Fixed an issue with binary detection, to prevent errors when yum is d…

…etected on Ubuntu Prevented IPv6 Disable (breaks NFS on RHEL/CentOS) Re-designed NetBoot and added ability to edit images
jamf · Jun 26, 2017 · 4ff0e1e · 4ff0e1e
1 parent 3f96b56
commit 4ff0e1e
Show file tree

Hide file tree

Showing 12 changed files with 662 additions and 341 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,7 +7,10 @@
 * Added validation for SUS Base URL and Branch name(s) with live feedback
 * Added (missing) option for SUS sync at 9:00 AM
 * Improved detection of the last SUS sync date and time
+* Added proxy configuration to SUS
 * Added validation for NetBoot Image Name, Subnet and Netmask with live feedback
+* Added checks for NetBoot supporting services
+* Provisioned for NFS support for NetBoot Images
 * Updated service controls for TFTP on RHEL/CentOS
 * Added validation for Hostname, IP Address, Netmask, Gateway and DNS Servers with live feedback
 * Added functionality to dynamically determine primary network interface, to allow for variations

diff --git a/CreateNetSUSInstaller.sh b/CreateNetSUSInstaller.sh
@@ -49,6 +49,7 @@ cp -R SUS/var/lib/reposado temp/installer/resources/reposado
 cp -R webadmin/webadminInstall.sh temp/installer/install-webadmin.sh
 cp -R webadmin/var/appliance/dialog.sh temp/installer/resources/dialog.sh
 cp -R webadmin/var/www temp/installer/resources/html
+rm -f temp/installer/resources/html/webadmin/scripts/netbootname.py
 if [ -x "/usr/bin/xattr" ]; then find temp -exec xattr -c {} \; ;fi # Remove OS X extended attributes
 find temp -name .DS_Store -delete # Clean out .DS_Store files
 find temp -name .svn | xargs rm -Rf # Clean out SVN garbage

diff --git a/LDAPProxy/LDAPProxyInstall.sh b/LDAPProxy/LDAPProxyInstall.sh
@@ -32,8 +32,7 @@ slapd    slapd/password1    password    netsuslp
 " | sudo debconf-set-selections
 	apt_install slapd
 	unset DEBIAN_FRONTEND
-fi
-if [[ $(which yum 2>&-) != "" ]]; then
+elif [[ $(which yum 2>&-) != "" ]]; then
 	yum_install openldap-servers
 	yum_install expect
 fi

diff --git a/NetBoot/netbootInstall.sh b/NetBoot/netbootInstall.sh
@@ -30,10 +30,9 @@ if [[ $(which apt-get 2>&-) != "" ]]; then
 	apt_install tftpd-hpa
 	# apt_install openbsd-inetd
 	apt_install netatalk
-	#apt_install nfs-kernel-server
+	apt_install nfs-kernel-server
 	apt_install python-configparser
-fi
-if [[ $(which yum 2>&-) != "" ]]; then
+elif [[ $(which yum 2>&-) != "" ]]; then
 	yum_install avahi
 	yum_install samba
 	yum_install samba-client
@@ -56,12 +55,14 @@ if [[ $(which yum 2>&-) != "" ]]; then
 		fi
 		sed -i 's/.*- -tcp -noddp -uamlist uams_dhx.so.*/- -tcp -noddp -uamlist uams_dhx.so,uams_dhx2_passwd.so/' /etc/netatalk/afpd.conf
 	fi
-	#yum_install nfs-utils
+	yum_install nfs-utils
 	yum_install vim-common
 	chkconfig messagebus on >> $logFile 2>&1
 	chkconfig avahi-daemon on >> $logFile 2>&1
+	chkconfig rpcbind on >> $logFile 2>&1
     service messagebus start >> $logFile 2>&1
     service avahi-daemon start >> $logFile 2>&1
+    service rpcbind start >> $logFile 2>&1
 fi
 
