search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Correct access restrictions limits
[tomato.git] / release / src / router / httpd / tomato.c
blob5899de3b8111867b556ca0015178d77111bd2127
1 /*
2
3 Tomato Firmware
4 Copyright (C) 2006-2010 Jonathan Zarate
5
6 */
7
8 #include "tomato.h"
9
10 #include <sys/sysinfo.h>
11 #include <sys/stat.h>
12 #include <sys/types.h>
13 #include <sys/socket.h>
14 #include <arpa/inet.h>
15 #include <time.h>
16
17
18 // #define DEBUG_NOEXECSERVICE
19 #define DEBUG_NVRAMSET(k, v) _dprintf("nvram set %s=%s\n", k, v);
20
21
22 char *post_buf = NULL;
23 int rboot = 0;
24 extern int post;
25
26 static void asp_css(int argc, char **argv);
27 static void asp_resmsg(int argc, char **argv);
28
29 //
30 static void wo_tomato(char *url);
31 static void wo_update(char *url);
32 static void wo_service(char *url);
33 static void wo_shutdown(char *url);
34 static void wo_nvcommit(char *url);
35 // static void wo_logout(char *url);
36
37
38 // ----------------------------------------------------------------------------
39
40
41 void exec_service(const char *action)
42 {
43 int i;
44
45 _dprintf("exec_service: %s\n", action);
46
47 i = 10;
48 while ((!nvram_match("action_service", "")) && (i-- > 0)) {
49 _dprintf("%s: waiting before %d\n", __FUNCTION__, i);
50 sleep(1);
51 }
52
53 nvram_set("action_service", action);
54 kill(1, SIGUSR1);
55
56 i = 3;
57 while ((nvram_match("action_service", (char *)action)) && (i-- > 0)) {
58 _dprintf("%s: waiting after %d\n", __FUNCTION__, i);
59 sleep(1);
60 }
61
62 /*
63 if (atoi(webcgi_safeget("_service_wait", ""))) {
64 i = 10;
65 while ((nvram_match("action_service", (char *)action)) && (i-- > 0)) {
66 _dprintf("%s: waiting after %d\n", __FUNCTION__, i);
67 sleep(1);
68 }
69 }
70 */
71 }
72
73 static void wi_generic_noid(char *url, int len, char *boundary)
74 {
75 if (post == 1) {
76 if (len >= (32 * 1024)) {
77 // syslog(LOG_WARNING, "POST max");
78 exit(1);
79 }
80
81 if (post_buf) free(post_buf);
82 if ((post_buf = malloc(len + 1)) == NULL) {
83 // syslog(LOG_CRIT, "Unable to allocate post buffer");
84 exit(1);
85 }
86
87 if (web_read_x(post_buf, len) != len) {
88 exit(1);
89 }
90 post_buf[len] = 0;
91 webcgi_init(post_buf);
92 }
93 }
94
95 void wi_generic(char *url, int len, char *boundary)
96 {
97 wi_generic_noid(url, len, boundary);
98 check_id(url);
99 }
100
101 // !!TB - CGI Support
102 void wi_cgi_bin(char *url, int len, char *boundary)
103 {
104 if (post_buf) free(post_buf);
105 post_buf = NULL;
106
107 if (post) {
108 if (len >= (128 * 1024)) {
109 syslog(LOG_WARNING, "POST length exceeded maximum allowed");
110 exit(1);
111 }
112
113 if (len > 0) {
114 if ((post_buf = malloc(len + 1)) == NULL) {
115 exit(1);
116 }
117 if (web_read_x(post_buf, len) != len) {
118 exit(1);
119 }
120 post_buf[len] = 0;
121 }
122 }
123 }
124
125 static void _execute_command(char *url, char *command, char *query, wofilter_t wof)
126 {
127 char webExecFile[] = "/tmp/.wxXXXXXX";
128 char webQueryFile[] = "/tmp/.wqXXXXXX";
129 char cmd[sizeof(webExecFile) + 10];
130 FILE *f;
131 int fe, fq = -1;
132
133 if ((fe = mkstemp(webExecFile)) < 0)
134 exit(1);
135 if (query) {
136 if ((fq = mkstemp(webQueryFile)) < 0) {
137 close(fe);
138 unlink(webExecFile);
139 exit(1);
140 }
141 }
142
143 if ((f = fdopen(fe, "wb")) != NULL) {
144 fprintf(f,
145 "#!/bin/sh\n"
146 "export REQUEST_METHOD=\"%s\"\n"
147 "export PATH=%s\n"
148 ". /etc/profile\n"
149 "%s%s %s%s\n",
150 post ? "POST" : "GET", getenv("PATH"),
151 command ? "" : "./", command ? command : url,
152 query ? "<" : "", query ? webQueryFile : "");
153 fclose(f);
154 }
155 else {
156 close(fe);
157 unlink(webExecFile);
158 if (query) {
159 close(fq);
160 unlink(webQueryFile);
161 }
162 exit(1);
163 }
164 chmod(webExecFile, 0700);
165
166 if (query) {
167 if ((f = fdopen(fq, "wb")) != NULL) {
168 fprintf(f, "%s\n", query);
169 fclose(f);
170 }
171 else {
172 unlink(webExecFile);
173 close(fq);
174 unlink(webQueryFile);
175 exit(1);
176 }
177 }
178
179 sprintf(cmd, "%s 2>&1", webExecFile);
180 web_pipecmd(cmd, wof);
181 unlink(webQueryFile);
182 unlink(webExecFile);
183 }
184
185 static void wo_cgi_bin(char *url)
186 {
187 if (!header_sent) send_header(200, NULL, mime_html, 0);
188 _execute_command(url, NULL, post_buf, WOF_NONE);
189 if (post_buf) {
190 free(post_buf);
191 post_buf = NULL;
192 }
193 }
194
195 static void wo_shell(char *url)
196 {
197 web_puts("\ncmdresult = '");
198 _execute_command(NULL, webcgi_get("command"), NULL, WOF_JAVASCRIPT);
199 web_puts("';");
200 }
201
202 static void wo_blank(char *url)
203 {
204 web_puts("\n\n\n\n");
205 }
206
207 static void wo_favicon(char *url)
208 {
209 send_header(200, NULL, "image/vnd.microsoft.icon", 0);
210 do_file(url);
211 /*
212 if (nvram_match("web_favicon", "1")) {
213 send_header(200, NULL, "image/vnd.microsoft.icon", 0);
214 do_file(url);
215 }
216 else {
217 send_error(404, NULL, NULL);
218 }
219 */
220 }
221
222 static void wo_cfe(char *url)
223 {
224 do_file(MTD_DEV(0ro));
225 }
226
227 static void wo_nvram(char *url)
228 {
229 web_pipecmd("nvram show", WOF_NONE);
230 }
231
232 static void wo_iptables(char *url)
233 {
234 web_pipecmd("iptables -nvL; echo; iptables -t nat -nvL; echo; iptables -t mangle -nvL", WOF_NONE);
235 }
236
237 #ifdef TCONFIG_IPV6
238 static void wo_ip6tables(char *url)
239 {
240 web_pipecmd("ip6tables -nvL; echo; ip6tables -t mangle -nvL", WOF_NONE);
241 }
242 #endif
243
244 /*
245 static void wo_spin(char *url)
246 {
247 char s[64];
248
249 strlcpy(s, nvram_safe_get("web_css"), sizeof(s));
250 strlcat(s, "_spin.gif", sizeof(s));
251 if (f_exists(s)) do_file(s);
252 else do_file("_spin.gif");
253 }
254 */
255
256 void common_redirect(void)
257 {
258 if (atoi(webcgi_safeget("_ajax", ""))) {
259 send_header(200, NULL, mime_html, 0);
260 web_puts("OK");
261 }
262 else {
263 redirect(webcgi_safeget("_redirect", "/"));
264 }
265 }
266
267 // ----------------------------------------------------------------------------
268
269 const struct mime_handler mime_handlers[] = {
270 { "update.cgi", mime_javascript, 0, wi_generic, wo_update, 1 },
271 { "tomato.cgi", NULL, 0, wi_generic, wo_tomato, 1 },
272
273 { "debug.js", mime_javascript, 5, wi_generic_noid, wo_blank, 1 }, // while debugging
274 { "cfe/*.bin", mime_binary, 0, wi_generic, wo_cfe, 1 },
