29:13 +01:00
parent 130d52da8f
commit 44e4ae85c0
7 changed files with 0 additions and 750 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Makefile
View File

@ -100,7 +100,6 @@ CORE_DEPENDS?= apinger \
isc-dhcp43-relay \
isc-dhcp43-server \
lighttpd \
miniupnpd \
mpd5 \
ntp \
openssh-portable \

5
plist
View File

@ -48,7 +48,6 @@
/usr/local/etc/inc/plugins.inc.d/if_legacy_opt.inc
/usr/local/etc/inc/plugins.inc.d/if_openvpn.inc
/usr/local/etc/inc/plugins.inc.d/ipfw.inc
/usr/local/etc/inc/plugins.inc.d/miniupnpd.inc
/usr/local/etc/inc/plugins.inc.d/netflow.inc
/usr/local/etc/inc/plugins.inc.d/ntpd.inc
/usr/local/etc/inc/plugins.inc.d/pf.inc
@ -464,8 +463,6 @@
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/Migrations/M1_0_0.php
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/TrafficShaper.php
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/TrafficShaper.xml
/usr/local/opnsense/mvc/app/models/OPNsense/UPnP/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/UPnP/Menu/Menu.xml
/usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/clients.volt
/usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/index.volt
/usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/vouchers.volt
@ -1058,7 +1055,6 @@
/usr/local/www/services_unbound_domainoverride_edit.php
/usr/local/www/services_unbound_host_edit.php
/usr/local/www/services_unbound_overrides.php
/usr/local/www/services_upnp.php
/usr/local/www/status_dhcp_leases.php
/usr/local/www/status_dhcpv6_leases.php
/usr/local/www/status_filter_reload.php
@ -1072,7 +1068,6 @@
/usr/local/www/status_ntpd.php
/usr/local/www/status_openvpn.php
/usr/local/www/status_services.php
/usr/local/www/status_upnp.php
/usr/local/www/status_wireless.php
/usr/local/www/system_advanced_admin.php
/usr/local/www/system_advanced_firewall.php

