$section = new Form_Section('802.1x RADIUS options');
$section->addInput(new Form_Checkbox('ieee8021x', 'IEEE802.1X', 'Enable 802.1X authentication', $pconfig['ieee8021x'], 'yes'))->setHelp('This option requires that the "Enable WPA box" is checked');
$group = new Form_Group('Primary 802.1X server');
$group->add(new Form_IpAddress('auth_server_addr', 'IP Address', $pconfig['auth_server_addr']))->setHelp('IP address. (Commonly a Radius server (FreeRadius, Internet Authentication Services, etc.)');
$group->add(new Form_Input('auth_server_port', 'Port', 'number', $pconfig['auth_server_port']))->setHelp('Server port. Leave blank for the default port 1812');
$group->add(new Form_Input('auth_server_shared_secret', 'Shared secret', 'number', $pconfig['auth_server_shared_secret']))->setHelp('Shared secret');
$section->add($group);
$group = new Form_Group('Secondary 802.1X server');
$group->add(new Form_IpAddress('auth_server_addr2', 'IP Address', $pconfig['auth_server_addr2']))->setHelp('IP address. (Commonly a Radius server (FreeRadius, Internet Authentication Services, etc.)');
$group->add(new Form_Input('auth_server_port2', 'Port', 'number', $pconfig['auth_server_port2']))->setHelp('Server port. Leave blank for the default port 1812');
$group->add(new Form_Input('auth_server_shared_secret2', 'Shared secret', 'number', $pconfig['auth_server_shared_secret2']))->setHelp('Shared secret');
$section->add($group);
$section->addInput(new Form_Checkbox('rsn_preauth', 'Authentication Roaming Preauth', null, $pconfig['rsn_preauth'], 'yes'));
$form->add($section);
}
$section = new Form_Section('Private networks');
$section->addInput(new Form_Checkbox('blockpriv', 'Block private networks', '', $pconfig['blockpriv'], 'yes'))->setHelp('Blocks traffic from IP addresses that are reserved for private networks per RFC 1918 (10/8, 172.16/12, 192.168/16) ' . ' as well as loopback addresses (127/8). You should generally leave this option turned on, unless your WAN network ' . 'lies in such a private address space, too.');
$section->addInput(new Form_Checkbox('blockbogons', 'Block bogon networks', '', $pconfig['blockbogons'], 'yes'))->setHelp('Blocks traffic from reserved IP addresses (but not RFC 1918) or not yet assigned by IANA. Bogons are prefixes that should ' . 'never appear in the Internet routing table, and so should not appear as the source address in any packets you receive.' . '<br />' . 'Note: The update frequency can be changed under System->Advanced Firewall/NAT settings');
$form->add($section);
$form->addGlobal(new Form_Input('if', null, 'hidden', $if));
if ($wancfg['if'] == $a_ppps[$pppid]['if']) {
$form->addGlobal(new Form_Input('ppp_port', null, 'hidden', $pconfig['port']));
}
$form->addGlobal(new Form_Input('ptpid', null, 'hidden', $pconfig['ptpid']));
print $form;
?>
<script type="text/javascript">
//<![CDATA[
events.push(function(){
if ($input_errors) {
print_input_errors($input_errors);
}
if ($savemsg) {
print_info_box($savemsg, 'success');
}
if (is_subsystem_dirty('unbound')) {
print_apply_box(gettext("The DNS Resolver configuration has been changed.") . "<br />" . gettext("You must apply the changes in order for them to take effect."));
}
$tab_array = array();
$tab_array[] = array(gettext("General settings"), true, "services_unbound.php");
$tab_array[] = array(gettext("Advanced settings"), false, "services_unbound_advanced.php");
$tab_array[] = array(gettext("Access Lists"), false, "/services_unbound_acls.php");
display_top_tabs($tab_array, true);
$form = new Form();
$section = new Form_Section('General DNS Resolver Options');
$section->addInput(new Form_Checkbox('enable', 'Enable', 'Enable DNS resolver', $pconfig['enable']));
