Removed non-functional and insecure features and swapped lan_wan assiment

src/etc/config.xml

@@ -209,7 +209,7 @@
 	<interfaces>
 		<wan>
 			<enable/>
-			<if>em0</if>
+			<if>em1</if>
 			<mtu></mtu>
 			<ipaddr>dhcp</ipaddr>
 			<ipaddrv6>dhcp6</ipaddrv6>
@@ -231,7 +231,7 @@
 		</wan>
 		<lan>
 			<enable/>
-			<if>em1</if>
+			<if>em0</if>
 			<ipaddr>192.168.1.1</ipaddr>
 			<subnet>24</subnet>
 			<ipaddrv6>track6</ipaddrv6>
@@ -746,6 +746,6 @@
 		</monitor_type>
 	</load_balancer>
 	<widgets>
-		<sequence>system_information-container:col1:show,captive_portal_status-container:col1:close,carp_status-container:col1:close,cpu_graphs-container:col1:close,gateways-container:col1:close,gmirror_status-container:col1:close,installed_packages-container:col1:close,interface_statistics-container:col1:close,interfaces-container:col2:show,ipsec-container:col2:close,load_balancer_status-container:col2:close,log-container:col2:close,picture-container:col2:close,rss-container:col2:close,services_status-container:col2:close,traffic_graphs-container:col2:close</sequence>
+		<sequence>system_information-container:col1:show,captive_portal_status-container:col1:close,carp_status-container:col1:close,cpu_graphs-container:col1:close,gateways-container:col1:close,gmirror_status-container:col1:close,installed_packages-container:col1:close,interface_statistics-container:col1:close,interface_list-container:col2:show,ipsec-container:col2:close,load_balancer_status-container:col2:close,log-container:col2:close,picture-container:col2:close,rss-container:col2:close,services_status-container:col2:close,traffic_graphs-container:col2:close</sequence>
 	</widgets>
 </pfsense>

src/opnsense/scripts/pkg_updatecheck.sh

@@ -72,6 +72,9 @@ if [ "$pkg_running" == "" ]; then
       pkg_running="started" # Set running state to arbitrary value
       timer=$timeout # Reset our timer
 
+      # Lets get coreversion first
+      core_version=`pkg info opnsense | grep 'Version' | awk -F '[:]' '{print $2}'` # Changed to reflect current installed core version
+      
       # Timeout loop for pkg update -f
       while [ "$pkg_running" != "" ] && [ $timer -ne 0 ]; 
       do
@@ -111,8 +114,6 @@ if [ "$pkg_running" == "" ]; then
               # There are no updates
               updates="0"
             else
-              core_version=`pkg info opnsense | grep 'Version' | awk -F '[:]' '{print $2}'` # Changed to reflect current installed core version
-              echo $core_version > $version_file; # Lets save the current version
               required_space=`cat $tmp_pkg_output_file | grep 'The process will require' | awk -F '[ ]' '{print $5$6}'`
               if [ "$required_space" == "" ]; then
                 required_space="none"

src/www/edit.php

 <?php
 /*
-	edit.php
+	Copyright (C) 2014 Deciso B.V.
 	Copyright (C) 2004, 2005 Scott Ullrich
 	All rights reserved.
 
@@ -25,22 +25,16 @@
 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 	POSSIBILITY OF SUCH DAMAGE.
 */
-/*
-	pfSense_MODULE:	shell
-*/
 
-##|+PRIV
-##|*IDENT=page-diagnostics-edit
-##|*NAME=Diagnostics: Edit FIle
-##|*DESCR=Allow access to the 'Diagnostics: Edit File' page.
-##|*MATCH=edit.php*
-##|*MATCH=browser.php*
-##|*MATCH=filebrowser/browser.php*
-##|-PRIV
+$unsecure=true; // disabel editor for security purpose, need to be removed later
+if ($unsecure) {
+	exit;
+}
 
 $pgtitle = array(gettext("Diagnostics"), gettext("Edit file"));
 require("guiconfig.inc");
 
+
 if($_POST['action']) {
 	switch($_POST['action']) {
 		case 'load':

src/www/exec.php

 <?php
 /* $Id$ */
 /*
-	Exec+ v1.02-000 - Copyright 2001-2003, All rights reserved
-	Created by technologEase (http://www.technologEase.com).
-
-	(modified for m0n0wall by Manuel Kasper <mk@neon1.net>)
+	Copyright (C) 2014 - Deciso B.V.
+	Exec+ v1.02-000 - Copyright 2001-2003 
+	Created by technologEase (http://www.technologEase.com)
+	All rights reserved.
 
