Commit e61d3823 authored by Ad Schellevis's avatar Ad Schellevis

(legacy) evil globals... change use of $FilterIflist

parent 8547c8fb
......@@ -31,6 +31,7 @@
include_once("auth.inc");
include_once("priv.inc");
require_once("filter.inc");
function getPrivPages(& $entry, & $allowed_pages) {
global $priv_list;
......@@ -318,7 +319,7 @@ function display_login_form()
/* Check against locally configured IP addresses, which will catch when someone
port forwards WebGUI access from WAN to an internal IP on the router. */
global $FilterIflist;
$FilterIflist = filter_generate_optcfg_array() ;
$local_ip = false;
if (strstr($_SERVER['HTTP_HOST'], ":")) {
$http_host_port = explode(":", $_SERVER['HTTP_HOST']);
......@@ -326,10 +327,6 @@ function display_login_form()
} else {
$http_host = $_SERVER['HTTP_HOST'];
}
if (empty($FilterIflist)) {
require_once('filter.inc');
filter_generate_optcfg_array();
}
foreach ($FilterIflist as $iflist) {
if ($iflist['ip'] == $http_host) {
$local_ip = true;
......@@ -338,7 +335,6 @@ function display_login_form()
$local_ip = true;
}
}
unset($FilterIflist);
if (isset($config['virtualip'])) {
if ($config['virtualip']['vip']) {
......
......@@ -36,9 +36,6 @@ $after_filter_configure_run = array();
/* For installing cron job of schedules */
$time_based_rules = false;
/* Used to hold the interface list that will be used on ruleset creation. */
$FilterIflist = array();
/* Create a global array to avoid errors on rulesets. */
$GatewaysList = array();
......@@ -149,9 +146,11 @@ function filter_delete_states_for_down_gateways() {
/* reload filter sync */
function filter_configure_sync($delete_states_if_needed = true)
{
global $config, $g, $after_filter_configure_run, $FilterIflist;
global $config, $g, $after_filter_configure_run;
global $time_based_rules, $filterdns, $aliases;
$FilterIflist = filter_generate_optcfg_array() ;
/* Use filter lock to not allow concurrent filter reloads during this run. */
$filterlck = lock('filter', LOCK_EX);
......@@ -372,7 +371,8 @@ function filter_configure_sync($delete_states_if_needed = true)
}
function filter_generate_scrubing() {
global $config, $FilterIflist;
global $config;
$FilterIflist = filter_generate_optcfg_array() ;
$scrubrules = "";
if (isset($config['system']['maxmss_enable'])) {
......@@ -483,7 +483,8 @@ function filter_expand_alias_array($alias_name) {
function filter_generate_aliases()
{
global $config, $FilterIflist, $after_filter_configure_run;
global $config, $after_filter_configure_run;
$FilterIflist = filter_generate_optcfg_array() ;
$alias = "#System aliases\n ";
$aliases = "loopback = \"{ lo0 }\"\n";
......@@ -756,13 +757,12 @@ function filter_get_vpns_list() {
* optionally returns an array instead, including friendly interface and gateway (if applicable)
*/
function filter_get_direct_networks_list($returnsubnetsonly = true) {
global $config, $FilterIflist, $GatewaysList;
global $config, $GatewaysList;
$FilterIflist = filter_generate_optcfg_array() ;
/* build list of directly connected interfaces and networks */
$networks = "";
$networks_arr = array();
if(empty($FilterIflist)) {
filter_generate_optcfg_array();
}
foreach ($FilterIflist as $ifent => $ifcfg) {
$subnet = "{$ifcfg['sa']}/{$ifcfg['sn']}";
if(is_subnet($subnet)) {
......@@ -819,6 +819,14 @@ function filter_generate_optcfg_array()
{
global $config, $FilterIflist;
// Nasty hack to avoid unkown status of $FilterIflist, every piece of code using $FilterIflist should use
// this function to retrieve it's content.
if (isset($FilterIflist) && is_array($FilterIflist) && count($FilterIflist) > 0) {
return $FilterIflist;
}
$FilterIflist = array();
/* if list */
$iflist = get_configured_interface_with_descr();
foreach ($iflist as $if => $ifdetail) {
......@@ -978,11 +986,13 @@ function filter_generate_optcfg_array()
$FilterIflist[$ifgen['ifname']] = $oc;
}
}
return $FilterIflist ;
}
function filter_get_reflection_interfaces($natif = "") {
global $FilterIflist;
$FilterIflist = filter_generate_optcfg_array() ;
$nat_if_list = array();
......@@ -1001,7 +1011,8 @@ function filter_get_reflection_interfaces($natif = "") {
}
function filter_generate_reflection_nat($rule, &$route_table, $nat_ifs, $protocol, $target, $target_ip, $target_subnet = "") {
global $config, $FilterIflist;
global $config;
$FilterIflist = filter_generate_optcfg_array() ;
if(!isset($config['system']['enablenatreflectionhelper']))
return "";
......@@ -1086,7 +1097,8 @@ function filter_generate_reflection_nat($rule, &$route_table, $nat_ifs, $protoco
}
function filter_generate_reflection_proxy($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_port, &$starting_localhost_port, &$reflection_txt) {
global $FilterIflist, $config;
global $config;
$FilterIflist = filter_generate_optcfg_array() ;
// Initialize natrules holder string
$natrules = "";
......@@ -1278,7 +1290,8 @@ function filter_generate_reflection_proxy($rule, $nordr, $rdr_ifs, $srcaddr, $ds
}
function filter_nat_rules_automatic_tonathosts($with_descr = false) {
global $config, $FilterIflist, $GatewaysList;
global $config, $GatewaysList;
$FilterIflist = filter_generate_optcfg_array() ;