275 { "nvram/*.txt", mime_binary, 0, wi_generic, wo_nvram, 1 },
276 { "ipt/*.txt", mime_binary, 0, wi_generic, wo_iptables, 1 },
277 #ifdef TCONFIG_IPV6
278 { "ip6t/*.txt", mime_binary, 0, wi_generic, wo_ip6tables, 1 },
279 #endif
280 { "cfg/*.cfg", NULL, 0, wi_generic, wo_backup, 1 },
281 { "cfg/restore.cgi", mime_html, 0, wi_restore, wo_restore, 1 },
282 { "cfg/defaults.cgi", NULL, 0, wi_generic, wo_defaults, 1 },
283
284 { "bwm/*.gz", NULL, 0, wi_generic, wo_bwmbackup, 1 },
285 { "bwm/restore.cgi", NULL, 0, wi_bwmrestore, wo_bwmrestore, 1 },
286
287 { "logs/view.cgi", NULL, 0, wi_generic, wo_viewlog, 1 },
288 { "logs/*.txt", NULL, 0, wi_generic, wo_syslog, 1 },
289 { "webmon_**", NULL, 0, wi_generic, wo_syslog, 1 },
290
291 { "logout.asp", NULL, 0, wi_generic, wo_asp, 1 },
292 { "clearcookies.asp", NULL, 0, wi_generic, wo_asp, 1 },
293
294 // { "spin.gif", NULL, 0, wi_generic_noid, wo_spin, 1 },
295
296 { "**.asp", NULL, 0, wi_generic_noid, wo_asp, 1 },
297 { "**.css", "text/css", 2, wi_generic_noid, do_file, 1 },
298 { "**.htm|**.html", mime_html, 2, wi_generic_noid, do_file, 1 },
299 { "**.gif", "image/gif", 5, wi_generic_noid, do_file, 1 },
300 { "**.jpg", "image/jpeg", 5, wi_generic_noid, do_file, 1 },
301 { "**.png", "image/png", 5, wi_generic_noid, do_file, 1 },
302 { "**.js", mime_javascript, 2, wi_generic_noid, do_file, 1 },
303 { "**.jsx", mime_javascript, 0, wi_generic, wo_asp, 1 },
304 { "**.svg", "image/svg+xml", 2, wi_generic_noid, do_file, 1 },
305 { "**.txt", mime_plain, 2, wi_generic_noid, do_file, 1 },
306 { "**.bin", mime_binary, 0, wi_generic_noid, do_file, 1 },
307 { "**.bino", mime_octetstream, 0, wi_generic_noid, do_file, 1 },
308 { "favicon.ico", NULL, 5, wi_generic_noid, wo_favicon, 1 },
309 // !!TB - CGI Support, enable downloading archives
310 { "**/cgi-bin/**|**.sh", NULL, 0, wi_cgi_bin, wo_cgi_bin, 1 },
311 { "**.tar|**.gz", mime_binary, 0, wi_generic_noid, do_file, 1 },
312 { "shell.cgi", mime_javascript, 0, wi_generic, wo_shell, 1 },
313 { "wpad.dat|proxy.pac", "application/x-ns-proxy-autoconfig", 0, wi_generic_noid, do_file, 0 },
314
315 { "webmon.cgi", mime_javascript, 0, wi_generic, wo_webmon, 1 },
316 { "dhcpc.cgi", NULL, 0, wi_generic, wo_dhcpc, 1 },
317 { "dhcpd.cgi", mime_javascript, 0, wi_generic, wo_dhcpd, 1 },
318 { "nvcommit.cgi", NULL, 0, wi_generic, wo_nvcommit, 1 },
319 { "ping.cgi", mime_javascript, 0, wi_generic, wo_ping, 1 },
320 { "trace.cgi", mime_javascript, 0, wi_generic, wo_trace, 1 },
321 { "upgrade.cgi", mime_html, 0, wi_upgrade, wo_flash, 1 },
322 { "upnp.cgi", NULL, 0, wi_generic, wo_upnp, 1 },
323 { "wakeup.cgi", NULL, 0, wi_generic, wo_wakeup, 1 },
324 { "wlmnoise.cgi", mime_html, 0, wi_generic, wo_wlmnoise, 1 },
325 { "wlradio.cgi", NULL, 0, wi_generic, wo_wlradio, 1 },
326 { "resolve.cgi", mime_javascript, 0, wi_generic, wo_resolve, 1 },
327 { "expct.cgi", mime_html, 0, wi_generic, wo_expct, 1 },
328 { "service.cgi", NULL, 0, wi_generic, wo_service, 1 },
329 // { "logout.cgi", NULL, 0, wi_generic, wo_logout, 0 }, // see httpd.c
330 { "shutdown.cgi", mime_html, 0, wi_generic, wo_shutdown, 1 },
331 #ifdef TCONFIG_OPENVPN
332 { "vpnstatus.cgi", mime_javascript, 0, wi_generic, wo_vpn_status, 1 },
333 #endif
334 #ifdef TCONFIG_USB
335 { "usbcmd.cgi", mime_javascript, 0, wi_generic, wo_usbcommand, 1 }, //!!TB - USB
336 #endif
337 #ifdef BLACKHOLE
338 { "blackhole.cgi", NULL, 0, wi_blackhole, NULL, 1 },
339 #endif
340 // { "test", mime_html, 0, wi_generic, wo_test, 1 },
341 { NULL, NULL, 0, NULL, NULL, 1 }
342 };
343
344 const aspapi_t aspapi[] = {
345 { "activeroutes", asp_activeroutes },
346 { "arplist", asp_arplist },
347 { "bandwidth", asp_bandwidth },
348 { "build_time", asp_build_time },
349 { "cgi_get", asp_cgi_get },
350 { "compmac", asp_compmac },
351 { "ctcount", asp_ctcount },
352 { "ctdump", asp_ctdump },
353 { "ctrate", asp_ctrate },
354 { "ddnsx", asp_ddnsx },
355 { "devlist", asp_devlist },
356 { "webmon", asp_webmon },
357 { "dhcpc_time", asp_dhcpc_time },
358 { "dns", asp_dns },
359 { "ident", asp_ident },
360 { "lanip", asp_lanip },
361 { "layer7", asp_layer7 },
362 { "link_uptime", asp_link_uptime },
363 { "lipp", asp_lipp },
364 { "netdev", asp_netdev },
365 { "notice", asp_notice },
366 { "nv", asp_nv },
367 { "nvram", asp_nvram },
368 { "nvramseq", asp_nvramseq },
369 { "nvstat", asp_nvstat },
370 { "psup", asp_psup },
371 { "qrate", asp_qrate },
372 { "resmsg", asp_resmsg },
373 { "rrule", asp_rrule },
374 { "statfs", asp_statfs },
375 { "sysinfo", asp_sysinfo },
376 { "time", asp_time },
377 { "upnpinfo", asp_upnpinfo },
378 { "version", asp_version },
379 { "wanstatus", asp_wanstatus },
380 { "wanup", asp_wanup },
381 { "wlstats", asp_wlstats },
382 { "wlclient", asp_wlclient },
383 { "wlnoise", asp_wlnoise },
384 { "wlscan", asp_wlscan },
385 { "wlchannels", asp_wlchannels }, //!!TB
386 { "wlcountries", asp_wlcountries },
387 { "wlifaces", asp_wlifaces },
388 { "wlbands", asp_wlbands },
389 #ifdef TCONFIG_USB
390 { "usbdevices", asp_usbdevices }, //!!TB - USB Support
391 #endif
392 { "css", asp_css },
393 { NULL, NULL }
394 };
395
396 // -----------------------------------------------------------------------------
397
398 static void asp_css(int argc, char **argv)
399 {
400 const char *css = nvram_safe_get("web_css");
401
402 if (strcmp(css, "tomato") != 0) {
403 web_printf("<link rel='stylesheet' type='text/css' href='%s.css'>", css);
404 }
405 }
406
407 // -----------------------------------------------------------------------------
408
409 const char *resmsg_get(void)
410 {
411 return webcgi_safeget("resmsg", "");
412 }
413
414 void resmsg_set(const char *msg)
415 {
416 webcgi_set("resmsg", strdup(msg)); // m ok
417 }
418
419 int resmsg_fread(const char *fname)
420 {
421 char s[256];
422 char *p;
423
424 f_read_string(fname, s, sizeof(s));
425 if ((p = strchr(s, '\n')) != NULL) *p = 0;
426 if (s[0]) {
427 resmsg_set(s);
428 return 1;
429 }
430 return 0;
431 }
432
433 static void asp_resmsg(int argc, char **argv)
434 {
435 char *p;
436
437 if ((p = js_string(webcgi_safeget("resmsg", (argc > 0) ? argv[0] : ""))) == NULL) return;
438 web_printf("\nresmsg='%s';\n", p);
439 free(p);
440 }
441
442 // ----------------------------------------------------------------------------
443
444 // verification... simple sanity checks. UI should verify all fields.
445
446 // todo: move and re-use for filtering - zzz
447
448 typedef union {
449 int i;
450 long l;
451 const char *s;
452 } nvset_varg_t;
453
454 typedef struct {
455 const char *name;
456 enum {
457 VT_NONE, // no checking
458 VT_LENGTH, // check length of string
459 VT_TEXT, // strip \r, check length of string
460 VT_RANGE, // expect an integer, check range
461 VT_IP, // expect an ip address
462 VT_MAC, // expect a mac address
463 #ifdef TCONFIG_IPV6
464 VT_IPV6, // expect an ipv6 address
465 #endif
466 VT_TEMP // no checks, no commit
467 } vtype;
468 nvset_varg_t va;
469 nvset_varg_t vb;
470 } nvset_t;
471
472
473 #define V_NONE VT_NONE, { }, { }
474 #define V_01 VT_RANGE, { .l = 0 }, { .l = 1 }
475 #define V_PORT VT_RANGE, { .l = 2 }, { .l = 65535 }
476 #define V_ONOFF VT_LENGTH, { .i = 2 }, { .i = 3 }
477 #define V_WORD VT_LENGTH, { .i = 1 }, { .i = 16 }
478 #define V_LENGTH(min, max) VT_LENGTH, { .i = min }, { .i = max }
479 #define V_TEXT(min, max) VT_TEXT, { .i = min }, { .i = max }
480 #define V_RANGE(min, max) VT_RANGE, { .l = min }, { .l = max }
481 #define V_IP VT_IP, { }, { }
482 #define V_OCTET VT_RANGE, { .l = 0 }, { .l = 255 }
483 #define V_NUM VT_RANGE, { .l = 0 }, { .l = 0x7FFFFFFF }
484 #define V_TEMP VT_TEMP, { }, { }
485 #ifdef TCONFIG_IPV6
486 #define V_IPV6(required) VT_IPV6, { .i = required }, { }
487 #endif
488
489 static const nvset_t nvset_list[] = {
490
491 // basic-ident
492 { "router_name", V_LENGTH(0, 32) },
493 { "wan_hostname", V_LENGTH(0, 32) },
494 { "wan_domain", V_LENGTH(0, 32) },
495
496 // basic-time
497 { "tm_tz", V_LENGTH(1, 64) }, // PST8PDT
498 { "tm_sel", V_LENGTH(1, 64) }, // PST8PDT
499 { "tm_dst", V_01 },
500 { "ntp_updates", V_RANGE(-1, 24) },
501 { "ntp_tdod", V_01 },
502 { "ntp_server", V_LENGTH(1, 150) }, // x y z
503 { "ntp_kiss", V_LENGTH(0, 255) },
504
505 // basic-static
506 { "dhcpd_static", V_LENGTH(0, 106*251)}, // 106 (max chars per entry) x 100 entries
507
508 // basic-ddns
509 { "ddnsx0", V_LENGTH(0, 2048) },
510 { "ddnsx1", V_LENGTH(0, 2048) },
511 { "ddnsx0_cache", V_LENGTH(0, 1) }, // only to clear
512 { "ddnsx1_cache", V_LENGTH(0, 1) },
513 { "ddnsx_ip", V_LENGTH(0, 32) },
514 { "ddnsx_save", V_01 },
515 { "ddnsx_refresh", V_RANGE(0, 365) },
516
517 // basic-network
518 // WAN
519 { "wan_proto", V_LENGTH(1, 16) }, // disabled, dhcp, static, pppoe, pptp, l2tp
520 { "wan_ipaddr", V_IP },
521 { "wan_netmask", V_IP },
522 { "wan_gateway", V_IP },
523 { "hb_server_ip", V_LENGTH(0, 32) },
524 { "l2tp_server_ip", V_LENGTH(0, 128) },
525 { "pptp_server_ip", V_LENGTH(0, 128) },
526 { "pptp_dhcp", V_01 },
527 { "ppp_username", V_LENGTH(0, 60) },
528 { "ppp_passwd", V_LENGTH(0, 60) },
529 { "ppp_service", V_LENGTH(0, 50) },
530 { "ppp_demand", V_01 },
531 { "ppp_custom", V_LENGTH(0, 256) },
532 { "ppp_idletime", V_RANGE(0, 1440) },
533 { "ppp_redialperiod", V_RANGE(1, 86400) },
534 { "mtu_enable", V_01 },
535 { "wan_mtu", V_RANGE(576, 1500) },
536 { "wan_islan", V_01 },
537
538 // LAN
539 { "lan_ipaddr", V_IP },
540 { "lan_netmask", V_IP },
541 { "lan_gateway", V_IP },
542 { "wan_dns", V_LENGTH(0, 50) }, // ip ip ip
543 { "lan_proto", V_WORD }, // static, dhcp
544 { "dhcp_start", V_RANGE(1, 254) }, // remove !
545 { "dhcp_num", V_RANGE(1, 255) }, // remove !
546 { "dhcpd_startip", V_IP },
547 { "dhcpd_endip", V_IP },
548 { "dhcp_lease", V_RANGE(1, 10080) },
549 { "wan_wins", V_IP },
550
551 // wireless
552 { "wl_radio", V_01 },
553 { "wl_mode", V_LENGTH(2, 3) }, // ap, sta, wet, wds
554 { "wl_net_mode", V_LENGTH(5, 8) }, // disabled, mixed, b-only, g-only, bg-mixed, n-only [speedbooster]
555 { "wl_ssid", V_LENGTH(1, 32) },
556 { "wl_closed", V_01 },
557 { "wl_channel", V_RANGE(0, 216) },
558
559 { "wl_security_mode", V_LENGTH(1, 32) }, // disabled, radius, wep, wpa_personal, wpa_enterprise, wpa2_personal, wpa2_enterprise
560 { "wl_radius_ipaddr", V_IP },
561 { "wl_radius_port", V_PORT },
562 { "wl_radius_key", V_LENGTH(1, 64) },
563 { "wl_wep_bit", V_RANGE(64, 128) }, // 64 or 128
564 { "wl_passphrase", V_LENGTH(0, 20) },
565 { "wl_key", V_RANGE(1, 4) },
566 { "wl_key1", V_LENGTH(0, 26) },
567 { "wl_key2", V_LENGTH(0, 26) },
568 { "wl_key3", V_LENGTH(0, 26) },
569 { "wl_key4", V_LENGTH(0, 26) },
570 { "wl_crypto", V_LENGTH(3, 8) }, // tkip, aes, tkip+aes
571 { "wl_wpa_psk", V_LENGTH(8, 64) },
572 { "wl_wpa_gtk_rekey", V_RANGE(60, 7200) },
573
574 { "wl_lazywds", V_01 },
575 { "wl_wds", V_LENGTH(0, 180) }, // mac mac mac (x 10)
576
577 { "wl_wds_enable", V_01 },
578 { "wl_gmode", V_RANGE(-1, 6) },
579 { "wl_wep", V_LENGTH(1, 32) }, // off, on, restricted,tkip,aes,tkip+aes
580 { "wl_akm", V_LENGTH(0, 32) }, // wpa, wpa2, psk, psk2, wpa wpa2, psk psk2, ""
581 { "wl_auth_mode", V_LENGTH(4, 6) }, // none, radius
582
583 { "wl_nmode", V_NONE },
584 { "wl_nband", V_RANGE(0, 2) }, // 2 - 2.4GHz, 1 - 5GHz, 0 - Auto
585 { "wl_nreqd", V_NONE },
586 { "wl_nbw_cap", V_RANGE(0, 2) }, // 0 - 20MHz, 1 - 40MHz, 2 - Auto
587 { "wl_nbw", V_NONE },
588 { "wl_mimo_preamble", V_WORD }, // 802.11n Preamble: mm/gf/auto/gfbcm
589 { "wl_nctrlsb", V_NONE }, // none, lower, upper
590
591 #ifdef TCONFIG_IPV6
592 // basic-ipv6
593 { "ipv6_service", V_LENGTH(0, 16) }, // '', native, native-pd, 6to4, sit, other
594 { "ipv6_prefix", V_IPV6(0) },
595 { "ipv6_prefix_length", V_RANGE(3, 127) },
596 { "ipv6_rtr_addr", V_IPV6(0) },
597 { "ipv6_radvd", V_01 },
598 { "ipv6_accept_ra", V_NUM },
599 { "ipv6_tun_addr", V_IPV6(1) },
600 { "ipv6_tun_addrlen", V_RANGE(3, 127) },
601 { "ipv6_ifname", V_LENGTH(0, 8) },
602 { "ipv6_tun_v4end", V_IP },
603 { "ipv6_relay", V_RANGE(1, 254) },
604 { "ipv6_tun_mtu", V_NUM }, // Tunnel MTU
605 { "ipv6_tun_ttl", V_NUM }, // Tunnel TTL
606 { "ipv6_dns", V_LENGTH(0, 40*3) }, // ip6 ip6 ip6
607 #endif
608
609 // basic-wfilter
610 { "wl_macmode", V_NONE }, // allow, deny, disabled
611 { "wl_maclist", V_LENGTH(0, 18*201) }, // 18 x 200 (11:22:33:44:55:66 ...)
612 { "macnames", V_LENGTH(0, 62*201) }, // 62 (12+1+48+1) x 50 (112233445566<..>) todo: re-use -- zzz
613
614 // advanced-ctnf
615 { "ct_max", V_NUM },
616 { "ct_tcp_timeout", V_LENGTH(20, 70) },
617 { "ct_udp_timeout", V_LENGTH(5, 15) },
618 { "ct_timeout", V_LENGTH(5, 15) },
619 { "nf_ttl", V_LENGTH(1, 6) },
620 { "nf_l7in", V_01 },
621 #ifdef LINUX26
622 { "nf_sip", V_01 },
623 { "ct_hashsize", V_NUM },
624 #endif
625 { "nf_rtsp", V_01 },
626 { "nf_pptp", V_01 },
627 { "nf_h323", V_01 },
628 { "nf_ftp", V_01 },
629
630 // advanced-dhcpdns
631 { "dhcpd_slt", V_RANGE(-1, 43200) }, // -1=infinite, 0=follow normal lease time, >=1 custom
632 { "dhcpd_dmdns", V_01 },
633 { "dhcpd_lmax", V_NUM },
634 { "dhcpd_gwmode", V_NUM },
635 { "dns_addget", V_01 },
636 { "dns_intcpt", V_01 },
637 { "dhcpc_minpkt", V_01 },
638 { "dhcpc_custom", V_LENGTH(0, 80) },
639 { "dns_norebind", V_01 },
640 { "dnsmasq_custom", V_TEXT(0, 2048) },
641 // { "dnsmasq_norw", V_01 },
642
643 // advanced-firewall
644 { "block_wan", V_01 },
645 { "multicast_pass", V_01 },
646 { "block_loopback", V_01 },
647 { "nf_loopback", V_NUM },
648 { "ne_syncookies", V_01 },
649 { "dhcp_pass", V_01 },
650 #ifdef TCONFIG_EMF
651 { "emf_entry", V_NONE },
652 { "emf_uffp_entry", V_NONE },
653 { "emf_rtport_entry", V_NONE },
654 { "emf_enable", V_01 },
655 #endif
656
657 // advanced-misc
658 { "wait_time", V_RANGE(3, 20) },
659 { "wan_speed", V_RANGE(0, 4) },
660 { "clkfreq", V_RANGE(100, 532) }, // KP
661 { "jumbo_frame_enable", V_01 }, // Jumbo Frames support (for RT-N16/WNR3500L)
662 { "jumbo_frame_size", V_RANGE(1, 9720) },
663 #ifdef CONFIG_BCMWL5
664 { "ctf_disable", V_01 },
665 #endif
666
667 // advanced-mac
668 { "mac_wan", V_LENGTH(0, 17) },
669 { "wl_macaddr", V_LENGTH(0, 17) },
670
671 // advanced-routing
672 { "routes_static", V_LENGTH(0, 2048) },
673 { "dhcp_routes", V_01 },
674 { "lan_stp", V_RANGE(0, 1) },
675 { "wk_mode", V_LENGTH(1, 32) }, // gateway, router
676 #ifdef TCONFIG_ZEBRA
677 { "dr_setting", V_RANGE(0, 3) },
678 { "dr_lan_tx", V_LENGTH(0, 32) },
679 { "dr_lan_rx", V_LENGTH(0, 32) },
680 { "dr_wan_tx", V_LENGTH(0, 32) },
681 { "dr_wan_rx", V_LENGTH(0, 32) },
682 #endif
683
684 // advanced-wireless
685 { "wl_country", V_LENGTH(0, 64) }, // !!TB - Country code
686 { "wl_country_code", V_LENGTH(0, 4) }, // !!TB - Country code
687 { "wl_btc_mode", V_RANGE(0, 2) }, // !!TB - BT Coexistence Mode: 0 (disable), 1 (enable), 2 (preemption)
688 { "wl_afterburner", V_LENGTH(2, 4) }, // off, on, auto
689 { "wl_auth", V_01 },
