upstream/opnsense-plugins
1
0
Fork 0
mirror of https://github.com/opnsense/plugins.git synced 2026-04-20 21:58:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

move ftp-proxy instance logic to backend rc(8) script; closes #38

Browse source
This commit is contained in:
Frank Brendel 2016-10-05 14:36:17 +02:00 committed by Franco Fichtner
parent 59ecc808ce
commit ee440b7bfa
14 changed files with 455 additions and 378 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
net/ftp-proxy/+POST_DEINSTALL
View file

@ -1,28 +0,0 @@
DIFF='--- filter.inc.ftpproxy 2016-09-21 16:38:53.947075272 +0200
+++ filter.inc.orig 2016-09-21 16:47:29.239370565 +0200
@@ -1450,7 +1450,6 @@
$natrules = "no nat proto carp\n";
$natrules .= "no rdr proto carp\n";
- $natrules .= "nat-anchor \"ftp-proxy/*\"\n";
$natrules .= "nat-anchor \"natearly/*\"\n";
$natrules .= "nat-anchor \"natrules/*\"\n\n";
@@ -1703,7 +1702,6 @@
unset($tonathosts, $tonathosts_array, $numberofnathosts);
}
- $natrules .= "rdr-anchor \"ftp-proxy/*\"\n";
$natrules .= "\n# Load balancing\n";
$natrules .= "rdr-anchor \"relayd/*\"\n";
@@ -2482,7 +2480,6 @@
$ipfrules = "";
- $ipfrules .= "anchor \"ftp-proxy/*\"\n";
/* relayd */
$ipfrules .= "anchor \"relayd/*\"\n";
/* OpenVPN user rules from radius */'
echo "$DIFF" | patch -b -p1 /usr/local/etc/inc/filter.inc

28
net/ftp-proxy/+POST_INSTALL
View file

@ -1,28 +0,0 @@
DIFF='--- filter.inc.orig 2016-09-21 16:39:02.853045967 +0200
+++ filter.inc.ftpproxy 2016-09-21 16:38:53.947075272 +0200
@@ -1450,6 +1450,7 @@
$natrules = "no nat proto carp\n";
$natrules .= "no rdr proto carp\n";
+ $natrules .= "nat-anchor \"ftp-proxy/*\"\n";
$natrules .= "nat-anchor \"natearly/*\"\n";
$natrules .= "nat-anchor \"natrules/*\"\n\n";
@@ -1702,6 +1703,7 @@
unset($tonathosts, $tonathosts_array, $numberofnathosts);
}
+ $natrules .= "rdr-anchor \"ftp-proxy/*\"\n";
$natrules .= "\n# Load balancing\n";
$natrules .= "rdr-anchor \"relayd/*\"\n";
@@ -2480,6 +2482,7 @@
$ipfrules = "";
+ $ipfrules .= "anchor \"ftp-proxy/*\"\n";
/* relayd */
$ipfrules .= "anchor \"relayd/*\"\n";
/* OpenVPN user rules from radius */'
echo "$DIFF" | patch -b -p1 /usr/local/etc/inc/filter.inc

2
net/ftp-proxy/Makefile
View file

@ -1,5 +1,5 @@
PLUGIN_NAME= ftp-proxy
PLUGIN_VERSION= 0.1
PLUGIN_VERSION= 0.2
PLUGIN_COMMENT= Control ftp-proxy processes
PLUGIN_MAINTAINER= frank.brendel@eurolog.com
PLUGIN_PRIVATE= yes

36
net/ftp-proxy/src/etc/inc/plugins.inc.d/ftpproxy.inc Normal file
View file

@ -0,0 +1,36 @@
<?php
/*
Copyright (C) 2016 EURO-LOG AG
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
function ftpproxy_firewall($fw)
{
global $config;
if (isset($config['OPNsense']['ftpproxies']) && is_array($config['OPNsense']['ftpproxies'])) {
$fw->registerAnchor("ftp-proxy/*", "nat");
$fw->registerAnchor("ftp-proxy/*", "rdr");
$fw->registerAnchor("ftp-proxy/*", "fw");
}
}

