Skip to content

O
OpnSense
Commit 8d00b610 authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(legacy) refactor system_advanced_admin.php, work in progress

parent db1628ca
Show whitespace changes
Inline Side-by-side
Showing with 535 additions and 591 deletions
src/www/system_advanced_admin.php
View file @ 8d00b610
......@@ -36,50 +36,40 @@ require_once("unbound.inc");
require_once("pfsense-utils.inc");
require_once("services.inc");
$pconfig['webguiproto'] = $config['system']['webgui']['protocol'];
$pconfig['webguiport'] = $config['system']['webgui']['port'];
$pconfig['ssl-certref'] = $config['system']['webgui']['ssl-certref'];
$pconfig['disablehttpredirect'] = isset($config['system']['webgui']['disablehttpredirect']);
$pconfig['disableconsolemenu'] = isset($config['system']['disableconsolemenu']);
$pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']);
$pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']);
$pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']);
$pconfig['enable_xdebug'] = isset($config['system']['webgui']['enable_xdebug']) ;
$pconfig['loginautocomplete'] = isset($config['system']['webgui']['loginautocomplete']);
$pconfig['althostnames'] = $config['system']['webgui']['althostnames'];
$pconfig['enableserial'] = $config['system']['enableserial'];
$pconfig['serialspeed'] = $config['system']['serialspeed'];
$pconfig['primaryconsole'] = $config['system']['primaryconsole'];
$pconfig['enablesshd'] = $config['system']['ssh']['enabled'];
$pconfig['sshport'] = $config['system']['ssh']['port'];
$pconfig['passwordauth'] = isset($config['system']['ssh']['passwordauth']);
$pconfig['sshdpermitrootlogin'] = isset($config['system']['ssh']['permitrootlogin']);
$pconfig['quietlogin'] = isset($config['system']['webgui']['quietlogin']);
$a_cert = isset($config['cert']) ? $config['cert'] : array();
$certs_available = false;
if (count($a_cert)) {
$certs_available = true;
}
if (!$pconfig['webguiproto'] || !$certs_available) {
$pconfig['webguiproto'] = "http";
}
if ($_POST) {
unset($input_errors);
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig = array();
$pconfig['webguiproto'] = $config['system']['webgui']['protocol'];
$pconfig['webguiport'] = $config['system']['webgui']['port'];
$pconfig['ssl-certref'] = $config['system']['webgui']['ssl-certref'];
$pconfig['disablehttpredirect'] = isset($config['system']['webgui']['disablehttpredirect']);
$pconfig['disableconsolemenu'] = isset($config['system']['disableconsolemenu']);
$pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']);
$pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']);
$pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']);
$pconfig['enable_xdebug'] = isset($config['system']['webgui']['enable_xdebug']) ;
$pconfig['loginautocomplete'] = isset($config['system']['webgui']['loginautocomplete']);
$pconfig['althostnames'] = $config['system']['webgui']['althostnames'];
$pconfig['enableserial'] = $config['system']['enableserial'];
$pconfig['serialspeed'] = $config['system']['serialspeed'];
$pconfig['primaryconsole'] = $config['system']['primaryconsole'];
$pconfig['enablesshd'] = $config['system']['ssh']['enabled'];
$pconfig['sshport'] = $config['system']['ssh']['port'];
$pconfig['passwordauth'] = isset($config['system']['ssh']['passwordauth']);
$pconfig['sshdpermitrootlogin'] = isset($config['system']['ssh']['permitrootlogin']);
$pconfig['quietlogin'] = isset($config['system']['webgui']['quietlogin']);
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
$input_errors = array();
$pconfig = $_POST;
/* input validation */
if ($_POST['webguiport']) {
if (!is_port($_POST['webguiport'])) {
if (!empty($pconfig['webguiport'])) {
if (!is_port($pconfig['webguiport'])) {
$input_errors[] = gettext("You must specify a valid webConfigurator port number");