225
src/etc/inc/plugins.inc.d/miniupnpd.inc
View File

@ -1,225 +0,0 @@
<?php
/*
Copyright (C) 2016 Deciso B.V.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
function miniupnpd_enabled()
{
global $config;
return isset($config['installedpackages']['miniupnpd']['config'][0]['enable']);
}
function miniupnpd_firewall($fw)
{
if (!miniupnpd_enabled()) {
return;
}
$fw->registerAnchor('miniupnpd', 'rdr');
$fw->registerAnchor('miniupnpd', 'fw');
}
function miniupnpd_services()
{
$services = array();
if (!miniupnpd_enabled()) {
return $services;
}
$pconfig = array();
$pconfig['name'] = 'miniupnpd';
$pconfig['description'] = gettext('Univeral Plug and Play');
$pconfig['php']['restart'] = array('miniupnpd_stop', 'miniupnpd_start');
$pconfig['php']['start'] = array('miniupnpd_start');
$pconfig['php']['stop'] = array('miniupnpd_stop');
$pconfig['pidfile'] = '/var/run/miniupnpd.pid';
$services[] = $pconfig;
return $services;
}
function miniupnpd_start()
{
if (!miniupnpd_enabled()) {
return;
}
if (isvalidpid('/var/run/miniupnpd.pid')) {
return;
}
mwexec_bg('/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf -P /var/run/miniupnpd.pid');
}
function miniupnpd_stop()
{
killbypid('/var/run/miniupnpd.pid', 'TERM', true);
mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null');
mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null');
}
function miniupnpd_configure()
{
return array('miniupnpd_configure_do');
}
function miniupnpd_uuid()
{
/* md5 hash of wan mac */
$uuid = md5(get_interface_mac(get_real_interface("wan")));
/* put uuid in correct format 8-4-4-4-12 */
return substr($uuid,0,8).'-'.substr($uuid,9,4).'-'.substr($uuid,13,4).'-'.substr($uuid,17,4).'-'.substr($uuid,21,12);
}
function miniupnpd_configure_do($verbose = false)
{
global $config;
miniupnpd_stop();
if (!miniupnpd_enabled()) {
return;
}
if ($verbose) {
echo 'Starting UPnP service...';
flush();
}
$upnp_config = $config['installedpackages']['miniupnpd']['config'][0];
$ext_ifname = get_real_interface($upnp_config['ext_iface']);
if ($ext_ifname == $upnp_config['ext_iface']) {
if ($verbose) {
echo "failed.\n";
}
return;
}
$config_text = "ext_ifname={$ext_ifname}\n";
$config_text .= "port=2189\n";
$ifaces_active = '';
/* since config is written before this file invoked we don't need to read post data */
if (!empty($upnp_config['iface_array'])) {
foreach(explode(',', $upnp_config['iface_array']) as $iface) {
/* Setting the same internal and external interface is not allowed. */
if ($iface == $upnp_config['ext_iface']) {
continue;
}
$if = get_real_interface($iface);
/* above function returns iface if fail */
if ($if!=$iface) {
$addr = find_interface_ip($if);
$bits = find_interface_subnet($if);
/* check that the interface has an ip address before adding parameters */
if (is_ipaddr($addr)) {
$config_text .= "listening_ip={$if}\n";
if (!$ifaces_active) {
$webgui_ip = $addr;
$ifaces_active = $iface;
} else {
$ifaces_active .= ", {$iface}";
}
} else {
log_error("miniupnpd: Interface {$iface} has no ip address, ignoring");
}
} else {
log_error("miniupnpd: Could not resolve real interface for {$iface}");
}
}
if (!empty($ifaces_active)) {
/* override wan ip address, common for carp, etc */
if (!empty($upnp_config['overridewanip'])) {
$config_text .= "ext_ip={$upnp_config['overridewanip']}\n";
}
/* set upload and download bitrates */
if (!empty($upnp_config['download']) && !empty($upnp_config['upload'])) {
$download = $upnp_config['download']*1000;
$upload = $upnp_config['upload']*1000;
$config_text .= "bitrate_down={$download}\n";
$config_text .= "bitrate_up={$upload}\n";
}
$config_text .= "secure_mode=yes\n";
/* enable logging of packets handled by miniupnpd rules */
if (!empty($upnp_config['logpackets'])) {
$config_text .= "packet_log=yes\n";
}
/* enable system uptime instead of miniupnpd uptime */
if (!empty($upnp_config['sysuptime'])) {
$config_text .= "system_uptime=yes\n";
}
/* set webgui url */
if (!empty($config['system']['webgui']['protocol'])) {
$config_text .= "presentation_url={$config['system']['webgui']['protocol']}://{$webgui_ip}";
if (!empty($config['system']['webgui']['port'])) {
$config_text .= ":{$config['system']['webgui']['port']}";
}
$config_text .= "/\n";
}
/* set uuid and serial */
$config_text .= "uuid=".miniupnpd_uuid()."\n";
$config_text .= "serial=".strtoupper(substr(miniupnpd_uuid(),0,8))."\n";
/* set model number */
$config_text .= "model_number=".file_get_contents("/usr/local/opnsense/version/opnsense")."\n";
/* upnp access restrictions */
for ($i=1; $i<=4; $i++) {
if ($upnp_config["permuser{$i}"]) {
$config_text .= "{$upnp_config["permuser{$i}"]}\n";
}
}
if (!empty($upnp_config['permdefault'])) {
$config_text .= "deny 0-65535 0.0.0.0/0 0-65535\n";
}
/* Allow UPnP or NAT-PMP as requested */
$config_text .= "enable_upnp=" . ( $upnp_config['enable_upnp'] ? "yes\n" : "no\n" );
$config_text .= "enable_natpmp=" . ( $upnp_config['enable_natpmp'] ? "yes\n" : "no\n" );
/* write out the configuration */
file_put_contents('/var/etc/miniupnpd.conf', $config_text);
log_error("miniupnpd: Starting service on interface: {$ifaces_active}");
miniupnpd_start();
}
}
if ($verbose) {
echo "done.\n";
}
}