690 { "wl_rateset", V_LENGTH(2, 7) }, // all, default, 12
691 { "wl_rate", V_RANGE(0, 54 * 1000 * 1000) },
692 { "wl_mrate", V_RANGE(0, 54 * 1000 * 1000) },
693 { "wl_gmode_protection",V_LENGTH(3, 4) }, // off, auto
694 { "wl_frameburst", V_ONOFF }, // off, on
695 { "wl_bcn", V_RANGE(1, 65535) },
696 { "wl_dtim", V_RANGE(1, 255) },
697 { "wl_frag", V_RANGE(256, 2346) },
698 { "wl_rts", V_RANGE(0, 2347) },
699 { "wl_ap_isolate", V_01 },
700 { "wl_plcphdr", V_LENGTH(4, 5) }, // long, short
701 { "wl_antdiv", V_RANGE(0, 3) },
702 { "wl_txant", V_RANGE(0, 3) },
703 { "wl_txpwr", V_RANGE(0, 400) },
704 { "wl_wme", V_WORD }, // auto, off, on
705 { "wl_wme_no_ack", V_ONOFF }, // off, on
706 { "wl_wme_apsd", V_ONOFF }, // off, on
707 { "wl_maxassoc", V_RANGE(0, 255) },
708 { "wl_distance", V_LENGTH(0, 5) }, // "", 1-99999
709 { "wlx_hpamp", V_01 },
710 { "wlx_hperx", V_01 },
711 { "wl_reg_mode", V_LENGTH(1, 3) }, // !!TB - Regulatory: off, h, d
712 { "wl_mitigation", V_RANGE(0, 3) }, // Interference Mitigation Mode (0|1|2|3)
713
714 { "wl_nmode_protection", V_WORD, }, // off, auto
715 { "wl_nmcsidx", V_RANGE(-2, 32), }, // -2 - 32
716 { "wl_obss_coex", V_01 },
717
718 // forward-dmz
719 { "dmz_enable", V_01 },
720 { "dmz_ipaddr", V_LENGTH(0, 15) },
721 { "dmz_sip", V_LENGTH(0, 512) },
722
723 // forward-upnp
724 { "upnp_enable", V_NUM },
725 { "upnp_secure", V_01 },
726 { "upnp_port", V_RANGE(0, 65535) },
727 { "upnp_ssdp_interval", V_RANGE(10, 9999) },
728 { "upnp_mnp", V_01 },
729 { "upnp_clean", V_01 },
730 { "upnp_clean_interval", V_RANGE(60, 65535) },
731 { "upnp_clean_threshold", V_RANGE(0, 9999) },
732 { "upnp_min_port_int", V_PORT },
733 { "upnp_max_port_int", V_PORT },
734 { "upnp_min_port_ext", V_PORT },
735 { "upnp_max_port_ext", V_PORT },
736
737 // forward-basic
738 { "portforward", V_LENGTH(0, 4096) },
739
740 #ifdef TCONFIG_IPV6
741 // forward-basic-ipv6
742 { "ipv6_portforward", V_LENGTH(0, 4096) },
743 #endif
744
745 // forward-triggered
746 { "trigforward", V_LENGTH(0, 4096) },
747
748
749 // access restriction
750 { "rruleN", V_RANGE(0, 99) },
751 // { "rrule##", V_LENGTH(0, 16384) }, // in save_variables()
752
753 // admin-access
754 { "http_enable", V_01 },
755 { "https_enable", V_01 },
756 { "https_crt_save", V_01 },
757 { "https_crt_cn", V_LENGTH(0, 64) },
758 { "https_crt_gen", V_TEMP },
759 { "remote_management", V_01 },
760 { "remote_mgt_https", V_01 },
761 { "http_lanport", V_PORT },
762 { "https_lanport", V_PORT },
763 { "web_wl_filter", V_01 },
764 { "web_css", V_LENGTH(1, 32) },
765 { "web_mx", V_LENGTH(0, 128) },
766 { "http_wanport", V_PORT },
767 { "telnetd_eas", V_01 },
768 { "telnetd_port", V_PORT },
769 { "sshd_eas", V_01 },
770 { "sshd_pass", V_01 },
771 { "sshd_port", V_PORT },
772 { "sshd_remote", V_01 },
773 { "sshd_forwarding", V_01 },
774 { "sshd_rport", V_PORT },
775 { "sshd_authkeys", V_TEXT(0, 4096) },
776 { "rmgt_sip", V_LENGTH(0, 512) },
777 { "ne_shlimit", V_TEXT(1, 50) },
778
779 // admin-bwm
780 { "rstats_enable", V_01 },
781 { "rstats_path", V_LENGTH(0, 48) },
782 { "rstats_stime", V_RANGE(1, 168) },
783 { "rstats_offset", V_RANGE(1, 31) },
784 { "rstats_exclude", V_LENGTH(0, 64) },
785 { "rstats_sshut", V_01 },
786 { "rstats_bak", V_01 },
787
788 // admin-buttons
789 { "sesx_led", V_RANGE(0, 255) }, // amber, white, aoss
790 { "sesx_b0", V_RANGE(0, 5) }, // 0-5: toggle wireless, reboot, shutdown, script, usb unmount
791 { "sesx_b1", V_RANGE(0, 5) }, // "
792 { "sesx_b2", V_RANGE(0, 5) }, // "
793 { "sesx_b3", V_RANGE(0, 5) }, // "
794 { "sesx_script", V_TEXT(0, 1024) }, //
795 { "script_brau", V_TEXT(0, 1024) }, //
796
797 // admin-debug
798 { "debug_nocommit", V_01 },
799 { "debug_cprintf", V_01 },
800 { "debug_cprintf_file", V_01 },
801 // { "debug_keepfiles", V_01 },
802 { "debug_ddns", V_01 },
803 { "debug_norestart", V_TEXT(0, 128) },
804 { "console_loglevel", V_RANGE(1, 8) },
805 { "t_cafree", V_01 },
806 { "t_hidelr", V_01 },
807
808 // admin-sched
809 { "sch_rboot", V_TEXT(0, 64) },
810 { "sch_rcon", V_TEXT(0, 64) },
811 { "sch_c1", V_TEXT(0, 64) },
812 { "sch_c1_cmd", V_TEXT(0, 2048) },
813 { "sch_c2", V_TEXT(0, 64) },
814 { "sch_c2_cmd", V_TEXT(0, 2048) },
815 { "sch_c3", V_TEXT(0, 64) },
816 { "sch_c3_cmd", V_TEXT(0, 2048) },
817
818 // admin-scripts
819 { "script_init", V_TEXT(0, 4096) },
820 { "script_shut", V_TEXT(0, 4096) },
821 { "script_fire", V_TEXT(0, 8192) },
822 { "script_wanup", V_TEXT(0, 4096) },
823
824 // admin-log
825 { "log_remote", V_01 },
826 { "log_remoteip", V_LENGTH(0, 512) },
827 { "log_remoteport", V_PORT },
828 { "log_file", V_01 },
829 { "log_limit", V_RANGE(0, 2400) },
830 { "log_in", V_RANGE(0, 3) },
831 { "log_out", V_RANGE(0, 3) },
832 { "log_mark", V_RANGE(0, 99999) },
833 { "log_events", V_TEXT(0, 32) }, // "acre,crond,ntp"
834
835 // admin-log-webmonitor
836 { "log_wm", V_01 },
837 { "log_wmtype", V_RANGE(0, 2) },
838 { "log_wmip", V_LENGTH(0, 512) },
839 { "log_wmdmax", V_RANGE(0, 9999) },
840 { "log_wmsmax", V_RANGE(0, 9999) },
841
842 // admin-cifs
843 { "cifs1", V_LENGTH(1, 1024) },
844 { "cifs2", V_LENGTH(1, 1024) },
845
846 // admin-jffs2
847 { "jffs2_on", V_01 },
848 { "jffs2_exec", V_LENGTH(0, 64) },