163
net/ftp-proxy/src/etc/rc.d/os-ftp-proxy Executable file
View file

@ -0,0 +1,163 @@
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: os-ftp-proxy
# REQUIRE: DAEMON pf
# KEYWORD: shutdown
. /etc/rc.subr
name="osftpproxy"
rcvar="osftpproxy_enable"
command="/usr/sbin/ftp-proxy"
extra_commands="reload"
reload_cmd="ftpproxy_reload"
load_rc_config $name
eval osftpproxy_flags=\$osftpproxy_${2}
pidfile="/var/run/osftpproxy.$2.pid"
ftpproxy_start () {
ftpproxy_status
if [ $? -eq 0 ]; then # already running
return 0
fi
run_rc_command "start"
if [ $? -eq 0 ]; then
cmd_string=`basename ${procname:-${command}}`
ps_pid=`ps ax -o pid= -o command= | grep $cmd_string | grep -e "$osftpproxy_flags" | grep -v grep | awk '{ print $1 }'`
if [ -z "$ps_pid" ]; then
err 1 "Cannot get pid for $cmd_string $osftpproxy_flags"
fi
echo $ps_pid > $pidfile
return $?
fi
return 1
}
ftpproxy_stop () {
ftpproxy_status
if [ $? -eq 1 ]; then # already stopped
return 0
fi
run_rc_command "stop"
if [ $? -ne 0 ]; then
err 1 "Cannot stop ftp-proxy with pid from $pidfile"
fi
rm -f $pidfile
return $?
}
ftpproxy_restart () {
ftpproxy_stop
if [ $? -ne 0 ]; then
return $?
fi
ftpproxy_start
return $?
}
ftpproxy_status () {
if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then
err 1 "Instance name unknown"
fi
run_rc_command "status"
return $?
}
ftpproxy_reload () {
osftpproxy_flags=""
pidfile=""
# get running instances
ps ax -o pid= -o command= | grep "ftp-proxy -b" | grep -v grep | while read line; do
# get instance name
instance=`echo $line | awk '{printf "%s_%s", $4, $6 }' | sed 's/\./_/g'`
# get instance flags
instance_flags="${line#*ftp-proxy}"
# check if it should run
eval osftpproxy_flags=\$osftpproxy_${instance}
if [ -n "$osftpproxy_flags" -a "$osftpproxy_flags" = "$instance_flags" ]; then
debug "running instance $instance match config"
continue
fi
debug "running instance $instance not configured"
osftpproxy_flags=$instance_flags
pidfile="/var/run/osftpproxy.$instance.pid"
ftpproxy_stop
done
# start configured instances
if [ -n "$osftpproxy_instances" ]; then
for i in $osftpproxy_instances; do
eval osftpproxy_flags=\$osftpproxy_${i}
pidfile="/var/run/osftpproxy.$i.pid"
ftpproxy_start
done
fi
return 0
}
case $1 in
start)
if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then
if [ -n "$osftpproxy_instances" ]; then
for i in $osftpproxy_instances; do
eval osftpproxy_flags=\$osftpproxy_${i}
pidfile="/var/run/osftpproxy.$i.pid"
ftpproxy_start
done
fi
else
ftpproxy_start
fi
exit $?
;;
stop)
if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then
if [ -n "$osftpproxy_instances" ]; then
for i in $osftpproxy_instances; do
eval osftpproxy_flags=\$osftpproxy_${i}
pidfile="/var/run/osftpproxy.$i.pid"
ftpproxy_stop
done
fi
else
ftpproxy_stop
fi
exit $?
;;
restart)
if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then
if [ -n "$osftpproxy_instances" ]; then
for i in $osftpproxy_instances; do
eval osftpproxy_flags=\$osftpproxy_${i}
pidfile="/var/run/osftpproxy.$i.pid"
ftpproxy_restart
done
fi
else
ftpproxy_restart
fi
exit $?
;;
status)
if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then
if [ -n "$osftpproxy_instances" ]; then
for i in $osftpproxy_instances; do
eval osftpproxy_flags=\$osftpproxy_${i}
pidfile="/var/run/osftpproxy.$i.pid"
ftpproxy_status
done
fi
else
ftpproxy_status
fi
exit $?
;;
reload)
ftpproxy_reload;
exit $?
;;
esac

