search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cosmetics
[tomato.git] / release / src / router / www / admin-access.asp
blobbf41332300bddb1fc85709c0052013bffe2ed3cb
1 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.0//EN'>
2 <!--
3 Tomato GUI
4 Copyright (C) 2006-2010 Jonathan Zarate
5 http://www.polarcloud.com/tomato/
6
7 For use with Tomato Firmware only.
8 No part of this file may be used without permission.
9 -->
10 <html>
11 <head>
12 <meta http-equiv='content-type' content='text/html;charset=utf-8'>
13 <meta name='robots' content='noindex,nofollow'>
14 <title>[<% ident(); %>] Admin: Access</title>
15 <link rel='stylesheet' type='text/css' href='tomato.css'>
16 <link rel='stylesheet' type='text/css' href='color.css' id='guicss'>
17 <script type='text/javascript' src='tomato.js'></script>
18
19 <!-- / / / -->
20
21 <style type='text/css'>
22 textarea {
23 width: 99%;
24 height: 10em;
25 }
26 </style>
27
28 <script type='text/javascript' src='debug.js'></script>
29
30 <script type='text/javascript'>
31
32 // <% nvram("http_enable,https_enable,http_lanport,https_lanport,remote_management,remote_mgt_https,web_wl_filter,web_css,ttb_css,sshd_eas,sshd_pass,sshd_remote,telnetd_eas,http_wanport,sshd_authkeys,sshd_port,sshd_rport,sshd_forwarding,telnetd_port,rmgt_sip,https_crt_cn,https_crt_save,lan_ipaddr,ne_shlimit"); %>
33
34 changed = 0;
35 tdup = parseInt('<% psup("telnetd"); %>');
36 sdup = parseInt('<% psup("dropbear"); %>');
37
38 shlimit = nvram.ne_shlimit.split(',');
39 if (shlimit.length != 3) shlimit = [0,3,60];
40
41 var xmenus = [['Status', 'status'], ['Bandwidth', 'bwm'], ['IP Traffic', 'ipt'], ['Tools', 'tools'], ['Basic', 'basic'],
42 ['Advanced', 'advanced'], ['Port Forwarding', 'forward'], ['QoS', 'qos'],
43 /* USB-BEGIN */
44 ['USB and NAS', 'nas'],
45 /* USB-END */
46 /* VPN-BEGIN */
47 ['VPN Tunneling', 'vpn'],
48 /* VPN-END */
49 ['Administration', 'admin']];
50
51 function toggle(service, isup)
52 {
53 if (changed) {
54 if (!confirm("Unsaved changes will be lost. Continue anyway?")) return;
55 }
56 E('_' + service + '_button').disabled = true;
57 form.submitHidden('service.cgi', {
58 _redirect: 'admin-access.asp',
59 _sleep: ((service == 'sshd') && (!isup)) ? '7' : '3',
60 _service: service + (isup ? '-stop' : '-start')
61 });
62 }
63
64 function verifyFields(focused, quiet)
65 {
66 var ok = 1;
67 var a, b, c;
68 var i;
69
70 var o = (E('_web_css').value == 'online');
71 var p = nvram.ttb_css;
72 elem.display(PR('_ttb_css'), o);
73
74 try {
75 a = E('_web_css').value;
76 if (a == 'online') {
77 E('guicss').href = 'ext/' + p + '.css';
78 nvram.web_css = a;
79 } else {
80 if (a != nvram.web_css) {
81 E('guicss').href = a + '.css';
82 nvram.web_css = a;
83 }
84 }
85 }
86 catch (ex) {
87 }
88
89 a = E('_f_http_local');
90 b = E('_f_http_remote').value;
91 if ((a.value != 3) && (b != 0) && (a.value != b)) {
92 ferror.set(a, 'The local http/https must also be enabled when using remote access.', quiet || !ok);
93 ok = 0;
94 }
95 else {
96 ferror.clear(a);
97 }
98
99 elem.display(PR('_http_lanport'), (a.value == 1) || (a.value == 3));
100
101 c = (a.value == 2) || (a.value == 3);
102 elem.display(PR('_https_lanport'), 'row_sslcert', PR('_https_crt_cn'), PR('_f_https_crt_save'), PR('_f_https_crt_gen'), c);
103
104 if (c) {
105 a = E('_https_crt_cn');
106 a.value = a.value.replace(/(,+|\s+)/g, ' ').trim();
107 if (a.value != nvram.https_crt_cn) E('_f_https_crt_gen').checked = 1;
108 }
109
110 if ((!v_port('_http_lanport', quiet || !ok)) || (!v_port('_https_lanport', quiet || !ok))) ok = 0;
111
112 b = b != 0;
113 a = E('_http_wanport');
114 elem.display(PR(a), b);