14
src/opnsense/mvc/app/models/OPNsense/UPnP/ACL/ACL.xml
View File

@ -1,14 +0,0 @@
<acl>
<page-service-upnp>
<name>Service: Universal Plug and Play</name>
<patterns>
<pattern>services_upnp.php*</pattern>
</patterns>
</page-service-upnp>
<page-status-upnpstatus>
<name>Status: Universal Plug and Play</name>
<patterns>
<pattern>status_upnp.php*</pattern>
</patterns>
</page-status-upnpstatus>
</acl>

10
src/opnsense/mvc/app/models/OPNsense/UPnP/Menu/Menu.xml
View File

@ -1,10 +0,0 @@
<menu>
<Services>
<UPnP VisibleName="Universal Plug and Play" cssClass="fa fa-plug fa-fw">
<Settings url="/services_upnp.php">
<Edit url="/services_upnp.php?*" visibility="hidden"/>
</Settings>
<Status url="/status_upnp.php"/>
</UPnP>
</Services>
</menu>

378
src/www/services_upnp.php
View File

@ -1,378 +0,0 @@
<?php
/*
Copyright (C) 2014-2016 Deciso B.V.
Copyright (C) 2004-2012 Scott Ullrich <sullrich@gmail.com>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
require_once("guiconfig.inc");
require_once("interfaces.inc");
require_once("services.inc");
require_once("filter.inc");
require_once("system.inc");
require_once("plugins.inc.d/miniupnpd.inc");
function upnp_validate_ip($ip) {
/* validate cidr */
$ip_array = array();
$ip_array = explode('/', $ip);
if (count($ip_array) == 2) {
if ($ip_array[1] < 1 || $ip_array[1] > 32) {
return false;
}
} elseif (count($ip_array) != 1) {
return false;
}
/* validate ip */
if (!is_ipaddr($ip_array[0])) {
return false;
}
return true;
}
function upnp_validate_port($port) {
foreach (explode('-', $port) as $sub) {
if ($sub < 0 || $sub > 65535 || !is_numeric($sub)) {
return false;
}
}
return true;
}
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig = array();
$copy_fields = array('enable', 'enable_upnp', 'enable_natpmp', 'ext_iface', 'iface_array', 'download',
'upload', 'overridewanip', 'logpackets', 'sysuptime', 'permdefault', 'permuser1',
'permuser2', 'permuser3', 'permuser4');
foreach ($copy_fields as $fieldname) {
if (isset($config['installedpackages']['miniupnpd']['config'][0][$fieldname])) {
$pconfig[$fieldname] = $config['installedpackages']['miniupnpd']['config'][0][$fieldname];
}
}
// parse array
$pconfig['iface_array'] = explode(',', $pconfig['iface_array']);
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
$input_errors = array();
$pconfig = $_POST;
// validate form data
if (!empty($pconfig['enable']) && (empty($pconfig['enable_upnp']) && empty($pconfig['enable_natpmp']))) {
$input_errors[] = gettext('At least one of \'UPnP\' or \'NAT-PMP\' must be allowed');
}
if (!empty($pconfig['iface_array'])) {
foreach($pconfig['iface_array'] as $iface) {
if ($iface == 'wan') {
$input_errors[] = gettext('It is a security risk to specify WAN as an internal interface.');
} elseif ($iface == $pconfig['ext_iface']) {
$input_errors[] = gettext('You cannot select the external interface as an internal interface.');
}
}
} else {
$input_errors[] = gettext('You must specify at least one internal interface.');
}
if (!empty($pconfig['overridewanip']) && !is_ipaddr($pconfig['overridewanip'])) {
$input_errors[] = gettext('You must specify a valid ip address in the \'Override WAN address\' field');
}
if ((!empty($pconfig['download']) && empty($pconfig['upload'])) || (!empty($pconfig['upload']) && empty($pconfig['download']))) {
$input_errors[] = gettext('You must fill in both \'Maximum Download Speed\' and \'Maximum Upload Speed\' fields');
}
if (!empty($pconfig['download']) && ($pconfig['download'] <= 0 || !is_numeric($pconfig['download']))) {
$input_errors[] = gettext('You must specify a value greater than 0 in the \'Maximum Download Speed\' field');
}
if (!empty($pconfig['upload']) && ($pconfig['upload'] <= 0 || !is_numeric($pconfig['upload']))) {
$input_errors[] = gettext('You must specify a value greater than 0 in the \'Maximum Upload Speed\' field');
}
/* user permissions validation */
for($i=1; $i<=4; $i++) {
if (!empty($pconfig["permuser{$i}"])) {
$perm = explode(' ',$pconfig["permuser{$i}"]);
/* should explode to 4 args */
if (count($perm) != 4) {
$input_errors[] = sprintf(gettext("You must follow the specified format in the 'User specified permissions %s' field"), $i);
} else {
/* must with allow or deny */
if (!($perm[0] == 'allow' || $perm[0] == 'deny')) {
$input_errors[] = sprintf(gettext("You must begin with allow or deny in the 'User specified permissions %s' field"), $i);