$section->addInput(new Form_Input('port', 'Listen Port', 'number', $pconfig['port'], ['placeholder' => '53']))->setHelp('The port used for responding to DNS queries. It should normally be left blank unless another service needs to bind to TCP/UDP port 53.');
$activeiflist = build_if_list($pconfig['active_interface']);
$section->addInput(new Form_Select('active_interface', 'Network Interfaces', $activeiflist['selected'], $activeiflist['options'], true))->addClass('general')->setHelp('Interface IPs used by the DNS Resolver for responding to queries from clients. If an interface has both IPv4 and IPv6 IPs, both are used. Queries to other interface IPs not selected below are discarded. ' . 'The default behavior is to respond to queries on every available IPv4 and IPv6 address.');
$outiflist = build_if_list($pconfig['outgoing_interface']);
$section->addInput(new Form_Select('outgoing_interface', 'Outgoing Network Interfaces', $outiflist['selected'], $outiflist['options'], true))->addClass('general')->setHelp('Utilize different network interface(s) that the DNS Resolver will use to send queries to authoritative servers and receive their replies. By default all interfaces are used.');
$unbound_local_zone_types = array("deny" => gettext("Deny"), "refuse" => gettext("Refuse"), "static" => gettext("Static"), "transparent" => gettext("Transparent"), "typetransparent" => gettext("Type Transparent"), "redirect" => gettext("Redirect"), "inform" => gettext("Inform"), "inform_deny" => gettext("Inform Deny"), "nodefault" => gettext("No Default"));
$section->addInput(new Form_Select('system_domain_local_zone_type', 'System Domain Local Zone Type', $pconfig['system_domain_local_zone_type'], $unbound_local_zone_types))->setHelp('The local-zone type used for the pfSense system domain (System | General Setup | Domain). Transparent is the default. Local-Zone type descriptions are available in the unbound.conf(5) manual pages.');
$section->addInput(new Form_Checkbox('dnssec', 'DNSSEC', 'Enable DNSSEC Support', $pconfig['dnssec']));
$section->addInput(new Form_Checkbox('forwarding', 'DNS Query Forwarding', 'Enable Forwarding Mode', $pconfig['forwarding']));
$section->addInput(new Form_Checkbox('regdhcp', 'DHCP Registration', 'Register DHCP leases in the DNS Resolver', $pconfig['regdhcp']))->setHelp(sprintf('If this option is set, then machines that specify their hostname when requesting a DHCP lease will be registered' . ' in the DNS Resolver, so that their name can be resolved.' . ' You should also set the domain in %sSystem: General setup%s to the proper value.', '<a href="system.php">', '</a>'));
$section->addInput(new Form_Checkbox('regdhcpstatic', 'Static DHCP', 'Register DHCP static mappings in the DNS Resolver', $pconfig['regdhcpstatic']))->setHelp(sprintf('If this option is set, then DHCP static mappings will be registered in the DNS Resolver, so that their name can be ' . 'resolved. You should also set the domain in %s' . 'System: General setup%s to the proper value.', '<a href="system.php">', '</a>'));
$btnadvdns = new Form_Button('btnadvdns', 'Custom options');
$btnadvdns->removeClass('btn-primary')->addClass('btn-default btn-sm');
$section->addInput(new Form_StaticText('Custom options', $btnadvdns . ' ' . 'Show custom options'));
$list[$name] = 'GW Group ' . $name;
}
unset($grouplist);
return $list;
}
$pgtitle = array(gettext("Services"), gettext("Dynamic DNS client"));
include "head.inc";
if ($input_errors) {
print_input_errors($input_errors);
}
if ($savemsg) {
print_info_box($savemsg, 'success');
}
require_once 'classes/Form.class.php';
$form = new Form();
$section = new Form_Section('Dynamic DNS Client');
// Confusingly the 'enable' checkbox is labelled 'Disable', but thats the way it works!
// No action (hide or disable) is taken on selecting this.
