search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Cosmetics admin-access page
[tomato.git] / release / src / router / www / admin-access.asp
blob313f912688b84c53a70061da893dd280556e9d4f
1 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.0//EN'>
2 <!--
3 Tomato GUI
4 Copyright (C) 2006-2010 Jonathan Zarate
5 http://www.polarcloud.com/tomato/
6
7 For use with Tomato Firmware only.
8 No part of this file may be used without permission.
9 -->
10 <html>
11 <head>
12 <meta http-equiv='content-type' content='text/html;charset=utf-8'>
13 <meta name='robots' content='noindex,nofollow'>
14 <title>[<% ident(); %>] Admin: Access</title>
15 <link rel='stylesheet' type='text/css' href='tomato.css'>
16 <link rel='stylesheet' type='text/css' href='color.css' id='guicss'>
17 <script type='text/javascript' src='tomato.js'></script>
18
19 <!-- / / / -->
20
21 <style type='text/css'>
22 textarea {
23 width: 99%;
24 height: 10em;
25 }
26 </style>
27
28 <script type='text/javascript' src='debug.js'></script>
29
30 <script type='text/javascript'>
31
32 // <% nvram("http_enable,https_enable,http_lanport,https_lanport,remote_management,remote_mgt_https,web_wl_filter,web_css,web_dir,ttb_css,sshd_eas,sshd_pass,sshd_remote,telnetd_eas,http_wanport,sshd_authkeys,sshd_port,sshd_rport,sshd_forwarding,telnetd_port,rmgt_sip,https_crt_cn,https_crt_save,lan_ipaddr,ne_shlimit,sshd_motd,http_username,http_root"); %>
33
34 changed = 0;
35 tdup = parseInt('<% psup("telnetd"); %>');
36 sdup = parseInt('<% psup("dropbear"); %>');
37
38 shlimit = nvram.ne_shlimit.split(',');
39 if (shlimit.length != 3) shlimit = [0,3,60];
40
41 var xmenus = [['Status', 'status'], ['Bandwidth', 'bwm'], ['IP Traffic', 'ipt'], ['Tools', 'tools'], ['Basic', 'basic'],
42 ['Advanced', 'advanced'], ['Port Forwarding', 'forward'], ['QoS', 'qos'],
43 /* USB-BEGIN */
44 ['USB and NAS', 'nas'],
45 /* USB-END */
46 /* VPN-BEGIN */
47 ['VPN Tunneling', 'vpn'],
48 /* VPN-END */
49 ['Administration', 'admin']];
50
51 function toggle(service, isup)
52 {
53 if (changed) {
54 if (!confirm("Unsaved changes will be lost. Continue anyway?")) return;
55 }
56 E('_' + service + '_button').disabled = true;
57 form.submitHidden('service.cgi', {
58 _redirect: 'admin-access.asp',
59 _sleep: ((service == 'sshd') && (!isup)) ? '7' : '3',
60 _service: service + (isup ? '-stop' : '-start')
61 });
62 }
63
64 function verifyFields(focused, quiet)
65 {
66 var ok = 1;
67 var a, b, c;
68 var i;
69
70 var o = (E('_web_css').value == 'online');
71 var p = nvram.ttb_css;
72 elem.display(PR('_ttb_css'), o);
73
74 try {
75 a = E('_web_css').value;
76 if (a == 'online') {
77 E('guicss').href = 'ext/' + p + '.css';
78 nvram.web_css = a;
79 } else {
80 if (a != nvram.web_css) {
81 E('guicss').href = a + '.css';
82 nvram.web_css = a;
83 }
84 }
85 }
86 catch (ex) {
87 }
88
89 a = E('_f_http_local');
90 b = E('_f_http_remote').value;
91 if ((a.value != 3) && (b != 0) && (a.value != b)) {
92 ferror.set(a, 'The local http/https must also be enabled when using remote access.', quiet || !ok);
93 ok = 0;
94 }
95 else {
96 ferror.clear(a);
97 }
98