}
/* verify port or port range */
if (!upnp_validate_port($perm[1]) || !upnp_validate_port($perm[3])) {
$input_errors[] = sprintf(gettext("You must specify a port or port range between 0 and 65535 in the 'User specified permissions %s' field"), $i);
}
/* verify ip address */
if (!upnp_validate_ip($perm[2])) {
$input_errors[] = sprintf(gettext("You must specify a valid ip address in the 'User specified permissions %s' field"), $i);
}
}
}
}
if (count($input_errors) == 0) {
// save form data
$upnp = array();
// boolean types
foreach (array('enable', 'enable_upnp', 'enable_natpmp', 'logpackets', 'sysuptime', 'permdefault') as $fieldname) {
$upnp[$fieldname] = !empty($pconfig[$fieldname]);
}
// text field types
foreach (array('ext_iface', 'download', 'upload', 'overridewanip', 'permuser1',
'permuser2', 'permuser3', 'permuser4') as $fieldname) {
$upnp[$fieldname] = $pconfig[$fieldname];
}
// array types
$upnp['iface_array'] = implode(',', $pconfig['iface_array']);
// sync to config
$config['installedpackages']['miniupnpd']['config'] = $upnp;
write_config('Modified Universal Plug and Play settings');
miniupnpd_configure_do();
filter_configure();
header(url_safe('Location: /services_upnp.php'));
exit;
}
}
$service_hook = 'miniupnpd';
legacy_html_escape_form_data($pconfig);
include("head.inc");
?>
<body>
<?php include("fbegin.inc"); ?>
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php if (isset($input_errors) && count($input_errors) > 0) print_input_errors($input_errors); ?>
<form method="post" name="iform" id="iform">
<section class="col-xs-12">
<div class="content-box">
<div class="table-responsive">
<table class="table table-striped opnsense_standard_table_form">
<thead>
<tr>
<td width="22%">
<strong><?=gettext("UPnP and NAT-PMP Settings");?></strong>
</td>
<td width="78%" align="right">
<small><?=gettext("full help"); ?> </small>
<i class="fa fa-toggle-off text-danger" style="cursor: pointer;" id="show_all_help_page" type="button"></i>
&nbsp;&nbsp;
</td>
</tr>
</thead>
<tbody>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Enable");?></td>
<td>
<input name="enable" type="checkbox" value="yes" <?=!empty($pconfig['enable']) ? "checked=\"checked\"" : ""; ?> />
</td>
</tr>
<tr>
<td><a id="help_for_enable_upnp" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Allow UPnP Port Mapping");?></td>
<td>
<input name="enable_upnp" type="checkbox" value="yes" <?=!empty($pconfig['enable_upnp']) ? "checked=\"checked\"" : ""; ?> />
<div class="hidden" for="help_for_enable_upnp">
<?=gettext("This protocol is often used by Microsoft-compatible systems.");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_enable_natpmp" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Allow NAT-PMP Port Mapping");?></td>
<td>
<input name="enable_natpmp" type="checkbox" value="yes" <?=!empty($pconfig['enable_natpmp']) ? "checked=\"checked\"" : ""; ?> />
<div class="hidden" for="help_for_enable_natpmp">
<?=gettext("This protocol is often used by Apple-compatible systems.");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_ext_iface" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("External Interface");?></td>
<td>
<select class="selectpicker" name="ext_iface">
<?php
foreach (get_configured_interface_with_descr() as $iface => $ifacename):?>
<option value="<?=$iface;?>" <?=$pconfig['ext_iface'] == $iface ? "selected=\"selected\"" : "";?>>
<?=htmlspecialchars($ifacename);?>
</option>
<?php
endforeach;?>
</select>
<div class="hidden" for="help_for_ext_iface">
<?=gettext("Select only your primary WAN interface (interface with your default route). Only one interface is allowed here, not multiple.");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_iface_array" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Interfaces (generally LAN)");?></td>
<td>
<select class="selectpicker" name="iface_array[]" multiple="multiple">
<option value="lo0" <?=!empty($pconfig['iface_array']) && in_array('lo0', $pconfig['iface_array']) ? "selected=\"selected\"" : "";?>>
<?=gettext("Localhost");?>
</option>
<?php
foreach (get_configured_interface_with_descr() as $iface => $ifacename):?>
<option value="<?=$iface;?>" <?=!empty($pconfig['iface_array']) && in_array($iface, $pconfig['iface_array']) ? "selected=\"selected\"" : "";?>>
<?=htmlspecialchars($ifacename);?>
</option>
<?php
