Merge pull request #5 from RaspAP/feature/dhcp-ignore

Limit network access to static clients
2024-11-22 07:30:23 +00:00 · 2021-02-23 07:31:12 +01:00 · 2021-02-23 07:31:12 +01:00 · f9c2bccc3a
commit f9c2bccc3a
parent effed56169 f7a441566e
3 changed files with 82 additions and 37 deletions
--- a/includes/dhcp.php
+++ b/includes/dhcp.php
@ -45,12 +45,15 @@ function DisplayDHCPConfig()
        }
    }
    getWifiInterface();
+    $ap_iface = $_SESSION['ap_interface'];
    $serviceStatus = $dnsmasq_state ? "up" : "down";
    exec('cat '. RASPI_DNSMASQ_PREFIX.'raspap.conf', $return);
    $conf = ParseConfig($return);
+    exec('cat '. RASPI_DNSMASQ_PREFIX.$ap_iface.'.conf', $return);
+    $conf = array_merge(ParseConfig($return));
+    $hosts = (array)$conf['dhcp-host'];
    exec("ip -o link show | awk -F': ' '{print $2}'", $interfaces);
    exec('cat ' . RASPI_DNSMASQ_LEASES, $leases);
-    $ap_iface = $_SESSION['ap_interface'];

    echo renderTemplate(
        "dhcp", compact(
@ -59,7 +62,7 @@ function DisplayDHCPConfig()
            "dnsmasq_state",
            "ap_iface",
            "conf",
-            "dhcpHost",
+            "hosts",
            "interfaces",
            "leases"
        )
@ -172,7 +175,7 @@ function updateDnsmasqConfig($iface,$status)
        $mac = trim($_POST["static_leases"]["mac"][$i]);
        $ip  = trim($_POST["static_leases"]["ip"][$i]);
        if ($mac != "" && $ip != "") {
-            $config .= "dhcp-host=$mac,$ip".PHP_EOL;
+            $config .= "dhcp-host=$mac,$ip".",set:known".PHP_EOL;
        }
    }
    if ($_POST['no-resolv'] == "1") {
@ -188,6 +191,9 @@ function updateDnsmasqConfig($iface,$status)
        }
        $config .= PHP_EOL;
    }
+    if ($_POST['dhcp-ignore'] == "1") {
+        $config .= 'dhcp-ignore=tag:!known'.PHP_EOL;
+    }
    file_put_contents("/tmp/dnsmasqdata", $config);
    $msg = file_exists(RASPI_DNSMASQ_PREFIX.$iface.'.conf') ? 'updated' : 'added';
    system('sudo cp /tmp/dnsmasqdata '.RASPI_DNSMASQ_PREFIX.$iface.'.conf', $result);
--- a/locale/en_US/LC_MESSAGES/messages.po
+++ b/locale/en_US/LC_MESSAGES/messages.po
@ -362,6 +362,24 @@ msgstr "Log DHCP requests"
 msgid "Log DNS queries"
 msgstr "Log DNS queries"

+msgid "Restrict access"
+msgstr "Restrict access"
+
+msgid "Limit network access to static clients"
+msgstr "Limit network access to static clients"
+
+msgid "Enable this option if you want RaspAP to <b>ignore any clients</b> which are not specified in the static leases list."
+msgstr "Enable this option if you want RaspAP to <b>ignore any clients</b> which are not specified in the static leases list."
+
+msgid "This option adds <code>dhcp-ignore</code> to the dnsmasq configuration."
+msgstr "This option adds <code>dhcp-ignore</code> to the dnsmasq configuration."
+
+msgid "Clients with a particular hardware MAC address can always be allocated the same IP address."
+msgstr "Clients with a particular hardware MAC address can always be allocated the same IP address."
+
+msgid "This option adds <code>dhcp-host</code> entries to the dnsmasq configuration."
+msgstr "This option adds <code>dhcp-host</code> entries to the dnsmasq configuration."
+
 #: includes/hostapd.php
 msgid "Basic"
 msgstr "Basic"
--- a/templates/dhcp/static_leases.php
+++ b/templates/dhcp/static_leases.php
@ -1,48 +1,69 @@
 <!-- static leases tab -->
 <div class="tab-pane fade" id="static-leases">
-  <h4 class="mt-3 mb-3"><?php echo _("Static leases") ?></h4>
+  <div class="row">
+    <div class="col-md-12">
+      <h4 class="mt-3 mb-3"><?php echo _("Static leases") ?></h4>
+      <p id="static-lease-description">
+        <small><?php echo _("Clients with a particular hardware MAC address can always be allocated the same IP address.") ?></small>
+        <small class="text-muted"><?php echo _("This option adds <code>dhcp-host</code> entries to the dnsmasq configuration.") ?></small>
+      </p>
+      <div class="dhcp-static-leases js-dhcp-static-lease-container">
+        <?php foreach ($hosts as $host) : ?>
+          <?php list($mac, $ip) = array_map("trim", explode(",", $host)); ?>
+          <div class="row dhcp-static-lease-row js-dhcp-static-lease-row">
+            <div class="col-md-5 col-xs-5">
+              <input type="text" name="static_leases[mac][]" value="<?php echo htmlspecialchars($mac, ENT_QUOTES) ?>" placeholder="<?php echo _("MAC address") ?>" class="form-control">
+            </div>
+            <div class="col-md-5 col-xs-4">
+              <input type="text" name="static_leases[ip][]" value="<?php echo htmlspecialchars($ip, ENT_QUOTES) ?>" placeholder="<?php echo _("IP address") ?>" class="form-control">
+            </div>
+            <div class="col-md-2 col-xs-3">
+              <button type="button" class="btn btn-outline-danger js-remove-dhcp-static-lease"><i class="far fa-trash-alt"></i></button>
+            </div>
+          </div>
+        <?php endforeach ?>
+      </div>