99 elem.display(PR('_http_lanport'), (a.value == 1) || (a.value == 3));
100
101 c = (a.value == 2) || (a.value == 3);
102 elem.display(PR('_https_lanport'), 'row_sslcert', PR('_https_crt_cn'), PR('_f_https_crt_save'), PR('_f_https_crt_gen'), c);
103
104 if (c) {
105 a = E('_https_crt_cn');
106 a.value = a.value.replace(/(,+|\s+)/g, ' ').trim();
107 if (a.value != nvram.https_crt_cn) E('_f_https_crt_gen').checked = 1;
108 }
109
110 if ((!v_port('_http_lanport', quiet || !ok)) || (!v_port('_https_lanport', quiet || !ok))) ok = 0;
111
112 b = b != 0;
113 a = E('_http_wanport');
114 elem.display(PR(a), b);
115 if ((b) && (!v_port(a, quiet || !ok))) ok = 0;
116
117 if (!v_port('_telnetd_port', quiet || !ok)) ok = 0;
118
119 a = E('_f_sshd_remote').checked;
120 b = E('_sshd_rport');
121 elem.display(PR(b), a);
122 if ((a) && (!v_port(b, quiet || !ok))) ok = 0;
123
124 a = E('_sshd_authkeys');
125 if (!v_length(a, quiet || !ok, 0, 4096)) {
126 ok = 0;
127 }
128 else if (a.value != '') {
129 if (a.value.search(/^\s*ssh-(dss|rsa)/) == -1) {
130 ferror.set(a, 'Invalid SSH key.', quiet || !ok);
131 ok = 0;
132 }
133 }
134
135 a = E('_f_rmgt_sip');
136 if ((a.value.length) && (!_v_iptaddr(a, quiet || !ok, 15, 1, 1))) return 0;
137 ferror.clear(a);
138
139 if (!v_range('_f_limit_hit', quiet || !ok, 1, 100)) return 0;
140 if (!v_range('_f_limit_sec', quiet || !ok, 3, 3600)) return 0;
141
142 a = E('_set_password_1');
143 b = E('_set_password_2');
144 a.value = a.value.trim();
145 b.value = b.value.trim();
146 if (a.value != b.value) {
147 ferror.set(b, 'Both passwords must match.', quiet || !ok);
148 ok = 0;
149 }
150 else if (a.value == '') {
151 ferror.set(a, 'Password must not be empty.', quiet || !ok);
152 ok = 0;
153 }
154 else {
155 ferror.clear(a);
156 ferror.clear(b);
157 }
158
159 changed |= ok;
160 return ok;
161 }
162
163 function save()
164 {
165 var a, b, fom;
166
167 if (!verifyFields(null, false)) return;
168
169 fom = E('_fom');
170 a = E('_f_http_local').value * 1;
171 if (a == 0) {
172 if (!confirm('Warning: Web Admin is about to be disabled. If you decide to re-enable Web Admin at a later time, it must be done manually via Telnet, SSH or by performing a hardware reset. Are you sure you want to do this?')) return;
173 fom._nextpage.value = 'about:blank';
174 }
175 fom.http_enable.value = (a & 1) ? 1 : 0;
176 fom.https_enable.value = (a & 2) ? 1 : 0;
177
178 nvram.lan_ipaddr = location.hostname;
179 if ((a != 0) && (location.hostname == nvram.lan_ipaddr)) {
180 if (location.protocol == 'https:') {
181 b = 's';
182 if ((a & 2) == 0) b = '';
183 }
184 else {
185 b = '';
186 if ((a & 1) == 0) b = 's';
187 }
188
189 a = 'http' + b + '://' + location.hostname;
190 if (b == 's') {
191 if (fom.https_lanport.value != 443) a += ':' + fom.https_lanport.value;
192 }
193 else {
194 if (fom.http_lanport.value != 80) a += ':' + fom.http_lanport.value;
195 }
196 fom._nextpage.value = a + '/admin-access.asp';
197 }
198
199 a = E('_f_http_remote').value;
200 fom.remote_management.value = (a != 0) ? 1 : 0;
201 fom.remote_mgt_https.value = (a == 2) ? 1 : 0;
202 /*
203 if ((a != 0) && (location.hostname != nvram.lan_ipaddr)) {