endforeach;?>
</select>
<div class="hidden" for="help_for_ext_iface">
<?=gettext("You can select multiple interfaces here.");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_download" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Maximum Download Speed");?></td>
<td>
<input name="download" type="text" value="<?=$pconfig['download'];?>" />
<div class="hidden" for="help_for_download">
<?=gettext("(Kbits/second)");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_upload" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Maximum Upload Speed");?></td>
<td>
<input name="upload" type="text" value="<?=$pconfig['upload'];?>" />
<div class="hidden" for="help_for_upload">
<?=gettext("(Kbits/second)");?>
</div>
</td>
</tr>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Override WAN address");?></td>
<td>
<input name="overridewanip" type="text" value="<?=$pconfig['overridewanip'];?>" />
</td>
</tr>
<tr>
<td><a id="help_for_logpackets" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Log NAT-PMP");?></td>
<td>
<input name="logpackets" type="checkbox" value="yes" <?=!empty($pconfig['logpackets']) ? "checked=\"checked\"" : ""; ?> />
<div class="hidden" for="help_for_logpackets">
<?=gettext("Log packets handled by UPnP &amp; NAT-PMP rules?");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_sysuptime" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Use system time");?></td>
<td>
<input name="sysuptime" type="checkbox" value="yes" <?=!empty($pconfig['sysuptime']) ? "checked=\"checked\"" : ""; ?> />
<div class="hidden" for="help_for_sysuptime">
<?=gettext("Use system uptime instead of UPnP and NAT-PMP service uptime?");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_permdefault" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Default deny");?></td>
<td>
<input name="permdefault" type="checkbox" value="yes" <?=!empty($pconfig['permdefault']) ? "checked=\"checked\"" : ""; ?> />
<div class="hidden" for="help_for_permdefault">
<?=gettext("By default deny access to UPnP and NAT-PMP?");?>
</div>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</section>
<section class="col-xs-12">
<div class="content-box">
<div class="table-responsive">
<table class="table table-striped opnsense_standard_table_form">
<thead>
<tr>
<th colspan="2"><?=gettext("User specified permissions");?></th>
</tr>
</thead>
<tbody>
<tr>
<td width="22%"><a id="help_for_permuser1" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Set 1");?></td>
<td width="78%">
<input name="permuser1" type="text" value="<?=$pconfig['permuser1'];?>" />
<div class="hidden" for="help_for_permuser1">
<?=gettext("Format: [allow or deny] [ext port or range] [int ipaddr or ipaddr/cdir] [int port or range]");?><br/>
<?=gettext("Example: allow 1024-65535 192.168.0.0/24 1024-65535");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_permuser2" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Set 2");?></td>
<td>
<input name="permuser2" type="text" value="<?=$pconfig['permuser2'];?>" />
<div class="hidden" for="help_for_permuser2">
<?=gettext("Format: [allow or deny] [ext port or range] [int ipaddr or ipaddr/cdir] [int port or range]");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_permuser3" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Set 3");?></td>
<td>
<input name="permuser3" type="text" value="<?=$pconfig['permuser3'];?>" />
<div class="hidden" for="help_for_permuser3">
<?=gettext("Format: [allow or deny] [ext port or range] [int ipaddr or ipaddr/cdir] [int port or range]");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_permuser4" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Set 4");?></td>
<td>
<input name="permuser4" type="text" value="<?=$pconfig['permuser4'];?>" />
<div class="hidden" for="help_for_permuser4">
<?=gettext("Format: [allow or deny] [ext port or range] [int ipaddr or ipaddr/cdir] [int port or range]");?>
</div>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</section>
<section class="col-xs-12">
<div class="content-box">
<div class="table-responsive">
<table class="table table-striped">
<tbody>
<tr>
<td width="22%" valign="top">&nbsp;</td>
<td width="78%">
<input name="Submit" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
</td>
</tr>
</tbody>
</table>
</div>
</div>
</section>
</form>
</div>
</div>
</section>
<?php include("foot.inc"); ?>

