Project

General

Profile

Download (27.4 KB) Statistics
| Branch: | Tag: | Revision:

univnautes / usr / local / www / diag_backup.php @ a1b66bec

1
<?php
2
/* $Id$ */
3
/*
4
	diag_backup.php
5
	Copyright (C) 2004-2009 Scott Ullrich
6
	All rights reserved.
7

    
8
	originally part of m0n0wall (http://m0n0.ch/wall)
9
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10
	All rights reserved.
11

    
12
	Redistribution and use in source and binary forms, with or without
13
	modification, are permitted provided that the following conditions are met:
14

    
15
	1. Redistributions of source code must retain the above copyright notice,
16
	   this list of conditions and the following disclaimer.
17

    
18
	2. Redistributions in binary form must reproduce the above copyright
19
	   notice, this list of conditions and the following disclaimer in the
20
	   documentation and/or other materials provided with the distribution.
21

    
22
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31
	POSSIBILITY OF SUCH DAMAGE.
32
*/
33

    
34
/*
35
	pfSense_BUILDER_BINARIES:	/sbin/shutdown
36
	pfSense_MODULE:	backup
37
*/
38

    
39
##|+PRIV
40
##|*IDENT=page-diagnostics-backup/restore
41
##|*NAME=Diagnostics: Backup/restore page
42
##|*DESCR=Allow access to the 'Diagnostics: Backup/restore' page.
43
##|*MATCH=diag_backup.php*
44
##|-PRIV
45

    
46
/* Allow additional execution time 0 = no limit. */
47
ini_set('max_execution_time', '0');
48
ini_set('max_input_time', '0');
49

    
50
/* omit no-cache headers because it confuses IE with file downloads */
51
$omit_nocacheheaders = true;
52
$nocsrf = true;
53
require("guiconfig.inc");
54
require_once("functions.inc");
55
require_once("filter.inc");
56
require_once("shaper.inc");
57

    
58
$rrddbpath = "/var/db/rrd";
59
$rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool";
60

    
61
function rrd_data_xml() {
62
	global $rrddbpath;
63
	global $rrdtool;
64

    
65
	$result = "\t<rrddata>\n";
66
	$rrd_files = glob("{$rrddbpath}/*.rrd");
67
	$xml_files = array();
68
	foreach ($rrd_files as $rrd_file) {
69
		$basename = basename($rrd_file);
70
		$xml_file = preg_replace('/\.rrd$/', ".xml", $rrd_file);
71
		exec("$rrdtool dump '{$rrd_file}' '{$xml_file}'");
72
		$xml_data = file_get_contents($xml_file);
73
		unlink($xml_file);
74
		if ($xml_data !== false) {
75
			$result .= "\t\t<rrddatafile>\n";
76
			$result .= "\t\t\t<filename>{$basename}</filename>\n";
77
			$result .= "\t\t\t<xmldata>" . base64_encode(gzdeflate($xml_data)) . "</xmldata>\n";
78
			$result .= "\t\t</rrddatafile>\n";
79
		}
80
	}
81
	$result .= "\t</rrddata>\n";
82
	return $result;
83
}
84

