<?php defined('SYSPATH') or die('No direct script access.');
* This file is part of open source system FreenetIS
* and it is released under GPLv3 licence.
* More info about licence can be found:
* More info about project can be found:

* Controller performs actions over subnets.
* Subnet is small district or route with defined network address and mask.
* @package Controller
class Subnets_Controller extends Controller
private $subnet_id = NULL;
* Constructor, only test if networks is enabled
public function __construct()
// access control
if (!Settings::get('networks_enabled'))
Controller::error (ACCESS);
* Redirects to show all
public function index()

* Function shows all subnets.
* @param integer $limit_results
* @param string $order_by
* @param string $order_by_direction
* @param integer $page_word
* @param intereg $page
public function show_all(
$limit_results = 50, $order_by = 'cidr',
$order_by_direction = 'ASC', $page_word = null, $page = 1)
// access check
if (!$this->acl_check_view('Subnets_Controller', 'subnet'))
// check if subnets with DHCP server has set uped gateway
$subnets = ORM::factory('subnet')->get_all_dhcp_subnets_without_gateway();
if (count($subnets))
$subnet_links = array();
foreach ($subnets as $s)
$subnet_links[] = html::anchor('subnets/show/' . $s->id, $s->name);
$m = 'These subnets have not configured gateway (%s), set them please.';
status::mwarning($m, TRUE, implode(', ', $subnet_links));
$filter_form = new Filter_form('s');
Filter_form::OPER_IS => 'ip_address',
Filter_form::OPER_IS_NOT => 'ip_address',
Filter_form::OPER_NETWORK_IS_IN => 'cidr',
Filter_form::OPER_NETWORK_IS_NOT_IN => 'cidr',
// get new selector
if (is_numeric($this->input->post('record_per_page')))
$limit_results = (int) $this->input->post('record_per_page');
// get count of records
$subnet_model = new Subnet_Model();
$total_subnets = $subnet_model->count_all_subnets($filter_form->as_sql());
// offset check
if (($sql_offset = ($page - 1) * $limit_results) > $total_subnets)
$sql_offset = 0;
// get records
$query = $subnet_model->get_all_subnets(
$sql_offset, (int) $limit_results, $order_by,
$order_by_direction, $filter_form->as_sql()

// grid
$grid = new Grid(url_lang::base().'devices', null, array(
'current' => $limit_results,
'selector_increace' => 50,
'selector_min' => 50,
'selector_max_multiplier' => 20,
'base_url' => Config::get('lang').'/subnets/show_all/'
. $limit_results.'/'.$order_by.'/'.$order_by_direction ,
'uri_segment' => 'page',
'total_items' => $total_subnets,
'items_per_page' => $limit_results,
'style' => 'classic',
'order_by' => $order_by,
'order_by_direction' => $order_by_direction,
'limit_results' => $limit_results,
'filter' => $filter_form

if ($this->acl_check_new('Subnets_Controller', 'subnet'))
$grid->add_new_button('subnets/add', __('Add new subnet'),
'title' => __('Add new subnet'),
'class' => 'popup_link'
if ($this->acl_check_view('Subnets_Controller', 'subnet'))
__('Address map'),
'title' => __('Address map'),
->label(__('Network address'))
->label(__('Owner').' '.help::hint('subnet_owner'))
// access control
if ($this->acl_check_view('Subnets_Controller', 'redirect'))
// access control
if ($this->acl_check_view('Subnets_Controller', 'dhcp'))
// access control
if ($this->acl_check_view('Subnets_Controller', 'dns'))
// access control
if ($this->acl_check_view('Subnets_Controller', 'qos'))
$actions = $grid->grouped_action_field();
if ($this->acl_check_view('Subnets_Controller', 'subnet'))
if ($this->acl_check_edit('Subnets_Controller', 'subnet'))
if ($this->acl_check_delete('Subnets_Controller', 'subnet'))
// load data
$grid->datasource( $query );
// view
$view = new View('main');
$view->breadcrumbs = __('Subnets');
$view->title = $headline = __('Subnets list');
$view->content = new View('show_all');
$view->content->table = $grid;
$view->content->headline = $headline;
} // end of show all
* Function shows subnet.
* @param integer $subnet_id
public function show($subnet_id = NULL)
// param check
if (!isset($subnet_id) || !is_numeric($subnet_id))
// access check
if (!$this->acl_check_view('Subnets_Controller', 'subnet'))
// load model
$subnet = new Subnet_Model($subnet_id);
// correct data?
if (!$subnet->id)
$total_available = (~ip2long($subnet->netmask) & 0xffffffff)+1;
// subnet has gateway
$has_gateway = $subnet->has_gateway();
if ($has_gateway)
$total_available = $total_available - 2;
$from = 1;
$to = $total_available;
$from = 0;
$to = $total_available - 1;
// clouds of subnet
$clouds = $subnet->get_clouds_of_subnet($subnet_id);
// ip addresses of subnet
$ips = $subnet->ip_addresses;