}
}
if ($_POST['althostnames']) {
$althosts = explode(" ", $_POST['althostnames']);
if (!empty($pconfig['althostnames'])) {
$althosts = explode(" ", $pconfig['althostnames']);
foreach ($althosts as $ah) {
if (!is_hostname($ah)) {
$input_errors[] = sprintf(gettext("Alternate hostname %s is not a valid hostname."), htmlspecialchars($ah));
......@@ -87,134 +77,133 @@ if ($_POST) {
}
}
if ($_POST['sshport']) {
if (!is_port($_POST['sshport'])) {
if (!empty($pconfig['sshport'])) {
if (!is_port($pconfig['sshport'])) {
$input_errors[] = gettext("You must specify a valid port number");
}
}
ob_flush();
flush();
if (!$input_errors) {
if (update_if_changed("webgui protocol", $config['system']['webgui']['protocol'], $_POST['webguiproto'])) {
$restart_webgui = true;
}
if (update_if_changed("webgui port", $config['system']['webgui']['port'], $_POST['webguiport'])) {
$restart_webgui = true;
}
if (update_if_changed("webgui certificate", $config['system']['webgui']['ssl-certref'], $_POST['ssl-certref'])) {
if (count($input_errors) ==0) {
// flag web ui for restart
if ($config['system']['webgui']['protocol'] != $pconfig['webguiproto'] ||
$config['system']['webgui']['port'] != $pconfig['webguiport'] ||
$config['system']['webgui']['ssl-certref'] != $pconfig['ssl-certref'] ||
($pconfig['disablehttpredirect'] == "yes") != !empty($config['system']['webgui']['disablehttpredirect'])
) {
$restart_webgui = true;
} else {
$restart_webgui = false;
}
if ($_POST['disablehttpredirect'] == "yes") {
$config['system']['webgui']['protocol'] = $pconfig['webguiproto'];
$config['system']['webgui']['port'] = $pconfig['webguiport'];
$config['system']['webgui']['ssl-certref'] = $pconfig['ssl-certref'];
if ($pconfig['disablehttpredirect'] == "yes") {
$config['system']['webgui']['disablehttpredirect'] = true;
$restart_webgui = true;
} else {
} elseif (isset($config['system']['webgui']['disablehttpredirect'])) {
unset($config['system']['webgui']['disablehttpredirect']);
$restart_webgui = true;
}
if ($_POST['quietlogin'] == "yes") {
if ($pconfig['quietlogin'] == "yes") {
$config['system']['webgui']['quietlogin'] = true;
} else {
} elseif (isset($config['system']['webgui']['quietlogin'])) {
unset($config['system']['webgui']['quietlogin']);
}
if ($_POST['disableconsolemenu'] == "yes") {
if ($pconfig['disableconsolemenu'] == "yes") {
$config['system']['disableconsolemenu'] = true;
} else {
} elseif (isset($config['system']['disableconsolemenu'])) {
unset($config['system']['disableconsolemenu']);
}
if ($_POST['noantilockout'] == "yes") {
if ($pconfig['noantilockout'] == "yes") {
$config['system']['webgui']['noantilockout'] = true;
} else {
} elseif (isset($config['system']['webgui']['noantilockout'])) {
unset($config['system']['webgui']['noantilockout']);
}
if ($_POST['enableserial'] == "yes") {
if ($pconfig['enableserial'] == "yes") {
$config['system']['enableserial'] = true;
} else {
} elseif (isset($config['system']['enableserial'])) {
unset($config['system']['enableserial']);
}
if (is_numeric($_POST['serialspeed'])) {
$config['system']['serialspeed'] = $_POST['serialspeed'];
} else {
if (is_numeric($pconfig['serialspeed'])) {
$config['system']['serialspeed'] = $pconfig['serialspeed'];
} elseif (isset($config['system']['serialspeed'])) {
unset($config['system']['serialspeed']);
}
if ($_POST['primaryconsole']) {
$config['system']['primaryconsole'] = $_POST['primaryconsole'];
} else {
if (!empty($pconfig['primaryconsole'])) {
$config['system']['primaryconsole'] = $pconfig['primaryconsole'];
} elseif (isset($config['system']['primaryconsole'])) {
unset($config['system']['primaryconsole']);
}
if ($_POST['nodnsrebindcheck'] == "yes") {
if ($pconfig['nodnsrebindcheck'] == "yes") {
$config['system']['webgui']['nodnsrebindcheck'] = true;