    
85
function restore_rrddata() {
86
	global $config, $g, $rrdtool, $input_errors;
87
	foreach($config['rrddata']['rrddatafile'] as $rrd) {
88
		if ($rrd['xmldata']) {
89
			$rrd_file = "{$g['vardb_path']}/rrd/{$rrd['filename']}";
90
			$xml_file = preg_replace('/\.rrd$/', ".xml", $rrd_file);
91
			if (file_put_contents($xml_file, gzinflate(base64_decode($rrd['xmldata']))) === false) {
92
				log_error("Cannot write $xml_file");
93
				continue;
94
			}
95
			$output = array();
96
			$status = null;
97
			exec("$rrdtool restore -f '{$xml_file}' '{$rrd_file}'", $output, $status);
98
			if ($status) {
99
				log_error("rrdtool restore -f '{$xml_file}' '{$rrd_file}' failed returning {$status}.");
100
				continue;
101
			}
102
			unlink($xml_file);
103
		}
104
		else if ($rrd['data']) {
105
			$rrd_file = "{$g['vardb_path']}/rrd/{$rrd['filename']}";
106
			$rrd_fd = fopen($rrd_file, "w");
107
			if (!$rrd_fd) {
108
				log_error("Cannot write $rrd_file");
109
				continue;
110
			}
111
			$data = base64_decode($rrd['data']);
112
			/* Try to decompress the data. */
113
			$dcomp = @gzinflate($data);
114
			if ($dcomp) {
115
				/* If the decompression worked, write the decompressed data */
116
				if (fwrite($rrd_fd, $dcomp) === false) {
117
					log_error("fwrite $rrd_file failed");
118
					continue;
119
				}
120
			} else {
121
				/* If the decompression failed, it wasn't compressed, so write raw data */
122
				if (fwrite($rrd_fd, $data) === false) {
123
					log_error("fwrite $rrd_file failed");
124
					continue;
125
				}
126
			}
127
			if (fclose($rrd_fd) === false) {
128
				log_error("fclose $rrd_file failed");
129
				continue;
130
			}
131
		}
132
	}
133
}
134

    
135
function add_base_packages_menu_items() {
136
	global $g, $config;
137
	$base_packages = explode(",", $g['base_packages']);
138
	$modified_config = false;
139
	foreach($base_packages as $bp) {
140
		$basepkg_path = "/usr/local/pkg/{$bp}";
141
		$tmpinfo = pathinfo($basepkg_path, PATHINFO_EXTENSION);
142
		if($tmpinfo['extension'] == "xml" && file_exists($basepkg_path)) {
143
			$pkg_config = parse_xml_config_pkg($basepkg_path, "packagegui");
144
			if($pkg_config['menu'] != "") {
145
				if(is_array($pkg_config['menu'])) {
146
					foreach($pkg_config['menu'] as $menu) {
147
						if(is_array($config['installedpackages']['menu']))
148
							foreach($config['installedpackages']['menu'] as $amenu)
149
								if($amenu['name'] == $menu['name'])
150
									continue;
151
						$config['installedpackages']['menu'][] = $menu;
152
						$modified_config = true;
153
					}
154
				}
155
				$static_output .= "done.\n";
156
				update_output_window($static_output);
157
			}
158
		}
159
	}
160
	if($modified_config) {
161
		write_config(gettext("Restored base_package menus after configuration restore."));
162
		$config = parse_config(true);
163
	}
164
}
165

    
166
function remove_bad_chars($string) {
167
	return preg_replace('/[^a-z_0-9]/i','',$string);
168
}
169

    
170
function check_and_returnif_section_exists($section) {
171
	global $config;
172
	if(is_array($config[$section]))
173
		return true;
174
	return false;
175
}
176

    
177
function spit_out_select_items($name, $showall) {
178
	global $config;
179

    
180
	$areas = array("aliases" => gettext("Aliases"),
181
		       "captiveportal" => gettext("Captive Portal"),
182
		       "voucher" => gettext("Captive Portal Vouchers"),
183
		       "dnsmasq" => gettext("DNS Forwarder"),
184
		       "dhcpd" => gettext("DHCP Server"),
185
		       "dhcpdv6" => gettext("DHCPv6 Server"),
186
		       "filter" => gettext("Firewall Rules"),
187
		       "interfaces" => gettext("Interfaces"),
188
		       "ipsec" => gettext("IPSEC"),
189
		       "nat" => gettext("NAT"),
190
		       "openvpn" => gettext("OpenVPN"),
191
		       "installedpackages" => gettext("Package Manager"),
192
		       "pptpd" => gettext("PPTP Server"),
193
		       "rrddata" => gettext("RRD Data"),
194
		       "cron" => gettext("Scheduled Tasks"),
195
		       "syslog" => gettext("Syslog"),
196
		       "system" => gettext("System"),
197
		       "staticroutes" => gettext("Static routes"),
198
		       "sysctl" => gettext("System tunables"),
199
		       "snmpd" => gettext("SNMP Server"),
200
		       "shaper" => gettext("Traffic Shaper"),
201
		       "vlans" => gettext("VLANS"),
202
		       "wol" => gettext("Wake on LAN")
203
		);
204