$used = round(count($ips)/$total_available*100,1);
$network = ip2long($subnet->network_address);

$ip_addresses = array();

for ($i=$from; $i <= $to; $i++)
$ip_addresses[$i] = arr::to_object(array
'ip_address_id' => NULL,
'id' => NULL,
'device_id' => NULL,
'device_name' => NULL,
'device_type' => NULL,
'member_id' => NULL,
'member_name' => NULL,
'ip_address' => long2ip($network+$i),
'mac' => NULL,
'iface_id' => NULL,
'iface_name' => NULL,
'gateway' => 0,
$enum_type_model = new Enum_type_Model();

foreach ($ips as $ip)
if ($ip->iface_id)
$id = $ip->id;
$member_id = $ip->iface->device->user->member_id;
$member_name = $ip->iface->device->user->member->name;
$id = NULL;
$member_id = $ip->member_id;
$member_name = $ip->member->name;
$ip_addresses[ip2long($ip->ip_address)-$network] = arr::to_object(array
'id' => $id,
'device_id' => $ip->iface->device_id,
'device_name' => $ip->iface->device->name,
'device_type' => $enum_type_model->get_value($ip->iface->device->type),
'member_id' => $member_id,
'member_name' => $member_name,
'ip_address' => $ip->ip_address,
'mac' => ($ip->iface->mac != '') ? $ip->iface->mac : '-',
'iface_id' => $ip->iface_id,
'iface_name' => $ip->iface->name,
'gateway' => $ip->gateway

// grid
$grid = new Grid('subnets/show/'.$subnet_id, __('IP addresses'), array
'use_paginator' => false,
'use_selector' => false
->label('IP address');
->link('ifaces/show', 'mac', 'iface_name')
->link('devices/show', 'device_name')
->link('members/show', 'member_name');
$actions = $grid->grouped_action_field();
->label('Show IP address')
->label('Edit IP address')
->label('Delete IP address')
// load datasource

// bread crumbs
$breadcrumbs[] = ($this->acl_check_view('Subnets_Controller','subnet')) ?
html::anchor('subnets/show_all',__('Subnets')) : __('Subnets');
$breadcrumbs[] = $subnet->name." ($subnet->network_address/"
. network::netmask2cidr($subnet->netmask) .")";
// view
$view = new View('main');
$view->breadcrumbs = implode(' » ',$breadcrumbs);
$view->title = $headline = __('Subnet').' '.$subnet->name;
$view->content = new View('subnets/show');
$view->content->subnet = $subnet;
$view->content->owner_id = $subnet->subnets_owner->member->id;
$view->content->owner = $subnet->subnets_owner->member->name;
$view->content->clouds = $clouds;
$view->content->grid = $grid;
$view->content->headline = $headline;
$view->content->total_available = $total_available;
$view->content->total_used = count($ips);
$view->content->used = $used;
} // end of show

* Function adds subnet.
* @param integer $cloud_id
public function add($cloud_id = null)
// access check
if (!$this->acl_check_new('Subnets_Controller', 'subnet'))
// model
$subnet_model = new Subnet_Model();

$arr_members = arr::merge(
array(NULL => '----- '.__('Select member').' -----'),

$form = new Forge();
$form->group('Basic data');
->label(__('Subnet name').':')
->label(__('Network address').':')
->callback(array($this, 'valid_netip'));
->label(__('OSPF area ID').':')
// access control
if ($this->acl_check_new('Subnets_Controller', 'redirect'))
->label(__('Redirection enabled'))
// access control
if ($this->acl_check_new('Subnets_Controller', 'dhcp'))
->label('DHCP server')
// access control
if ($this->acl_check_new('Subnets_Controller', 'dns'))
->label('DNS server')
// access control
if ($this->acl_check_new('Subnets_Controller', 'qos'))

->label(__('Owner').' '.help::hint('subnet_owner'))

