lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-20 11:26:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

interfaces: convert GRE configuration to MVC/API, closes https://github.com/opnsense/core/issues/7242

Browse Source 
Final bits and pieces to move GRE tunnels to MVC, ACL, menu registration and align reconfigure action with GIF tunnels.
This commit is contained in:
Ad Schellevis 2024-04-04 18:16:59 +02:00
parent 9cc991194d
commit 4b647fc3f3
7 changed files with 17 additions and 408 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plist
View File

@ -2099,8 +2099,6 @@
/usr/local/www/interfaces_assign.php
/usr/local/www/interfaces_bridge.php
/usr/local/www/interfaces_bridge_edit.php
/usr/local/www/interfaces_gre.php
/usr/local/www/interfaces_gre_edit.php
/usr/local/www/interfaces_ppps.php
/usr/local/www/interfaces_ppps_edit.php
/usr/local/www/interfaces_wireless.php

11
src/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml
View File

@ -365,16 +365,11 @@
<pattern>ui/interfaces/gif_settings/*</pattern>
</patterns>
</page-interfaces-gif>
<page-interfaces-gre>
<page-interfaces-gre-edit>
<name>Interfaces: GRE</name>
<patterns>
<pattern>interfaces_gre.php*</pattern>
</patterns>
</page-interfaces-gre>
<page-interfaces-gre-edit>
<name>Interfaces: GRE: Edit</name>
<patterns>
<pattern>interfaces_gre_edit.php*</pattern>
<pattern>ui/interfaces/gre</pattern>
<pattern>ui/interfaces/gre_settings/*</pattern>
</patterns>
</page-interfaces-gre-edit>
<page-interfaces-groups-edit>

4
src/opnsense/mvc/app/models/OPNsense/Core/Menu/Menu.xml
View File

@ -113,9 +113,7 @@
<Edit url="/interfaces_bridge_edit.php*" visibility="hidden"/>
</Bridge>
<GIF url="/ui/interfaces/gif"/>
<GRE url="/interfaces_gre.php">
<Edit url="/interfaces_gre_edit.php*" visibility="hidden"/>
</GRE>
<GRE url="/ui/interfaces/gre"/>
</Types>
<Diagnostics order="970" cssClass="fa fa-medkit fa-fw">
<DNSLookup VisibleName="DNS Lookup" url="/ui/diagnostics/dns_diagnostics"/>

12
src/opnsense/scripts/interfaces/reconfigure_gres.php
View File

@ -72,6 +72,18 @@ foreach (array_keys($gres_todo) as $greif) {
reconfigure still existing gres,
removal should happen first as it may free parent interfaces.
*/
$ifdetails = legacy_interfaces_details();
foreach ($gre_configure as $gre) {
$reconfigure = false;
if (isset($ifdetails[$gre['greif']])){
/* when reconfiguring, we need to remove addresses (at least for IPv6) to prevent old ones left behind */
$reconfigure = true;
interfaces_addresses_flush($gre['greif'], 4, $ifdetails);
interfaces_addresses_flush($gre['greif'], 6, $ifdetails);
}
_interfaces_gre_configure($gre);
if ($reconfigure) {
/* re-apply additional addresses and hook routing */
interfaces_restart_by_device(false, [$gre['greif']]);
}
}

2
src/opnsense/service/conf/actions.d/actions_interface.conf
View File

@ -168,7 +168,7 @@ message: Reconfiguring gif interfaces
type: script
[gre.configure]
command: /usr/local/opnsense/scripts/interfaces/reconfigure_gre.php
command: /usr/local/opnsense/scripts/interfaces/reconfigure_gres.php
message: Reconfiguring gre interfaces
type: script