    
205
	$select  = "<select name=\"{$name}\" id=\"{$name}\">";
206
	$select .= "<option value=\"\">" . gettext("ALL") . "</option>";
207

    
208
	if($showall == true)
209
		foreach($areas as $area => $areaname)
210
			$select .= "<option value=\"{$area}\">{$areaname}</option>\n";
211
	else
212
		foreach($areas as $area => $areaname)
213
			if($area === "rrddata" || check_and_returnif_section_exists($area) == true)
214
				$select .= "<option value=\"{$area}\">{$areaname}</option>\n";
215

    
216
	$select .= "</select>\n";
217

    
218
	if ($name === "backuparea") {
219
		$select .= <<<END_SCRIPT_BLOCK
220
			<script type="text/javascript">
221
			//<![CDATA[
222
				jQuery(function (\$) {
223
					$("#{$name}").change(function () {
224
						backuparea_change(this);
225
					}).trigger("change");
226
				});
227
			//]]>
228
			</script>
229
END_SCRIPT_BLOCK;
230
	}
231

    
232
	echo $select;
233

    
234
}
235

    
236
if ($_POST['apply']) {
237
	ob_flush();
238
	flush();
239
	conf_mount_rw();
240
	clear_subsystem_dirty("restore");
241
	conf_mount_ro();
242
	exit;
243
}
244

    
245
if ($_POST) {
246
	unset($input_errors);
247
	if (stristr($_POST['Submit'], gettext("Restore configuration")))
248
		$mode = "restore";
249
	else if (stristr($_POST['Submit'], gettext("Reinstall")))
250
		$mode = "reinstallpackages";
251
	else if (stristr($_POST['Submit'], gettext("Clear Package Lock")))
252
		$mode = "clearpackagelock";
253
	else if (stristr($_POST['Submit'], gettext("Download")))
254
		$mode = "download";
255
	else if (stristr($_POST['Submit'], gettext("Restore version")))
256
		$mode = "restore_ver";
257

    
258
	if ($_POST["nopackages"] <> "")
259
		$options = "nopackages";
260

    
261
	if ($_POST["ver"] <> "")
262
		$ver2restore = $_POST["ver"];
263

    
264
	if ($mode) {
265

    
266
		if ($mode == "download") {
267

    
268
			if ($_POST['encrypt']) {
269
				if(!$_POST['encrypt_password'] || !$_POST['encrypt_passconf'])
270
					$input_errors[] = gettext("You must supply and confirm the password for encryption.");
271
				if($_POST['encrypt_password'] != $_POST['encrypt_passconf'])
272
					$input_errors[] = gettext("The supplied 'Password' and 'Confirm' field values must match.");
273
			}
274

    
275
			if (!$input_errors) {
276

    
277
				//$lockbckp = lock('config');
278

    
279
				$host = "{$config['system']['hostname']}.{$config['system']['domain']}";
280
				$name = "config-{$host}-".date("YmdHis").".xml";
281
				$data = "";
282

    
283
				if($options == "nopackages") {
284
					if(!$_POST['backuparea']) {
285
						/* backup entire configuration */
286
						$data = file_get_contents("{$g['conf_path']}/config.xml");
287
					} else {
288
						/* backup specific area of configuration */
289
						$data = backup_config_section($_POST['backuparea']);
290
						$name = "{$_POST['backuparea']}-{$name}";
291
					}
292
					$sfn = "{$g['tmp_path']}/config.xml.nopkg";
293
					file_put_contents($sfn, $data);
294
					exec("sed '/<installedpackages>/,/<\/installedpackages>/d' {$sfn} > {$sfn}-new");
295
					$data = file_get_contents($sfn . "-new");
296
				} else {
297
					if(!$_POST['backuparea']) {
298
						/* backup entire configuration */
299
						$data = file_get_contents("{$g['conf_path']}/config.xml");
300
					} else if ($_POST['backuparea'] === "rrddata") {
301
						$data = rrd_data_xml();
302
						$name = "{$_POST['backuparea']}-{$name}";
303
					} else {
304
						/* backup specific area of configuration */
305
						$data = backup_config_section($_POST['backuparea']);
306
						$name = "{$_POST['backuparea']}-{$name}";
307
					}
308
				}
309