} else {
} elseif (isset($config['system']['webgui']['nodnsrebindcheck'])) {
unset($config['system']['webgui']['nodnsrebindcheck']);
}
if ($_POST['nohttpreferercheck'] == "yes") {
if ($pconfig['nohttpreferercheck'] == "yes") {
$config['system']['webgui']['nohttpreferercheck'] = true;
} else {
} elseif (isset($config['system']['webgui']['nohttpreferercheck'])) {
unset($config['system']['webgui']['nohttpreferercheck']);
}
if ($_POST['enable_xdebug'] == "yes") {
if ($pconfig['enable_xdebug'] == "yes") {
$config['system']['webgui']['enable_xdebug'] = true;
} else {
} elseif (isset($config['system']['webgui']['enable_xdebug'])) {
unset($config['system']['webgui']['enable_xdebug']);
}
if ($_POST['loginautocomplete'] == "yes") {
if ($pconfig['loginautocomplete'] == "yes") {
$config['system']['webgui']['loginautocomplete'] = true;
} else {
} elseif (isset($config['system']['webgui']['loginautocomplete'])) {
unset($config['system']['webgui']['loginautocomplete']);
}
if ($_POST['althostnames']) {
$config['system']['webgui']['althostnames'] = $_POST['althostnames'];
} else {
if (!empty($pconfig['althostnames'])) {
$config['system']['webgui']['althostnames'] = $pconfig['althostnames'];
} elseif (isset($config['system']['webgui']['althostnames'])) {
unset($config['system']['webgui']['althostnames']);
}
$sshd_enabled = $config['system']['ssh']['enabled'];
if ($_POST['enablesshd']) {
$config['system']['ssh']['enabled'] = 'enabled';
if (empty($config['system']['ssh']['enabled']) != empty($pconfig['enablesshd']) ||
empty($config['system']['ssh']['passwordauth']) != empty($pconfig['passwordauth']) ||
$config['system']['ssh']['port'] != $pconfig['sshport'] ||
empty($config['system']['ssh']['permitrootlogin']) != empty($pconfig['sshdpermitrootlogin'])
) {
$restart_sshd = true;
} else {
$restart_sshd = false;
}
if (!empty($pconfig['enablesshd'])) {
$config['system']['ssh']['enabled'] = 'enabled';
} elseif (isset($config['system']['ssh']['enabled'])) {
unset($config['system']['ssh']['enabled']);
}
$sshd_passwordauth = isset($config['system']['ssh']['passwordauth']);
if ($_POST['passwordauth']) {
if (!empty($pconfig['passwordauth'])) {
$config['system']['ssh']['passwordauth'] = true;
} elseif (isset($config['system']['ssh']['passwordauth'])) {
unset($config['system']['ssh']['passwordauth']);
}
$sshd_port = $config['system']['ssh']['port'];
if ($_POST['sshport']) {
if (!empty($pconfig['sshport'])) {
$config['system']['ssh']['port'] = $_POST['sshport'];
} elseif (isset($config['system']['ssh']['port'])) {
unset($config['system']['ssh']['port']);
}
$sshd_permitrootlogin = isset($config['system']['ssh']['permitrootlogin']);
if ($_POST['sshdpermitrootlogin']) {
if (!empty($pconfig['sshdpermitrootlogin'])) {
$config['system']['ssh']['permitrootlogin'] = true;
} elseif (isset($config['system']['ssh']['permitrootlogin'])) {
unset($config['system']['ssh']['permitrootlogin']);
}
if (($sshd_enabled != $config['system']['ssh']['enabled']) ||
($sshd_passwordauth != isset($config['system']['ssh']['passwordauth'])) ||
($sshd_port != $config['system']['ssh']['port']) ||
($sshd_permitrootlogin != isset($config['system']['ssh']['permitrootlogin']))) {
$restart_sshd = true;
}
if ($restart_webgui) {
global $_SERVER;
$http_host_port = explode("]", $_SERVER['HTTP_HOST']);
......@@ -259,356 +248,312 @@ if ($_POST) {
}
}
$a_cert = isset($config['cert']) ? $config['cert'] : array();
$certs_available = false;
if (count($a_cert)) {
$certs_available = true;
}
if (empty($pconfig['webguiproto']) || !$certs_available) {
$pconfig['webguiproto'] = "http";
}
legacy_html_escape_form_data($pconfig);
$pgtitle = array(gettext("System"),gettext("Settings"),gettext("Admin Access"));
include("head.inc");
?>
<body>