$section->addInput(new Form_Checkbox('enable', 'Disable', 'Disable this client', $pconfig['enable']));
$section->addInput(new Form_Select('type', 'Service Type', $pconfig['type'], build_type_list()));
$interfacelist = build_if_list();
$section->addInput(new Form_Select('interface', 'Interface to monitor', $pconfig['interface'], $interfacelist));
$section->addInput(new Form_Select('requestif', 'Interface to send update from', $pconfig['request'], $interfacelist))->setHelp('This is almost always the same as the Interface to Monitor. ');
$section->addInput(new Form_Input('host', 'Hostname', 'text', $pconfig['host']))->setHelp('Enter the complete fully qualified domain name. Example: myhost.dyndns.org' . '<br />' . 'he.net tunnelbroker: Enter your tunnel ID' . '<br />' . 'GleSYS: Enter your record ID' . '<br />' . 'DNSimple: Enter only the domain name.');
$section->addInput(new Form_Input('mx', 'MX', 'text', $pconfig['mx']))->setHelp('Note: With DynDNS service you can only use a hostname, not an IP address. ' . 'Set this option only if you need a special MX record. Not all services support this.');
$section->addInput(new Form_Checkbox('wildcard', 'Wildcards', 'Enable Wildcard', $pconfig['wildcard']));
$section->addInput(new Form_Checkbox('verboselog', 'Verbose logging', 'Enable verbose logging', $pconfig['verboselog']));
$section->addInput(new Form_Checkbox('curl_ipresolve_v4', 'CURL options', 'Force IPv4 resolving', $pconfig['curl_ipresolve_v4']));
$section->addInput(new Form_Checkbox('curl_ssl_verifypeer', null, 'Verify SSL peer', $pconfig['curl_ssl_verifypeer']));
$section->addInput(new Form_Input('username', 'Username', 'text', $pconfig['username']))->setHelp('Username is required for all types except Namecheap, FreeDNS and Custom Entries.' . '<br />' . 'Route 53: Enter your Access Key ID.' . '<br />' . 'GleSYS: Enter your API user.' . '<br />' . 'For Custom Entries, Username and Password represent HTTP Authentication username and passwords.');
$section->addInput(new Form_Input('passwordfld', 'Password', 'password', $pconfig['passwordfld']))->setHelp('FreeDNS (freedns.afraid.org): Enter your "Authentication Token" provided by FreeDNS.' . '<br />' . 'Route 53: Enter your Secret Access Key.' . '<br />' . 'GleSYS: Enter your API key.' . '<br />' . 'DNSimple: Enter your API token.');
array_push($pfscss, $css);
} else {
array_push($usrcss, $css);
}
}
}
$css = array_merge($pfscss, $betacss, $usrcss);
foreach ($css as $file) {
$file = basename($file);
$csslist[$file] = pathinfo($file, PATHINFO_FILENAME);
}
}
if (!isset($pconfig['webguicss']) || !isset($csslist[$pconfig['webguicss']])) {
$pconfig['webguicss'] = "pfSense.css";
}
$section = new Form_Section('webConfigurator');
$section->addInput(new Form_Select('webguicss', 'Theme', $pconfig['webguicss'], $csslist))->setHelp(sprintf(gettext('Choose an alternative css file (if installed) to change the appearance of the webConfigurator. css files are located in /usr/local/www/css/%s'), '<span id="csstxt"></span>'));
$section->addInput(new Form_Select('webguifixedmenu', 'Top Navigation', $pconfig['webguifixedmenu'], ["" => gettext("Scrolls with page"), "fixed" => gettext("Fixed (Remains visible at top of page)")]))->setHelp("The fixed option is intended for large screens only.");
$section->addInput(new Form_Input('dashboardcolumns', 'Dashboard Columns', 'number', $pconfig['dashboardcolumns'], [min => 1, max => 4]));
$group = new Form_Group('Associated Panels Show/Hide');
$group->add(new Form_Checkbox('dashboardavailablewidgetspanel', null, 'Available Widgets', $pconfig['dashboardavailablewidgetspanel']))->setHelp('Show the Available Widgets panel on the Dashboard.');
$group->add(new Form_Checkbox('systemlogsfilterpanel', null, 'Log Filter', $pconfig['systemlogsfilterpanel']))->setHelp('Show the Log Filter panel in System Logs.');
