search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
BWM and static ARP optimizations
[tomato.git] / release / src / router / www / admin-access.asp
blob23966d2372288229075d217e67477d63adc115c2
1 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.0//EN'>
2 <!--
3 Tomato GUI
4 Copyright (C) 2006-2010 Jonathan Zarate
5 http://www.polarcloud.com/tomato/
6
7 For use with Tomato Firmware only.
8 No part of this file may be used without permission.
9 -->
10 <html>
11 <head>
12 <meta http-equiv='content-type' content='text/html;charset=utf-8'>
13 <meta name='robots' content='noindex,nofollow'>
14 <title>[<% ident(); %>] Admin: Access</title>
15 <link rel='stylesheet' type='text/css' href='tomato.css'>
16 <link rel='stylesheet' type='text/css' href='color.css' id='guicss'>
17 <script type='text/javascript' src='tomato.js'></script>
18
19 <!-- / / / -->
20
21 <style type='text/css'>
22 textarea {
23 width: 99%;
24 height: 10em;
25 }
26 </style>
27
28 <script type='text/javascript' src='debug.js'></script>
29
30 <script type='text/javascript'>
31
32 // <% nvram("http_enable,https_enable,http_lanport,https_lanport,remote_management,remote_mgt_https,web_wl_filter,web_css,sshd_eas,sshd_pass,sshd_remote,telnetd_eas,http_wanport,sshd_authkeys,sshd_port,sshd_rport,sshd_forwarding,telnetd_port,rmgt_sip,https_crt_cn,https_crt_save,lan_ipaddr,ne_shlimit"); %>
33
34 changed = 0;
35 tdup = parseInt('<% psup("telnetd"); %>');
36 sdup = parseInt('<% psup("dropbear"); %>');
37
38 shlimit = nvram.ne_shlimit.split(',');
39 if (shlimit.length != 3) shlimit = [0,3,60];
40
41 var xmenus = [['Status', 'status'], ['Bandwidth', 'bwm'], ['Tools', 'tools'], ['Basic', 'basic'],
42 ['Advanced', 'advanced'], ['Port Forwarding', 'forward'], ['QoS', 'qos'],
43 /* USB-BEGIN */
44 ['USB and NAS', 'nas'],
45 /* USB-END */
46 /* VPN-BEGIN */
47 ['VPN Tunneling', 'vpn'],
48 /* VPN-END */
49 ['Administration', 'admin']];
50
51 function toggle(service, isup)
52 {
53 if (changed) {
54 if (!confirm("Unsaved changes will be lost. Continue anyway?")) return;
55 }
56 E('_' + service + '_button').disabled = true;
57 form.submitHidden('service.cgi', {
58 _redirect: 'admin-access.asp',
59 _sleep: ((service == 'sshd') && (!isup)) ? '7' : '3',
60 _service: service + (isup ? '-stop' : '-start')
61 });
62 }
63
64 function verifyFields(focused, quiet)
65 {
66 var ok = 1;
67 var a, b, c;
68 var i;
69
70 try {
71 a = E('_web_css').value;
72 if (a != nvram.web_css) {
73 E('guicss').href = a + '.css';
74 nvram.web_css = a;
75 }
76 }
77 catch (ex) {
78 }
79
80 a = E('_f_http_local');
81 b = E('_f_http_remote').value;
82 if ((a.value != 3) && (b != 0) && (a.value != b)) {
83 ferror.set(a, 'The local http/https must also be enabled when using remote access.', quiet || !ok);
84 ok = 0;
85 }
86 else {
87 ferror.clear(a);
88 }
89
90 elem.display(PR('_http_lanport'), (a.value == 1) || (a.value == 3));
91
92 c = (a.value == 2) || (a.value == 3);
93 elem.display(PR('_https_lanport'), 'row_sslcert', PR('_https_crt_cn'), PR('_f_https_crt_save'), PR('_f_https_crt_gen'), c);
94
95 if (c) {
96 a = E('_https_crt_cn');
97 a.value = a.value.replace(/(,+|\s+)/g, ' ').trim();
98 if (a.value != nvram.https_crt_cn) E('_f_https_crt_gen').checked = 1;
99 }
100
101 if ((!v_port('_http_lanport', quiet || !ok)) || (!v_port('_https_lanport', quiet || !ok))) ok = 0;
102
103 b = b != 0;
104 a = E('_http_wanport');
105 elem.display(PR(a), b);
106 if ((b) && (!v_port(a, quiet || !ok))) ok = 0;
107
108 if (!v_port('_telnetd_port', quiet || !ok)) ok = 0;
109
110 a = E('_f_sshd_remote').checked;
111 b = E('_sshd_rport');
112 elem.display(PR(b), a);
113 if ((a) && (!v_port(b, quiet || !ok))) ok = 0;