131
net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/ServiceController.php
View file

@ -31,12 +31,143 @@
namespace OPNsense\FtpProxy\Api;
use \OPNsense\Base\ApiControllerBase;
use \OPNsense\Core\Backend;
use \OPNsense\FtpProxy\FtpProxy;
/**
* Class ServiceController
* @package OPNsense\FtpProxy
*/
class ServiceController extends ApiControllerBase
{
public function statusAction($uuid)
{
$result = array("result" => "failed", "function" => "status");
if ($this->request->isPost()) {
$this->sessionClose();
}
if ($uuid != null) {
$mdlFtpProxy = new FtpProxy();
$node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid);
if ($node != null) {
$result['result'] = $this->callBackend('status', $node);
}
}
return $result;
}
/**
* start a ftp-proxy process
* @param $uuid item unique id
* @return array
*/
public function startAction($uuid)
{
$result = array("result" => "failed", "function" => "start");
if ($this->request->isPost()) {
$this->sessionClose();
}
if ($uuid != null) {
$mdlFtpProxy = new FtpProxy();
$node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid);
if ($node != null) {
$result['result'] = $this->callBackend('start', $node);
}
}
return $result;
}
/**
* stop a ftp-proxy process
* @param $uuid item unique id
* @return array
*/
public function stopAction($uuid)
{
$result = array("result" => "failed", "function" => "stop");
if ($this->request->isPost()) {
$this->sessionClose();
}
if ($uuid != null) {
$mdlFtpProxy = new FtpProxy();
$node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid);
if ($node != null) {
$result['result'] = $this->callBackend('stop', $node);
}
}
return $result;
}
/**
* restart a ftp-proxy process
* @param $uuid item unique id
* @return array
*/
public function restartAction($uuid)
{
if ($this->request->isPost()) {
$this->sessionClose();
}
if ($uuid != null) {
$mdlFtpProxy = new FtpProxy();
$node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid);
if ($node != null) {
$result['result'] = $this->callBackend('restart', $node);
}
}
return $result;
}
/**
* recreate configuration file from template
* @return array
*/
public function configAction()
{
$result = array("result" => "failed", "function" => "config");
if ($this->request->isPost()) {
$this->sessionClose();
}
$result['result'] = $this->callBackend('template');
return $result;
}
/**
* reload configuration
* @return array
*/
public function reloadAction()
{
if ($this->request->isPost()) {
$this->sessionClose();
}
$result = $this->configAction();
if ($result['result'] == 'OK') {
$result['function'] = "reload";
$result['result'] = $this->callBackend('reload');
}
return $result;
}
/**
* call backend
* @param action, node
* @return string
*/
protected function callBackend($action, &$node = null)
{
$backend = new Backend();
if ($node != null) {
$instance = preg_replace("/\./", "_", $node->listenaddress->__toString()) . "_" . $node->listenport->__toString();
return trim($backend->configdpRun('ftpproxy ' . $action, array($instance)));
}
if ($action == 'template') {
return trim($backend->configdRun("template reload OPNsense.FtpProxy"));
}
if ($action == 'reload') {
return trim($backend->configdRun("ftpproxy reload"));
}
return "Wrong action defined";
}
}

95
net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/SettingsController.php
View file