 # Prepare the firewall in case it is enabled later
@@ -78,14 +79,14 @@ if [[ $(which ufw 2>&-) != "" ]]; then
 	# TFTP
 	ufw allow 69/udp >> $logFile
 	# NFS
-	#ufw allow 111/tcp >> $logFile
-	#ufw allow 111/udp >> $logFile
-	#ufw allow 892/tcp >> $logFile
-	#ufw allow 892/udp >> $logFile
-	#ufw allow 2049/tcp >> $logFile
-	#ufw allow 2049/udp >> $logFile
-	#ufw allow 32769/udp >> $logFile
-	#ufw allow 32803/tcp >> $logFile
+	ufw allow 111/tcp >> $logFile
+	ufw allow 111/udp >> $logFile
+	ufw allow 892/tcp >> $logFile
+	ufw allow 892/udp >> $logFile
+	ufw allow 2049/tcp >> $logFile
+	ufw allow 2049/udp >> $logFile
+	ufw allow 32769/udp >> $logFile
+	ufw allow 32803/tcp >> $logFile
 elif [[ $(which firewall-cmd 2>&-) != "" ]]; then
 	# HTTP
 	firewall-cmd --zone=public --add-port=80/tcp >> $logFile 2>&1
@@ -105,22 +106,22 @@ elif [[ $(which firewall-cmd 2>&-) != "" ]]; then
 	firewall-cmd --zone=public --add-port=69/udp >> $logFile 2>&1
 	firewall-cmd --zone=public --add-port=69/udp --permanent >> $logFile 2>&1
 	# NFS
-	#firewall-cmd --zone=public --add-port=111/tcp >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=111/tcp --permanent >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=111/udp >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=111/udp --permanent >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=892/tcp >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=892/tcp --permanent >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=892/udp >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=892/udp --permanent >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=2049/tcp >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=2049/tcp --permanent >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=2049/udp >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=2049/udp --permanent >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=32769/udp >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=32769/udp --permanent >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=32803/tcp >> $logFile 2>&1
-	#firewall-cmd --zone=public --add-port=32803/tcp --permanent >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=111/tcp >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=111/tcp --permanent >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=111/udp >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=111/udp --permanent >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=892/tcp >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=892/tcp --permanent >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=892/udp >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=892/udp --permanent >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=2049/tcp >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=2049/tcp --permanent >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=2049/udp >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=2049/udp --permanent >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=32769/udp >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=32769/udp --permanent >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=32803/tcp >> $logFile 2>&1
+	firewall-cmd --zone=public --add-port=32803/tcp --permanent >> $logFile 2>&1
 else
 	# HTTP
 	if iptables -L | grep DROP | grep -v 'tcp dpt:https' | grep -q 'tcp dpt:http' ; then
@@ -164,54 +165,54 @@ else
 		iptables -I INPUT -p udp --dport 69 -j ACCEPT
 	fi
 	# NFS
-	#if iptables -L | grep DROP | grep -q 'tcp dpt:sunrpc' ; then
-	#	iptables -D INPUT -p tcp --dport 111 -j DROP
-	#fi
-	#if ! iptables -L | grep ACCEPT | grep -q 'tcp dpt:sunrpc' ; then
-	#	iptables -I INPUT -p tcp --dport 111 -j ACCEPT