114
115 a = E('_sshd_authkeys');
116 if (!v_length(a, quiet || !ok, 0, 4096)) {
117 ok = 0;
118 }
119 else if (a.value != '') {
120 if (a.value.search(/^\s*ssh-(dss|rsa)/) == -1) {
121 ferror.set(a, 'Invalid SSH key.', quiet || !ok);
122 ok = 0;
123 }
124 }
125
126 a = E('_f_rmgt_sip');
127 if ((a.value.length) && (!_v_iptaddr(a, quiet || !ok, 15, 1, 1))) return 0;
128 ferror.clear(a);
129
130 if (!v_range('_f_limit_hit', quiet || !ok, 1, 100)) return 0;
131 if (!v_range('_f_limit_sec', quiet || !ok, 3, 3600)) return 0;
132
133 a = E('_set_password_1');
134 b = E('_set_password_2');
135 a.value = a.value.trim();
136 b.value = b.value.trim();
137 if (a.value != b.value) {
138 ferror.set(b, 'Both passwords must match.', quiet || !ok);
139 ok = 0;
140 }
141 else if (a.value == '') {
142 ferror.set(a, 'Password must not be empty.', quiet || !ok);
143 ok = 0;
144 }
145 else {
146 ferror.clear(a);
147 ferror.clear(b);
148 }
149
150 changed |= ok;
151 return ok;
152 }
153
154 function save()
155 {
156 var a, b, fom;
157
158 if (!verifyFields(null, false)) return;
159
160 fom = E('_fom');
161 a = E('_f_http_local').value * 1;
162 if (a == 0) {
163 if (!confirm('Warning: Web Admin is about to be disabled. If you decide to re-enable Web Admin at a later time, it must be done manually via Telnet, SSH or by performing a hardware reset. Are you sure you want to do this?')) return;
164 fom._nextpage.value = 'about:blank';
165 }
166 fom.http_enable.value = (a & 1) ? 1 : 0;
167 fom.https_enable.value = (a & 2) ? 1 : 0;
168
169 nvram.lan_ipaddr = location.hostname;
170 if ((a != 0) && (location.hostname == nvram.lan_ipaddr)) {
171 if (location.protocol == 'https:') {
172 b = 's';
173 if ((a & 2) == 0) b = '';
174 }
175 else {
176 b = '';
177 if ((a & 1) == 0) b = 's';
178 }
179
180 a = 'http' + b + '://' + location.hostname;
181 if (b == 's') {
182 if (fom.https_lanport.value != 443) a += ':' + fom.https_lanport.value;
183 }
184 else {
185 if (fom.http_lanport.value != 80) a += ':' + fom.http_lanport.value;
186 }
187 fom._nextpage.value = a + '/admin-access.asp';
188 }
189
190 a = E('_f_http_remote').value;
191 fom.remote_management.value = (a != 0) ? 1 : 0;
192 fom.remote_mgt_https.value = (a == 2) ? 1 : 0;
193 /*
194 if ((a != 0) && (location.hostname != nvram.lan_ipaddr)) {
195 if (location.protocol == 'https:') {
196 if (a != 2) fom._nextpage.value = 'http://' + location.hostname + ':' + fom.http_wanport.value + '/admin-access.asp';
197 }
198 else {
199 if (a == 2) fom._nextpage.value = 'https://' + location.hostname + ':' + fom.http_wanport.value + '/admin-access.asp';
200 }
201 }
202 */
203 fom.https_crt_gen.value = E('_f_https_crt_gen').checked ? 1 : 0;
204 fom.https_crt_save.value = E('_f_https_crt_save').checked ? 1 : 0;
205
206 fom.web_wl_filter.value = E('_f_http_wireless').checked ? 0 : 1;
207
208 fom.telnetd_eas.value = E('_f_telnetd_eas').checked ? 1 : 0;
209
210 fom.sshd_eas.value = E('_f_sshd_eas').checked ? 1 : 0;
211 fom.sshd_pass.value = E('_f_sshd_pass').checked ? 1 : 0;
212 fom.sshd_remote.value = E('_f_sshd_remote').checked ? 1 : 0;
213 fom.sshd_forwarding.value = E('_f_sshd_forwarding').checked ? 1 : 0;
214
215 fom.rmgt_sip.value = fom.f_rmgt_sip.value.split(/\s*,\s*/).join(',');
216
217 fom.ne_shlimit.value = ((E('_f_limit_ssh').checked ? 1 : 0) | (E('_f_limit_telnet').checked ? 2 : 0)) +
218 ',' + E('_f_limit_hit').value + ',' + E('_f_limit_sec').value;
219
220 a = [];
221 for (var i = 0; i < xmenus.length; ++i) {
222 b = xmenus[i][1];
223 if (E('_f_mx_' + b).checked) a.push(b);
224 }
225 fom.web_mx.value = a.join(',');
226
227 form.submit(fom, 0);
228 }
229
230 function init()
231 {
