added personal filtering instances for each gateway

docs/mysql/2-7-5/mysql.sql

@@ -21,6 +21,12 @@ SET time_zone = "+00:00";
 -- База данных: `stat`
 --
 
+CREATE TABLE `device_filter_instances` (
+   `id` INT NOT NULL AUTO_INCREMENT ,
+   `instance_id` INT NULL DEFAULT NULL ,
+   `device_id` INT NULL DEFAULT NULL , PRIMARY KEY (`id`)
+) ENGINE = InnoDB;
+
 -- --------------------------------------------------------
 
 --

html/admin/devices/edit_gw_instances.php

@@ -0,0 +1,80 @@
+<?php
+
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/auth.php");
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/languages/" . HTML_LANG . ".php");
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/idfilter.php");
+
+$device=get_record($db_link,'devices',"id=".$id);
+$user_info = get_record_sql($db_link,"SELECT * FROM User_list WHERE id=".$device['user_id']);
+
+if (isset($_POST["s_remove"])) {
+    $s_id = $_POST["gs_id"];
+    foreach ($s_id as $key => $val) {
+        if (isset($val)) {
+            LOG_INFO($db_link, "Remove filter instances from gateway id: $val ". dump_record($db_link,'device_filter_instances','id='.$val));
+            delete_record($db_link, "device_filter_instances", "id=" . $val);
+        }
+    }
+    header("Location: " . $_SERVER["REQUEST_URI"]);
+    exit;
+}
+
+if (isset($_POST["s_create"])) {
+    if (!empty($_POST["new_instance"])) {
+        $new['instance_id'] = trim($_POST["new_instance"]);
+        $new['device_id'] = $id;
+        LOG_INFO($db_link, "Add instance id: ".$new['instance_id']." for gateway id: ".$id);
+        insert_record($db_link, "device_filter_instances", $new);
+    }
+    header("Location: " . $_SERVER["REQUEST_URI"]);
+    exit;
+}
+
+unset($_POST);
+
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
+
+print_device_submenu($page_url);
+print_editdevice_submenu($page_url,$id,$device['device_type'],$user_info['login']);
+
+?>
+<div id="contsubmenu">
+<br>
+<?php print "<form name=def action='edit_gw_instances.php?id=".$id."' method=post>"; ?>
+<?php 
+print WEB_group_instances."<b>";
+print_url($device['device_name'],"/admin/devices/editdevice.php?id=$id"); ?>
+</b>
+<br>
+<br>
+<table class="data">
+<tr align="center">
+        <td></td>
+        <td width=10><b>id</b></td>
+        <td><b><?php echo WEB_group_instance_name; ?></b></td>
+        <td>
+        <input type="submit" onclick="return confirm('<?php print WEB_msg_delete; ?>?')" name="s_remove" value="<?php print WEB_btn_remove; ?>">
+        </td>
+</tr>
+<?php
+$gateway_instances = get_records_sql($db_link,'SELECT device_filter_instances.*,filter_instances.name,filter_instances.comment FROM device_filter_instances LEFT JOIN filter_instances ON device_filter_instances.instance_id = filter_instances.id WHERE device_filter_instances.device_id='.$id);
+foreach ( $gateway_instances as $row ) {
+    print "<tr align=center>\n";
+    print "<td class=\"data\" style='padding:0' width=30><input type=checkbox name=gs_id[] value='{$row['id']}'></td>\n";
+    print "<td class=\"data\"><input type=\"hidden\" name='n_id[]' value='{$row['id']}'>{$row['id']}</td>\n";
+    print "<td class=\"data\">"; print get_filter_instance_description($db_link,$row['instance_id']); print "</td>\n";
+    print "<td class=\"data\"></td></tr>\n";
+    }
+?>
+<tr>
+<td colspan=3><?php print WEB_btn_add; print_add_gw_instances($db_link,$id,"new_instance"); ?>
+</td>
+<td>
+<input type="submit" name="s_create" value="<?php echo WEB_btn_add; ?>">
+</td>
+</tr>
+</table>
+</form>
+<?php
+require_once ($_SERVER['DOCUMENT_ROOT']."/inc/footer.php");
+?>

html/admin/devices/editdevice.php

@@ -233,7 +233,7 @@ print_editdevice_submenu($page_url, $id, $device['device_type'], $user_info['log
 