$tonathosts = array("127.0.0.0/8");
$descriptions = array(gettext("localhost"));
......@@ -1401,7 +1414,8 @@ function filter_nat_rules_automatic_tonathosts($with_descr = false) {
function filter_nat_rules_outbound_automatic($src)
{
global $config, $FilterIflist;
global $config ;
$FilterIflist = filter_generate_optcfg_array() ;
$rules = array();
......@@ -1443,7 +1457,8 @@ function filter_nat_rules_outbound_automatic($src)
/* Generate a 'nat on' or 'no nat on' rule for given interface */
function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "any", $dstport = "", $natip = "", $natport = "", $nonat = false, $staticnatport = false, $proto = "", $poolopts = "") {
global $config, $FilterIflist;
global $config;
$FilterIflist = filter_generate_optcfg_array() ;
/* XXX: billm - any idea if this code is needed? */
if($src == "/32" || $src{0} == "/")
return "# src incorrectly specified\n";
......@@ -1524,7 +1539,8 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "
}
function filter_nat_rules_generate() {
global $config, $g, $after_filter_configure_run, $FilterIflist, $GatewaysList, $aliases;
global $config, $g, $after_filter_configure_run, $GatewaysList, $aliases;
$FilterIflist = filter_generate_optcfg_array() ;
$natrules = "no nat proto carp\n";
$natrules .= "no rdr proto carp\n";
......@@ -2029,7 +2045,7 @@ function filter_generate_port(& $rule, $target = "source", $isnat = false) {
}
function filter_address_add_vips_subnets(&$subnets, $if, $not) {
global $FilterIflist;
$FilterIflist = filter_generate_optcfg_array() ;
$if_subnets = array($subnets);
......@@ -2067,7 +2083,8 @@ function filter_address_add_vips_subnets(&$subnets, $if, $not) {
}
function filter_generate_address(& $rule, $target = "source", $isnat = false) {
global $FilterIflist, $config;
global $config;
$FilterIflist = filter_generate_optcfg_array() ;
$src = "";
if(isset($rule[$target]['any'])) {
......@@ -2219,7 +2236,8 @@ function filter_generate_address(& $rule, $target = "source", $isnat = false) {
function filter_generate_user_rule($rule)
{
global $config, $g, $FilterIflist, $GatewaysList;
global $config, $g, $GatewaysList;
$FilterIflist = filter_generate_optcfg_array() ;
/* don't include disabled rules */
if(isset($rule['disabled'])) {
......@@ -2566,7 +2584,8 @@ function filter_generate_user_rule($rule)
function filter_rules_generate()
{
global $config, $g, $FilterIflist, $time_based_rules, $GatewaysList;
global $config, $g, $time_based_rules, $GatewaysList;
$FilterIflist = filter_generate_optcfg_array() ;
$fix_rule_label = 'fix_rule_label';
......@@ -3364,7 +3383,8 @@ function filter_tdr_month($schedule) {
function filter_setup_logging_interfaces()
{
global $config, $FilterIflist;
global $config;
$FilterIflist = filter_generate_optcfg_array() ;
$rules = '';
if (isset($FilterIflist['lan']))
......@@ -3391,7 +3411,8 @@ function filter_process_carp_rules($log)
/* Generate IPsec Filter Items */
function filter_generate_ipsec_rules($log = array())
{
global $config, $g, $FilterIflist;
global $config, $g;
$FilterIflist = filter_generate_optcfg_array() ;
if (isset($config['system']['disablevpnrules'])) {
return "\n# VPN Rules not added disabled in System->Advanced.\n";
......
......@@ -845,9 +845,8 @@ function openvpn_client_export_build_remote_lines($settings, $useaddr, $interfac
}
function openvpn_client_export_find_port_forwards($targetip, $targetport, $targetproto, $skipprivate, $findhostname=false) {
global $config, $FilterIflist;
if (empty($FilterIflist))
filter_generate_optcfg_array();
global $config;
$FilterIflist = filter_generate_optcfg_array() ;
$destinations = array();
if (!is_array($config['nat']) || !is_array($config['nat']['rule']))
......
......@@ -31,9 +31,10 @@ require_once("guiconfig.inc");
require_once("functions.inc");
require_once("filter.inc");
global $FilterIflist;
global $GatewaysList;
$FilterIflist = filter_generate_optcfg_array() ;
if (!is_array($config['nat']['outbound']))
$config['nat']['outbound'] = array();
......@@ -72,8 +73,6 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") {
* lets automatically create entries
* for all of the interfaces to make life easier on the pip-o-chap
*/
if(empty($FilterIflist))
filter_generate_optcfg_array();
if(empty($GatewaysList))
filter_generate_gateways();
$tonathosts = filter_nat_rules_automatic_tonathosts(true);
......@@ -105,7 +104,7 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") {
}
}
$savemsg = gettext("Default rules for each interface have been created.");
unset($FilterIflist, $GatewaysList);
unset($GatewaysList);
}
$config['nat']['outbound']['mode'] = $_POST['mode'];
......@@ -477,12 +476,10 @@ include("head.inc");
</tbody>
<?php
if ($mode == "automatic" || $mode == "hybrid"):
if(empty($FilterIflist))
filter_generate_optcfg_array();
if(empty($GatewaysList))
filter_generate_gateways();
$automatic_rules = filter_nat_rules_outbound_automatic(implode(" ", filter_nat_rules_automatic_tonathosts()));
unset($FilterIflist, $GatewaysList);
unset($GatewaysList);
?>
<thead>
<tr><th colspan="12"><?=gettext("Automatic rules:"); ?></th></tr>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment