--- loncom/interface/domainprefs.pm	2020/12/18 15:23:02	1.373
+++ loncom/interface/domainprefs.pm	2021/01/30 21:47:44	1.377
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Handler to set domain-wide configuration settings
 #
-# $Id: domainprefs.pm,v 1.373 2020/12/18 15:23:02 raeburn Exp $
+# $Id: domainprefs.pm,v 1.377 2021/01/30 21:47:44 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -263,7 +263,7 @@ sub handler {
     my @prefs_order = ('rolecolors','login','defaults','wafproxy','passwords','quotas',
                        'autoenroll','autoupdate','autocreate','directorysrch',
                        'contacts','privacy','usercreation','selfcreation',
-                       'usermodification','scantron','requestcourses','requestauthor'
+                       'usermodification','scantron','requestcourses','requestauthor',
                        'coursecategories','serverstatuses','helpsettings','coursedefaults',
                        'ltitools','proctoring','selfenrollment','usersessions','ssl',
                        'trust','lti');
@@ -7185,6 +7185,7 @@ sub print_wafproxy {
     my $datatable;
     my %servers = &Apache::lonnet::internet_dom_servers($dom);
     my (%othercontrol,%otherdoms,%aliases,%values,$setdom);
+    my %lt = &wafproxy_titles();
     foreach my $server (sort(keys(%servers))) {
         my $serverhome = &Apache::lonnet::get_server_homeID($servers{$server});
         my $serverdom;
@@ -7202,7 +7203,7 @@ sub print_wafproxy {
                     if (ref($settings->{'alias'}) eq 'HASH') {
                         $aliases{$dom} = $settings->{'alias'};
                     }
-                    foreach my $item ('ipheader','trusted','exempt') {
+                    foreach my $item ('ipheader','trusted','vpnint','vpnext') {
                         $values{$dom}{$item} = $settings->{$item};
                     }
                 }
@@ -7217,7 +7218,7 @@ sub print_wafproxy {
             if (ref($config{$domain}) eq 'HASH') {
                 if (ref($config{$domain}{'wafproxy'}) eq 'HASH') {
                     $aliases{$domain} = $config{$domain}{'wafproxy'}{'alias'};
-                    foreach my $item ('exempt','trusted','ipheader') {
+                    foreach my $item ('ipheader','trusted','vpnint','vpnext') {
                         $values{$domain}{$item} = $config{$domain}{'wafproxy'}{$item};
                     }
                 }
@@ -7232,7 +7233,7 @@ sub print_wafproxy {
             $datatable .= '<tr'.$css_class.'>'.
                           '<td>'.&mt('Hostname').':&nbsp;'.
                                 &Apache::lonnet::hostname($server).'</td>'.
-                          '<td>';
+                          '<td class="LC_right_item">';
             if ($othercontrol{$server}) {
                 my $current;
                 if (ref($aliases{$othercontrol{$server}}) eq 'HASH') {
@@ -7254,7 +7255,7 @@ sub print_wafproxy {
                     }
                 }
                 $datatable .= '<input type="text" name="wafproxy_alias_'.$server.'" '.
-                              'value="'.$current.'" size="20" />';
+                              'value="'.$current.'" size="30" />';
             }
             $datatable .= '</td></tr>';
         }
@@ -7263,15 +7264,22 @@ sub print_wafproxy {
             $itemcount ++;
             $css_class = $itemcount%2 ? ' class="LC_odd_row"' : '';
             $datatable .= '<tr'.$css_class.'>'.
-                          '<td>'.&mt('Domain: [_1]','<b>'.$dom.'</b>').'<br /><br />'.
+                          '<td class="LC_left_item">'.&mt('Domain: [_1]','<b>'.$dom.'</b>').'<br /><br />'.
                           &mt('Format for comma separated IP blocks').':<br />'.
                           &mt('A.B.C.D/N or A.B.C.D - E.F.G.H').'</td>'.
                           '<td class="LC_left_item"><table>';
-            foreach my $item ('ipheader','trusted','exempt') {
+            foreach my $item ('ipheader','trusted','vpnint','vpnext') {
                 $datatable .= '<tr>'.
-                              '<td>'.$lt{$item}.':&nbsp;'.
-                              '<input type="text" value="'.$values{$dom}{$item}.'" '.