    
310
				//unlock($lockbckp);
311

    
312
				/*
313
				 *  Backup RRD Data
314
				 */
315
				if ($_POST['backuparea'] !== "rrddata" && !$_POST['donotbackuprrd']) {
316
					$rrd_data_xml = rrd_data_xml();
317
					$closing_tag = "</" . $g['xml_rootobj'] . ">";
318
					$data = str_replace($closing_tag, $rrd_data_xml . $closing_tag, $data);
319
				}
320

    
321
				if ($_POST['encrypt']) {
322
					$data = encrypt_data($data, $_POST['encrypt_password']);
323
					tagfile_reformat($data, $data, "config.xml");
324
				}
325

    
326
				$size = strlen($data);
327
				header("Content-Type: application/octet-stream");
328
				header("Content-Disposition: attachment; filename={$name}");
329
				header("Content-Length: $size");
330
				if (isset($_SERVER['HTTPS'])) {
331
					header('Pragma: ');
332
					header('Cache-Control: ');
333
				} else {
334
					header("Pragma: private");
335
					header("Cache-Control: private, must-revalidate");
336
				}
337
				echo $data;
338

    
339
				exit;
340
			}
341
		}
342

    
343
		if ($mode == "restore") {
344

    
345
			if ($_POST['decrypt']) {
346
				if(!$_POST['decrypt_password'] || !$_POST['decrypt_passconf'])
347
					$input_errors[] = gettext("You must supply and confirm the password for decryption.");
348
				if($_POST['decrypt_password'] != $_POST['decrypt_passconf'])
349
					$input_errors[] = gettext("The supplied 'Password' and 'Confirm' field values must match.");
350
			}
351

    
352
			if (!$input_errors) {
353

    
354
				if (is_uploaded_file($_FILES['conffile']['tmp_name'])) {
355

    
356
					/* read the file contents */
357
					$data = file_get_contents($_FILES['conffile']['tmp_name']);
358
					if(!$data) {
359
						log_error(sprintf(gettext("Warning, could not read file %s"), $_FILES['conffile']['tmp_name']));
360
						return 1;
361
					}
362

    
363
					if ($_POST['decrypt']) {
364
						if (!tagfile_deformat($data, $data, "config.xml")) {
365
							$input_errors[] = gettext("The uploaded file does not appear to contain an encrypted pfsense configuration.");
366
							return 1;
367
						}
368
						$data = decrypt_data($data, $_POST['decrypt_password']);
369
					}
370