115 if ((b) && (!v_port(a, quiet || !ok))) ok = 0;
116
117 if (!v_port('_telnetd_port', quiet || !ok)) ok = 0;
118
119 a = E('_f_sshd_remote').checked;
120 b = E('_sshd_rport');
121 elem.display(PR(b), a);
122 if ((a) && (!v_port(b, quiet || !ok))) ok = 0;
123
124 a = E('_sshd_authkeys');
125 if (!v_length(a, quiet || !ok, 0, 4096)) {
126 ok = 0;
127 }
128 else if (a.value != '') {
129 if (a.value.search(/^\s*ssh-(dss|rsa)/) == -1) {
130 ferror.set(a, 'Invalid SSH key.', quiet || !ok);
131 ok = 0;
132 }
133 }
134
135 a = E('_f_rmgt_sip');
136 if ((a.value.length) && (!_v_iptaddr(a, quiet || !ok, 15, 1, 1))) return 0;
137 ferror.clear(a);
138
139 if (!v_range('_f_limit_hit', quiet || !ok, 1, 100)) return 0;
140 if (!v_range('_f_limit_sec', quiet || !ok, 3, 3600)) return 0;
141
142 a = E('_set_password_1');
143 b = E('_set_password_2');
144 a.value = a.value.trim();
145 b.value = b.value.trim();
146 if (a.value != b.value) {
147 ferror.set(b, 'Both passwords must match.', quiet || !ok);
148 ok = 0;
149 }
150 else if (a.value == '') {
151 ferror.set(a, 'Password must not be empty.', quiet || !ok);
152 ok = 0;
153 }
154 else {
155 ferror.clear(a);
156 ferror.clear(b);
157 }
158
159 changed |= ok;
160 return ok;
161 }
162
163 function save()
164 {
165 var a, b, fom;
166
167 if (!verifyFields(null, false)) return;
168
169 fom = E('_fom');
170 a = E('_f_http_local').value * 1;
171 if (a == 0) {
172 if (!confirm('Warning: Web Admin is about to be disabled. If you decide to re-enable Web Admin at a later time, it must be done manually via Telnet, SSH or by performing a hardware reset. Are you sure you want to do this?')) return;
173 fom._nextpage.value = 'about:blank';
174 }
175 fom.http_enable.value = (a & 1) ? 1 : 0;
176 fom.https_enable.value = (a & 2) ? 1 : 0;
177
178 nvram.lan_ipaddr = location.hostname;
179 if ((a != 0) && (location.hostname == nvram.lan_ipaddr)) {
180 if (location.protocol == 'https:') {
181 b = 's';
182 if ((a & 2) == 0) b = '';
183 }
184 else {
185 b = '';
186 if ((a & 1) == 0) b = 's';
187 }
188
189 a = 'http' + b + '://' + location.hostname;
190 if (b == 's') {
191 if (fom.https_lanport.value != 443) a += ':' + fom.https_lanport.value;
192 }
193 else {
194 if (fom.http_lanport.value != 80) a += ':' + fom.http_lanport.value;
195 }
196 fom._nextpage.value = a + '/admin-access.asp';
197 }
198
199 a = E('_f_http_remote').value;
200 fom.remote_management.value = (a != 0) ? 1 : 0;
201 fom.remote_mgt_https.value = (a == 2) ? 1 : 0;
202 /*
203 if ((a != 0) && (location.hostname != nvram.lan_ipaddr)) {
204 if (location.protocol == 'https:') {
205 if (a != 2) fom._nextpage.value = 'http://' + location.hostname + ':' + fom.http_wanport.value + '/admin-access.asp';
206 }
207 else {
208 if (a == 2) fom._nextpage.value = 'https://' + location.hostname + ':' + fom.http_wanport.value + '/admin-access.asp';
209 }
210 }
211 */
212 fom.https_crt_gen.value = E('_f_https_crt_gen').checked ? 1 : 0;
213 fom.https_crt_save.value = E('_f_https_crt_save').checked ? 1 : 0;
214
215 fom.web_wl_filter.value = E('_f_http_wireless').checked ? 0 : 1;
216
217 fom.telnetd_eas.value = E('_f_telnetd_eas').checked ? 1 : 0;
218
219 fom.sshd_eas.value = E('_f_sshd_eas').checked ? 1 : 0;
220 fom.sshd_pass.value = E('_f_sshd_pass').checked ? 1 : 0;
221 fom.sshd_remote.value = E('_f_sshd_remote').checked ? 1 : 0;
222 fom.sshd_forwarding.value = E('_f_sshd_forwarding').checked ? 1 : 0;
223
224 fom.rmgt_sip.value = fom.f_rmgt_sip.value.split(/\s*,\s*/).join(',');
225
226 fom.ne_shlimit.value = ((E('_f_limit_ssh').checked ? 1 : 0) | (E('_f_limit_telnet').checked ? 2 : 0)) +
227 ',' + E('_f_limit_hit').value + ',' + E('_f_limit_sec').value;
228