     Redistribution and use in source and binary forms, with or without
     modification, are permitted provided that the following conditions are met:
@@ -27,17 +27,11 @@
     ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     POSSIBILITY OF SUCH DAMAGE.
 */
-/*
-	pfSense_MODULE:	shell
-*/
-
-##|+PRIV
-##|*IDENT=page-diagnostics-command
-##|*NAME=Diagnostics: Command page
-##|*DESCR=Allow access to the 'Diagnostics: Command' page.
-##|*MATCH=exec.php*
-##|-PRIV
 
+$unsecure=true; // disabel editor for security purpose, need to be removed later
+if ($unsecure) {
+	exit;
+}
 $allowautocomplete = true;
 
 require("guiconfig.inc");

src/www/fbegin.inc

 <?php
 /*
-	pfSense_MODULE:	header
+	Copyright (C) 2014 Deciso B.V.
+	Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com>
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
 */
 
 require_once("globals.inc");
@@ -135,11 +158,11 @@ function active_main_menu() {
 // System
 $system_menu = array();
 $system_menu[] = array(gettext("Advanced"), "/system_advanced_admin.php");
-$system_menu[] = array(gettext("Firmware"), "/system_firmware.php");
+$system_menu[] = array(gettext("Firmware"), "/system_firmware_check.php");
 $system_menu[] = array(gettext("General Setup"), "/system_general.php");
 $system_menu[] = array(gettext("High Avail. Sync"), "/system_hasync.php");
-if ($g['platform'] == "pfSense" or $g['platform'] == "nanobsd")
-	$system_menu[] = array(gettext("Packages"), "/system_pkg_mgr_installed.php");
+//if ($g['platform'] == "pfSense" or $g['platform'] == "nanobsd")
+//	$system_menu[] = array(gettext("Packages"), "/system_pkg_mgr_installed.php");
 $system_menu[] = array(gettext("Setup Wizard"), "/wizard.php?xml=setup_wizard.xml");
 $system_menu[] = array(gettext("Routing"), "/system_gateways.php");
 $system_menu[] = array(gettext("Cert Manager"), "/system_camanager.php");
@@ -244,7 +267,7 @@ $diagnostics_menu = array();
 $diagnostics_menu[] = array(gettext("ARP Table"), "/diag_arp.php");
 $diagnostics_menu[] = array(gettext("Authentication"), "/diag_authentication.php");
 $diagnostics_menu[] = array(gettext("Backup/Restore"), "/diag_backup.php");
-$diagnostics_menu[] = array(gettext("Command Prompt"), "/diag_exec.php");
+//$diagnostics_menu[] = array(gettext("Command Prompt"), "/diag_exec.php"); // Removed file editor for security reasons
 $diagnostics_menu[] = array(gettext("DNS Lookup"), "/diag_dns.php");
 $diagnostics_menu[] = array(gettext("NDP Table"), "/diag_ndp.php" );
 $diagnostics_menu[] = array(gettext("Factory Defaults"), "/diag_defaults.php");
@@ -254,7 +277,7 @@ $diagnostics_menu[] = array(gettext("pfInfo"), "/diag_pf_info.php");
 $diagnostics_menu[] = array(gettext("pfTop"), "/diag_system_pftop.php");
 $diagnostics_menu[] = array(gettext("Ping"), "/diag_ping.php");
 $diagnostics_menu[] = array(gettext("Reboot"), "/diag_reboot.php");
-$diagnostics_menu[] = array(gettext("Edit File"), "/diag_edit.php");
+//$diagnostics_menu[] = array(gettext("Edit File"), "/diag_edit.php"); // Removed file editor for security reasons
 $diagnostics_menu[] = array(gettext("Packet Capture"), "/diag_packet_capture.php");
 $diagnostics_menu[] = array(gettext("Traceroute"), "/diag_traceroute.php");
 $diagnostics_menu[] = array(gettext("SMART Status"), "/diag_smart.php");

src/www/system_firmware.php

 <?php
-/* $Id$ */
 /*
-	system_firmware.php
+	Copyright (C) 2014 Deciso B.V.
 	Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com>
 	All rights reserved.
 