    
371
					if(stristr($data, "<m0n0wall>")) {
372
						log_error(gettext("Upgrading m0n0wall configuration to pfsense."));
373
						/* m0n0wall was found in config.  convert it. */
374
						$data = str_replace("m0n0wall", "pfsense", $data);
375
						$m0n0wall_upgrade = true;
376
					}
377
					if($_POST['restorearea']) {
378
						/* restore a specific area of the configuration */
379
						if(!stristr($data, "<" . $_POST['restorearea'] . ">")) {
380
							$input_errors[] = gettext("You have selected to restore an area but we could not locate the correct xml tag.");
381
						} else {
382
							if (!restore_config_section($_POST['restorearea'], $data)) {
383
								$input_errors[] = gettext("You have selected to restore an area but we could not locate the correct xml tag.");
384
							} else {
385
								if ($config['rrddata']) {
386
									restore_rrddata();
387
									unset($config['rrddata']);
388
									unlink_if_exists("{$g['tmp_path']}/config.cache");
389
									write_config();
390
									add_base_packages_menu_items();
391
									convert_config();
392
									conf_mount_ro();
393
								}
394
								filter_configure();
395
								$savemsg = gettext("The configuration area has been restored.  You may need to reboot the firewall.");
396
							}
397
						}
398
					} else {
399
						if(!stristr($data, "<" . $g['xml_rootobj'] . ">")) {
400
							$input_errors[] = sprintf(gettext("You have selected to restore the full configuration but we could not locate a %s tag."), $g['xml_rootobj']);
401
						} else {
402
							/* restore the entire configuration */
403
							file_put_contents($_FILES['conffile']['tmp_name'], $data);
404
							if (config_install($_FILES['conffile']['tmp_name']) == 0) {
405
								/* this will be picked up by /index.php */
406
								conf_mount_rw();
407
								mark_subsystem_dirty("restore");
408
								touch("/conf/needs_package_sync");
409
								/* remove cache, we will force a config reboot */
410
								if(file_exists("{$g['tmp_path']}/config.cache"))
411
									unlink("{$g['tmp_path']}/config.cache");
412
								$config = parse_config(true);
413
								/* extract out rrd items, unset from $config when done */
414
								if($config['rrddata']) {
415
									restore_rrddata();
416
									unset($config['rrddata']);
417
									unlink_if_exists("{$g['tmp_path']}/config.cache");
418
									write_config();
419
									add_base_packages_menu_items();
420
									convert_config();
421
									conf_mount_ro();
422
								}
423
								if($m0n0wall_upgrade == true) {
424
									if($config['system']['gateway'] <> "")
425
										$config['interfaces']['wan']['gateway'] = $config['system']['gateway'];
426
									unset($config['shaper']);
427
									/* optional if list */
428
									$ifdescrs = get_configured_interface_list(true, true);
429
									/* remove special characters from interface descriptions */
430
									if(is_array($ifdescrs))
431
										foreach($ifdescrs as $iface)
432
											$config['interfaces'][$iface]['descr'] = remove_bad_chars($config['interfaces'][$iface]['descr']);
433
									/* check for interface names with an alias */
434
									if(is_array($ifdescrs)) {
435
										foreach($ifdescrs as $iface) {
436
											if(is_alias($config['interfaces'][$iface]['descr'])) {
437
												// Firewall rules
438
												$origname = $config['interfaces'][$iface]['descr'];
439
												$newname  = $config['interfaces'][$iface]['descr'] . "Alias";
440
												update_alias_names_upon_change(array('filter', 'rule'), array('source', 'address'), $newname, $origname);
441
												update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'address'), $newname, $origname);
442
												// NAT Rules
443
												update_alias_names_upon_change(array('nat', 'rule'), array('source', 'address'), $newname, $origname);
444
												update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'address'), $newname, $origname);
445
												update_alias_names_upon_change(array('nat', 'rule'), array('target'), $newname, $origname);
446
												// Alias in an alias
447
												update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $newname, $origname);
448
											}
449
										}
450
									}
451
									unlink_if_exists("{$g['tmp_path']}/config.cache");
452
									// Reset configuration version to something low