<?php include("fbegin.inc"); ?>
<script type="text/javascript">
//<![CDATA[
<?php include("fbegin.inc"); ?>
<script type="text/javascript">
//<![CDATA[
function prot_change() {
if (document.iform.https_proto.checked)
if (document.iform.https_proto.checked) {
document.getElementById("ssl_opts").style.display="";
else
} else {
document.getElementById("ssl_opts").style.display="none";
}
//]]>
</script>
}
//]]>
</script>
<!-- row -->
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php
<?php
if (isset($input_errors) && count($input_errors) > 0) {
print_input_errors($input_errors);
}
if (isset($savemsg)) {
print_info_box($savemsg);
}
?>
?>
<section class="col-xs-12">
<div class="content-box tab-content">
<form action="system_advanced_admin.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area" class="table table-striped">
<thead>
<table class="table table-striped">
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("webConfigurator"); ?></th>
<td width="22%"><strong><?=gettext("webConfigurator");?></strong></td>
<td width="78%" align="right">
<small><?=gettext("full help"); ?> </small>
<i class="fa fa-toggle-off text-danger" style="cursor: pointer;" id="show_all_help_page" type="button"></i></a>
</td>
</tr>
</thead>
<tbody>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Protocol"); ?></td>
<td width="78%" class="vtable">
<?php
if ($pconfig['webguiproto'] == "http") {
$http_chk = "checked=\"checked\"";
}
if ($pconfig['webguiproto'] == "https") {
$https_chk = "checked=\"checked\"";
}
if (!$certs_available) {
$https_disabled = "disabled=\"disabled\"";
}
?>
<input name="webguiproto" id="http_proto" type="radio" value="http" <?=$http_chk;?> onclick="prot_change()" />
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Protocol"); ?></td>
<td>
<input name="webguiproto" id="http_proto" type="radio" value="http" <?=$pconfig['webguiproto'] == "http" ? "checked=\"checked\"" :"";?> onclick="prot_change()" />
<?=gettext("HTTP"); ?>
&nbsp;&nbsp;&nbsp;
<input name="webguiproto" id="https_proto" type="radio" value="https" <?=$https_chk;
?> <?=$https_disabled;?> onclick="prot_change()" />
<input name="webguiproto" id="https_proto" type="radio" value="https" <?=$pconfig['webguiproto'] == "https" ? "checked=\"checked\"" :"";?> <?=!$certs_available ? "disabled=\"disabled\"": "";?> onclick="prot_change()" />
<?=gettext("HTTPS"); ?>
<?php if (!$certs_available) :
?>
<?php
if (!$certs_available) :?>
<br />
<?=gettext("No Certificates have been defined. You must"); ?>
<a href="system_certmanager.php"><?=gettext("Create or Import"); ?></a>
<?=gettext("a Certificate before SSL can be enabled."); ?>
<?php
endif; ?>
<?php
endif; ?>
</td>
</tr>
<tr id="ssl_opts">
<td width="22%" valign="top" class="vncell"><?=gettext("SSL Certificate"); ?></td>
<td width="78%" class="vtable">
<select name="ssl-certref" id="ssl-certref" class="formselect selectpicker" data-style="btn-default">
<?php
foreach ($a_cert as $cert) :
$selected = "";
if ($pconfig['ssl-certref'] == $cert['refid']) {
$selected = "selected=\"selected\"";
}
?>
<option value="<?=$cert['refid'];
?>" <?=$selected;
?>><?=$cert['descr'];?></option>
<?php
endforeach;
if (!count($a_cert)) {
echo "<option></option>";
}
?>
<td><a id="help_for_sslcertref" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("SSL Certificate"); ?></td>
<td>
<select name="ssl-certref" class="formselect selectpicker" data-style="btn-default">
<?php
foreach ($a_cert as $cert) :?>
<option value="<?=$cert['refid'];?>" <?=$pconfig['ssl-certref'] == $cert['refid'] ? "selected=\"selected\"" : "";?>>
<?=$cert['descr'];?>
</option>
<?php
endforeach;?>
</select>
<br />
<span class="vexpl">
<div class='hidden' for="help_for_sslcertref">
<?=sprintf(
gettext('The %sSSL certificate manager%s can be used to ' .