117
src/www/status_upnp.php
View File

@ -1,117 +0,0 @@
<?php
/*
Copyright (C) 2014-2016 Deciso B.V.
Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
require_once("guiconfig.inc");
require_once("services.inc");
require_once("interfaces.inc");
require_once("plugins.inc.d/miniupnpd.inc");
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!empty($_POST['clear'])) {
miniupnpd_stop();
miniupnpd_start();
header(url_safe('Location: /status_upnp.php'));
exit;
}
}
$rdr_entries = array();
exec("/sbin/pfctl -aminiupnpd -sn", $rdr_entries, $pf_ret);
$service_hook = 'miniupnpd';
include("head.inc");
?>
<body>
<?php include("fbegin.inc"); ?>
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<section class="col-xs-12">
<div class="content-box">
<?php
if (empty($config['installedpackages']['miniupnpd']['config'][0]['iface_array']) || empty($config['installedpackages']['miniupnpd']['config'][0]['enable'])): ?>
<header class="content-box-head container-fluid">
<h3><?= gettext('UPnP is currently disabled.') ?></h3>
</header>
<?php
else: ?>
<div class="table-responsive">
<table class="table table-striped">
<thead>
<tr>
<td><?=gettext("Port");?></td>
<td><?=gettext("Protocol");?></td>
<td><?=gettext("Internal IP");?></td>
<td><?=gettext("Int. Port");?></td>
<td><?=gettext("Description");?></td>
</tr>
</thead>
<tbody>
<?php
foreach ($rdr_entries as $rdr_entry):
if (!preg_match("/on (.*) inet proto (.*) from (.*) to (.*) port = (.*) keep state label \"(.*)\" rtable [0-9] -> (.*) port (.*)/", $rdr_entry, $matches)) {
continue;
}
$rdr_proto = $matches[2];
$rdr_port = $matches[5];
$rdr_label =$matches[6];
$rdr_ip = $matches[7];
$rdr_iport = $matches[8];
?>
<tr>
<td><?=$rdr_port;?></td>
<td><?=$rdr_proto;?></td>
<td><?=$rdr_ip;?></td>
<td><?=$rdr_iport;?></td>
<td><?=$rdr_label;?></td>
</tr>
<?php
endforeach;?>
</tbody>
<tfoot>
<tr>
<td colspan="5">
<form method="post">
<button type="submit" name="clear" id="clear" class="btn btn-primary" value="Clear"><?=gettext("Clear");?></button>
<?=gettext("all currently connected sessions");?>.
</form>
</td>
</tr>
</tfoot>
</table>
</div>
<?php
endif; ?>
</div>
</section>
</div>
</div>
</section>
<?php include("foot.inc"); ?>