453
									// in order to force the config upgrade code to
454
									// run through with all steps that are required.
455
									$config['system']['version'] = "1.0";
456
									// Deal with descriptions longer than 63 characters
457
									for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
458
										if(count($config['filter']['rule'][$i]['descr']) > 63)
459
											$config['filter']['rule'][$i]['descr'] = substr($config['filter']['rule'][$i]['descr'], 0, 63);
460
									}
461
									// Move interface from ipsec to enc0
462
									for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
463
										if($config['filter']['rule'][$i]['interface'] == "ipsec")
464
											$config['filter']['rule'][$i]['interface'] = "enc0";
465
									}
466
									// Convert icmp types
467
									// http://www.openbsd.org/cgi-bin/man.cgi?query=icmp&sektion=4&arch=i386&apropos=0&manpath=OpenBSD+Current
468
									for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
469
										if($config["filter"]["rule"][$i]['icmptype']) {
470
											switch($config["filter"]["rule"][$i]['icmptype']) {
471
											case "echo":
472
												$config["filter"]["rule"][$i]['icmptype'] = "echoreq";
473
												break;
474
											case "unreach":
475
												$config["filter"]["rule"][$i]['icmptype'] = "unreach";
476
												break;
477
											case "echorep":
478
												$config["filter"]["rule"][$i]['icmptype'] = "echorep";
479
												break;
480
											case "squench":
481
												$config["filter"]["rule"][$i]['icmptype'] = "squench";
482
												break;
483
											case "redir":
484
												$config["filter"]["rule"][$i]['icmptype'] = "redir";
485
												break;
486
											case "timex":
487
												$config["filter"]["rule"][$i]['icmptype'] = "timex";
488
												break;
489
											case "paramprob":
490
												$config["filter"]["rule"][$i]['icmptype'] = "paramprob";
491
												break;
492
											case "timest":
493
												$config["filter"]["rule"][$i]['icmptype'] = "timereq";
494
												break;
495
											case "timestrep":
496
												$config["filter"]["rule"][$i]['icmptype'] = "timerep";
497
												break;
498
											case "inforeq":
499
												$config["filter"]["rule"][$i]['icmptype'] = "inforeq";
500
												break;
501
											case "inforep":
502
												$config["filter"]["rule"][$i]['icmptype'] = "inforep";
503
												break;
504
											case "maskreq":
505
												$config["filter"]["rule"][$i]['icmptype'] = "maskreq";
506
												break;
507
											case "maskrep":
508
												$config["filter"]["rule"][$i]['icmptype'] = "maskrep";
509
												break;
510
											}
511
										}
512
									}
513
									$config['diag']['ipv6nat'] = true;
514
									write_config();
515
									add_base_packages_menu_items();
516
									convert_config();
517
									conf_mount_ro();
518
									$savemsg = gettext("The m0n0wall configuration has been restored and upgraded to pfSense.");
519
									mark_subsystem_dirty("restore");
520
								}
521
								if(is_array($config['captiveportal'])) {
522
									foreach($config['captiveportal'] as $cp) {
523
										if (isset($cp['enable'])) {
524
											/* for some reason ipfw doesn't init correctly except on bootup sequence */
525
											mark_subsystem_dirty("restore");
526
											break;
527
										}
528
									}
529
								}
530
								setup_serial_port();
531
								if(is_interface_mismatch() == true) {
532
									touch("/var/run/interface_mismatch_reboot_needed");
533
									clear_subsystem_dirty("restore");
534
									convert_config();
535
									header("Location: interfaces_assign.php");
536
									exit;
537
								}
538
								if (is_interface_vlan_mismatch() == true) {
539
									touch("/var/run/interface_mismatch_reboot_needed");
540
									clear_subsystem_dirty("restore");
541
									convert_config();
542
									header("Location: interfaces_assign.php");
543
									exit;
544
								}
545
							} else {
546
								$input_errors[] = gettext("The configuration could not be restored.");
547
							}
548
						}
549
					}
550
				} else {
551
					$input_errors[] = gettext("The configuration could not be restored (file upload error).");
552
				}
553
			}
554
		}
555