@ -32,7 +32,6 @@ namespace OPNsense\FtpProxy\Api;
use \OPNsense\Base\ApiControllerBase;
use \OPNsense\Core\Config;
use \OPNsense\Core\Backend;
use \OPNsense\FtpProxy\FtpProxy;
use \OPNsense\Base\UIModelGrid;
@ -51,14 +50,14 @@ class SettingsController extends ApiControllerBase
{
$mdlFtpProxy = new FtpProxy();
if ($uuid != null) {
$node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid);
$node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid);
if ($node != null) {
// return node
return array("ftpproxy" => $node->getNodes());
}
} else {
// generate new node, but don't save to disc
$node = $mdlFtpProxy->ftpproxies->ftpproxy->Add();
$node = $mdlFtpProxy->ftpproxy->Add();
return array("ftpproxy" => $node->getNodes());
}
return array();
@ -71,16 +70,15 @@ class SettingsController extends ApiControllerBase
*/
public function setProxyAction($uuid)
{
$result = array("result" => "failed");
if ($this->request->isPost() && $this->request->hasPost("ftpproxy")) {
$mdlFtpProxy = new FtpProxy();
// keep a list to detect duplicates later
$CurrentProxies = $mdlFtpProxy->getNodes();
if ($uuid != null) {
$node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid);
$node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid);
if ($node != null) {
$Enabled = $node->enabled->__toString();
// get current ftp-proxy flags for stopping it later
$OldFlags = $mdlFtpProxy->configToFlags($node);
$result = array("result" => "failed", "validations" => array());
$proxyInfo = $this->request->getPost("ftpproxy");
@ -93,7 +91,7 @@ class SettingsController extends ApiControllerBase
if (count($result['validations']) == 0) {
// check for duplicates
foreach ($CurrentProxies['ftpproxies']['ftpproxy'] as $CurrentUUID => &$CurrentProxy) {
foreach ($CurrentProxies['ftpproxy'] as $CurrentUUID => &$CurrentProxy) {
if ($node->listenaddress->__toString() == $CurrentProxy['listenaddress'] &&
$node->listenport->__toString() == $CurrentProxy['listenport'] &&
$uuid != $CurrentUUID) {
@ -106,32 +104,18 @@ class SettingsController extends ApiControllerBase
);
}
}
// retrieve ftp-proxy flags and set defaults
$NewFlags = $mdlFtpProxy->configToFlags($node);
// save config if validated correctly
$mdlFtpProxy->serializeToConfig();
Config::getInstance()->save();
$backend = new Backend();
// apply new settings to the ftp-proxy process
// stop ftp-proxy with old flags
if ($Enabled == 1) {
$backend->configdpRun('ftpproxy stop ', array($OldFlags));
}
$node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid);
// start ftp-proxy with new flags
if ($node != null && $node->enabled->__toString() == 1) {
$backend->configdpRun('ftpproxy start ', array($NewFlags));
}
// make the changes boot resistant in /etc/rc.conf.d/ftpproxy
$backend->configdRun("template reload OPNsense.FtpProxy");
$result = array("result" => "saved");
// reload config
$svcFtpProxy = new ServiceController();
$result= $svcFtpProxy->reloadAction();
}
return $result;
}
}
}
return array("result" => "failed");
return $result;
}
/**
@ -146,7 +130,7 @@ class SettingsController extends ApiControllerBase
$mdlFtpProxy = new FtpProxy();
// keep a list to detect duplicates later
$CurrentProxies = $mdlFtpProxy->getNodes();
$node = $mdlFtpProxy->ftpproxies->ftpproxy->Add();
$node = $mdlFtpProxy->ftpproxy->Add();
$node->setNodes($this->request->getPost("ftpproxy"));
$valMsgs = $mdlFtpProxy->performValidation();
@ -157,7 +141,7 @@ class SettingsController extends ApiControllerBase
}
if (count($result['validations']) == 0) {
foreach ($CurrentProxies['ftpproxies']['ftpproxy'] as &$CurrentProxy) {
foreach ($CurrentProxies['ftpproxy'] as &$CurrentProxy) {