229 a = [];
230 for (var i = 0; i < xmenus.length; ++i) {
231 b = xmenus[i][1];
232 if (E('_f_mx_' + b).checked) a.push(b);
233 }
234 fom.web_mx.value = a.join(',');
235
236 form.submit(fom, 0);
237 }
238
239 function init()
240 {
241 changed = 0;
242 }
243 </script>
244 </head>
245 <body onload="init()">
246 <form id='_fom' method='post' action='tomato.cgi'>
247 <table id='container' cellspacing=0>
248 <tr><td colspan=2 id='header'>
249 <div class='title'>Tomato</div>
250 <div class='version'>Version <% version(); %></div>
251 </td></tr>
252 <tr id='body'><td id='navi'><script type='text/javascript'>navi()</script></td>
253 <td id='content'>
254 <div id='ident'><% ident(); %></div>
255
256 <!-- / / / -->
257
258 <input type='hidden' name='_nextpage' value='admin-access.asp'>
259 <input type='hidden' name='_nextwait' value='20'>
260 <input type='hidden' name='_service' value='admin-restart'>
261
262 <input type='hidden' name='http_enable'>
263 <input type='hidden' name='https_enable'>
264 <input type='hidden' name='https_crt_save'>
265 <input type='hidden' name='https_crt_gen'>
266 <input type='hidden' name='remote_management'>
267 <input type='hidden' name='remote_mgt_https'>
268 <input type='hidden' name='web_wl_filter'>
269 <input type='hidden' name='telnetd_eas'>
270 <input type='hidden' name='sshd_eas'>
271 <input type='hidden' name='sshd_pass'>
272 <input type='hidden' name='sshd_remote'>
273 <input type='hidden' name='ne_shlimit'>
274 <input type='hidden' name='rmgt_sip'>
275 <input type='hidden' name='sshd_forwarding'>
276 <input type='hidden' name='web_mx'>
277
278 <div class='section-title'>Web Admin</div>
279 <div class='section'>
280 <script type='text/javascript'>
281 var m = [
282 { title: 'Local Access', name: 'f_http_local', type: 'select', options: [[0,'Disabled'],[1,'HTTP'],[2,'HTTPS'],[3,'HTTP &amp; HTTPS']],
283 value: ((nvram.https_enable != 0) ? 2 : 0) | ((nvram.http_enable != 0) ? 1 : 0) },
284 { title: 'HTTP Port', indent: 2, name: 'http_lanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.http_lanport, 80) },
285 { title: 'HTTPS Port', indent: 2, name: 'https_lanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.https_lanport, 443) },
286 { title: 'SSL Certificate', rid: 'row_sslcert' },
287 { title: 'Common Name (CN)', indent: 2, name: 'https_crt_cn', type: 'text', maxlen: 64, size: 64, value: nvram.https_crt_cn,
288 suffix: '&nbsp;<small>(optional; space separated)</small>' },
289 { title: 'Regenerate', indent: 2, name: 'f_https_crt_gen', type: 'checkbox', value: 0 },
290 { title: 'Save In NVRAM', indent: 2, name: 'f_https_crt_save', type: 'checkbox', value: nvram.https_crt_save == 1 },
291 { title: 'Remote Access', name: 'f_http_remote', type: 'select', options: [[0,'Disabled'],[1,'HTTP'],[2,'HTTPS']],
292 value: (nvram.remote_management == 1) ? ((nvram.remote_mgt_https == 1) ? 2 : 1) : 0 },
293 { title: 'Port', indent: 2, name: 'http_wanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.http_wanport, 8080) },
294 { title: 'Allow Wireless Access', name: 'f_http_wireless', type: 'checkbox', value: nvram.web_wl_filter == 0 },
295 null,
296 { title: 'Color Scheme', name: 'web_css', type: 'select',
297 options: [['openlinksys','USB Blue - OpenLinksys'],['red','Tomato'],['ext/custom','Custom (ext/custom.css)'], ['online', 'On-line from TTB']], value: nvram.web_css },
298 { title: 'TTB ID#', indent: 2, name: 'ttb_css', type: 'text', maxlen: 25, size: 30, value: nvram.ttb_css, suffix: ' Theme name from <a href="http://www.tomatothemebase.eu" target="_blanc"><u><i>TTB themes gallery</i></u></a>' },
299 null,
300 { title: 'Open Menus' }
301 ];
302
303 var webmx = get_config('web_mx', '').toLowerCase();