232 changed = 0;
233 }
234 </script>
235 </head>
236 <body onload="init()">
237 <form id='_fom' method='post' action='tomato.cgi'>
238 <table id='container' cellspacing=0>
239 <tr><td colspan=2 id='header'>
240 <div class='title'>Tomato</div>
241 <div class='version'>Version <% version(); %></div>
242 </td></tr>
243 <tr id='body'><td id='navi'><script type='text/javascript'>navi()</script></td>
244 <td id='content'>
245 <div id='ident'><% ident(); %></div>
246
247 <!-- / / / -->
248
249 <input type='hidden' name='_nextpage' value='admin-access.asp'>
250 <input type='hidden' name='_nextwait' value='10'>
251 <input type='hidden' name='_service' value='admin-restart'>
252
253 <input type='hidden' name='http_enable'>
254 <input type='hidden' name='https_enable'>
255 <input type='hidden' name='https_crt_save'>
256 <input type='hidden' name='https_crt_gen'>
257 <input type='hidden' name='remote_management'>
258 <input type='hidden' name='remote_mgt_https'>
259 <input type='hidden' name='web_wl_filter'>
260 <input type='hidden' name='telnetd_eas'>
261 <input type='hidden' name='sshd_eas'>
262 <input type='hidden' name='sshd_pass'>
263 <input type='hidden' name='sshd_remote'>
264 <input type='hidden' name='ne_shlimit'>
265 <input type='hidden' name='rmgt_sip'>
266 <input type='hidden' name='sshd_forwarding'>
267 <input type='hidden' name='web_mx'>
268
269 <div class='section-title'>Web Admin</div>
270 <div class='section'>
271 <script type='text/javascript'>
272 var m = [
273 { title: 'Local Access', name: 'f_http_local', type: 'select', options: [[0,'Disabled'],[1,'HTTP'],[2,'HTTPS'],[3,'HTTP &amp; HTTPS']],
274 value: ((nvram.https_enable != 0) ? 2 : 0) | ((nvram.http_enable != 0) ? 1 : 0) },
275 { title: 'HTTP Port', indent: 2, name: 'http_lanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.http_lanport, 80) },
276 { title: 'HTTPS Port', indent: 2, name: 'https_lanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.https_lanport, 443) },
277 { title: 'SSL Certificate', rid: 'row_sslcert' },
278 { title: 'Common Name (CN)', indent: 2, name: 'https_crt_cn', type: 'text', maxlen: 64, size: 64, value: nvram.https_crt_cn,
279 suffix: '&nbsp;<small>(optional; space separated)</small>' },
280 { title: 'Regenerate', indent: 2, name: 'f_https_crt_gen', type: 'checkbox', value: 0 },
281 { title: 'Save In NVRAM', indent: 2, name: 'f_https_crt_save', type: 'checkbox', value: nvram.https_crt_save == 1 },
282 { title: 'Remote Access', name: 'f_http_remote', type: 'select', options: [[0,'Disabled'],[1,'HTTP'],[2,'HTTPS']],
283 value: (nvram.remote_management == 1) ? ((nvram.remote_mgt_https == 1) ? 2 : 1) : 0 },
284 { title: 'Port', indent: 2, name: 'http_wanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.http_wanport, 8080) },
285 { title: 'Allow Wireless Access', name: 'f_http_wireless', type: 'checkbox', value: nvram.web_wl_filter == 0 },
286 null,
287 { title: 'Color Scheme', name: 'web_css', type: 'select',
288 options: [['red','Tomato'],['asus','Asustek'],['asus_red','Asus Red'],['black','Black'],['blue','Blue'],['bluegreen','Blue &amp; Green (Lighter)'],['bluegreen2','Blue &amp; Green (Darker)'],['bluedream','Bluedream'],['brownlight','Brownlight'],['buffalo','Buffalo'],['brown','Brown'],['cisco','Cisco'],['cyan','Cyan'],['enlightened','Enlightened'],['flame','Flame'],['linksys','Linksys'],['olive','Olive'],['purple','Purple'],['pumpkin','Pumpkin'],['tijuana','Tijuana'],
289
290 /* THEMES-BEGIN */
291 ['usbred','USB Red'],['usbblue','USB Blue'],
292 /* THEMES-END */
293 ['ext/custom','Custom (ext/custom.css)']], value: nvram.web_css },
294 { title: 'Open Menus' }
295 ];
296
297 var webmx = get_config('web_mx', '').toLowerCase();