@@ -30,17 +29,6 @@
 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 	POSSIBILITY OF SUCH DAMAGE.
 */
-/*
-	pfSense_BUILDER_BINARIES:	/usr/bin/tar
-	pfSense_MODULE:	firmware
-*/
-
-##|+PRIV
-##|*IDENT=page-system-firmware-manualupdate
-##|*NAME=System: Firmware: Manual Update page
-##|*DESCR=Allow access to the 'System: Firmware: Manual Update' page.
-##|*MATCH=system_firmware.php*
-##|-PRIV
 
 $d_isfwfile = 1;
 $nocsrf = true;

src/www/system_firmware_settings.php

 <?php
-/* $Id$ */
 /*
-	system_firmware_settings.php
-       	part of pfSense
+        Copyright (C) 2014 Deciso B.V.
 		Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com>
         Copyright (C) 2005 Colin Smith
+        All rights reserved.
 
 	Redistribution and use in source and binary forms, with or without
 	modification, are permitted provided that the following conditions are met:
@@ -27,17 +26,6 @@
 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 	POSSIBILITY OF SUCH DAMAGE.
 */
-/*
-	pfSense_BUILDER_BINARIES:	/usr/bin/fetch
-	pfSense_MODULE:	firmware
-*/
-
-##|+PRIV
-##|*IDENT=page-system-firmware-settings
-##|*NAME=System: Firmware: Settings page
-##|*DESCR=Allow access to the 'System: Firmware: Settings' page.
-##|*MATCH=system_firmware_settings.php*
-##|-PRIV
 
 require("guiconfig.inc");
 
@@ -124,7 +112,7 @@ function enable_altfirmwareurl(enable_over) {
                         
                         <div class="table-responsive">
                         
-                        <table class="table table-striped" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
+                        <table class="table table-striped" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area" style="display:none"> <!--Unsupported Feuature, hide it-->
                     	    <thead>
                         	    <tr>
                             		<th colspan="2" valign="top" class="listtopic"><?=gettext("Firmware Branch"); ?></th>
@@ -184,7 +172,7 @@ function enable_altfirmwareurl(enable_over) {
                             </thead>
                             
                             <tbody>
-                            	<tr>
+                            	<tr style="display:none"> <!--Unsupported Feuature, hide it-->
                             		<td width="22%" valign="top" class="vncell"><?=gettext("Unsigned images"); ?></td>
                             		<td width="78%" class="vtable">
                             			<input name="allowinvalidsig" type="checkbox" id="allowinvalidsig" value="yes" <?php if (isset($curcfg['allowinvalidsig'])) echo "checked=\"checked\""; ?> />
@@ -205,7 +193,7 @@ function enable_altfirmwareurl(enable_over) {
                         </table>
                                 	
                         <?php if(file_exists("/usr/local/bin/git") && $g['platform'] == "pfSense"): ?>  
-                        <table class="table table-striped" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
+                        <table class="table table-striped" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area" style="display:none"> <!--Unsupported Feuature, hide it-->
                         	
                             <thead>
                         	    <tr>

src/www/system_firmware_tabs.php

 <?php
+	/*
+		Copyright (C) 2014 Deciso B.V.
+		All rights reserved.
+
+		Redistribution and use in source and binary forms, with or without
+		modification, are permitted provided that the following conditions are met:
+
+		1. Redistributions of source code must retain the above copyright notice,
+		   this list of conditions and the following disclaimer.
+
+		2. Redistributions in binary form must reproduce the above copyright
+		   notice, this list of conditions and the following disclaimer in the
+		   documentation and/or other materials provided with the distribution.
+
+		THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+		INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+		AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+		AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+		OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+		SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+		INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+		CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+		ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+		POSSIBILITY OF SUCH DAMAGE.
+
+	*/
+
     $active_tab = isset($active_tab) ? $active_tab : $_SERVER['PHP_SELF'];
 	$tab_array = array();
-	$tab_array[] = array(gettext("Manual Update"), $active_tab == "/system_firmware.php", "system_firmware.php");
+	// $tab_array[] = array(gettext("Manual Update"), $active_tab == "/system_firmware.php", "system_firmware.php");
 	$tab_array[] = array(gettext("Auto Update"), $active_tab == "/system_firmware_check.php", "system_firmware_check.php");
 	$tab_array[] = array(gettext("Updater Settings"), $active_tab == "/system_firmware_settings.php", "system_firmware_settings.php");
-	if($g['hidedownloadbackup'] == false)
-		$tab_array[] = array(gettext("Restore Full Backup"), $active_tab == "/system_firmware_restorefullbackup.php", "system_firmware_restorefullbackup.php");
+	//if($g['hidedownloadbackup'] == false)
+	//	$tab_array[] = array(gettext("Restore Full Backup"), $active_tab == "/system_firmware_restorefullbackup.php", "system_firmware_restorefullbackup.php");
 	display_top_tabs($tab_array);
 ?>
\ No newline at end of file