             //print gateway settings
             if ($device['device_type'] == 2) {
-                print "<tr><td>" . WEB_device_access_control . "</td><td>" . WEB_device_dhcp_server . "</td><td>" . WEB_device_queues_enabled . "</td><td>" . WEB_device_connected_only . "</td></tr>";
+                print "<tr><td>"; print_url(WEB_device_access_control,"/admin/devices/edit_gw_instances.php?id=$id"); print "</td><td>" . WEB_device_dhcp_server . "</td><td>" . WEB_device_queues_enabled . "</td><td>" . WEB_device_connected_only . "</td></tr>";
                 print "<tr>";
                 print "<td class='data'>";
                 print_qa_select('f_user_acl', $device['user_acl']);

html/admin/filters/groups.php

@@ -18,6 +18,7 @@ if (isset($_POST["remove"])) {
     $fgid = $_POST["fid"];
     foreach ($fgid as $key => $val) {
         if (!empty($val)) {
+            run_sql($db_link, "UPDATE User_auth SET filter_group_id=0, changed = 1 WHERE deleted=0 AND filter_group_id=" . $val * 1);
             run_sql($db_link, "DELETE FROM Group_filters WHERE group_id=" . $val * 1);
             delete_record($db_link, "Group_list", "id=" . $val * 1);
         }

html/inc/common.php

@@ -517,6 +517,19 @@ function get_subnet_description($db, $subnet_id)
     return $result;
 }
 
+function get_filter_instance_description($db, $instance_id)
+{
+    if (empty($instance_id)) {
+        return '';
+    }
+    $instance = get_record_sql($db, 'SELECT * FROM filter_instances WHERE id=' . $instance_id);
+    if (empty($instance)) {
+        return '';
+    }
+    $result = $instance['name'] . '&nbsp(' . $instance['comment'] . ')';
+    return $result;
+}
+
 function print_add_gw_subnets($db, $device_id, $gs_name)
 {
     print "<select id=\"$gs_name\" name=\"$gs_name\" >\n";
@@ -527,6 +540,16 @@ function print_add_gw_subnets($db, $device_id, $gs_name)
     print "</select>\n";
 }
 
+function print_add_gw_instances($db, $device_id, $gs_name)
+{
+    print "<select id=\"$gs_name\" name=\"$gs_name\" >\n";
+    $t_gs = mysqli_query($db, "SELECT id,name,comment FROM filter_instances WHERE filter_instances.id NOT IN (SELECT instance_id FROM device_filter_instances WHERE device_filter_instances.device_id=" . $device_id . ") ORDER BY name");
+    while (list($f_gs_id, $f_gs_name, $f_gs_comment) = mysqli_fetch_array($t_gs)) {
+        print_select_item($f_gs_name . '(' . $f_gs_comment . ')', $f_gs_id, 0);
+    }
+    print "</select>\n";
+}
+
 function print_add_dev_interface($db, $device_id, $int_list, $int_name)
 {
     print "&nbsp<select id=\"$int_name\" name=\"$int_name\" >\n";

scripts/sync_mikrotik.pl

@@ -569,7 +569,13 @@ timestamp;
 foreach my $filter_instance (@filter_instances) {
 
 my $instance_name = 'Users';
-if ($filter_instance->{id}>1) { $instance_name = 'Users-'.$filter_instance->{name}; }
+if ($filter_instance->{id}>1) {
+    $instance_name = 'Users-'.$filter_instance->{name};
+    #check filter instance exist at gateway
+    my $instance_ok = get_record_sql($dbh,"SELECT * FROM device_filter_instances WHERE device_id=$gate->{'id'} AND instance_id=$filter_instance->{id}");
+    #skip insatnce if not found
+    if (!$instance_ok) { next; }
+    }
 
 my @chain_list=netdev_cmd($gate,$t,'/ip firewall filter  print terse without-paging where chain='.$instance_name.' and action=jump',1);
 

scripts/updates/2-7-5/device_filter_instances.sql

@@ -0,0 +1 @@
+CREATE TABLE `device_filter_instances` (`id` INT NOT NULL AUTO_INCREMENT , `instance_id` INT NULL DEFAULT NULL , `device_id` INT NULL DEFAULT NULL , PRIMARY KEY (`id`)) ENGINE = InnoDB;