// add cloud to subnet
$cloud = new Cloud_Model();
// add from cloud
if (isset($cloud_id))
if (!$cloud->id)
->options(array($cloud_id => $cloud->name))
$first = array('0' => '----- '.__('Select area').' -----');
$arr_clouds = $first + $cloud->select_list('id', 'name');

// validation
$form_data = $form->as_array();
// model
$subnet_model = new Subnet_Model();
// transaction start
// add subnet
$subnet_model->name = $form_data['name'];
$subnet_model->network_address = $form_data['network_address'];
$subnet_model->netmask = $form_data['netmask'];
$subnet_model->OSPF_area_id = $form_data['OSPF_area_id'];
// access control
if ($this->acl_check_new('Subnets_Controller', 'dhcp'))
$subnet_model->dhcp = $form_data['dhcp'];
// access control
if ($this->acl_check_new('Subnets_Controller', 'dns'))
$subnet_model->dns = $form_data['dns'];
// access control
if ($this->acl_check_new('Subnets_Controller', 'qos'))
$subnet_model->qos = $form_data['qos'];
if ($subnet_model->dhcp)
$subnet_model->dhcp_expired = 1;

// access control
if ($this->acl_check_new('Subnets_Controller', 'redirect'))
$subnet_model->redirect = $form_data['redirect'];

// save
$owner_id = (int) $form_data['owner_id'];
// subnet owner
if ($owner_id)
$subnets_owner = new Subnets_owner_Model();
$subnets_owner->subnet_id = $subnet_model->id;
$subnets_owner->member_id = $owner_id;
$subnets_owner->redirect = 0;

$ips = $subnet_model->get_free_ip_addresses();
$ip_address_model = new Ip_address_Model();
foreach ($ips as $ip)
$ip_address_model->ip_address = $ip;
$ip_address_model->member_id = $owner_id;
$ip_address_model->subnet_id = $subnet_model->id;
$cloud = (int) $form_data['cloud'];
// cloud
if ($cloud)
$cloud_model = new Cloud_Model($cloud);

if ($cloud_model->id)
// commit transaction
// correct add
status::success('Subnet has been successfully saved.');
// update anabled
$form_data['owner_id'], array($subnet_model->id)
$this->redirect('show', $subnet_model->id);
catch (Exception $e)
// roolback
// correct add
status::error('Error - cannot save subnet.');
// bread crumbs
$breadcrumbs = breadcrumbs::add()
->link('subnets/show_all', 'Subnets',
->text('Add new');

// view
$view = new View('main');
$view->breadcrumbs = $breadcrumbs->html();
$view->title = $headline = __('Add new subnet');
$view->subnet = isset($subnet_model) && $subnet_model->id ? $subnet_model : NULL;
$view->content = new View('form');
$view->content->form = $form->html();
$view->content->headline = $headline;
} // end of add

* Function edits subnet.
* @param integer $subnet_id
public function edit($subnet_id = NULL)
// param check
if (!$subnet_id || !is_numeric($subnet_id))
// access check
if (!$this->acl_check_edit('Subnets_Controller', 'subnet'))
// model
$subnet_model = new Subnet_Model($subnet_id);
// record exists?
if (!$subnet_model->id)
$this->subnet_id = $subnet_model->id;

$arr_members = arr::merge(
array(NULL => '----- '.__('Select member').' -----'),

// form
$form = new Forge('subnets/edit/'.$subnet_id);
$form->group('Basic data');
->label(__('Subnet name').':')
->label(__('Network address').':')
->callback(array($this, 'valid_netip'))
->label(__('OSPF area ID').':')
// access control
if ($this->acl_check_edit('Subnets_Controller', 'redirect'))
->label(__('Redirection enabled'))
// access control
if ($this->acl_check_edit('Subnets_Controller', 'dhcp'))
->label('DHCP server')
// access control
if ($this->acl_check_edit('Subnets_Controller', 'dns'))
->label('DNS server')
// access control
if ($this->acl_check_edit('Subnets_Controller', 'qos'))

->label(__('Owner').' '.help::hint('subnet_owner'))