if ($node->listenaddress->__toString() == $CurrentProxy['listenaddress']
&& $node->listenport->__toString() == $CurrentProxy['listenport']) {
return array(
@ -169,20 +153,14 @@ class SettingsController extends ApiControllerBase
);
}
}
// retrieve ftp-proxy flags and set defaults
$Flags = $mdlFtpProxy->configToFlags($node);
// save config if validated correctly
$mdlFtpProxy->serializeToConfig();
Config::getInstance()->save();
if ($node->enabled->__toString() == 1) {
$backend = new Backend();
$backend->configdpRun('ftpproxy start ', array($Flags));
// add it to /etc/rc.conf.d/ftpproxy
$backend->configdRun("template reload OPNsense.FtpProxy");
}
$result = array("result" => "saved");
// reload config
$svcFtpProxy = new ServiceController();
$result= $svcFtpProxy->reloadAction();
}
return $result;
}
return $result;
}
@ -199,20 +177,15 @@ class SettingsController extends ApiControllerBase
if ($this->request->isPost()) {
$mdlFtpProxy = new FtpProxy();
if ($uuid != null) {
$node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid);
$node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid);
if ($node != null) {
$backend = new Backend();
// stop if the ftp-proxy is running
if ($node->enabled->__toString() == 1) {
$backend->configdpRun('ftpproxy stop ', array($mdlFtpProxy->configToFlags($node)));
}
if ($mdlFtpProxy->ftpproxies->ftpproxy->del($uuid) == true) {
if ($mdlFtpProxy->ftpproxy->del($uuid) == true) {
// if item is removed, serialize to config and save
$mdlFtpProxy->serializeToConfig();
Config::getInstance()->save();
$result['result'] = 'deleted';
// remove it from /etc/rc.conf.d/ftpproxy
$backend->configdRun("template reload OPNsense.FtpProxy");
// reload config
$svcFtpProxy = new ServiceController();
$result= $svcFtpProxy->reloadAction();
}
} else {
$result['result'] = 'not found';
@ -231,27 +204,22 @@ class SettingsController extends ApiControllerBase
{
$result = array("result" => "failed");
if ($this->request->isPost()) {
$mdlFtpProxy = new FtpProxy();
if ($uuid != null) {
$node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid);
$node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid);
if ($node != null) {
$backend = new Backend();
if ($node->enabled->__toString() == "1") {
$result['result'] = "Disabled";
$node->enabled = "0";
$response = $backend->configdpRun('ftpproxy stop ', array($mdlFtpProxy->configToFlags($node)));
} else {
$result['result'] = "Enabled";
$node->enabled = "1";
$response = $backend->configdpRun('ftpproxy start ', array($mdlFtpProxy->configToFlags($node)));
}
// if item has toggled, serialize to config and save
$mdlFtpProxy->serializeToConfig();
Config::getInstance()->save();
$backend->configdRun("template reload OPNsense.FtpProxy");
// reload config
$svcFtpProxy = new ServiceController();
$result= $svcFtpProxy->reloadAction();
}
}
}
@ -281,23 +249,22 @@ class SettingsController extends ApiControllerBase
"description"
);
$mdlFtpProxy = new FtpProxy();
$grid = new UIModelGrid($mdlFtpProxy->ftpproxies->ftpproxy);
$grid = new UIModelGrid($mdlFtpProxy->ftpproxy);
$response = $grid->fetchBindRequest(
$this->request,
$fields,
"listenport"
);
$backend = new Backend();
$svcFtpProxy = new ServiceController();
foreach($response['rows'] as &$row) {
$node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $row['uuid']);
$status = trim($backend->configdpRun('ftpproxy status ', array($mdlFtpProxy->configToFlags($node))));
if ($status == 'OK') {
$result = $svcFtpProxy->statusAction($row['uuid']);
if ($result['result'] == 'OK') {
$row['status'] = 0;
continue;
}
$row['status'] = 2;
}
return $response;