204 if (location.protocol == 'https:') {
205 if (a != 2) fom._nextpage.value = 'http://' + location.hostname + ':' + fom.http_wanport.value + '/admin-access.asp';
206 }
207 else {
208 if (a == 2) fom._nextpage.value = 'https://' + location.hostname + ':' + fom.http_wanport.value + '/admin-access.asp';
209 }
210 }
211 */
212 fom.https_crt_gen.value = E('_f_https_crt_gen').checked ? 1 : 0;
213 fom.https_crt_save.value = E('_f_https_crt_save').checked ? 1 : 0;
214 fom.http_root.value = E('_f_http_root').checked ? 1 : 0;
215
216 fom.web_wl_filter.value = E('_f_http_wireless').checked ? 0 : 1;
217
218 fom.telnetd_eas.value = E('_f_telnetd_eas').checked ? 1 : 0;
219
220 fom.sshd_eas.value = E('_f_sshd_eas').checked ? 1 : 0;
221 fom.sshd_pass.value = E('_f_sshd_pass').checked ? 1 : 0;
222 fom.sshd_remote.value = E('_f_sshd_remote').checked ? 1 : 0;
223 fom.sshd_motd.value = E('_f_sshd_motd').checked ? 1 : 0;
224 fom.sshd_forwarding.value = E('_f_sshd_forwarding').checked ? 1 : 0;
225
226 fom.rmgt_sip.value = fom.f_rmgt_sip.value.split(/\s*,\s*/).join(',');
227
228 fom.ne_shlimit.value = ((E('_f_limit_ssh').checked ? 1 : 0) | (E('_f_limit_telnet').checked ? 2 : 0)) +
229 ',' + E('_f_limit_hit').value + ',' + E('_f_limit_sec').value;
230
231 a = [];
232 for (var i = 0; i < xmenus.length; ++i) {
233 b = xmenus[i][1];
234 if (E('_f_mx_' + b).checked) a.push(b);
235 }
236 fom.web_mx.value = a.join(',');
237
238 form.submit(fom, 0);
239 }
240
241 function init()
242 {
243 changed = 0;
244 }
245 </script>
246 </head>
247 <body onload="init()">
248 <form id='_fom' method='post' action='tomato.cgi'>
249 <table id='container' cellspacing=0>
250 <tr><td colspan=2 id='header'>
251 <div class='title'>Tomato</div>
252 <div class='version'>Version <% version(); %></div>
253 </td></tr>
254 <tr id='body'><td id='navi'><script type='text/javascript'>navi()</script></td>
255 <td id='content'>
256 <div id='ident'><% ident(); %></div>
257
258 <!-- / / / -->
259
260 <input type='hidden' name='_nextpage' value='admin-access.asp'>
261 <input type='hidden' name='_nextwait' value='20'>
262 <input type='hidden' name='_service' value='admin-restart'>
263
264 <input type='hidden' name='http_enable'>
265 <input type='hidden' name='https_enable'>
266 <input type='hidden' name='https_crt_save'>
267 <input type='hidden' name='https_crt_gen'>
268 <input type='hidden' name='http_root'>
269 <input type='hidden' name='remote_management'>
270 <input type='hidden' name='remote_mgt_https'>
271 <input type='hidden' name='web_wl_filter'>
272 <input type='hidden' name='telnetd_eas'>
273 <input type='hidden' name='sshd_eas'>
274 <input type='hidden' name='sshd_pass'>
275 <input type='hidden' name='sshd_remote'>
276 <input type='hidden' name='sshd_motd'>
277 <input type='hidden' name='ne_shlimit'>
278 <input type='hidden' name='rmgt_sip'>
279 <input type='hidden' name='sshd_forwarding'>
280 <input type='hidden' name='web_mx'>
281
282 <div class='section-title'>Web Admin</div>
283 <div class='section'>
284 <script type='text/javascript'>
285 var m = [
286 { title: 'Local Access', name: 'f_http_local', type: 'select', options: [[0,'Disabled'],[1,'HTTP'],[2,'HTTPS'],[3,'HTTP &amp; HTTPS']],