$group->add(new Form_Checkbox('systemlogsmanagelogpanel', null, 'Manage Log', $pconfig['systemlogsmanagelogpanel']))->setHelp('Show the Manage Log panel in System Logs.');
$group->add(new Form_Checkbox('statusmonitoringsettingspanel', null, 'Monitoring Settings', $pconfig['statusmonitoringsettingspanel']))->setHelp('Show the Settings panel in Status Monitoring.');
$group->setHelp('These options allow certain panels to be automatically hidden on page load. A control is provided in the title bar to un-hide the panel.');
$section->add($group);
$section->addInput(new Form_Checkbox('webguileftcolumnhyper', 'Left Column Labels', 'Active', $pconfig['webguileftcolumnhyper']))->setHelp('If selected, clicking a label in the left column will select/toggle the first item of the group.');
$form->add($section);
print $form;
$csswarning = sprintf(gettext("%sUser-created themes are unsupported, use at your own risk."), "<br />");
?>
}
if (!$input_errors) {
$doment = array();
$doment['domain'] = $_POST['domain'];
$doment['ip'] = $_POST['ip'];
$doment['descr'] = $_POST['descr'];
if (isset($id) && $a_domainOverrides[$id]) {
$a_domainOverrides[$id] = $doment;
} else {
$a_domainOverrides[] = $doment;
}
mark_subsystem_dirty('unbound');
write_config();
header("Location: services_unbound.php");
exit;
}
}
$pgtitle = array(gettext("Services"), gettext("DNS Resolver"), gettext("General Settings"), gettext("Edit Domain Override"));
$shortcut_section = "resolver";
include "head.inc";
$form = new Form();
$section = new Form_Section('Domain Override');
$section->addInput(new Form_Input('domain', 'Domain', 'text', $pconfig['domain']))->setHelp('Domain to override (NOTE: this does not have to be a valid TLD!) e.g.: testormycompany.localdomainor1.168.192.in-addr.arpa');
$section->addInput(new Form_IpAddress('ip', 'IP Address', $pconfig['ip']))->setHelp('IP address of the authoritative DNS server for this domain. e.g.: 192.168.100.100' . '<br />' . 'To use a nondefault port for communication, append an \'@\' with the port number.');
$section->addInput(new Form_Input('descr', 'Description', 'text', $pconfig['descr']))->setHelp('You may enter a description here for your reference (not parsed).');
if (isset($id) && $a_domainOverrides[$id]) {
$section->addInput(new Form_Input('id', null, 'hidden', $id));
}
$form->add($section);
print $form;
include "foot.inc";
$section = new Form_Section('Network Address Translation');
if (isset($config['system']['disablenatreflection'])) {
$value = 'disable';
} elseif (!isset($config['system']['enablenatreflectionpurenat'])) {
$value = 'proxy';
} else {
$value = 'purenat';
}
$section->addInput(new Form_Select('natreflection', 'NAT Reflection mode for port forwards', $value, array('disable' => gettext('disabled'), 'proxy' => gettext('NAT + proxy'), 'purenat' => gettext('Pure NAT'))))->setHelp('</span><ul class="help-block"><li>The pure NAT mode uses a set of NAT rules to direct ' . 'packets to the target of the port forward. It has better scalability, ' . 'but it must be possible to accurately determine the interface and ' . 'gateway IP used for communication with the target at the time the ' . 'rules are loaded. There are no inherent limits to the number of ports ' . 'other than the limits of the protocols. All protocols available for ' . 'port forwards are supported.</li><li>The NAT + proxy mode uses a ' . 'helper program to send packets to the target of the port forward. ' . 'It is useful in setups where the interface and/or gateway IP used ' . 'for communication with the target cannot be accurately determined at ' . 'the time the rules are loaded. Reflection rules are not created for ' . 'ranges larger than 500 ports and will not be used for more than 1000 ' . 'ports total between all port forwards. Only TCP and UDP protocols are ' . 'supported.</li></ul><span class="help-block">Individual rules may be configured to override ' . 'this system setting on a per-rule basis.');