// validate form
$form_data = $form->as_array();
$ip_address_model = new Ip_address_Model();
$subnet_model->name = $form_data['name'];
$subnet_model->network_address = $form_data['network_address'];
$subnet_model->netmask = $form_data['netmask'];
$subnet_model->OSPF_area_id = $form_data['OSPF_area_id'];
$subnet_model->dhcp_expired = 1;
// access control
if ($this->acl_check_edit('Subnets_Controller', 'redirect'))
$subnet_model->redirect = $form_data['redirect'];
// access control
if ($this->acl_check_edit('Subnets_Controller', 'dhcp'))
$subnet_model->dhcp = $form_data['dhcp'];
// access control
if ($this->acl_check_edit('Subnets_Controller', 'dns'))
$subnet_model->dns = $form_data['dns'];
// access control
if ($this->acl_check_edit('Subnets_Controller', 'qos'))
$subnet_model->qos = $form_data['qos'];

// deletes all IP addresses with owner
// owner has been set and will be changed
if ($subnet_model->subnets_owner->id && $subnet_model->subnets_owner->member_id != $form_data['owner_id'])
$member_id = $subnet_model->subnets_owner->member->id;
$count = $ip_address_model->count_all_ip_addresses_by_member_and_subnet(
$member_id, $subnet_model->id

if (!$count)
$member_id, NULL, NULL, array($subnet_model->id)
// owner is set
$owner_id = (int) $form_data['owner_id'];
if ($owner_id)
$subnet_model->subnets_owner->subnet_id = $subnet_model->id;
$subnet_model->subnets_owner->member_id = $owner_id;
$subnet_model->subnets_owner->redirect = 0;


// find all free IP addresses
$ips = $subnet_model->get_free_ip_addresses();

foreach ($ips as $ip)
$ip_address_model->ip_address = $ip;
$ip_address_model->member_id = $owner_id;
$ip_address_model->subnet_id = $subnet_model->id;

$form_data['owner_id'], array($subnet_model->id)
else if ($subnet_model->subnets_owner->id)
status::success('Subnet has been successfully updated.');
catch (Exception $e)
status::error('Error - subnet has not been successfully updated.');
$this->redirect('subnets/show/' . $subnet_id);
// bread crumbs
$subnet_text = $subnet_model->name." ($subnet_model->network_address/"
. network::netmask2cidr($subnet_model->netmask) .")";

$breadcrumbs = breadcrumbs::add()
->link('subnets/show_all', 'Subnets',
->link('subnets/show/'.$subnet_model->id, $subnet_text,

// view
$view = new View('main');
$view->title = $headline = __('Edit subnet').' - '.$subnet_model->name;
$view->breadcrumbs = $breadcrumbs->html();
$view->content = new View('form');
$view->content->form = $form->html();
$view->content->headline = $headline;

* Function deletes subnet. Subnet is deleted with all of its ip addresses
* @author Michal Kliment
* @param integer $subnet_id id of subnet to delete
public function delete($subnet_id = NULL)
// param check
if (!$subnet_id || !is_numeric($subnet_id))

// access check
if (!$this->acl_check_delete('Subnets_Controller', 'subnet'))

// model
$subnet_model = new Subnet_Model($subnet_id);

// exists
if (!$subnet_model->id)

// find ip addresses of subnet, in this relation 1:n ORM works
$ips = $subnet_model->ip_addresses;

$ip_address_model = new Ip_address_Model();
if ($ip_address_model->count_all_ip_addresses_without_member_by_subnet(
status::warning('Subnet still has at least one ip address.');
if ($subnet_model->subnets_owner->id)
$subnet_model->id, $subnet_model->subnets_owner->member_id

foreach ($subnet_model->allowed_subnets as $allowed_subnet)
$member_id = $allowed_subnet->member_id;

if ($subnet_model->delete())
status::success('Subnet has been successfully deleted.');
status::error('Error - cant delete subnet.');


* Function to draw address map
* @author Michal Kliment
public function address_map()
// access control
if (!$this->acl_check_view('Subnets_Controller', 'subnet'))
$filter_form = new Filter_form('s');

$subnet_model = new Subnet_Model();
$total_subnets = $subnet_model->count_all_subnets();
$subnets = $subnet_model->get_all_subnets(
0, $total_subnets, 'cidr', 'ASC', $filter_form->as_sql()

// containts subnets itself
$arr_subnets = array();
// contains lengths of subnets
$arr_subnet_lengths = array();
// contains ranges of subnets (for not print empty lines)
$arr_subnet_ranges = array();
// contains colors for subnets
$background_colors = array();

foreach ($subnets as $subnet)
/* @var $nas array Newtworks Address Segments */
$nas = explode('.', $subnet->network_address);
/* @var $ns array Newtwors Segments */
$ns = explode('.', $subnet->netmask);