'create or import certificates if required.'),
'<a href="/system_certmanager.php">', '</a>'
);?>
</span>
</div>
</td>
</tr>
<tr>
<td valign="top" class="vncell"><?=gettext("TCP port"); ?></td>
<td class="vtable">
<input name="webguiport" type="text" class="formfld unknown" id="webguiport" size="5" value="<?=htmlspecialchars($config['system']['webgui']['port']);?>" />
<span class="vexpl">
<td><a id="help_for_webguiport" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("TCP port"); ?></td>
<td>
<input name="webguiport" type="text" value="<?=$pconfig['webguiport'];?>" />
<div class="hidden" for="help_for_webguiport">
<?=gettext("Enter a custom port number for the webConfigurator " .
"above if you want to override the default (80 for HTTP, 443 " .
"for HTTPS). Changes will take effect immediately after save."); ?>
</span>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("WebGUI redirect"); ?></td>
<td width="78%" class="vtable">
<input name="disablehttpredirect" type="checkbox" id="disablehttpredirect" value="yes" <?php if ($pconfig['disablehttpredirect']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_disablehttpredirect" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("WebGUI redirect"); ?></td>
<td width="78%">
<input name="disablehttpredirect" type="checkbox" value="yes" <?=!empty($pconfig['disablehttpredirect']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Disable webConfigurator redirect rule"); ?></strong>
<br />
<?php echo gettext("When this is unchecked, access to the webConfigurator " .
<div class="hidden" for="help_for_disablehttpredirect">
<?= gettext("When this is unchecked, access to the webConfigurator " .
"is always permitted even on port 80, regardless of the listening port configured. " .
"Check this box to disable this automatically added redirect rule. ");
?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("WebGUI Login Autocomplete"); ?></td>
<td width="78%" class="vtable">
<input name="loginautocomplete" type="checkbox" id="loginautocomplete" value="yes" <?php if ($pconfig['loginautocomplete']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_loginautocomplete" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("WebGUI Login Autocomplete"); ?></td>
<td>
<input name="loginautocomplete" type="checkbox" value="yes" <?= !empty($pconfig['loginautocomplete']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Enable webConfigurator login autocomplete"); ?></strong>
<br />
<?php echo gettext("When this is checked, login credentials for the webConfigurator " .
<div class="hidden" for="help_for_loginautocomplete">
<?= gettext("When this is checked, login credentials for the webConfigurator " .
"may be saved by the browser. While convenient, some security standards require this to be disabled. " .
"Check this box to enable autocomplete on the login form so that browsers will prompt to save credentials (NOTE: Some browsers do not respect this option). ");
?>
"Check this box to enable autocomplete on the login form so that browsers will prompt to save credentials (NOTE: Some browsers do not respect this option). ");?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("WebGUI login messages"); ?></td>
<td width="78%" class="vtable">
<input name="quietlogin" type="checkbox" id="quietlogin" value="yes" <?php if ($pconfig['quietlogin']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_quietlogin" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("WebGUI login messages"); ?></td>
<td>
<input name="quietlogin" type="checkbox" value="yes" <?=!empty($pconfig['quietlogin']) ? "checked=\"checked\"" : ""; ?>/>
<strong><?=gettext("Disable logging of webConfigurator successful logins"); ?></strong>
<br />
<?php echo gettext("When this is checked, successful logins to the webConfigurator " .
"will not be logged.");
?>
<div class="hidden" for="help_for_quietlogin">
<?=gettext("When this is checked, successful logins to the webConfigurator " .
"will not be logged.");?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Anti-lockout"); ?></td>
<td width="78%" class="vtable">
<?php
if ($config['interfaces']['lan']) {
$lockout_interface = "LAN";
} else {
$lockout_interface = "WAN";
}
?>
<input name="noantilockout" type="checkbox" id="noantilockout" value="yes" <?php if ($pconfig['noantilockout']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_noantilockout" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Anti-lockout"); ?></td>
<td>
<input name="noantilockout" type="checkbox" value="yes" <?=!empty($pconfig['noantilockout'])? "checked=\"checked\"" : "";?>/>
<strong><?=gettext("Disable webConfigurator anti-lockout rule"); ?></strong>
<br />
<div class="hidden" for="help_for_noantilockout">
<?php printf(gettext("When this is unchecked, access to the webConfigurator " .