849 { "jffs2_format", V_01 },
850
851 // nas-usb - !!TB
852 #ifdef TCONFIG_USB
853 { "usb_enable", V_01 },
854 { "usb_uhci", V_RANGE(-1, 1) }, // -1 - disabled, 0 - off, 1 - on
855 { "usb_ohci", V_RANGE(-1, 1) },
856 { "usb_usb2", V_RANGE(-1, 1) },
857 { "usb_irq_thresh", V_RANGE(0, 6) },
858 { "usb_storage", V_01 },
859 { "usb_printer", V_01 },
860 { "usb_printer_bidirect", V_01 },
861 { "usb_fs_ext3", V_01 },
862 { "usb_fs_fat", V_01 },
863 #ifdef TCONFIG_NTFS
864 { "usb_fs_ntfs", V_01 },
865 #endif
866 { "usb_automount", V_01 },
867 { "script_usbhotplug", V_TEXT(0, 2048) },
868 { "script_usbmount", V_TEXT(0, 2048) },
869 { "script_usbumount", V_TEXT(0, 2048) },
870 #endif
871
872 // nas-ftp - !!TB
873 #ifdef TCONFIG_FTP
874 { "ftp_enable", V_RANGE(0, 2) },
875 { "ftp_super", V_01 },
876 { "ftp_anonymous", V_RANGE(0, 3) },
877 { "ftp_dirlist", V_RANGE(0, 2) },
878 { "ftp_port", V_PORT },
879 { "ftp_max", V_RANGE(0, 12) },
880 { "ftp_ipmax", V_RANGE(0, 12) },
881 { "ftp_staytimeout", V_RANGE(0, 65535) },
882 { "ftp_rate", V_RANGE(0, 99999) },
883 { "ftp_anonrate", V_RANGE(0, 99999) },
884 { "ftp_anonroot", V_LENGTH(0, 256) },
885 { "ftp_pubroot", V_LENGTH(0, 256) },
886 { "ftp_pvtroot", V_LENGTH(0, 256) },
887 { "ftp_users", V_LENGTH(0, 4096) },
888 { "ftp_custom", V_TEXT(0, 2048) },
889 { "ftp_sip", V_LENGTH(0, 512) },
890 { "ftp_limit", V_TEXT(1, 50) },
891 { "log_ftp", V_01 },
892 #endif
893
894 #ifdef TCONFIG_SAMBASRV
895 // nas-samba - !!TB
896 { "smbd_enable", V_RANGE(0, 2) },
897 { "smbd_wgroup", V_LENGTH(0, 20) },
898 { "smbd_master", V_01 },
899 { "smbd_wins", V_01 },
900 { "smbd_cpage", V_LENGTH(0, 4) },
901 { "smbd_cset", V_LENGTH(0, 20) },
902 { "smbd_custom", V_TEXT(0, 2048) },
903 { "smbd_autoshare", V_RANGE(0, 3) },
904 { "smbd_shares", V_LENGTH(0, 4096) },
905 { "smbd_user", V_LENGTH(0, 50) },
906 { "smbd_passwd", V_LENGTH(0, 50) },
907 #endif
908
909 #ifdef TCONFIG_MEDIA_SERVER
910 // nas-media
911 { "ms_enable", V_01 },
912 { "ms_dirs", V_LENGTH(0, 1024) },
913 { "ms_port", V_RANGE(0, 65535) },
914 { "ms_dbdir", V_LENGTH(0, 256) },
915 { "ms_tivo", V_01 },
916 { "ms_stdlna", V_01 },
917 { "ms_rescan", V_01 },
918 { "ms_sas", V_01 },
919 #endif
920
921 // qos
922 { "qos_enable", V_01 },
923 { "qos_pfifo", V_01 },
924 { "qos_ack", V_01 },
925 { "qos_syn", V_01 },
926 { "qos_fin", V_01 },
927 { "qos_rst", V_01 },
928 { "qos_icmp", V_01 },
929 { "qos_reset", V_01 },
930 { "qos_pfifo", V_01 }, // !!TB
931 { "qos_obw", V_RANGE(10, 999999) },
932 { "qos_ibw", V_RANGE(10, 999999) },
933 { "qos_orules", V_LENGTH(0, 4096) },
934 { "qos_default", V_RANGE(0, 9) },
935 { "qos_irates", V_LENGTH(0, 128) },
936 { "qos_orates", V_LENGTH(0, 128) },
937
938 { "ne_vegas", V_01 },
939 { "ne_valpha", V_NUM },
940 { "ne_vbeta", V_NUM },
941 { "ne_vgamma", V_NUM },
942
943 // new_qoslimit
944 { "new_qoslimit_enable", V_01 },
945 /*qos_obw shared*/
946 /*qos_ibw shared*/
947 { "new_qoslimit_rules", V_LENGTH(0, 4096) },
948 { "qosl_enable", V_01 },
949 { "qosl_ulr", V_RANGE(0, 999999) },
950 { "qosl_ulc", V_RANGE(0, 999999) },
951 { "qosl_dlr", V_RANGE(0, 999999) },
952 { "qosl_dlc", V_RANGE(0, 999999) },
953 { "qosl_tcp", V_RANGE(0, 1000) },
954 { "qosl_udp", V_RANGE(0, 100) },
955
956
957 // new_arpbind
958 { "new_arpbind_enable", V_01 },
959 { "new_arpbind_only", V_01 },
960 { "new_arpbind_list", V_LENGTH(0, 4096) },
961
962 #ifdef TCONFIG_OPENVPN
963 // vpn
964 { "vpn_debug", V_01 },
965 { "vpn_server_eas", V_NONE },
966 { "vpn_server_dns", V_NONE },
967 { "vpn_server1_poll", V_RANGE(0, 1440) },
968 { "vpn_server1_if", V_TEXT(3, 3) }, // tap, tun
969 { "vpn_server1_proto", V_TEXT(3, 10) }, // udp, tcp-server
970 { "vpn_server1_port", V_PORT },
971 { "vpn_server1_firewall", V_TEXT(0, 8) }, // auto, external, custom
972 { "vpn_server1_crypt", V_TEXT(0, 6) }, // tls, secret, custom
973 { "vpn_server1_comp", V_TEXT(0, 8) }, // yes, no, adaptive
974 { "vpn_server1_cipher", V_TEXT(0, 16) },
975 { "vpn_server1_dhcp", V_01 },
976 { "vpn_server1_r1", V_IP },
977 { "vpn_server1_r2", V_IP },
978 { "vpn_server1_sn", V_IP },
979 { "vpn_server1_nm", V_IP },
980 { "vpn_server1_local", V_IP },
981 { "vpn_server1_remote", V_IP },
982 { "vpn_server1_reneg", V_RANGE(-1,2147483647)},
983 { "vpn_server1_hmac", V_RANGE(-1, 2) },
984 { "vpn_server1_plan", V_01 },
985 { "vpn_server1_ccd", V_01 },
986 { "vpn_server1_c2c", V_01 },
987 { "vpn_server1_ccd_excl", V_01 },
988 { "vpn_server1_ccd_val", V_NONE },
989 { "vpn_server1_pdns", V_01 },
990 { "vpn_server1_rgw", V_01 },
991 { "vpn_server1_custom", V_NONE },
992 { "vpn_server1_static", V_NONE },
993 { "vpn_server1_ca", V_NONE },
994 { "vpn_server1_crt", V_NONE },
995 { "vpn_server1_key", V_NONE },
996 { "vpn_server1_dh", V_NONE },
997 { "vpn_server2_poll", V_RANGE(0, 1440) },
998 { "vpn_server2_if", V_TEXT(3, 3) }, // tap, tun
999 { "vpn_server2_proto", V_TEXT(3, 10) }, // udp, tcp-server
1000 { "vpn_server2_port", V_PORT },
1001 { "vpn_server2_firewall", V_TEXT(0, 8) }, // auto, external, custom
1002 { "vpn_server2_crypt", V_TEXT(0, 6) }, // tls, secret, custom
1003 { "vpn_server2_comp", V_TEXT(0, 8) }, // yes, no, adaptive
1004 { "vpn_server2_cipher", V_TEXT(0, 16) },