    
556
		if ($mode == "reinstallpackages") {
557

    
558
			header("Location: pkg_mgr_install.php?mode=reinstallall");
559
			exit;
560
		} else if ($mode == "clearpackagelock") {
561
			clear_subsystem_dirty('packagelock');
562
			$savemsg = "Package Lock Cleared";
563
		} else if ($mode == "restore_ver") {
564
			$input_errors[] = gettext("XXX - this feature may hose your config (do NOT backrev configs!) - billm");
565
			if ($ver2restore <> "") {
566
				$conf_file = "{$g['cf_conf_path']}/bak/config-" . strtotime($ver2restore) . ".xml";
567
				if (config_install($conf_file) == 0) {
568
					mark_subsystem_dirty("restore");
569
				} else {
570
					$input_errors[] = gettext("The configuration could not be restored.");
571
				}
572
			} else {
573
				$input_errors[] = gettext("No version selected.");
574
			}
575
		}
576
	}
577
}
578

    
579
$id = rand() . '.' . time();
580

    
581
$mth = ini_get('upload_progress_meter.store_method');
582
$dir = ini_get('upload_progress_meter.file.filename_template');
583

    
584
$pgtitle = array(gettext("Diagnostics"),gettext("Backup/restore"));
585
include("head.inc");
586

    
587
?>
588

    
589
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
590
<?php include("fbegin.inc"); ?>
591
<script type="text/javascript">
592
//<![CDATA[
593

    
594
function encrypt_change() {
595

    
596
	if (!document.iform.encrypt.checked)
597
		document.getElementById("encrypt_opts").style.display="none";
598
	else
599
		document.getElementById("encrypt_opts").style.display="";
600
}
601

