search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Tomato 1.28
[tomato.git] / release / src / router / www / admin-access.asp
blob22d1a9aadd31fd58bddbfcc8f9d3d76953ecd6e0
1 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.0//EN'>
2 <!--
3 Tomato GUI
4 Copyright (C) 2006-2010 Jonathan Zarate
5 http://www.polarcloud.com/tomato/
6
7 For use with Tomato Firmware only.
8 No part of this file may be used without permission.
9 -->
10 <html>
11 <head>
12 <meta http-equiv='content-type' content='text/html;charset=utf-8'>
13 <meta name='robots' content='noindex,nofollow'>
14 <title>[<% ident(); %>] Admin: Access</title>
15 <link rel='stylesheet' type='text/css' href='tomato.css'>
16 <link rel='stylesheet' type='text/css' href='color.css' id='guicss'>
17 <script type='text/javascript' src='tomato.js'></script>
18
19 <!-- / / / -->
20
21 <style type='text/css'>
22 textarea {
23 width: 99%;
24 height: 10em;
25 }
26 </style>
27
28 <script type='text/javascript' src='debug.js'></script>
29
30 <script type='text/javascript'>
31
32 // <% nvram("http_enable,https_enable,http_lanport,https_lanport,remote_management,remote_mgt_https,web_wl_filter,web_css,sshd_eas,sshd_pass,sshd_remote,telnetd_eas,http_wanport,sshd_authkeys,sshd_port,sshd_rport,telnetd_port,rmgt_sip,https_crt_cn,https_crt_save,lan_ipaddr,ne_shlimit"); %>
33
34 changed = 0;
35 tdup = parseInt('<% psup("telnetd"); %>');
36 sdup = parseInt('<% psup("dropbear"); %>');
37
38 shlimit = nvram.ne_shlimit.split(',');
39 if (shlimit.length != 3) shlimit = [0,3,60];
40
41 var xmenus = [['Status', 'status'], ['Bandwidth', 'bwm'], ['Tools', 'tools'], ['Basic', 'basic'],
42 ['Advanced', 'advanced'], ['Port Forwarding', 'forward'], ['QoS', 'qos'], ['Administration', 'admin']];
43
44 function toggle(service, isup)
45 {
46 if (changed) {
47 if (!confirm("Unsaved changes will be lost. Continue anyway?")) return;
48 }
49 E('_' + service + '_button').disabled = true;
50 form.submitHidden('service.cgi', {
51 _redirect: 'admin-access.asp',
52 _sleep: ((service == 'sshd') && (!isup)) ? '7' : '3',
53 _service: service + (isup ? '-stop' : '-start')
54 });
55 }
56
57 function verifyFields(focused, quiet)
58 {
59 var ok = 1;
60 var a, b, c;
61 var i;
62
63 try {
64 a = E('_web_css').value;
65 if (a != nvram.web_css) {
66 E('guicss').href = a + '.css';
67 nvram.web_css = a;
68 }
69 }
70 catch (ex) {
71 }
72
73 a = E('_f_http_local');
74 b = E('_f_http_remote').value;
75 if ((a.value != 3) && (b != 0) && (a.value != b)) {
76 ferror.set(a, 'The local http/https must also be enabled when using remote access.', quiet);
77 ok = 0;
78 }
79 else {
80 ferror.clear(a);
81 }
82
83 elem.display(PR('_http_lanport'), (a.value == 1) || (a.value == 3));
84
85 c = (a.value == 2) || (a.value == 3);
86 elem.display(PR('_https_lanport'), 'row_sslcert', PR('_https_crt_cn'), PR('_f_https_crt_save'), PR('_f_https_crt_gen'), c);
87
88 if (c) {
89 a = E('_https_crt_cn');
90 a.value = a.value.replace(/(,+|\s+)/g, ' ').trim();
91 if (a.value != nvram.https_crt_cn) E('_f_https_crt_gen').checked = 1;
92 }
93
94 if ((!v_port('_http_lanport', quiet)) || (!v_port('_https_lanport', quiet))) ok = 0;
95
96 b = b != 0;
97 a = E('_http_wanport');
98 elem.display(PR(a), b);
99 if ((b) && (!v_port(a, quiet))) ok = 0;
100
101 if (!v_port('_telnetd_port', quiet)) ok = 0;
102
103 a = E('_f_sshd_remote').checked;
104 b = E('_sshd_rport');
105 elem.display(PR(b), a);
106 if ((a) && (!v_port(b, quiet))) ok = 0;
107
108 a = E('_sshd_authkeys');
109 if (!v_length(a, quiet, 0, 4096)) {
110 ok = 0;
111 }
112 else if (a.value != '') {
113 if (a.value.search(/^\s*ssh-(dss|rsa)/) == -1) {
114 ferror.set(a, 'Invalid SSH key.', quiet);
115 ok = 0;
116 }
117 }
118
119 a = E('_f_rmgt_sip');
120 if ((a.value.length) && (!v_iptip(a, quiet, 15))) return 0;
121 ferror.clear(a);
122
123 if (!v_range('_f_limit_hit', quiet, 1, 100)) return 0;
124 if (!v_range('_f_limit_sec', quiet, 3, 3600)) return 0;
125
126 a = E('_set_password_1');
127 b = E('_set_password_2');
128 a.value = a.value.trim();
129 b.value = b.value.trim();
130 if (a.value != b.value) {
131 ferror.set(b, 'Both passwords must match.', quiet);
132 ok = 0;
133 }
134 else if (a.value == '') {
135 ferror.set(a, 'Password must not be empty.', quiet);
136 ok = 0;
137 }
138 else {
139 ferror.clear(a);
140 ferror.clear(b);
141 }
142
143 changed |= ok;
144 return ok;
145 }
146
147 function save()
148 {
149 var a, b, fom;
150
151 if (!verifyFields(null, false)) return;
152
153 fom = E('_fom');
154 a = E('_f_http_local').value * 1;
155 if (a == 0) {
156 if (!confirm('Warning: Web Admin is about to be disabled. If you decide to re-enable Web Admin at a later time, it must be done manually via Telnet, SSH or by performing a hardware reset. Are you sure you want to do this?')) return;
157 fom._nextpage.value = 'about:blank';
158 }
159 fom.http_enable.value = (a & 1) ? 1 : 0;
160 fom.https_enable.value = (a & 2) ? 1 : 0;
161
162 nvram.lan_ipaddr = location.hostname;
163 if ((a != 0) && (location.hostname == nvram.lan_ipaddr)) {
164 if (location.protocol == 'https:') {
165 b = 's';
166 if ((a & 2) == 0) b = '';
167 }
168 else {
169 b = '';
170 if ((a & 1) == 0) b = 's';
171 }
172
173 a = 'http' + b + '://' + location.hostname;
174 if (b == 's') {
175 if (fom.https_lanport.value != 443) a += ':' + fom.https_lanport.value;
176 }
177 else {
178 if (fom.http_lanport.value != 80) a += ':' + fom.http_lanport.value;
179 }
180 fom._nextpage.value = a + '/admin-access.asp';
181 }
182
183 a = E('_f_http_remote').value;
184 fom.remote_management.value = (a != 0) ? 1 : 0;
185 fom.remote_mgt_https.value = (a == 2) ? 1 : 0;
186 /*
187 if ((a != 0) && (location.hostname != nvram.lan_ipaddr)) {
188 if (location.protocol == 'https:') {
189 if (a != 2) fom._nextpage.value = 'http://' + location.hostname + ':' + fom.http_wanport.value + '/admin-access.asp';
190 }
191 else {
192 if (a == 2) fom._nextpage.value = 'https://' + location.hostname + ':' + fom.http_wanport.value + '/admin-access.asp';
193 }
194 }
195 */
196 fom.https_crt_gen.value = E('_f_https_crt_gen').checked ? 1 : 0;
197 fom.https_crt_save.value = E('_f_https_crt_save').checked ? 1 : 0;
198
199 fom.web_wl_filter.value = E('_f_http_wireless').checked ? 0 : 1;
200
201 fom.telnetd_eas.value = E('_f_telnetd_eas').checked ? 1 : 0;
202
203 fom.sshd_eas.value = E('_f_sshd_eas').checked ? 1 : 0;
204 fom.sshd_pass.value = E('_f_sshd_pass').checked ? 1 : 0;
205 fom.sshd_remote.value = E('_f_sshd_remote').checked ? 1 : 0;
206
207 fom.rmgt_sip.value = fom.f_rmgt_sip.value.split(/\s*,\s*/).join(',');
208
209 fom.ne_shlimit.value = ((E('_f_limit_ssh').checked ? 1 : 0) | (E('_f_limit_telnet').checked ? 2 : 0)) +
210 ',' + E('_f_limit_hit').value + ',' + E('_f_limit_sec').value;
211
212 a = [];
213 for (var i = 0; i < xmenus.length; ++i) {
214 b = xmenus[i][1];
215 if (E('_f_mx_' + b).checked) a.push(b);
216 }
