diff --git a/net/cloudflared/src/opnsense/mvc/app/controllers/OPNsense/Cloudflared/Api/SettingsController.php b/net/cloudflared/src/opnsense/mvc/app/controllers/OPNsense/Cloudflared/Api/SettingsController.php index 7cd7a48fb..f9b385cad 100644 --- a/net/cloudflared/src/opnsense/mvc/app/controllers/OPNsense/Cloudflared/Api/SettingsController.php +++ b/net/cloudflared/src/opnsense/mvc/app/controllers/OPNsense/Cloudflared/Api/SettingsController.php @@ -34,18 +34,4 @@ class SettingsController extends ApiMutableModelControllerBase { protected static $internalModelClass = '\OPNsense\Cloudflared\Cloudflared'; protected static $internalModelName = 'cloudflared'; - - public function sysctlCheckAction() - { - $checks = [ - 'kern.ipc.maxsockbuf' => 16777216, - 'net.inet.udp.recvspace' => 8388608, - ]; - $result = []; - foreach ($checks as $key => $minimum) { - $value = intval(trim(shell_exec('sysctl -n ' . escapeshellarg($key) . ' 2>/dev/null'))); - $result[$key] = ['value' => $value, 'minimum' => $minimum, 'ok' => $value >= $minimum]; - } - return $result; - } } diff --git a/net/cloudflared/src/opnsense/mvc/app/library/OPNsense/System/Status/CloudflaredOverrideStatus.php b/net/cloudflared/src/opnsense/mvc/app/library/OPNsense/System/Status/CloudflaredOverrideStatus.php new file mode 100644 index 000000000..91e464c40 --- /dev/null +++ b/net/cloudflared/src/opnsense/mvc/app/library/OPNsense/System/Status/CloudflaredOverrideStatus.php @@ -0,0 +1,56 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\System\Status; + +use OPNsense\System\AbstractStatus; +use OPNsense\System\SystemStatusCode; + +class CloudflaredOverrideStatus extends AbstractStatus +{ + public function __construct() + { + $this->internalPriority = 2; + $this->internalPersistent = true; + $this->internalIsBanner = true; + $this->internalTitle = gettext('Cloudflare Tunnel'); + $this->internalScope = [ + '/ui/cloudflared/' + ]; + } + + public function collectStatus() + { + $this->internalMessage = gettext( + 'Cloudflare Tunnel traffic bypasses OPNsense firewall rules; access control must be enforced in ' . + 'Cloudflare Access. For optimal QUIC performance, set the recommended kernel tunables. ' . + 'See the plugin documentation for details.' + ); + $this->internalStatus = SystemStatusCode::NOTICE; + } +} diff --git a/net/cloudflared/src/opnsense/mvc/app/views/OPNsense/Cloudflared/index.volt b/net/cloudflared/src/opnsense/mvc/app/views/OPNsense/Cloudflared/index.volt index 07439c140..052df2898 100644 --- a/net/cloudflared/src/opnsense/mvc/app/views/OPNsense/Cloudflared/index.volt +++ b/net/cloudflared/src/opnsense/mvc/app/views/OPNsense/Cloudflared/index.volt @@ -26,37 +26,9 @@