287 value: ((nvram.https_enable != 0) ? 2 : 0) | ((nvram.http_enable != 0) ? 1 : 0) },
288 { title: 'HTTP Port', indent: 2, name: 'http_lanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.http_lanport, 80) },
289 { title: 'HTTPS Port', indent: 2, name: 'https_lanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.https_lanport, 443) },
290 { title: 'SSL Certificate', rid: 'row_sslcert' },
291 { title: 'Common Name (CN)', indent: 2, name: 'https_crt_cn', type: 'text', maxlen: 64, size: 64, value: nvram.https_crt_cn,
292 suffix: '&nbsp;<small>(optional; space separated)</small>' },
293 { title: 'Regenerate', indent: 2, name: 'f_https_crt_gen', type: 'checkbox', value: 0 },
294 { title: 'Save In NVRAM', indent: 2, name: 'f_https_crt_save', type: 'checkbox', value: nvram.https_crt_save == 1 },
295 { title: 'Remote Access', name: 'f_http_remote', type: 'select', options: [[0,'Disabled'],[1,'HTTP'],[2,'HTTPS']],
296 value: (nvram.remote_management == 1) ? ((nvram.remote_mgt_https == 1) ? 2 : 1) : 0 },
297 { title: 'Port', indent: 2, name: 'http_wanport', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.http_wanport, 8080) },
298 { title: 'Allow Wireless Access', name: 'f_http_wireless', type: 'checkbox', value: nvram.web_wl_filter == 0 },
299 null,
300 { title: 'Directory with GUI files', name: 'web_dir', type: 'select',
301 options: [['default','Default: /www'], ['jffs', 'Custom: /jffs/www (Experts Only!)'], ['opt', 'Custom: /opt/www (Experts Only!)'], ['tmp', 'Custom: /tmp/www (Experts Only!)']], value: nvram.web_dir, suffix: ' <small>Please be sure of your decision before change this settings!</small>' },
302 { title: 'Color Scheme', name: 'web_css', type: 'select',
303 options: [['openlinksys','USB Blue - OpenLinksys'],['red','Tomato'],['ext/custom','Custom (ext/custom.css)'], ['online', 'On-line from TTB']], value: nvram.web_css },
304 { title: 'TTB ID#', indent: 2, name: 'ttb_css', type: 'text', maxlen: 25, size: 30, value: nvram.ttb_css, suffix: ' Theme name from <a href="http://www.tomatothemebase.eu" target="_blanc"><u><i>TTB themes gallery</i></u></a>' },
305 null,
306 { title: 'Open Menus' }
307 ];
308
309 var webmx = get_config('web_mx', '').toLowerCase();
310 for (var i = 0; i < xmenus.length; ++i) {
311 m.push({ title: xmenus[i][0], indent: 2, name: 'f_mx_' + xmenus[i][1],
312 type: 'checkbox', value: (webmx.indexOf(xmenus[i][1]) != -1) });
313 }
314
315 createFieldTable('', m);
316 </script>
317 </div>
318
319 <div class='section-title'>SSH Daemon</div>
320 <div class='section'>
321 <script type='text/javascript'>
322 createFieldTable('', [
323 { title: 'Enable at Startup', name: 'f_sshd_eas', type: 'checkbox', value: nvram.sshd_eas == 1 },
324 { title: 'Extended MOTD', name: 'f_sshd_motd', type: 'checkbox', value: nvram.sshd_motd == 1 },
325 { title: 'Remote Access', name: 'f_sshd_remote', type: 'checkbox', value: nvram.sshd_remote == 1 },
326 { title: 'Remote Port', indent: 2, name: 'sshd_rport', type: 'text', maxlen: 5, size: 7, value: nvram.sshd_rport },
327 { title: 'Remote Forwarding', name: 'f_sshd_forwarding', type: 'checkbox', value: nvram.sshd_forwarding == 1 },