$section->addInput(new Form_Input('reflectiontimeout', 'Reflection Timeout', 'number', $config['system']['reflectiontimeout'], ['min' => 1]))->setHelp('Enter value for Reflection timeout in seconds.<br/>Note: Only ' . 'applies to Reflection on port forwards in NAT + proxy mode.');
$section->addInput(new Form_Checkbox('enablebinatreflection', 'Enable NAT Reflection for 1:1 NAT', 'Automatic creation of additional NAT redirect rules from within the internal networks.', isset($config['system']['enablebinatreflection'])))->setHelp('Note: Reflection on 1:1 mappings is only for the inbound component of ' . 'the 1:1 mappings. This functions the same as the pure NAT mode for port ' . 'forwards. For more details, refer to the pure NAT mode description ' . 'above. Individual rules may be configured to override this system setting on a ' . 'per-rule basis.');
$section->addInput(new Form_Checkbox('enablenatreflectionhelper', 'Enable automatic outbound NAT for Reflection', 'Automatic create outbound NAT rules that direct traffic back out to the same subnet it originated from.', isset($config['system']['enablenatreflectionhelper'])))->setHelp('Required for full functionality of the pure NAT mode of NAT ' . 'Reflection for port forwards or NAT Reflection for 1:1 NAT. Note: This only works ' . 'for assigned interfaces. Other interfaces require manually creating the ' . 'outbound NAT rules that direct the reply packets back through the router.');
$section->addInput(new Form_Select('tftpinterface', 'TFTP Proxy', $pconfig['tftpinterface'], get_configured_interface_with_descr(), true))->setHelp('Choose the interfaces on which to enable TFTP proxy helper.');
$form->add($section);
}
$section = new Form_Section('State Timeouts (seconds - blank for default)');
$tcpTimeouts = array('First', 'Opening', 'Established', 'Closing', 'FIN Wait', 'Closed');
foreach ($tcpTimeouts as $name) {
$keyname = 'tcp' . strtolower(str_replace(" ", "", $name)) . 'timeout';
$section->addInput(new Form_Input($keyname, 'TCP ' . $name, 'number', $config['system'][$keyname]));
}
$udpTimeouts = array('First', 'Single', 'Multiple');
foreach ($udpTimeouts as $name) {
$keyname = 'udp' . strtolower(str_replace(" ", "", $name)) . 'timeout';
$section->addInput(new Form_Input($keyname, 'UDP ' . $name, 'number', $config['system'][$keyname]));
}
$icmpTimeouts = array('First', 'Error');
foreach ($icmpTimeouts as $name) {
$keyname = 'icmp' . strtolower(str_replace(" ", "", $name)) . 'timeout';
$section->addInput(new Form_Input($keyname, 'ICMP ' . $name, 'number', $config['system'][$keyname]));
}
$group->add(new Form_Input('pppoe_resetminute', null, 'text', $pconfig['pppoe_resetminute']))->setHelp('Minute');
$group->add(new Form_Input('pppoe_resetdate', null, 'text', $pconfig['pppoe_resetdate'], ['placeholder' => 'mm/dd/yyyy']))->setHelp('Specific date');
$group->setHelp('Leaving the date field empty will cause the reset to be executed each day at the time specified in the minutes and hour fields. ');
$section->add($group);
$group = new Form_Group('Reset frequency');
$group->addClass('pppoe-reset-cron');
$group->add(new Form_Checkbox('pppoe_pr_preset_val', null, 'Monthly (0 0 1 * *)', $pconfig['pppoe_monthly'], 'monthly'))->displayAsRadio();
$group->add(new Form_Checkbox('pppoe_pr_preset_val', null, 'Weekly (0 0 * * 0)', $pconfig['pppoe_weekly'], 'weekly'))->displayAsRadio();
$group->add(new Form_Checkbox('pppoe_pr_preset_val', null, 'Daily (0 0 * * *)', $pconfig['pppoe_daily'], 'daily'))->displayAsRadio();
$group->add(new Form_Checkbox('pppoe_pr_preset_val', null, 'Hourly (0 * * * *)', $pconfig['pppoe_hourly'], 'hourly'))->displayAsRadio();
$section->add($group);
$btnadv = new Form_Button('btnadvopts', 'Display Advanced', null, 'fa-cog');
$btnadv->setAttribute('type', 'button')->addClass('btn-info btn-sm');
$section->addInput(new Form_StaticText('Advanced options', $btnadv));