-  <div class="dhcp-static-leases js-dhcp-static-lease-container">
-    <?php foreach ($dhcpHost as $host) : ?>
-      <?php list($mac, $ip) = array_map("trim", explode(",", $host)); ?>
-      <div class="row dhcp-static-lease-row js-dhcp-static-lease-row">
+      <div class="row dhcp-static-lease-row js-new-dhcp-static-lease">
        <div class="col-md-5 col-xs-5">
-          <input type="text" name="static_leases[mac][]" value="<?php echo htmlspecialchars($mac, ENT_QUOTES) ?>" placeholder="<?php echo _("MAC address") ?>" class="form-control">
+          <input type="text" name="mac" value="" placeholder="<?php echo _("MAC address") ?>" class="form-control" autofocus="autofocus">
        </div>
        <div class="col-md-5 col-xs-4">
-          <input type="text" name="static_leases[ip][]" value="<?php echo htmlspecialchars($ip, ENT_QUOTES) ?>" placeholder="<?php echo _("IP address") ?>" class="form-control">
+          <input type="text" name="ip" value="" placeholder="<?php echo _("IP address") ?>" class="form-control">
        </div>
        <div class="col-md-2 col-xs-3">
-          <button type="button" class="btn btn-danger js-remove-dhcp-static-lease"><?php echo _("Remove") ?></button>
+          <button type="button" class="btn btn-outline-success js-add-dhcp-static-lease"><i class="far fa-plus-square"></i></button>
        </div>
      </div>
-    <?php endforeach ?>
-  </div>

-  <h5 class="mt-3 mb-3"><?php echo _("Add static DHCP lease") ?></h5>
-  <div class="row dhcp-static-lease-row js-new-dhcp-static-lease">
-    <div class="col-md-5 col-xs-5">
-      <input type="text" name="mac" value="" placeholder="<?php echo _("MAC address") ?>" class="form-control" autofocus="autofocus">
-    </div>
-    <div class="col-md-5 col-xs-4">
-      <input type="text" name="ip" value="" placeholder="<?php echo _("IP address") ?>" class="form-control">
-    </div>
-    <div class="col-md-2 col-xs-3">
-      <button type="button" class="btn btn-success js-add-dhcp-static-lease"><?php echo _("Add") ?></button>
-    </div>
-  </div>
+      <h5 class="mt-3 mb-3"><?php echo _("Restrict access") ?></h5>
+        <div class="input-group">
+          <input type="hidden" name="dhcp-ignore" value="0">
+            <div class="custom-control custom-switch">
+              <input class="custom-control-input" id="dhcp-ignore" type="checkbox" name="dhcp-ignore" value="1" <?php echo $conf['dhcp-ignore'] ? ' checked="checked"' : "" ?> aria-describedby="dhcp-ignore-description">
+              <label class="custom-control-label" for="dhcp-ignore"><?php echo _("Limit network access to static clients") ?></label>
+            </div>
+            <p id="dhcp-ignore-description">
+              <small><?php echo _("Enable this option if you want RaspAP to <b>ignore any clients</b> which are not specified in the static leases list.") ?></small>
+              <small class="text-muted"><?php echo _("This option adds <code>dhcp-ignore</code> to the dnsmasq configuration.") ?></small>
+            </p>
+          </div>
+        </div>
+      </div>

-  <template id="js-dhcp-static-lease-row">
-    <div class="row dhcp-static-lease-row js-dhcp-static-lease-row">
-      <div class="col-md-5 col-xs-5">
-        <input type="text" name="static_leases[mac][]" value="{{ mac }}" placeholder="<?php echo _("MAC address") ?>" class="form-control">
+    <template id="js-dhcp-static-lease-row">
+      <div class="row dhcp-static-lease-row js-dhcp-static-lease-row">
+        <div class="col-md-5 col-xs-5">
+          <input type="text" name="static_leases[mac][]" value="{{ mac }}" placeholder="<?php echo _("MAC address") ?>" class="form-control">
+        </div>
+        <div class="col-md-5 col-xs-4">
+          <input type="text" name="static_leases[ip][]" value="{{ ip }}" placeholder="<?php echo _("IP address") ?>" class="form-control">
+        </div>
+        <div class="col-md-2 col-xs-3">
+          <button type="button" class="btn btn-outline-danger js-remove-dhcp-static-lease"><i class="far fa-trash-alt"></i></button>
+        </div>
      </div>
-      <div class="col-md-5 col-xs-4">
-        <input type="text" name="static_leases[ip][]" value="{{ ip }}" placeholder="<?php echo _("IP address") ?>" class="form-control">
-      </div>
-      <div class="col-md-2 col-xs-3">
-        <button type="button" class="btn btn-warning js-remove-dhcp-static-lease"><?php echo _("Remove") ?></button>
-      </div>
-    </div>
-  </template>
+    </template>
+
 </div><!-- /.tab-pane -->
+