48
net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.php
View file

@ -38,52 +38,4 @@ use OPNsense\Base\BaseModel;
*/
class FtpProxy extends BaseModel
{
/**
* map config to ftp-proxy flags
* and set default values
* @param $node configuration
* @return string
*/
public function configToFlags($node)
{
$flags = ' -b ' . $node->listenaddress->__toString();
$flags .= ' -p ' . $node->listenport->__toString();
if ($node->sourceaddress->__toString() != "") {
$flags .= ' -a ' . $node->sourceaddress->__toString();
}
if ($node->rewritesourceport->__toString() == 1) {
$flags .= ' -r ';
}
if ($node->idletimeout->__toString() == "") {
$node->__set('idletimeout', 86400);
}
if ($node->idletimeout->__toString() != 86400) {
$flags .= ' -t ' . $node->idletimeout->__toString();
}
if ($node->maxsessions->__toString() == "") {
$node->__set('maxsessions', 100);
}
if ($node->maxsessions->__toString() != 100) {
$flags .= ' -m ' . $node->maxsessions->__toString();
}
if ($node->reverseaddress->__toString() != "") {
$flags .= ' -R ' . $node->reverseaddress->__toString();
}
if ($node->reverseport->__toString() == "") {
$node->__set('reverseport', 21);
}
if ($node->reverseport->__toString() != 21) {
$flags .= ' -P ' . $node->reverseport->__toString();
}
if ($node->logconnections->__toString() == 1) {
$flags .= ' -v ';
}
if ($node->debuglevel->__toString() == "") {
$node->__set('debuglevel', 5);
}
if ($node->debuglevel->__toString() != 5) {
$flags .= ' -D ' . $node->debuglevel->__toString();
}
return $flags;
}
}

144
net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.xml
View file

@ -1,78 +1,76 @@
<model>
<mount>//OPNsense/ftpproxy</mount>
<mount>//OPNsense/ftpproxies</mount>
<description>Ftp Proxy settings</description>
<items>
<ftpproxies>
<ftpproxy type="ArrayField">
<enabled type="BooleanField">
<default>1</default>
<Required>Y</Required>
</enabled>
<listenaddress type="TextField">
<Required>Y</Required>
<default>127.0.0.1</default>
<mask>/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/</mask>
<ValidationMessage>Listen address must be a valid IPv4 address</ValidationMessage>
</listenaddress>
<listenport type="IntegerField">
<default>8021</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>65535</MaximumValue>
<ValidationMessage>Listen port needs to be an integer value between 1 and 65535</ValidationMessage>
</listenport>
<sourceaddress type="TextField">
<Required>N</Required>
<mask>/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/</mask>
<ValidationMessage>Source address must be a valid IPv4 address</ValidationMessage>
</sourceaddress>
<rewritesourceport type="BooleanField">
<default>0</default>
<Required>N</Required>
</rewritesourceport>
<idletimeout type="IntegerField">
<default>86400</default>
<Required>N</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>86400</MaximumValue>
<ValidationMessage>Idle timeout needs to be an integer value between 1 and 86400</ValidationMessage>
</idletimeout>
<maxsessions type="IntegerField">
<default>100</default>
<Required>N</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>500</MaximumValue>
<ValidationMessage>Maximum number of concurrent FTP sessions needs to be an integer value between 1 and 500</ValidationMessage>
</maxsessions>
<reverseaddress type="TextField">
<Required>N</Required>
<mask>/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/</mask>
<ValidationMessage>Reverse address must be a valid IPv4 address</ValidationMessage>
</reverseaddress>
<reverseport type="IntegerField">
<default>21</default>
<Required>N</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>65535</MaximumValue>
<ValidationMessage>Reverse port needs to be an integer value between 1 and 65535</ValidationMessage>
</reverseport>
<logconnections type="BooleanField">
<default>0</default>
<Required>N</Required>
</logconnections>
<debuglevel type="IntegerField">
<default>5</default>
<Required>N</Required>
<MinimumValue>0</MinimumValue>
<MaximumValue>7</MaximumValue>
<ValidationMessage>Debug level needs to be an integer value between 0 and 7</ValidationMessage>
</debuglevel>
<description type="TextField">
<Required>N</Required>
<mask>/^([\t\n\v\f\r 0-9a-zA-Z.,_\x{00A0}-\x{FFFF}]){1,255}$/u</mask>
<ValidationMessage>Enter a description.</ValidationMessage>
</description>
</ftpproxy>
</ftpproxies>
<ftpproxy type="ArrayField">
<enabled type="BooleanField">
<default>1</default>
<Required>Y</Required>
</enabled>
<listenaddress type="TextField">
<Required>Y</Required>
<default>127.0.0.1</default>
<mask>/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/</mask>
<ValidationMessage>Listen address must be a valid IPv4 address</ValidationMessage>
</listenaddress>
<listenport type="IntegerField">
<default>8021</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>65535</MaximumValue>
<ValidationMessage>Listen port needs to be an integer value between 1 and 65535</ValidationMessage>
</listenport>
<sourceaddress type="TextField">
<Required>N</Required>
<mask>/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/</mask>
<ValidationMessage>Source address must be a valid IPv4 address</ValidationMessage>
</sourceaddress>
<rewritesourceport type="BooleanField">
<default>0</default>
<Required>N</Required>
</rewritesourceport>
<idletimeout type="IntegerField">
<default>86400</default>
<Required>N</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>86400</MaximumValue>
<ValidationMessage>Idle timeout needs to be an integer value between 1 and 86400</ValidationMessage>
</idletimeout>
<maxsessions type="IntegerField">
<default>100</default>
<Required>N</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>500</MaximumValue>
<ValidationMessage>Maximum number of concurrent FTP sessions needs to be an integer value between 1 and 500</ValidationMessage>
</maxsessions>
<reverseaddress type="TextField">
<Required>N</Required>
<mask>/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/</mask>
<ValidationMessage>Reverse address must be a valid IPv4 address</ValidationMessage>
</reverseaddress>
<reverseport type="IntegerField">
<default>21</default>
<Required>N</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>65535</MaximumValue>
<ValidationMessage>Reverse port needs to be an integer value between 1 and 65535</ValidationMessage>
</reverseport>
<logconnections type="BooleanField">
<default>0</default>
<Required>N</Required>
</logconnections>
<debuglevel type="IntegerField">
<default>5</default>
<Required>N</Required>
<MinimumValue>0</MinimumValue>
<MaximumValue>7</MaximumValue>
<ValidationMessage>Debug level needs to be an integer value between 0 and 7</ValidationMessage>
</debuglevel>
<description type="TextField">
<Required>N</Required>
<mask>/^([\t\n\v\f\r 0-9a-zA-Z.,_\x{00A0}-\x{FFFF}]){1,255}$/u</mask>
<ValidationMessage>Enter a description.</ValidationMessage>
</description>
</ftpproxy>
</items>
</model>