$arr_subnets[$nas[0]][$nas[1]][$nas[2]][$nas[3]] = $subnet;
$arr_subnet_lengths[$nas[0]][$nas[1]][$nas[2]][$nas[3]] =
(256 - $ns[0]) * (256 - $ns[1]) * (256 - $ns[2]) * (256 - $ns[3]);
$background_colors[$nas[0]][$nas[1]][$nas[2]][$nas[3]] =
special::RGB(rand(50, 150), $nas[2], $nas[3]);
// address ranges from settings is used
if (Settings::get('address_ranges') != '')
$ranges = explode(",", Settings::get('address_ranges'));
foreach ($ranges as $range_address)
// address contains / => it's in CIDR format
if (strpos($range_address, '/') !== FALSE)
// split address and mask
list ($range_address, $range_mask) = explode('/', $range_address);
// address is without / => it's single address
$range_mask = 32;

$range_start = $range_address;
$range_end = long2ip(ip2long($range_address) + (~ip2long(network::cidr2netmask($range_mask)) & 0xffffffff));

// range start segments
$rss = explode(".", $range_start);
// range end segments
$res = explode(".", $range_end);
$arr_subnet_ranges[$rss[0]][$rss[1]]['start'] = $rss[2];
$arr_subnet_ranges[$res[0]][$res[1]]['end'] = $res[2];
$arr_subnet_ranges[$res[0]][$res[1]]['address'] = $range_address.'/'.$range_mask;
// view
$view = new View('subnets/address_map');
$view->subnets = $arr_subnets;
$view->lengths = $arr_subnet_lengths;
$view->ranges = $arr_subnet_ranges;
$view->background_colors = $background_colors;

* Callback function validates ip address.
* @param object $input
public function valid_netip($input = NULL)
// validators cannot be accessed
if (empty($input) || !is_object($input))
$netmask = $this->input->post('netmask');
if ($netmask == '')
$netip = ip2long($input->value);
$mask = (int) ip2long($_POST['netmask']);
$net_start = ip2long($input->value);
$net_end = $net_start + (~ip2long($netmask) & 0xffffffff) + 1;
$ip_address_model = new Ip_address_Model();
// try to find first IP address of subnet
$first_ip_address = $ip_address_model->get_first_ip_address_of_subnet(
$this->subnet_id, TRUE
// first IP address exist
if ($first_ip_address)
// trasnsform to long
$first_ip_address = ip2long($first_ip_address->ip_address);

// first IP address is not in subnet range
if ($first_ip_address < $net_start || $first_ip_address > $net_end)
$input->add_error('required', __(
'There is at least one ip address of subnet which not belong to subnet range'
// try to find last IP address of subnet
$last_ip_address = $ip_address_model->get_last_ip_address_of_subnet(
$this->subnet_id, TRUE
// last IP address exist
if ($last_ip_address)
// trasnsform to long
$last_ip_address = ip2long($last_ip_address->ip_address);

// last IP address is not in subnet range
if ($last_ip_address < $net_start || $last_ip_address > $net_end)
$input->add_error('required', __(
'There is at least one ip address of subnet which not belong to subnet range'

// default network adress ranges are set
if (($ranges = Settings::get('address_ranges')) != '')
// transform string to array
$ranges = explode(',', $ranges);

$matches = 0;
foreach ($ranges as $range_address)
// address contains / => it's in CIDR format
if (strpos($range_address, '/') !== FALSE)
// split address and mask
list ($range_address, $range_mask) = explode('/', $range_address);
// address is without / => it's single address
$range_mask = 32;

$range_start = ip2long($range_address);
$range_end = $range_start + (~ip2long(network::cidr2netmask($range_mask)) & 0xffffffff) + 1;

// match
if ($net_start >= $range_start && $net_end <= $range_end)

// no matches - error!
if (!$matches)
$input->add_error('required', __(
'Network address does not match any address ranges.'

if ($netip == 0)
$input->add_error('required', __('Invalid network address.'));
else if (($netip & $mask) != $netip)
$input->add_error('required', __(
'Network address does not match the mask.'
// checks overlaps with other subnets
if (ORM::factory('subnet')->check_overlaps_of_subnets(
$input->value, $this->input->post('netmask'),
$input->add_error('required', __(
'Network address collides with another subnet.'