-	#fi
-	#if iptables -L | grep DROP | grep -q 'udp dpt:sunrpc' ; then
-	#	iptables -D INPUT -p udp --dport 111 -j DROP
-	#fi
-	#if ! iptables -L | grep ACCEPT | grep -q 'udp dpt:sunrpc' ; then
-	#	iptables -I INPUT -p udp --dport 111 -j ACCEPT
-	#fi
-	#if iptables -L | grep DROP | grep -q 'tcp dpt:892' ; then
-	#	iptables -D INPUT -p tcp --dport 892 -j DROP
-	#fi
-	#if ! iptables -L | grep ACCEPT | grep -q 'tcp dpt:892' ; then
-	#	iptables -I INPUT -p tcp --dport 892 -j ACCEPT
-	#fi
-	#if iptables -L | grep DROP | grep -q 'udp dpt:892' ; then
-	#	iptables -D INPUT -p udp --dport 892 -j DROP
-	#fi
-	#if ! iptables -L | grep ACCEPT | grep -q 'udp dpt:892' ; then
-	#	iptables -I INPUT -p udp --dport 892 -j ACCEPT
-	#fi
-	#if iptables -L | grep DROP | grep -q 'tcp dpt:nfs' ; then
-	#	iptables -D INPUT -p tcp --dport 2049 -j DROP
-	#fi
-	#if ! iptables -L | grep ACCEPT | grep -q 'tcp dpt:nfs' ; then
-	#	iptables -I INPUT -p tcp --dport 2049 -j ACCEPT
-	#fi
-	#if iptables -L | grep DROP | grep -q 'udp dpt:nfs' ; then
-	#	iptables -D INPUT -p udp --dport 2049 -j DROP
-	#fi
-	#if ! iptables -L | grep ACCEPT | grep -q 'udp dpt:nfs' ; then
-	#	iptables -I INPUT -p udp --dport 2049 -j ACCEPT
-	#fi
-	#if iptables -L | grep DROP | grep -q 'udp dpt:filenet-rpc' ; then
-	#	iptables -D INPUT -p udp --dport 32769 -j DROP
-	#fi
-	#if ! iptables -L | grep ACCEPT | grep -q 'udp dpt:filenet-rpc' ; then
-	#	iptables -I INPUT -p udp --dport 32769 -j ACCEPT
-	#fi
-	#if iptables -L | grep DROP | grep -q 'tcp dpt:32803' ; then
-	#	iptables -D INPUT -p tcp --dport 32803 -j DROP
-	#fi
-	#if ! iptables -L | grep ACCEPT | grep -q 'tcp dpt:32803' ; then
-	#	iptables -I INPUT -p tcp --dport 32803 -j ACCEPT
-	#fi
+	if iptables -L | grep DROP | grep -q 'tcp dpt:sunrpc' ; then
+		iptables -D INPUT -p tcp --dport 111 -j DROP
+	fi
+	if ! iptables -L | grep ACCEPT | grep -q 'tcp dpt:sunrpc' ; then
+		iptables -I INPUT -p tcp --dport 111 -j ACCEPT
+	fi
+	if iptables -L | grep DROP | grep -q 'udp dpt:sunrpc' ; then
+		iptables -D INPUT -p udp --dport 111 -j DROP
+	fi
+	if ! iptables -L | grep ACCEPT | grep -q 'udp dpt:sunrpc' ; then
+		iptables -I INPUT -p udp --dport 111 -j ACCEPT
+	fi
+	if iptables -L | grep DROP | grep -q 'tcp dpt:892' ; then
+		iptables -D INPUT -p tcp --dport 892 -j DROP
+	fi
+	if ! iptables -L | grep ACCEPT | grep -q 'tcp dpt:892' ; then
+		iptables -I INPUT -p tcp --dport 892 -j ACCEPT
+	fi
+	if iptables -L | grep DROP | grep -q 'udp dpt:892' ; then
+		iptables -D INPUT -p udp --dport 892 -j DROP
+	fi
+	if ! iptables -L | grep ACCEPT | grep -q 'udp dpt:892' ; then
+		iptables -I INPUT -p udp --dport 892 -j ACCEPT
+	fi
+	if iptables -L | grep DROP | grep -q 'tcp dpt:nfs' ; then
+		iptables -D INPUT -p tcp --dport 2049 -j DROP
+	fi
+	if ! iptables -L | grep ACCEPT | grep -q 'tcp dpt:nfs' ; then
+		iptables -I INPUT -p tcp --dport 2049 -j ACCEPT
+	fi
+	if iptables -L | grep DROP | grep -q 'udp dpt:nfs' ; then
+		iptables -D INPUT -p udp --dport 2049 -j DROP
+	fi
+	if ! iptables -L | grep ACCEPT | grep -q 'udp dpt:nfs' ; then
+		iptables -I INPUT -p udp --dport 2049 -j ACCEPT
+	fi
+	if iptables -L | grep DROP | grep -q 'udp dpt:filenet-rpc' ; then
+		iptables -D INPUT -p udp --dport 32769 -j DROP
+	fi
+	if ! iptables -L | grep ACCEPT | grep -q 'udp dpt:filenet-rpc' ; then
+		iptables -I INPUT -p udp --dport 32769 -j ACCEPT
+	fi
+	if iptables -L | grep DROP | grep -q 'tcp dpt:32803' ; then
+		iptables -D INPUT -p tcp --dport 32803 -j DROP
+	fi
+	if ! iptables -L | grep ACCEPT | grep -q 'tcp dpt:32803' ; then
+		iptables -I INPUT -p tcp --dport 32803 -j ACCEPT
+	fi
 	service iptables save >> $logFile 2>&1
 fi
 