"on the %s interface is always permitted, regardless of the user-defined firewall " .
"rule set. Check this box to disable this automatically added rule, so access " .
"to the webConfigurator is controlled by the user-defined firewall rules " .
"(ensure you have a firewall rule in place that allows you in, or you will " .
"lock yourself out!)"), $lockout_interface); ?>
"lock yourself out!)"), (!empty($config['interfaces']['lan']) ? "LAN" : "WAN")); ?>
<em> <?=gettext("Hint: the &quot;Set interface(s) IP address&quot; option in the console menu resets this setting as well."); ?> </em>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("DNS Rebind Check"); ?></td>
<td width="78%" class="vtable">
<input name="nodnsrebindcheck" type="checkbox" id="nodnsrebindcheck" value="yes" <?php if ($pconfig['nodnsrebindcheck']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_nodnsrebindcheck" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS Rebind Check"); ?></td>
<td>
<input name="nodnsrebindcheck" type="checkbox" value="yes" <?=!empty($pconfig['nodnsrebindcheck']) ? "checked=\"checked\"" : "";?>/>
<strong><?=gettext("Disable DNS Rebinding Checks"); ?></strong>
<br />
<?php echo gettext("When this is unchecked, your system " .
<div class="hidden" for="help_for_nodnsrebindcheck">
<?= gettext("When this is unchecked, your system " .
"is protected against <a href=\"http://en.wikipedia.org/wiki/DNS_rebinding\">DNS Rebinding attacks</a>. " .
"This blocks private IP responses from your configured DNS servers. Check this box to disable this protection if it interferes with " .
"webConfigurator access or name resolution in your environment. "); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Alternate Hostnames"); ?></td>
<td width="78%" class="vtable">
<input name="althostnames" type="text" class="formfld unknown" id="althostnames" size="75" value="<?=htmlspecialchars($pconfig['althostnames']);?>"/>
<td><a id="help_for_althostnames" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Alternate Hostnames"); ?></td>
<td>
<input name="althostnames" type="text" value="<?=$pconfig['althostnames'];?>"/>
<strong><?=gettext("Alternate Hostnames for DNS Rebinding and HTTP_REFERER Checks"); ?></strong>
<br />
<?php echo gettext("Here you can specify alternate hostnames by which the router may be queried, to " .
<div class="hidden" for="help_for_althostnames">
<?=gettext("Here you can specify alternate hostnames by which the router may be queried, to " .
"bypass the DNS Rebinding Attack checks. Separate hostnames with spaces."); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Browser HTTP_REFERER enforcement"); ?></td>
<td width="78%" class="vtable">
<input name="nohttpreferercheck" type="checkbox" id="nohttpreferercheck" value="yes" <?php if ($pconfig['nohttpreferercheck']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_nohttpreferercheck" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Browser HTTP_REFERER enforcement"); ?></td>
<td>
<input name="nohttpreferercheck" type="checkbox" value="yes" <?= !empty($pconfig['nohttpreferercheck']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Disable HTTP_REFERER enforcement check"); ?></strong>
<br />
<?php echo gettext("When this is unchecked, access to the webConfigurator " .
<div class="hidden" for="help_for_nohttpreferercheck">
<?=gettext("When this is unchecked, access to the webConfigurator " .
"is protected against HTTP_REFERER redirection attempts. " .
"Check this box to disable this protection if you find that it interferes with " .