$form->add($section);
$section = new Form_Section('Advanced Configuration');
$section->addClass('adnlopts');
$section->addInput(new Form_Checkbox('ondemand', 'Dial On Demand', 'Enable Dial-on-Demand mode. ', $pconfig['ondemand']))->setHelp('Causes the interface to operate in dial-on-demand mode. Do NOT enable if the link is to remain continuously connected. ' . 'The interface is configured, but the actual connection of the link is delayed until qualifying outgoing traffic is detected.');
$section->addInput(new Form_Input('idletimeout', 'Idle Timeout', 'text', $pconfig['idletimeout']))->setHelp('If no incoming or outgoing packets are transmitted for the entered number of seconds the connection is brought down.' . " " . 'When the idle timeout occurs, if the dial-on-demand option is enabled, mpd goes back into dial-on-demand mode. ' . 'Otherwise, the interface is brought down and all associated routes removed.');
$section->addInput(new Form_Checkbox('vjcomp', 'Compression', 'Disable vjcomp (compression, auto-negotiated by default).', $pconfig['vjcomp']))->setHelp('Disable vjcomp(compression) (auto-negotiated by default).' . '<br />' . 'This option enables Van Jacobson TCP header compression, which saves several bytes per TCP data packet.' . " " . 'This option is almost always required. Compression is not effective for TCP connections with enabled modern extensions like time ' . 'stamping or SACK, which modify TCP options between sequential packets.');
$section->addInput(new Form_Checkbox('tcpmssfix', 'TCPmssFix', 'Disable tcpmssfix (enabled by default).', $pconfig['tcpmssfix']))->setHelp('Causes mpd to adjust incoming and outgoing TCP SYN segments so that the requested maximum segment size is not greater than the amount ' . 'allowed by the interface MTU. This is necessary in many setups to avoid problems caused by routers that drop ICMP Datagram Too Big messages. Without these messages, ' . 'the originating machine sends data, it passes the rogue router then hits a machine that has an MTU that is not big enough for the data. Because the IP Don\'t Fragment option is set, ' . 'this machine sends an ICMP Datagram Too Big message back to the originator and drops the packet. The rogue router drops the ICMP message and the originator never ' . 'gets to discover that it must reduce the fragment size or drop the IP Don\'t Fragment option from its outgoing data.');
$section->addInput(new Form_Checkbox('shortseq', 'ShortSeq', 'Disable shortseq (auto-negotiated by default).', $pconfig['shortseq']))->setHelp('This option is only meaningful if multi-link PPP is negotiated. It proscribes shorter multi-link fragment headers, saving two bytes on every frame. ' . 'It is not necessary to disable this for connections that are not multi-link.');
$section->addInput(new Form_Checkbox('acfcomp', 'ACFComp', 'Disable ACF compression (auto-negotiated by default)', $pconfig['acfcomp']))->setHelp('Address and control field compression. This option only applies to asynchronous link types. It saves two bytes per frame.');
$section->addInput(new Form_Checkbox('protocomp', 'ProtoComp', 'Disable Protocol compression (auto-negotiated by default)', $pconfig['protocomp']))->setHelp('Protocol field compression. This option saves one byte per frame for most frames.');
// Display the Link parameters. We will hide this by default, then un-hide the selected ones on clicking 'Advanced'
$j = 0;
foreach ($linklist['list'] as $ifnm => $nm) {
$group = new Form_Group('Link Parameters (' . $ifnm . ')');
$group->add(new Form_Input('bandwidth' . $ifnm, null, 'text', $pconfig['bandwidth'][$ifnm]))->setHelp('Bandwidth');
$group->add(new Form_Input('mtu' . $ifnm, null, 'text', $pconfig['mtu'][$ifnm]))->setHelp('MTU');
$group->add(new Form_Input('mru' . $ifnm, null, 'text', $pconfig['mru'][$ifnm]))->setHelp('MRU');
客服电话
APP下载
官方微信
请发表评论