298 for (var i = 0; i < xmenus.length; ++i) {
299 m.push({ title: xmenus[i][0], indent: 2, name: 'f_mx_' + xmenus[i][1],
300 type: 'checkbox', value: (webmx.indexOf(xmenus[i][1]) != -1) });
301 }
302
303 createFieldTable('', m);
304 </script>
305 </div>
306
307 <div class='section-title'>SSH Daemon</div>
308 <div class='section'>
309 <script type='text/javascript'>
310 createFieldTable('', [
311 { title: 'Enable at Startup', name: 'f_sshd_eas', type: 'checkbox', value: nvram.sshd_eas == 1 },
312 { title: 'Remote Access', name: 'f_sshd_remote', type: 'checkbox', value: nvram.sshd_remote == 1 },
313 { title: 'Remote Port', indent: 2, name: 'sshd_rport', type: 'text', maxlen: 5, size: 7, value: nvram.sshd_rport },
314 { title: 'Remote Forwarding', name: 'f_sshd_forwarding', type: 'checkbox', value: nvram.sshd_forwarding == 1 },
315 { title: 'Port', name: 'sshd_port', type: 'text', maxlen: 5, size: 7, value: nvram.sshd_port },
316 { title: 'Allow Password Login', name: 'f_sshd_pass', type: 'checkbox', value: nvram.sshd_pass == 1 },
317 { title: 'Authorized Keys', name: 'sshd_authkeys', type: 'textarea', value: nvram.sshd_authkeys }
318 ]);
319 W('<input type="button" value="' + (sdup ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'sshd\', sdup)" id="_sshd_button">');
320 </script>
321 </div>
322
323 <div class='section-title'>Telnet Daemon</div>
324 <div class='section'>
325 <script type='text/javascript'>
326 createFieldTable('', [
327 { title: 'Enable at Startup', name: 'f_telnetd_eas', type: 'checkbox', value: nvram.telnetd_eas == 1 },
328 { title: 'Port', name: 'telnetd_port', type: 'text', maxlen: 5, size: 7, value: nvram.telnetd_port }
329 ]);
330 W('<input type="button" value="' + (tdup ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'telnetd\', tdup)" id="_telnetd_button">');
331 </script>
332 </div>
333
334 <div class='section-title'>Admin Restrictions</div>
335 <div class='section'>
336 <script type='text/javascript'>
337 createFieldTable('', [
338 { title: 'Allowed Remote<br>IP Address', name: 'f_rmgt_sip', type: 'text', maxlen: 512, size: 64, value: nvram.rmgt_sip,
339 suffix: '<br><small>(optional; ex: "1.1.1.1", "1.1.1.0/24", "1.1.1.1 - 2.2.2.2" or "me.example.com")</small>' },
340 { title: 'Limit Connection Attempts', multi: [
341 { suffix: '&nbsp; SSH &nbsp; / &nbsp;', name: 'f_limit_ssh', type: 'checkbox', value: (shlimit[0] & 1) != 0 },
342 { suffix: '&nbsp; Telnet &nbsp;', name: 'f_limit_telnet', type: 'checkbox', value: (shlimit[0] & 2) != 0 }
343 ] },
344 { title: '', indent: 2, multi: [
345 { name: 'f_limit_hit', type: 'text', maxlen: 4, size: 6, suffix: '&nbsp; every &nbsp;', value: shlimit[1] },
346 { name: 'f_limit_sec', type: 'text', maxlen: 4, size: 6, suffix: '&nbsp; seconds', value: shlimit[2] }
347 ] }
348 ]);
349 </script>
350 </div>
351
352 <div class='section-title'>Password</div>
353 <div class='section'>
354 <script type='text/javascript'>
355 createFieldTable('', [
356 { title: 'Password', name: 'set_password_1', type: 'password', value: '**********' },
357 { title: '<i>(re-enter to confirm)</i>', indent: 2, name: 'set_password_2', type: 'password', value: '**********' }
358 ]);
359 </script>
360 </div>
361
362 <!-- / / / -->
363
364 </td></tr>
365 <tr><td id='footer' colspan=2>
366 <span id='footer-msg'></span>
367 <input type='button' value='Save' id='save-button' onclick='save()'>
368 <input type='button' value='Cancel' id='cancel-button' onclick='javascript:reloadPage();'>
369 </td></tr>
370 </table>
371 </form>
372 <script type='text/javascript'>verifyFields(null, 1);</script>
373 </body>
374 </html>
Tomato firmware and modifications.