    
602
function decrypt_change() {
603

    
604
	if (!document.iform.decrypt.checked)
605
		document.getElementById("decrypt_opts").style.display="none";
606
	else
607
		document.getElementById("decrypt_opts").style.display="";
608
}
609

    
610
function backuparea_change(obj) {
611
	if (obj.value == "rrddata") {
612
		document.getElementById("nopackages").disabled      = true;
613
		document.getElementById("dotnotbackuprrd").disabled = true;
614
	} else {
615
		document.getElementById("nopackages").disabled      = false;
616
		document.getElementById("dotnotbackuprrd").disabled = false;
617
	}
618
}
619
//]]>
620
</script>
621

    
622
<?php if ($input_errors) print_input_errors($input_errors); ?>
623
<?php if ($savemsg) print_info_box($savemsg); ?>
624
<?php if (is_subsystem_dirty('restore')): ?><br/>
625
<form action="reboot.php" method="post">
626
<input name="Submit" type="hidden" value="Yes" />
627
<?php print_info_box(gettext("The firewall configuration has been changed.") . "<br />" . gettext("The firewall is now rebooting."));?><br />
628
</form>
629
<?php endif; ?>
630
<form action="diag_backup.php" method="post" name="iform" enctype="multipart/form-data">
631
<table width="100%" border="0" cellspacing="0" cellpadding="0" summary="diag backup">
632
	<tr>
633
		<td>
634
<?php
635
		$tab_array = array();
636
		$tab_array[0] = array(gettext("Config History"), false, "diag_confbak.php");
637
		$tab_array[1] = array(gettext("Backup/Restore"), true, "diag_backup.php");
638
		display_top_tabs($tab_array);
639
?>
640
		</td>
641
	</tr>
642
	<tr>
643
		<td>
644
			<div id="mainarea">
645
			<table class="tabcont" align="center" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
646
				<tr>
647
					<td colspan="2" class="listtopic"><?=gettext("Backup configuration"); ?></td>
648
				</tr>
649
				<tr>
650
					<td width="22%" valign="baseline" class="vncell">&nbsp;</td>
651
					<td width="78%" class="vtable">
652
						<p><?=gettext("Click this button to download the system configuration in XML format."); ?><br /><br /> <?=gettext("Backup area:"); ?> <?php spit_out_select_items("backuparea", false); ?></p>
653
						<table>
654
							<tr>
655
								<td>
656
									<input name="nopackages" type="checkbox" class="formcheckbox" id="nopackages" />
657
								</td>
658
								<td>
659
									<span class="vexpl"><?=gettext("Do not backup package information."); ?></span>
660
								</td>
661
							</tr>
662
						</table>
663
						<table>
664
							<tr>
665
								<td>
666
									<input name="encrypt" type="checkbox" class="formcheckbox" id="nopackages" onclick="encrypt_change()" />
667
								</td>
668
								<td>
669
									<span class="vexpl"><?=gettext("Encrypt this configuration file."); ?></span>
670
								</td>
671
							</tr>
672
							<tr>
673
								<td>
674
									<input name="donotbackuprrd" type="checkbox" class="formcheckbox" id="dotnotbackuprrd" checked="checked" />
675
								</td>
676
								<td>
677
									<span class="vexpl"><?=gettext("Do not backup RRD data (NOTE: RRD Data can consume 4+ megabytes of config.xml space!)"); ?></span>
678
								</td>
679
							</tr>
680
						</table>
681
						<table id="encrypt_opts">
682
							<tr>
683
								<td>
684
									<span class="vexpl"><?=gettext("Password:"); ?> </span>
685
								</td>
686
								<td>
687
									<input name="encrypt_password" type="password" class="formfld pwd" size="20" value="" />
688
								</td>
689
							</tr>
690
							<tr>
691
								<td>
692
									<span class="vexpl"><?=gettext("confirm:"); ?> </span>
693
								</td>
694
								<td>
695
									<input name="encrypt_passconf" type="password" class="formfld pwd" size="20" value="" />
696
								</td>
697
							</tr>
698
						</table>
699
						<p><input name="Submit" type="submit" class="formbtn" id="download" value="<?=gettext("Download configuration"); ?>" /></p>
700
					</td>
701
				</tr>
702
				<tr>
703
					<td colspan="2" class="list" height="12">&nbsp;</td>
704
				</tr>
705
				<tr>
706
					<td colspan="2" class="listtopic"><?=gettext("Restore configuration"); ?></td>
707
				</tr>
708
				<tr>
709
					<td width="22%" valign="baseline" class="vncell">&nbsp;</td>
710
					<td width="78%" class="vtable">
711
						<?=gettext("Open a"); ?> <?=$g['[product_name']?> <?=gettext("configuration XML file and click the button below to restore the configuration."); ?>
712
						<br /><br />
713
						<?=gettext("Restore area:"); ?> <?php spit_out_select_items("restorearea", true); ?>
714
						<p><input name="conffile" type="file" class="formbtn" id="conffile" size="40" /></p>
715
						<table>
716
							<tr>
717
								<td>
718
									<input name="decrypt" type="checkbox" class="formcheckbox" id="nopackages" onclick="decrypt_change()" />
719
								</td>
720
								<td>
721
									<span class="vexpl"><?=gettext("Configuration file is encrypted."); ?></span>
722
								</td>
723
							</tr>
724
						</table>
725
						<table id="decrypt_opts">
726
							<tr>
727
								<td>
728
									<span class="vexpl"><?=gettext("Password :"); ?></span>
729
								</td>
730
								<td>
731
									<input name="decrypt_password" type="password" class="formfld pwd" size="20" value="" />
732
								</td>
733
							</tr>
734
							<tr>
735
								<td>
736
									<span class="vexpl"><?=gettext("confirm :"); ?></span>
737
								</td>
738
								<td>
739
									<input name="decrypt_passconf" type="password" class="formfld pwd" size="20" value="" />
740
								</td>
741
							</tr>
742
						</table>
743
						<p><input name="Submit" type="submit" class="formbtn" id="restore" value="<?=gettext("Restore configuration"); ?>" /></p>
744
						<p><strong><span class="red"><?=gettext("Note:"); ?></span></strong><br /><?=gettext("The firewall will reboot after restoring the configuration."); ?><br /></p>
745
					</td>
746
				</tr>
747
				<?php if (($config['installedpackages']['package'] != "") || (is_subsystem_dirty("packagelock"))) { ?>
748
				<tr>
749
					<td colspan="2" class="list" height="12">&nbsp;</td>
750
				</tr>
751
				<tr>
752
					<td colspan="2" class="listtopic"><?=gettext("Package Functions"); ?></td>
753
				</tr>
754
				<tr>
755
					<td width="22%" valign="baseline" class="vncell">&nbsp;</td>
756
					<td width="78%" class="vtable">
757
						<?php if ($config['installedpackages']['package'] != "") { ?>
758
							<p><?=gettext("Click this button to reinstall all system packages.  This may take a while."); ?> <br /><br />
759
							<input name="Submit" type="submit" class="formbtn" id="reinstallpackages" value="<?=gettext("Reinstall packages"); ?>" />
760
							<br />
761
							<br />
762
						<?php } ?>
763
						<?php if (is_subsystem_dirty("packagelock")) { ?>
764
							<p><?=gettext("Click this button to clear the package lock if a package fails to reinstall properly after an upgrade."); ?> <br /><br />
765
							<input name="Submit" type="submit" class="formbtn" id="clearpackagelock" value="<?=gettext("Clear Package Lock"); ?>" />
766
						<?php } ?>
767
							</p>
768
					</td>
769
				</tr>
770
				<?php } ?>
771
			</table>
772
			</div>
773
		</td>
774
	</tr>
775
</table>
776
</form>
777

    
778
<script type="text/javascript">
779
//<![CDATA[
780
encrypt_change();
781
decrypt_change();
782
//]]>
783
</script>
784

    
785
<?php include("fend.inc"); ?>
786
</body>
787
</html>
788
<?php
789

    
790
if (is_subsystem_dirty('restore'))
791
	system_reboot();
792

    
793
?>
(7-7/256)