328 { title: 'Port', name: 'sshd_port', type: 'text', maxlen: 5, size: 7, value: nvram.sshd_port },
329 { title: 'Allow Password Login', name: 'f_sshd_pass', type: 'checkbox', value: nvram.sshd_pass == 1 },
330 { title: 'Authorized Keys', name: 'sshd_authkeys', type: 'textarea', value: nvram.sshd_authkeys }
331 ]);
332 W('<input type="button" value="' + (sdup ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'sshd\', sdup)" id="_sshd_button">');
333 </script>
334 </div>
335
336 <div class='section-title'>Telnet Daemon</div>
337 <div class='section'>
338 <script type='text/javascript'>
339 createFieldTable('', [
340 { title: 'Enable at Startup', name: 'f_telnetd_eas', type: 'checkbox', value: nvram.telnetd_eas == 1 },
341 { title: 'Port', name: 'telnetd_port', type: 'text', maxlen: 5, size: 7, value: nvram.telnetd_port }
342 ]);
343 W('<input type="button" value="' + (tdup ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'telnetd\', tdup)" id="_telnetd_button">');
344 </script>
345 </div>
346
347 <div class='section-title'>Admin Restrictions</div>
348 <div class='section'>
349 <script type='text/javascript'>
350 createFieldTable('', [
351 { title: 'Allowed Remote<br>IP Address', name: 'f_rmgt_sip', type: 'text', maxlen: 512, size: 64, value: nvram.rmgt_sip,
352 suffix: '<br><small>(optional; ex: "1.1.1.1", "1.1.1.0/24", "1.1.1.1 - 2.2.2.2" or "me.example.com")</small>' },
353 { title: 'Limit Connection Attempts', multi: [
354 { suffix: '&nbsp; SSH &nbsp; / &nbsp;', name: 'f_limit_ssh', type: 'checkbox', value: (shlimit[0] & 1) != 0 },
355 { suffix: '&nbsp; Telnet &nbsp;', name: 'f_limit_telnet', type: 'checkbox', value: (shlimit[0] & 2) != 0 }
356 ] },
357 { title: '', indent: 2, multi: [
358 { name: 'f_limit_hit', type: 'text', maxlen: 4, size: 6, suffix: '&nbsp; every &nbsp;', value: shlimit[1] },
359 { name: 'f_limit_sec', type: 'text', maxlen: 4, size: 6, suffix: '&nbsp; seconds', value: shlimit[2] }
360 ] }
361 ]);
362 </script>
363 </div>
364
365 <div class='section-title'>Username / Password</div>
366 <div class='section'>
367 <script type='text/javascript'>
368 createFieldTable('', [
369 { title: 'Username', name: 'http_username', type: 'text', value: nvram.http_username, suffix: '&nbsp;<small>(empty field means "admin")</small>' },
370 { title: 'Allow web login as "root"', name: 'f_http_root', type: 'checkbox', value: nvram.http_root == 1 },
371 null,
372 { title: 'Password', name: 'set_password_1', type: 'password', value: '**********' },
373 { title: '<i>(re-enter to confirm)</i>', indent: 2, name: 'set_password_2', type: 'password', value: '**********' }
374 ]);
375 </script>
376 </div>
377
378 <!-- / / / -->
379
380 </td></tr>
381 <tr><td id='footer' colspan=2>
382 <span id='footer-msg'></span>
383 <input type='button' value='Save' id='save-button' onclick='save()'>
384 <input type='button' value='Cancel' id='cancel-button' onclick='javascript:reloadPage();'>
385 </td></tr>
386 </table>
387 </form>
388 <script type='text/javascript'>verifyFields(null, 1);</script>
389 </body>
390 </html>
Tomato firmware and modifications.