1005 { "vpn_server2_dhcp", V_01 },
1006 { "vpn_server2_r1", V_IP },
1007 { "vpn_server2_r2", V_IP },
1008 { "vpn_server2_sn", V_IP },
1009 { "vpn_server2_nm", V_IP },
1010 { "vpn_server2_local", V_IP },
1011 { "vpn_server2_remote", V_IP },
1012 { "vpn_server2_reneg", V_RANGE(-1,2147483647)},
1013 { "vpn_server2_hmac", V_RANGE(-1, 2) },
1014 { "vpn_server2_plan", V_01 },
1015 { "vpn_server2_pdns", V_01 },
1016 { "vpn_server2_rgw", V_01 },
1017 { "vpn_server2_custom", V_NONE },
1018 { "vpn_server2_ccd", V_01 },
1019 { "vpn_server2_c2c", V_01 },
1020 { "vpn_server2_ccd_excl", V_01 },
1021 { "vpn_server2_ccd_val", V_NONE },
1022 { "vpn_server2_static", V_NONE },
1023 { "vpn_server2_ca", V_NONE },
1024 { "vpn_server2_crt", V_NONE },
1025 { "vpn_server2_key", V_NONE },
1026 { "vpn_server2_dh", V_NONE },
1027 { "vpn_client_eas", V_NONE },
1028 { "vpn_client1_poll", V_RANGE(0, 1440) },
1029 { "vpn_client1_if", V_TEXT(3, 3) }, // tap, tun
1030 { "vpn_client1_bridge", V_01 },
1031 { "vpn_client1_nat", V_01 },
1032 { "vpn_client1_proto", V_TEXT(3, 10) }, // udp, tcp-server
1033 { "vpn_client1_addr", V_NONE },
1034 { "vpn_client1_port", V_PORT },
1035 { "vpn_client1_retry", V_RANGE(-1,32767) }, // -1 infinite, 0 disabled, >= 1 custom
1036 { "vpn_client1_firewall", V_TEXT(0, 6) }, // auto, custom
1037 { "vpn_client1_crypt", V_TEXT(0, 6) }, // tls, secret, custom
1038 { "vpn_client1_comp", V_TEXT(0, 8) }, // yes, no, adaptive
1039 { "vpn_client1_cipher", V_TEXT(0, 16) },
1040 { "vpn_client1_local", V_IP },
1041 { "vpn_client1_remote", V_IP },
1042 { "vpn_client1_nm", V_IP },
1043 { "vpn_client1_reneg", V_RANGE(-1,2147483647)},
1044 { "vpn_client1_hmac", V_RANGE(-1, 2) },
1045 { "vpn_client1_adns", V_RANGE(0, 3) },
1046 { "vpn_client1_rgw", V_01 },
1047 { "vpn_client1_gw", V_TEXT(0, 15) },
1048 { "vpn_client1_custom", V_NONE },
1049 { "vpn_client1_static", V_NONE },
1050 { "vpn_client1_ca", V_NONE },
1051 { "vpn_client1_crt", V_NONE },
1052 { "vpn_client1_key", V_NONE },
1053 { "vpn_client2_poll", V_RANGE(0, 1440) },
1054 { "vpn_client2_if", V_TEXT(3, 3) }, // tap, tun
1055 { "vpn_client2_bridge", V_01 },
1056 { "vpn_client2_nat", V_01 },
1057 { "vpn_client2_proto", V_TEXT(3, 10) }, // udp, tcp-server
1058 { "vpn_client2_addr", V_NONE },
1059 { "vpn_client2_port", V_PORT },
1060 { "vpn_client2_retry", V_RANGE(-1,32767) }, // -1 infinite, 0 disabled, >= 1 custom
1061 { "vpn_client2_firewall", V_TEXT(0, 6) }, // auto, custom
1062 { "vpn_client2_crypt", V_TEXT(0, 6) }, // tls, secret, custom
1063 { "vpn_client2_comp", V_TEXT(0, 8) }, // yes, no, adaptive
1064 { "vpn_client2_cipher", V_TEXT(0, 16) },
1065 { "vpn_client2_local", V_IP },
1066 { "vpn_client2_remote", V_IP },
1067 { "vpn_client2_nm", V_IP },
1068 { "vpn_client2_reneg", V_RANGE(-1,2147483647)},
1069 { "vpn_client2_hmac", V_RANGE(-1, 2) },
1070 { "vpn_client2_adns", V_RANGE(0, 3) },
1071 { "vpn_client2_rgw", V_01 },
1072 { "vpn_client2_gw", V_TEXT(0, 15) },
1073 { "vpn_client2_custom", V_NONE },
1074 { "vpn_client2_static", V_NONE },
1075 { "vpn_client2_ca", V_NONE },
1076 { "vpn_client2_crt", V_NONE },
1077 { "vpn_client2_key", V_NONE },
1078 #endif // vpn
1079
1080
1081
1082 /*
1083 ppp_static 0/1
1084 ppp_static_ip IP
1085 wl_enable 0/1
1086 wl_wds_timeout
1087 wl_maxassoc 1-256
1088 wl_phytype a,b,g
1089 wl_net_reauth
1090 wl_preauth
1091 wl_wme_ap_bk
1092 wl_wme_ap_be
1093 wl_wme_ap_vi
1094 wl_wme_ap_vo
1095 wl_wme_sta_bk
1096 wl_wme_sta_be
1097 wl_wme_sta_vi
1098 wl_wme_sta_vo
1099 QoS
1100 port_priority_1 0-2
1101 port_flow_control_1 0,1
1102 port_rate_limit_1 0-8
1103 port_priority_2 0-2
1104 port_flow_control_2 0,1
1105 port_rate_limit_2 0-8
1106 port_priority_3 0-2
1107 port_flow_control_3 0,1
1108 port_rate_limit_3 0-8
1109 port_priority_4 0-2
1110 port_flow_control_4 0,1
1111 port_rate_limit_4 0-8
1112 wl_ap_ip
1113 wl_ap_ssid
1114 */
1115
1116 { NULL }
1117 };
1118
1119
1120 static int webcgi_nvram_set(const nvset_t *v, const char *name, int write)
1121 {
1122 char *p, *e;
1123 int n;
1124 long l;
1125 unsigned u[6];
1126 int ok;
1127 int dirty;
1128 #ifdef TCONFIG_IPV6
1129 struct in6_addr addr;
1130 #endif
1131
1132 if ((p = webcgi_get((char*)name)) == NULL) return 0;
1133
1134 _dprintf("[%s] %s=%s\n", v->name, (char*)name, p);
1135 dirty = 0;
1136 ok = 1;
1137 switch (v->vtype) {
1138 case VT_TEXT:
1139 p = unix_string(p); // NOTE: p = malloc'd
1140 // drop
1141 case VT_LENGTH:
1142 n = strlen(p);
1143 if ((n < v->va.i) || (n > v->vb.i)) ok = 0;
1144 break;
1145 case VT_RANGE:
1146 l = strtol(p, &e, 10);
1147 if ((p == e) || (*e) || (l < v->va.l) || (l > v->vb.l)) ok = 0;
1148 break;
1149 case VT_IP:
1150 if ((sscanf(p, "%3u.%3u.%3u.%3u", &u[0], &u[1], &u[2], &u[3]) != 4) ||
1151 (u[0] > 255) || (u[1] > 255) || (u[2] > 255) || (u[3] > 255)) ok = 0;
1152 break;
1153 case VT_MAC:
1154 if ((sscanf(p, "%2x:%2x:%2x:%2x:%2x:%2x", &u[0], &u[1], &u[2], &u[3], &u[4], &u[5]) != 6) ||
1155 (u[0] > 255) || (u[1] > 255) || (u[2] > 255) || (u[3] > 255) || (u[4] > 255) || (u[5] > 255)) ok = 0;
1156 break;
1157 #ifdef TCONFIG_IPV6
1158 case VT_IPV6:
1159 if (strlen(p) > 0 || v->va.i) {
1160 if (inet_pton(AF_INET6, p, &addr) != 1) ok = 0;