157
src/www/interfaces_gre.php
View File

@ -1,157 +0,0 @@
<?php
/*
* Copyright (C) 2014-2015 Deciso B.V.
* Copyright (C) 2008 Ermal Luçi
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
require_once("guiconfig.inc");
require_once("interfaces.inc");
$a_gres = &config_read_array('gres', 'gre') ;
$a_aliaslist = get_configured_ip_aliases_list();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$input_errors = [];
if (!empty($a_gres[$_POST['id']])) {
$id = $_POST['id'];
}
if (!empty($_POST['action']) && $_POST['action'] == "del" && isset($id)) {
if (is_interface_assigned($a_gres[$id]['greif'])) {
$input_errors[] = gettext("This GRE tunnel cannot be deleted because it is still being used as an interface.");
} else {
mwexec("/sbin/ifconfig " . escapeshellarg($a_gres[$id]['greif']) . " destroy");
unset($a_gres[$id]);
write_config();
header(url_safe('Location: /interfaces_gre.php'));
exit;
}
}
}
include("head.inc");
legacy_html_escape_form_data($a_gres);
?>
<body>
<script>
$( document ).ready(function() {
// link delete buttons
$(".act_delete").click(function(event){
event.preventDefault();
var id = $(this).data("id");
// delete single
BootstrapDialog.show({
type:BootstrapDialog.TYPE_DANGER,
title: "<?= gettext("GRE");?>",
message: "<?=gettext("Do you really want to delete this GRE tunnel?");?>",
buttons: [{
label: "<?= gettext("No");?>",
action: function(dialogRef) {
dialogRef.close();
}}, {
label: "<?= gettext("Yes");?>",
action: function(dialogRef) {
$("#id").val(id);
$("#action").val("del");
$("#iform").submit()
}
}]
});
});
});
</script>
<?php include("fbegin.inc"); ?>
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php if (isset($input_errors) && count($input_errors) > 0) print_input_errors($input_errors); ?>
<section class="col-xs-12">
<div class="tab-content content-box col-xs-12">
<form method="post" name="iform" id="iform">
<input type="hidden" id="action" name="action" value="">
<input type="hidden" id="id" name="id" value="">
<div class="table-responsive">
<table class="table table-striped">
<thead>
<tr>
<th><?=gettext("Interface");?></th>
<th><?=gettext("Tunnel to...");?></th>
<th><?=gettext("Description");?></th>
<th class="text-nowrap">
<a href="interfaces_gre_edit.php" class="btn btn-primary btn-xs" data-toggle="tooltip" title="<?= html_safe(gettext('Add')) ?>">
<i class="fa fa-plus fa-fw"></i>
</a>
</th>
</tr>
</thead>
<tbody>
<?php
$i = 0;
foreach ($a_gres as $gre): ?>
<tr>
<td>
<?php
$interface = explode('_vip', $gre['if'])[0]; /* required for fallback if alias does not exist */
if (is_ipaddr($gre['if'])) {
foreach ($a_aliaslist as $ip => $int) {
if ($ip == $gre['if']) {
$interface = $int;
break;
}
}
} ?>
<?= html_safe(convert_friendly_interface_to_friendly_descr($interface)) ?>
</td>
<td><?=$gre['remote-addr'];?></td>
<td><?=$gre['descr'];?></td>
<td>
<a href="interfaces_gre_edit.php?id=<?=$i;?>" class="btn btn-xs btn-default" data-toggle="tooltip" title="<?= html_safe(gettext('Edit')) ?>">
<i class="fa fa-pencil fa-fw"></i>
</a>
<button title="<?= html_safe(gettext('Delete')) ?>" data-toggle="tooltip" data-id="<?=$i;?>" class="btn btn-default btn-xs act_delete" type="submit">
<i class="fa fa-trash fa-fw"></i>
</button>
</td>
</tr>
<?php
$i++;
endforeach; ?>
</tbody>
</table>
</div>
</form>
</div>
</section>
</div>
</div>
</section>
<?php include("foot.inc"); ?>