2
net/ftp-proxy/src/opnsense/mvc/app/views/OPNsense/FtpProxy/index.volt
View file

@ -103,7 +103,7 @@ POSSIBILITY OF SUCH DAMAGE.
<td></td>
<td>
<button data-action="add" type="button" class="btn btn-xs btn-default"><span class="fa fa-plus"></span></button>
<button data-action="deleteSelected" type="button" class="btn btn-xs btn-default"><span class="fa fa-trash-o"></span></button>
<!-- <button data-action="deleteSelected" type="button" class="btn btn-xs btn-default"><span class="fa fa-trash-o"></span></button> -->
</td>
</tr>
</tfoot>

120
net/ftp-proxy/src/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh
View file

@ -1,120 +0,0 @@
#!/bin/sh
#
# Copyright (C) 2016 EURO-LOG AG
#
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
# 1. Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
# AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
ACTION=$1
shift
FLAGS=$@
# determine listenaddress and listenport to identify ftp-proxy process
for FLAG in $FLAGS; do
if [ "$FLAG" == "-b" ]; then
NEXT_FLAG="LISTENADDRESS"
continue
fi
if [ "$FLAG" == "-p" ]; then
NEXT_FLAG="LISTENPORT"
continue
fi
if [ "X$NEXT_FLAG" != "X" ]; then
if [ "$NEXT_FLAG" == "LISTENADDRESS" -a "X$FLAG" != "X" ]; then
LISTENADDRESS=$FLAG
NEXT_FLAG=""
fi
if [ "$NEXT_FLAG" == "LISTENPORT" -a "X$FLAG" != "X" ]; then
LISTENPORT=$FLAG
NEXT_FLAG=""
fi
fi
if [ "X$LISTENADDRESS" != "X" -a "X$LISTENPORT" != "X" ]; then
break
fi
done
if [ "X$LISTENADDRESS" == "X" -o "X$LISTENPORT" == "X" ]; then
( >&2 echo "Either listenaddress or listenport not given. Check -b and -p flags." )
exit 999
fi
ftpproxy_start () {
ftpproxy_status
if [ $? -gt 0 ]; then # already running
return 0
fi
/usr/sbin/ftp-proxy $FLAGS
return $?
}
ftpproxy_stop () {
ftpproxy_status
PID=$?
if [ $PID -eq 0 ]; then # already stopped
return 0
fi
kill $PID
return $?
}
ftpproxy_restart () {
ftpproxy_stop
if [ $? -ne 0 ]; then
return $?
fi
ftpproxy_start
return $?
}
ftpproxy_status () {
PID=`ps ax -o pid= -o command= | grep "/usr/sbin/ftp-proxy -b $LISTENADDRESS -p $LISTENPORT" | grep -v grep | awk '{ print $1 }'`
if [ "X$PID" != "X" ]; then
return $PID
fi
return 0
}
case $ACTION in
start)
ftpproxy_start
exit $?
;;
stop)
ftpproxy_stop
exit $?
;;
restart)
ftpproxy_restart
exit $?
;;
status)
ftpproxy_status
if [ $? -gt 0 ]; then
exit 0
fi
exit 1
;;
esac