1161 }
1162 break;
1163 #endif
1164 default:
1165 // shutup gcc
1166 break;
1167 }
1168 if (!ok) {
1169 if (v->vtype == VT_TEXT) free(p);
1170 return -1;
1171 }
1172 if (write) {
1173 if (!nvram_match((char *)name, p)) {
1174 if (v->vtype != VT_TEMP) dirty = 1;
1175 DEBUG_NVRAMSET(name, p);
1176 nvram_set(name, p);
1177 }
1178 }
1179 if (v->vtype == VT_TEXT) free(p);
1180
1181 return dirty;
1182 }
1183
1184 typedef struct {
1185 const nvset_t *v;
1186 int write;
1187 int dirty;
1188 } nv_list_t;
1189
1190 static int nv_wl_find(int idx, int unit, int subunit, void *param)
1191 {
1192 nv_list_t *p = param;
1193
1194 int ok = webcgi_nvram_set(p->v, wl_nvname(p->v->name + 3, unit, subunit), p->write);
1195 if (ok < 0)
1196 return 1;
1197 else {
1198 p->dirty |= ok;
1199 return 0;
1200 }
1201 }
1202
1203 static int save_variables(int write)
1204 {
1205 const nvset_t *v;
1206 char *p;
1207 int n;
1208 int ok;
1209 char s[256];
1210 int dirty;
1211 static const char *msgf = "The field \"%s\" is invalid. Please report this problem.";
1212 nv_list_t nv;
1213
1214 dirty = 0;
1215 nv.write = write;
1216 for (v = nvset_list; v->name; ++v) {
1217 ok = webcgi_nvram_set(v, v->name, write);
1218
1219 if ((ok >= 0) && (strncmp(v->name, "wl_", 3) == 0)) {
1220 nv.dirty = dirty;
1221 nv.v = v;
1222 if (foreach_wif(1, &nv, nv_wl_find) == 0)
1223 ok |= nv.dirty;
1224 else
1225 ok = -1;
1226 }
1227
1228 if (ok < 0) {
1229 sprintf(s, msgf, v->name);
1230 resmsg_set(s);
1231 return 0;
1232 }
1233 dirty |= ok;
1234 }
1235
1236 // special cases
1237
1238 char *p1, *p2;
1239 if (((p1 = webcgi_get("set_password_1")) != NULL) && (strcmp(p1, "**********") != 0)) {
1240 if (((p2 = webcgi_get("set_password_2")) != NULL) && (strcmp(p1, p2) == 0)) {
1241 if ((write) && (!nvram_match("http_passwd", p1))) {
1242 dirty = 1;
1243 nvram_set("http_passwd", p1);
1244 }
1245 }
1246 else {
1247 sprintf(s, msgf, "password");
1248 resmsg_set(s);
1249 return 0;
1250 }
1251 }
1252
1253 for (n = 0; n < 50; ++n) {
1254 sprintf(s, "rrule%d", n);
1255 if ((p = webcgi_get(s)) != NULL) {
1256 if (strlen(p) > 8192) { //Toastman
1257 sprintf(s, msgf, s);
1258 resmsg_set(s);
1259 return 0;
1260 }
1261 if ((write) && (!nvram_match(s, p))) {
1262 dirty = 1;
1263 DEBUG_NVRAMSET(s, p);
1264 nvram_set(s, p);
1265 }
1266 }
1267 }
1268
1269 return (write) ? dirty : 1;
1270 }
1271
1272 static void wo_tomato(char *url)
1273 {
1274 char *v;
1275 int i;
1276 int ajax;
1277 int nvset;
1278 const char *red;
1279 int commit;
1280
1281 // _dprintf("tomato.cgi\n");
1282
1283 red = webcgi_safeget("_redirect", "");
1284 if (!*red) send_header(200, NULL, mime_html, 0);
1285
1286 commit = atoi(webcgi_safeget("_commit", "1"));
1287 ajax = atoi(webcgi_safeget("_ajax", "0"));
1288
1289 nvset = atoi(webcgi_safeget("_nvset", "1"));
1290 if (nvset) {
1291 if (!save_variables(0)) {
1292 if (ajax) {
1293 web_printf("@msg:%s", resmsg_get());
1294 }
1295 else {
1296 parse_asp("error.asp");
1297 }
1298 return;
1299 }
1300 commit = save_variables(1) && commit;
1301
1302 resmsg_set("Settings saved.");
1303 }
1304
1305 rboot = atoi(webcgi_safeget("_reboot", "0"));
1306 if (rboot) {
1307 parse_asp("reboot.asp");
1308 }
1309 else {
1310 if (ajax) {
1311 web_printf("@msg:%s", resmsg_get());
1312 }
1313 else if (atoi(webcgi_safeget("_moveip", "0"))) {
1314 parse_asp("saved-moved.asp");
1315 }
1316 else if (!*red) {
1317 parse_asp("saved.asp");
1318 }
1319 }
1320
1321 if (commit) {
1322 _dprintf("commit from tomato.cgi\n");
1323 nvram_commit_x();
1324 }
1325
1326 if ((v = webcgi_get("_service")) != NULL && *v != 0) {
1327 if (!*red) {
1328 if (ajax) web_printf(" Some services are being restarted...");
1329 web_close();
1330 }
1331 sleep(1);
1332
1333 if (*v == '*') {
1334 kill(1, SIGHUP);
1335 }
1336 else {
1337 exec_service(v);
1338 }
1339 }
1340
1341 for (i = atoi(webcgi_safeget("_sleep", "0")); i > 0; --i) sleep(1);
1342
1343 if (*red) redirect(red);
1344
1345 if (rboot) {
1346 web_close();
1347 sleep(1);
1348 kill(1, SIGTERM);
1349 }
1350 }
1351
1352
1353 // ----------------------------------------------------------------------------
1354
1355
1356 static void wo_update(char *url)
1357 {
1358 const aspapi_t *api;
1359 const char *name;
1360 int argc;
1361 char *argv[16];
1362 char s[32];
1363
1364 if ((name = webcgi_get("exec")) != NULL) {
1365 for (api = aspapi; api->name; ++api) {
1366 if (strcmp(api->name, name) == 0) {
1367 for (argc = 0; argc < 16; ++argc) {
1368 sprintf(s, "arg%d", argc);
1369 if ((argv[argc] = (char *)webcgi_get(s)) == NULL) break;
1370 }
1371 api->exec(argc, argv);
1372 break;
1373 }
1374 }
1375 }
1376 }
1377
1378 static void wo_service(char *url)
1379 {
1380 int n;
1381
1382 exec_service(webcgi_safeget("_service", ""));
1383
1384 if ((n = atoi(webcgi_safeget("_sleep", "2"))) <= 0) n = 2;
1385 sleep(n);
1386
1387 common_redirect();
1388 }
1389
1390 static void wo_shutdown(char *url)
1391 {
1392 parse_asp("shutdown.asp");
1393 web_close();
1394 sleep(1);
1395
1396 kill(1, SIGQUIT);
1397 }
1398
1399 static void wo_nvcommit(char *url)
1400 {
1401 parse_asp("saved.asp");
1402 web_close();
1403 nvram_commit();
1404 }
1405
1406
Tomato firmware and modifications.