"webConfigurator access in certain corner cases such as using external scripts to interact with this system. More information on HTTP_REFERER is available from <a target='_blank' href='http://en.wikipedia.org/wiki/HTTP_referrer'>Wikipedia</a>."); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Enable XDebug"); ?></td>
<td width="78%" class="vtable">
<input name="enable_xdebug" type="checkbox" id="enable_xdebug" value="yes" <?php if ($pconfig['enable_xdebug']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_xdebug" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Enable XDebug"); ?></td>
<td width="78%">
<input name="enable_xdebug" type="checkbox" value="yes" <?=!empty($pconfig['enable_xdebug']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Enable debugger / profiler (developer mode, do not enable in production environment)"); ?></strong>
<br />
<div class="hidden" for="help_for_xdebug">
<?php echo gettext("When this is checked, php XDebug will be enabled and profiling output can be analysed using webgrind which will be available at [this-url]/webgrind/"); ?>
<br />
<?php echo gettext("For more information about XDebug profiling and how to enable it for your requests, please visit http://www.xdebug.org/docs/all_settings#profiler_enable_trigger"); ?>
</div>
</td>
</tr>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Secure Shell"); ?></th>
<th colspan="2"><?=gettext("Secure Shell"); ?></th>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Secure Shell Server"); ?></td>
<td width="78%" class="vtable">
<input name="enablesshd" type="checkbox" id="enablesshd" value="yes" <?php if (isset($pconfig['enablesshd'])) {
echo "checked=\"checked\"";
} ?> />
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Secure Shell Server"); ?></td>
<td>
<input name="enablesshd" type="checkbox" value="yes" <?=!empty($pconfig['enablesshd']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Enable Secure Shell"); ?></strong>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Root Login"); ?></td>
<td width="78%" class="vtable">
<input name="sshdpermitrootlogin" type="checkbox" id="sshdpermitrootlogin" value="yes" <?php if ($pconfig['sshdpermitrootlogin']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_sshdpermitrootlogin" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Root Login"); ?></td>
<td>
<input name="sshdpermitrootlogin" type="checkbox" value="yes" <?=!empty($pconfig['sshdpermitrootlogin']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Permit root user login"); ?></strong>
<br />
<div class="hidden" for="help_for_sshdpermitrootlogin">
<?= gettext(
'Root login is generally discouraged. It is advised ' .
'to log in via another user and switch to root afterwards.'
) ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Authentication Method"); ?></td>
<td width="78%" class="vtable">
<input name="passwordauth" type="checkbox" id="passwordauth" value="yes" <?php if ($pconfig['passwordauth']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_passwordauth" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Authentication Method"); ?></td>
<td>
<input name="passwordauth" type="checkbox" value="yes" <?=!empty($pconfig['passwordauth']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Permit password login"); ?></strong>
<br />
<div class="hidden" for="help_for_passwordauth">
<?=gettext("When disabled, authorized keys need to be configured for each"); ?>
<a href="system_usermanager.php"><?=gettext("user"); ?></a>
<?=gettext("that has been granted secure shell access."); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("SSH port"); ?></td>
<td width="78%" class="vtable">
<input name="sshport" type="text" class="form-control" id="sshport" value="<?php echo $pconfig['sshport']; ?>"/>
<td><a id="help_for_sshport" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("SSH port"); ?></td>
<td width="78%">
<input name="sshport" type="text" value="<?=$pconfig['sshport'];?>"/>
<div class="hidden" for="help_for_sshport">
<?=gettext("Leave this blank for the default of 22."); ?>
</div>
</td>
</tr>
<tr>
<td colspan="2" class="list" height="12">&nbsp;</td>
<th colspan="2"><?=gettext("Serial Communications"); ?></th>
</tr>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Serial Communications"); ?></th>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Serial Terminal"); ?></td>
<td width="78%" class="vtable">
<input name="enableserial" type="checkbox" id="enableserial" value="yes" <?php if (isset($pconfig['enableserial'])) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_enableserial" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Serial Terminal"); ?></td>
<td width="78%">
<input name="enableserial" type="checkbox" id="enableserial" value="yes" <?=!empty($pconfig['enableserial']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Enables the first serial port with 115200/8/N/1 by default, or another speed selectable below."); ?></strong>