21
net/ftp-proxy/src/opnsense/service/conf/actions.d/actions_ftpproxy.conf
View file

@ -1,23 +1,28 @@
[start]
command:/usr/local/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh start
command:/usr/local/etc/rc.d/os-ftp-proxy start
parameters:%s
type:script
message:starting ftpproxy
message:starting ftpproxy instance
[stop]
command:/usr/local/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh stop
command:/usr/local/etc/rc.d/os-ftp-proxy stop
parameters:%s
type:script
message:stopping ftpproxy
message:stopping ftpproxy instance
[status]
command:/usr/local/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh status
command:/usr/local/etc/rc.d/os-ftp-proxy status
parameters:%s
type:script
message:get ftpproxy status
message:get ftpproxy instance status
[restart]
command:/usr/local/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh restart
command:/usr/local/etc/rc.d/os-ftp-proxy restart
parameters:%s
type:script
message:restarting ftpproxy
message:restarting ftpproxy instance
[reload]
command:/usr/local/etc/rc.d/os-ftp-proxy reload
type:script
message:reload ftpproxy

2
net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/+TARGETS
View file

@ -1 +1 @@
rc.conf.d:/etc/rc.conf.d/ftpproxy
rc.conf.d:/etc/rc.conf.d/osftpproxy

13
net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/rc.conf.d
View file

@ -1,8 +1,8 @@
# DO NOT EDIT THIS FILE -- OPNsense auto-generated file
{% if helpers.exists('OPNsense.ftpproxy.ftpproxies.ftpproxy') %}
ftpproxy_enable="YES"
{% if helpers.exists('OPNsense.ftpproxies.ftpproxy') %}
osftpproxy_enable="YES"
{% set Instances=[] %}
{% for ftpproxy in helpers.toList('OPNsense.ftpproxy.ftpproxies.ftpproxy') %}
{% for ftpproxy in helpers.toList('OPNsense.ftpproxies.ftpproxy') %}
{% if ftpproxy.enabled|default('0') == '1' %}
{% set Parameters=[] %}
{% do Parameters.append("-b " ~ ftpproxy.listenaddress) %}
@ -31,9 +31,10 @@ ftpproxy_enable="YES"
{% if ftpproxy.debuglevel|default('5') != '5' %}
{% do Parameters.append("-D " ~ ftpproxy.debuglevel) %}
{% endif %}
ftpproxy_id{{loop.index}}="{% for Parameter in Parameters %} {{Parameter}}{% endfor %}"
{% do Instances.append(loop.index) %}
{% set Instance=ftpproxy.listenaddress|replace(".", "_") ~ "_" ~ ftpproxy.listenport %}
osftpproxy_{{Instance}}="{% for Parameter in Parameters %} {{Parameter}}{% endfor %}"
{% do Instances.append(Instance) %}
{% endif %}
{% endfor %}
ftpproxy_instances="{% for Instance in Instances %} {{"id" ~ Instance}}{% endfor %}"
osftpproxy_instances="{% for Instance in Instances %} {{Instance}}{% endfor %}"
{% endif %}