237
src/www/interfaces_gre_edit.php
View File

@ -1,237 +0,0 @@
<?php
/*
* Copyright (C) 2014-2015 Deciso B.V.
* Copyright (C) 2008 Ermal Luçi
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
require_once("guiconfig.inc");
require_once("system.inc");
require_once("interfaces.inc");
require_once("filter.inc");
$a_gres = &config_read_array('gres', 'gre');
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// read form data
if (!empty($a_gres[$_GET['id']])) {
$id = $_GET['id'];
}
$pconfig = [];
// copy fields
$copy_fields = ['if', 'greif', 'remote-addr', 'tunnel-remote-net', 'tunnel-local-addr', 'tunnel-remote-addr', 'descr'];
foreach ($copy_fields as $fieldname) {
$pconfig[$fieldname] = isset($a_gres[$id][$fieldname]) ? $a_gres[$id][$fieldname] : null;
}
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
// validate / save form data
if (!empty($a_gres[$_POST['id']])) {
$id = $_POST['id'];
}
$input_errors = [];
$pconfig = $_POST;
/* input validation */
$reqdfields = explode(" ", "if tunnel-remote-addr tunnel-remote-net tunnel-local-addr");
$reqdfieldsn = [gettext('Parent interface'),gettext('Local address'),gettext('Remote tunnel address'),gettext('Remote tunnel network'), gettext('Local tunnel address')];
do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors);
if (!is_ipaddr($pconfig['tunnel-local-addr']) || !is_ipaddr($pconfig['tunnel-remote-addr']) || !is_ipaddr($pconfig['remote-addr'])) {
$input_errors[] = gettext("The tunnel local and tunnel remote fields must have valid IP addresses.");
}
foreach ($a_gres as $gre) {
if (isset($id) && $a_gres[$id] === $gre) {
continue;
}
if ($gre['if'] == $pconfig['if'] && $gre['tunnel-remote-addr'] == $pconfig['tunnel-remote-addr']) {
$input_errors[] = sprintf(gettext("A GRE tunnel with the network %s is already defined."),$gre['remote-network']);
break;
}
}
if (count($input_errors) == 0) {
$gre = [];
$copy_fields = ['if', 'greif', 'remote-addr', 'tunnel-remote-net', 'tunnel-local-addr', 'tunnel-remote-addr', 'descr'];
foreach ($copy_fields as $fieldname) {
$gre[$fieldname] = isset($pconfig[$fieldname]) ? $pconfig[$fieldname] : null;
}
if (empty($gre['greif'])) {
$gre['greif'] = legacy_interface_create('gre'); /* XXX find another strategy */
}
if (empty($gre['greif']) || strpos($gre['greif'], 'gre') !== 0) {
$input_errors[] = gettext("Error occurred creating interface, please retry.");
} else {
if (isset($id)) {
$a_gres[$id] = $gre;
} else {
$a_gres[] = $gre;
}
write_config();
interfaces_gre_configure($gre['greif']);
ifgroup_setup();
interfaces_restart_by_device(false, [$gre['greif']]);
header(url_safe('Location: /interfaces_gre.php'));
exit;
}
}
}
legacy_html_escape_form_data($pconfig);
include("head.inc");
?>
<body>
<script>
$( document ).ready(function() {
hook_ipv4v6('ipv4v6net', 'network-id');
});
</script>
<?php include("fbegin.inc"); ?>
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php if (isset($input_errors) && count($input_errors) > 0) print_input_errors($input_errors); ?>
<section class="col-xs-12">
<div class="content-box">
<div class="table-responsive">
<form method="post" name="iform" id="iform">
<table class="table table-striped opnsense_standard_table_form">
<thead>
<tr>
<td style="width:22%"><strong><?=gettext("GRE configuration");?></strong></td>
<td style="width:78%; text-align:right">
<small><?=gettext("full help"); ?> </small>
<i class="fa fa-toggle-off text-danger" style="cursor: pointer;" id="show_all_help_page"></i>
&nbsp;
</td>
</tr>
</thead>
<tbody>
<tr>
<td><a id="help_for_if" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Parent interface");?></td>
<td>
<select name="if" class="selectpicker" data-live-search="true">
<?php
$portlist = get_configured_interface_with_descr();
$carplist = get_configured_carp_interface_list();
$aliaslist = get_configured_ip_aliases_list();
foreach ($carplist as $cif => $carpip) {
$portlist[$cif] = $carpip." (".get_vip_descr($carpip).")";
}
foreach ($aliaslist as $aliasip => $aliasif) {
$portlist[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
}
foreach ($portlist as $ifn => $ifinfo):?>
<option value="<?=$ifn;?>" <?=$ifn == $pconfig['if'] ? "selected=\"selected\"" : "";?>>
<?=htmlspecialchars($ifinfo);?>
</option>
<?php
endforeach;?>
</select>
<div class="hidden" data-for="help_for_if">
<?=gettext("The interface here serves as the local address to be used for the GRE tunnel.");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_remote-addr" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("GRE remote address");?></td>
<td>
<input name="remote-addr" type="text" value="<?=$pconfig['remote-addr'];?>" />
<div class="hidden" data-for="help_for_remote-addr">
<?=gettext("Peer address where encapsulated GRE packets will be sent.");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_tunnel-local-addr" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("GRE tunnel local address");?></td>
<td>
<input name="tunnel-local-addr" type="text" value="<?=$pconfig['tunnel-local-addr'];?>" />
<div class="hidden" data-for="help_for_tunnel-local-addr">
<?=gettext("Local GRE tunnel endpoint");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_tunnel-remote-addr" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("GRE tunnel remote address");?></td>
<td>
<table style="max-width:348px">
<tr>
<td style="width:285px">
<input name="tunnel-remote-addr" type="text" id="tunnel-remote-addr" value="<?=$pconfig['tunnel-remote-addr'];?>" />
</td>
<td>
<select name="tunnel-remote-net" data-network-id="tunnel-remote-addr" class="selectpicker ipv4v6net" id="tunnel-remote-net" data-width="70px">
<?php for ($i = 128; $i > 0; $i--): ?>
<option value="<?=$i;?>" <?=$i == $pconfig['tunnel-remote-net'] ? "selected=\"selected\"" : "";?> >
<?=$i;?>
</option>
<?php endfor ?>
</select>
</td>
</tr>
</table>
<div class="hidden" data-for="help_for_tunnel-remote-addr">
<?=gettext("Remote GRE address endpoint. The subnet part is used for the determining the network that is tunneled.");?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_descr" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Description"); ?></td>
<td>
<input name="descr" type="text" value="<?=$pconfig['descr'];?>" />
<div class="hidden" data-for="help_for_descr">
<?=gettext("You may enter a description here for your reference (not parsed)."); ?>
</div>
</td>
</tr>
<tr>
<td style="width:22%">&nbsp;</td>
<td style="width:78%">
<input type="hidden" name="greif" value="<?=$pconfig['greif']; ?>" />
<input name="Submit" type="submit" class="btn btn-primary" value="<?=html_safe(gettext('Save'));?>" />
<input type="button" class="btn btn-default" value="<?=html_safe(gettext('Cancel'));?>" onclick="window.location.href='/interfaces_gre.php'" />
<?php if (isset($id)): ?>
<input name="id" type="hidden" value="<?=$id;?>" />
<?php endif; ?>
</td>
</tr>
</tbody>
</table>
</form>
</div>
</div>
</section>
</div>
</div>
</section>
<?php include("foot.inc"); ?>