217 fom.web_mx.value = a.join(',');
218
219 form.submit(fom, 0);
220 }
221
222 function init()
223 {
224 changed = 0;
225 }
226 </script>
227 </head>
228 <body onload="init()">
229 <form id='_fom' method='post' action='tomato.cgi'>
230 <table id='container' cellspacing=0>
231 <tr><td colspan=2 id='header'>
232 <div class='title'>Tomato</div>
233 <div class='version'>Version <% version(); %></div>
234 </td></tr>
235 <tr id='body'><td id='navi'><script type='text/javascript'>navi()</script></td>
236 <td id='content'>
237 <div id='ident'><% ident(); %></div>
238
239 <!-- / / / -->
240
241 <input type='hidden' name='_nextpage' value='admin-access.asp'>
242 <input type='hidden' name='_nextwait' value='10'>
243 <input type='hidden' name='_service' value='admin-restart'>
244
245 <input type='hidden' name='http_enable'>
246 <input type='hidden' name='https_enable'>
247 <input type='hidden' name='https_crt_save'>
248 <input type='hidden' name='https_crt_gen'>
249 <input type='hidden' name='remote_management'>
250 <input type='hidden' name='remote_mgt_https'>
251 <input type='hidden' name='web_wl_filter'>
252 <input type='hidden' name='telnetd_eas'>
253 <input type='hidden' name='sshd_eas'>
254 <input type='hidden' name='sshd_pass'>
255 <input type='hidden' name='sshd_remote'>
256 <input type='hidden' name='ne_shlimit'>
257 <input type='hidden' name='rmgt_sip'>
258 <input type='hidden' name='web_mx'>
259
260 <div class='section-title'>Web Admin</div>
261 <div class='section'>
262 <script type='text/javascript'>
263 var m = [
264 { title: 'Local Access', name: 'f_http_local', type: 'select', options: [[0,'Disabled'],[1,'HTTP'],[2,'HTTPS'],[3,'HTTP &amp; HTTPS']],
265 value: ((nvram.https_enable != 0) ? 2 : 0) | ((nvram.http_enable != 0) ? 1 : 0) },
266 { title: 'HTTP Port', indent: 2, name: 'http_lanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.http_lanport, 80) },
267 { title: 'HTTPS Port', indent: 2, name: 'https_lanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.https_lanport, 443) },
268 { title: 'SSL Certificate', rid: 'row_sslcert' },
269 { title: 'Common Name (CN)', indent: 2, name: 'https_crt_cn', type: 'text', maxlen: 64, size: 64, value: nvram.https_crt_cn,
270 suffix: '&nbsp;<small>(optional; space separated)</small>' },
271 { title: 'Regenerate', indent: 2, name: 'f_https_crt_gen', type: 'checkbox', value: 0 },
272 { title: 'Save In NVRAM', indent: 2, name: 'f_https_crt_save', type: 'checkbox', value: nvram.https_crt_save == 1 },
273 { title: 'Remote Access', name: 'f_http_remote', type: 'select', options: [[0,'Disabled'],[1,'HTTP'],[2,'HTTPS']],
274 value: (nvram.remote_management == 1) ? ((nvram.remote_mgt_https == 1) ? 2 : 1) : 0 },
275 { title: 'Port', indent: 2, name: 'http_wanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.http_wanport, 8080) },
276 { title: 'Allow Wireless Access', name: 'f_http_wireless', type: 'checkbox', value: nvram.web_wl_filter == 0 },
277 null,
278 { title: 'Color Scheme', name: 'web_css', type: 'select',
279 options: [['red','Tomato'],['black','Black'],['blue','Blue'],['bluegreen','Blue &amp; Green (Lighter)'],['bluegreen2','Blue &amp; Green (Darker)'],['brown','Brown'],['cyan','Cyan'],['olive','Olive'],['pumpkin','Pumpkin'],['ext/custom','Custom (ext/custom.css)']], value: nvram.web_css },
280 { title: 'Open Menus' }
281 ];
282
283 var webmx = get_config('web_mx', '').toLowerCase();
284 for (var i = 0; i < xmenus.length; ++i) {