-                              'name="wafproxy_'.$item.'" /></td></tr>';
+                              '<td valign="top">'.$lt{$item}.':&nbsp;';
+                if ($item eq 'ipheader') {
+                    $datatable .= '<input type="text" value="'.$values{$dom}{$item}.'" '.
+                                  'name="wafproxy_'.$item.'" />';
+ 
+                } else {
+                    $datatable .= '<textarea name="wafproxy_'.$item.'" rows="3" cols="80">'.
+                                  $values{$dom}{$item}.'</textarea>';
+                }
+                $datatable .= '</td></tr>';
             }
             $datatable .= '</table></td></tr>';
         }
@@ -7280,9 +7288,9 @@ sub print_wafproxy {
                 $itemcount ++;
                 $css_class = $itemcount%2 ? ' class="LC_odd_row"' : '';
                 $datatable .= '<tr'.$css_class.'>'.
-                              '<td>'.&mt('Domain: [_1]',$domain).
-                              '<table>';
-                foreach my $item ('ipheader','trusted','exempt') {
+                              '<td class="LC_left_item">'.&mt('Domain: [_1]',$domain).'</td>'.
+                              '<td class="LC_left_item"><table>';
+                foreach my $item ('ipheader','trusted','vpnint','vpnext') {
                     my $showval = &mt('None');
                     if ($values{$domain}{$item}) {
                         $showval = $values{$domain}{$item}; 
@@ -7300,7 +7308,8 @@ sub print_wafproxy {
 
 sub wafproxy_titles {
     return &Apache::lonlocal::texthash(
-               exempt => 'Exempt IP range(s)',
+               vpnint => 'Internal IP Range(s) for VPN sessions',
+               vpnext => 'IP Range for backend WAF connections',
                trusted => 'Trusted IP range(s)',
                ipheader => 'Custom request header',
            );
@@ -15196,7 +15205,7 @@ sub modify_contacts {
                 $contacts_hash{'contacts'}{'lonstatus'}{$item} = \@excluded;
             }
         } elsif ($item eq 'weights') {
-            foreach my $type ('E','W','N') {
+            foreach my $type ('E','W','N','U') {
                 $env{'form.error'.$item.'_'.$type} =~ s/^\s+|\s+$//g;
                 if ($env{'form.error'.$item.'_'.$type} =~ /^\d+$/) {
                     unless ($env{'form.error'.$item.'_'.$type} == $lonstatus_defs->{$type}) {
@@ -20713,24 +20722,24 @@ sub modify_loadbalancing {
                             $resulttext .= '<li>'.&mt('Load Balancer: [_1] -- cookie use enabled',
                                                       $balancer).'</li>'; 
                         }
-                        if (keys(%toupdate)) {
-                            my %thismachine;
-                            my $updatedhere;
-                            my $cachetime = 60*60*24;
-                            map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids();
-                            foreach my $lonhost (keys(%toupdate)) {
-                                if ($thismachine{$lonhost}) {
-                                    unless ($updatedhere) {
-                                        &Apache::lonnet::do_cache_new('loadbalancing',$dom,
-                                                                      $defaultshash{'loadbalancing'},
-                                                                      $cachetime);
-                                        $updatedhere = 1;
-                                    }
-                                } else {
-                                    my $cachekey = &escape('loadbalancing').':'.&escape($dom);
-                                    &Apache::lonnet::remote_devalidate_cache($lonhost,[$cachekey]);
-                                }
+                    }
+                }
+                if (keys(%toupdate)) {
+                    my %thismachine;
+                    my $updatedhere;
+                    my $cachetime = 60*60*24;
+                    map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids();
+                    foreach my $lonhost (keys(%toupdate)) {
+                        if ($thismachine{$lonhost}) {
+                            unless ($updatedhere) {
+                                &Apache::lonnet::do_cache_new('loadbalancing',$dom,
+                                                              $defaultshash{'loadbalancing'},
+                                                              $cachetime);
+                                $updatedhere = 1;
                             }
+                        } else {
+                            my $cachekey = &escape('loadbalancing').':'.&escape($dom);
+                            &Apache::lonnet::remote_devalidate_cache($lonhost,[$cachekey]);
                         }
                     }
                 }