304 for (var i = 0; i < xmenus.length; ++i) {
305 m.push({ title: xmenus[i][0], indent: 2, name: 'f_mx_' + xmenus[i][1],
306 type: 'checkbox', value: (webmx.indexOf(xmenus[i][1]) != -1) });
307 }
308
309 createFieldTable('', m);
310 </script>
311 </div>
312
313 <div class='section-title'>SSH Daemon</div>
314 <div class='section'>
315 <script type='text/javascript'>
316 createFieldTable('', [
317 { title: 'Enable at Startup', name: 'f_sshd_eas', type: 'checkbox', value: nvram.sshd_eas == 1 },
318 { title: 'Remote Access', name: 'f_sshd_remote', type: 'checkbox', value: nvram.sshd_remote == 1 },
319 { title: 'Remote Port', indent: 2, name: 'sshd_rport', type: 'text', maxlen: 5, size: 7, value: nvram.sshd_rport },
320 { title: 'Remote Forwarding', name: 'f_sshd_forwarding', type: 'checkbox', value: nvram.sshd_forwarding == 1 },
321 { title: 'Port', name: 'sshd_port', type: 'text', maxlen: 5, size: 7, value: nvram.sshd_port },
322 { title: 'Allow Password Login', name: 'f_sshd_pass', type: 'checkbox', value: nvram.sshd_pass == 1 },
323 { title: 'Authorized Keys', name: 'sshd_authkeys', type: 'textarea', value: nvram.sshd_authkeys }
324 ]);
325 W('<input type="button" value="' + (sdup ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'sshd\', sdup)" id="_sshd_button">');
326 </script>
327 </div>
328
329 <div class='section-title'>Telnet Daemon</div>
330 <div class='section'>
331 <script type='text/javascript'>
332 createFieldTable('', [
333 { title: 'Enable at Startup', name: 'f_telnetd_eas', type: 'checkbox', value: nvram.telnetd_eas == 1 },
334 { title: 'Port', name: 'telnetd_port', type: 'text', maxlen: 5, size: 7, value: nvram.telnetd_port }
335 ]);
336 W('<input type="button" value="' + (tdup ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'telnetd\', tdup)" id="_telnetd_button">');
337 </script>
338 </div>
339
340 <div class='section-title'>Admin Restrictions</div>
341 <div class='section'>
342 <script type='text/javascript'>
343 createFieldTable('', [
344 { title: 'Allowed Remote<br>IP Address', name: 'f_rmgt_sip', type: 'text', maxlen: 512, size: 64, value: nvram.rmgt_sip,
345 suffix: '<br><small>(optional; ex: "1.1.1.1", "1.1.1.0/24", "1.1.1.1 - 2.2.2.2" or "me.example.com")</small>' },
346 { title: 'Limit Connection Attempts', multi: [
347 { suffix: '&nbsp; SSH &nbsp; / &nbsp;', name: 'f_limit_ssh', type: 'checkbox', value: (shlimit[0] & 1) != 0 },
348 { suffix: '&nbsp; Telnet &nbsp;', name: 'f_limit_telnet', type: 'checkbox', value: (shlimit[0] & 2) != 0 }
349 ] },
350 { title: '', indent: 2, multi: [
351 { name: 'f_limit_hit', type: 'text', maxlen: 4, size: 6, suffix: '&nbsp; every &nbsp;', value: shlimit[1] },
352 { name: 'f_limit_sec', type: 'text', maxlen: 4, size: 6, suffix: '&nbsp; seconds', value: shlimit[2] }
353 ] }
354 ]);
355 </script>
356 </div>
357
358 <div class='section-title'>Password</div>
359 <div class='section'>
360 <script type='text/javascript'>
361 createFieldTable('', [
362 { title: 'Password', name: 'set_password_1', type: 'password', value: '**********' },
363 { title: '<i>(re-enter to confirm)</i>', indent: 2, name: 'set_password_2', type: 'password', value: '**********' }
364 ]);
365 </script>
366 </div>
367
368 <!-- / / / -->
369
370 </td></tr>
371 <tr><td id='footer' colspan=2>
372 <span id='footer-msg'></span>
373 <input type='button' value='Save' id='save-button' onclick='save()'>
374 <input type='button' value='Cancel' id='cancel-button' onclick='javascript:reloadPage();'>
375 </td></tr>
376 </table>
377 </form>
378 <script type='text/javascript'>verifyFields(null, 1);</script>
379 </body>
380 </html>
Tomato firmware and modifications.