285 m.push({ title: xmenus[i][0], indent: 2, name: 'f_mx_' + xmenus[i][1],
286 type: 'checkbox', value: (webmx.indexOf(xmenus[i][1]) != -1) });
287 }
288
289 createFieldTable('', m);
290 </script>
291 </div>
292
293 <div class='section-title'>SSH Daemon</div>
294 <div class='section'>
295 <script type='text/javascript'>
296 createFieldTable('', [
297 { title: 'Enable at Startup', name: 'f_sshd_eas', type: 'checkbox', value: nvram.sshd_eas == 1 },
298 { title: 'Remote Access', name: 'f_sshd_remote', type: 'checkbox', value: nvram.sshd_remote == 1 },
299 { title: 'Remote Port', indent: 2, name: 'sshd_rport', type: 'text', maxlen: 5, size: 7, value: nvram.sshd_rport },
300 { title: 'Port', name: 'sshd_port', type: 'text', maxlen: 5, size: 7, value: nvram.sshd_port },
301 { title: 'Allow Password Login', name: 'f_sshd_pass', type: 'checkbox', value: nvram.sshd_pass == 1 },
302 { title: 'Authorized Keys', name: 'sshd_authkeys', type: 'textarea', value: nvram.sshd_authkeys }
303 ]);
304 W('<input type="button" value="' + (sdup ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'sshd\', sdup)" id="_sshd_button">');
305 </script>
306 </div>
307
308 <div class='section-title'>Telnet Daemon</div>
309 <div class='section'>
310 <script type='text/javascript'>
311 createFieldTable('', [
312 { title: 'Enable at Startup', name: 'f_telnetd_eas', type: 'checkbox', value: nvram.telnetd_eas == 1 },
313 { title: 'Port', name: 'telnetd_port', type: 'text', maxlen: 5, size: 7, value: nvram.telnetd_port }
314 ]);
315 W('<input type="button" value="' + (tdup ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'telnetd\', tdup)" id="_telnetd_button">');
316 </script>
317 </div>
318
319 <div class='section-title'>Admin Restrictions</div>
320 <div class='section'>
321 <script type='text/javascript'>
322 createFieldTable('', [
323 { title: 'Allowed Remote<br>IP Address', name: 'f_rmgt_sip', type: 'text', maxlen: 512, size: 64, value: nvram.rmgt_sip,
324 suffix: '<br><small>(optional; ex: "1.1.1.1", "1.1.1.0/24" or "1.1.1.1 - 2.2.2.2")</small>' },
325 { title: 'Limit Connection Attempts', multi: [
326 { suffix: '&nbsp; SSH &nbsp; / &nbsp;', name: 'f_limit_ssh', type: 'checkbox', value: (shlimit[0] & 1) != 0 },
327 { suffix: '&nbsp; Telnet &nbsp;', name: 'f_limit_telnet', type: 'checkbox', value: (shlimit[0] & 2) != 0 }
328 ] },
329 { title: '', indent: 2, multi: [
330 { name: 'f_limit_hit', type: 'text', maxlen: 4, size: 6, suffix: '&nbsp; every &nbsp;', value: shlimit[1] },
331 { name: 'f_limit_sec', type: 'text', maxlen: 4, size: 6, suffix: '&nbsp; seconds', value: shlimit[2] }
332 ] }
333 ]);
334 </script>
335 </div>
336
337 <div class='section-title'>Password</div>
338 <div class='section'>
339 <script type='text/javascript'>
340 createFieldTable('', [
341 { title: 'Password', name: 'set_password_1', type: 'password', value: '**********' },
342 { title: '<i>(re-enter to confirm)</i>', indent: 2, name: 'set_password_2', type: 'password', value: '**********' }
343 ]);
344 </script>
345 </div>
346
347 <!-- / / / -->
348
349 </td></tr>
350 <tr><td id='footer' colspan=2>
351 <span id='footer-msg'></span>
352 <input type='button' value='Save' id='save-button' onclick='save()'>
353 <input type='button' value='Cancel' id='cancel-button' onclick='javascript:reloadPage();'>
354 </td></tr>
355 </table>
356 </form>
357 <script type='text/javascript'>verifyFields(null, 1);</script>
358 </body>
359 </html>
Tomato firmware and modifications.