<span class="vexpl"><?=gettext("Note: This will redirect the console output and messages to the serial port. You can still access the console menu from the internal video card/keyboard. A <b>null modem</b> serial cable or adapter is required to use the serial console."); ?></span>
<div class="hidden" for="help_for_enableserial">
<?=gettext("Note: This will redirect the console output and messages to the serial port. You can still access the console menu from the internal video card/keyboard. A <b>null modem</b> serial cable or adapter is required to use the serial console."); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Serial Speed")?></td>
<td width="78%" class="vtable">
<td><a id="help_for_serialspeed" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Serial Speed")?></td>
<td>
<select name="serialspeed" id="serialspeed" class="formselect selectpicker">
<option value="115200" <?php if ($pconfig['serialspeed'] == "115200") {
echo "selected=\"selected\"";
}?>>115200</option>
<option value="57600" <?php if ($pconfig['serialspeed'] == "57600") {
echo "selected=\"selected\"";
}?>>57600</option>
<option value="38400" <?php if ($pconfig['serialspeed'] == "38400") {
echo "selected=\"selected\"";
}?>>38400</option>
<option value="19200" <?php if ($pconfig['serialspeed'] == "19200") {
echo "selected=\"selected\"";
}?>>19200</option>
<option value="14400" <?php if ($pconfig['serialspeed'] == "14400") {
echo "selected=\"selected\"";
}?>>14400</option>
<option value="9600" <?php if ($pconfig['serialspeed'] == "9600") {
echo "selected=\"selected\"";
}?>>9600</option>
</select> bps
<br /><?=gettext("Allows selection of different speeds for the serial console port."); ?>
<option value="115200" <?=$pconfig['serialspeed'] == "115200" ? "selected=\"selected\"" : "";?>>115200</option>
<option value="57600" <?=$pconfig['serialspeed'] == "57600" ? "selected=\"selected\"" : "";?>>57600</option>
<option value="38400" <?=$pconfig['serialspeed'] == "38400" ? "selected=\"selected\"" : "";?>>38400</option>
<option value="19200" <?=$pconfig['serialspeed'] == "19200" ? "selected=\"selected\"" : "";?>>19200</option>
<option value="14400" <?=$pconfig['serialspeed'] == "14400" ? "selected=\"selected\"" : "";?>>14400</option>
<option value="9600" <?=$pconfig['serialspeed'] == "9600" ? "selected=\"selected\"" : "";?>>9600</option>
</select> <?=gettext("bps");?>
<div class="hidden" for="help_for_serialspeed">
<?=gettext("Allows selection of different speeds for the serial console port."); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Primary Console")?></td>
<td width="78%" class="vtable">
<td><a id="help_for_primaryconsole" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Primary Console")?></td>
<td width="78%">
<select name="primaryconsole" id="primaryconsole" class="formselect selectpicker">
<option value="serial" <?php if ($pconfig['primaryconsole'] == "serial") {
echo "selected=\"selected\"";
}?>>Serial Console</option>
<option value="video" <?php if ($pconfig['primaryconsole'] == "video") {
echo "selected=\"selected\"";
}?>>VGA Console</option>
<option value="serial" <?=$pconfig['primaryconsole'] == "serial" ? "selected=\"selected\"" : "";?>>
<?=gettext("Serial Console");?>
</option>
<option value="video" <?=$pconfig['primaryconsole'] == "video" ? "selected=\"selected\"" : "";?>>
<?=gettext("VGA Console");?>
</option>
</select>
<br /><?=gettext("Select the preferred console if multiple consoles are present. The preferred console will show OPNsense boot script output. All consoles display OS boot messages, console messages, and the console menu."); ?>
<div class="hidden" for="help_for_primaryconsole">
<?=gettext("Select the preferred console if multiple consoles are present. The preferred console will show OPNsense boot script output. All consoles display OS boot messages, console messages, and the console menu."); ?>
</div>
</td>
</tr>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Console Options"); ?></th>
<th colspan="2"><?=gettext("Console Options"); ?></th>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Console menu"); ?></td>
<td width="78%" class="vtable">
<input name="disableconsolemenu" type="checkbox" id="disableconsolemenu" value="yes" <?php if ($pconfig['disableconsolemenu']) {
echo "checked=\"checked\"";
} ?> />
<td><a id="help_for_disableconsolemenu" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Console menu"); ?></td>
<td width="78%">
<input name="disableconsolemenu" type="checkbox" value="yes" <?= !empty($pconfig['disableconsolemenu']) ? "checked=\"checked\"" :"";?> />
<strong><?=gettext("Password protect the console menu"); ?></strong>
<br />
<span class="vexpl"><?=gettext("Changes to this option will take effect after a reboot."); ?></span>
<div class="hidden" for="help_for_disableconsolemenu">
<?=gettext("Changes to this option will take effect after a reboot."); ?>
</div>
</td>
</tr>
<tr>
......@@ -618,7 +563,6 @@ endif; ?>
<td width="22%" valign="top">&nbsp;</td>
<td width="78%"><input name="Submit" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" /></td>
</tr>
</tbody>
</table>
</form>
</div>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023