@@ -340,34 +341,34 @@ if [ ! -d "/home/afpuser" ]; then
 fi
 
 # Configure nfs
-#if [ -f "/etc/default/nfs-kernel-server" ]; then
-#	sed -i 's/.*RPCMOUNTDOPTS.*/RPCMOUNTDOPTS="--port 892"/' /etc/default/nfs-kernel-server
-#	touch /etc/modprobe.d/lockd.conf
-#	sed -i '/^lockd/d' /etc/modules
-#	echo "lockd" >> /etc/modules
-#fi
-#if [ -f "/etc/sysconfig/nfs" ]; then
-#	if grep -q LOCKD_TCPPORT /etc/sysconfig/nfs; then
-#		sed -i 's/.*LOCKD_TCPPORT.*/LOCKD_TCPPORT=32803/' /etc/sysconfig/nfs
-#		sed -i 's/.*LOCKD_UDPPORT.*/LOCKD_UDPPORT=32769/' /etc/sysconfig/nfs
-#		sed -i 's/.*MOUNTD_PORT.*/MOUNTD_PORT=892/' /etc/sysconfig/nfs
-#	else
-#		sed -i 's/.*RPCMOUNTDOPTS.*/RPCMOUNTDOPTS="-p 892"/' /etc/sysconfig/nfs
-#	fi
-#fi
-#if [ -f "/etc/modprobe.d/lockd.conf" ]; then
-#	if ! grep -q nlm_tcpport /etc/modprobe.d/lockd.conf; then
-#		echo "options lockd nlm_tcpport=32803" >> /etc/modprobe.d/lockd.conf
-#	fi
-#	sed -i 's/.*nlm_tcpport.*/options lockd nlm_tcpport=32803/' /etc/modprobe.d/lockd.conf
-#	if ! grep -q nlm_udpport /etc/modprobe.d/lockd.conf; then
-#		echo "options lockd nlm_udpport=32769" >> /etc/modprobe.d/lockd.conf
-#	fi 
-#	sed -i 's/.*nlm_udpport.*/options lockd nlm_udpport=32769/' /etc/modprobe.d/lockd.conf
-#fi
-#sed -i "/NetBootSP0/d" /etc/exports
-#echo "/srv/NetBoot/NetBootSP0 *(ro,no_subtree_check,no_root_squash,insecure)" >> "/etc/exports"
-#exportfs -a
+if [ -f "/etc/default/nfs-kernel-server" ]; then
+	sed -i 's/.*RPCMOUNTDOPTS.*/RPCMOUNTDOPTS="--port 892"/' /etc/default/nfs-kernel-server
+	touch /etc/modprobe.d/lockd.conf
+	sed -i '/^lockd/d' /etc/modules
+	echo "lockd" >> /etc/modules
+fi
+if [ -f "/etc/sysconfig/nfs" ]; then
+	if grep -q LOCKD_TCPPORT /etc/sysconfig/nfs; then
+		sed -i 's/.*LOCKD_TCPPORT.*/LOCKD_TCPPORT=32803/' /etc/sysconfig/nfs
+		sed -i 's/.*LOCKD_UDPPORT.*/LOCKD_UDPPORT=32769/' /etc/sysconfig/nfs
+		sed -i 's/.*MOUNTD_PORT.*/MOUNTD_PORT=892/' /etc/sysconfig/nfs
+	else
+		sed -i 's/.*RPCMOUNTDOPTS.*/RPCMOUNTDOPTS="-p 892"/' /etc/sysconfig/nfs
+	fi
+fi
+if [ -f "/etc/modprobe.d/lockd.conf" ]; then
+	if ! grep -q nlm_tcpport /etc/modprobe.d/lockd.conf; then
+		echo "options lockd nlm_tcpport=32803" >> /etc/modprobe.d/lockd.conf
+	fi
+	sed -i 's/.*nlm_tcpport.*/options lockd nlm_tcpport=32803/' /etc/modprobe.d/lockd.conf
+	if ! grep -q nlm_udpport /etc/modprobe.d/lockd.conf; then
+		echo "options lockd nlm_udpport=32769" >> /etc/modprobe.d/lockd.conf
+	fi 
+	sed -i 's/.*nlm_udpport.*/options lockd nlm_udpport=32769/' /etc/modprobe.d/lockd.conf
+fi
+sed -i "/NetBootSP0/d" /etc/exports
+echo "/srv/NetBoot/NetBootSP0 *(ro,no_subtree_check,no_root_squash,insecure)" >> "/etc/exports"
+exportfs -a
 
 # Configure samba
 # Change SMB setting for guest access

diff --git a/SUS/susInstall.sh b/SUS/susInstall.sh
@@ -27,8 +27,7 @@ if [[ $(which apt-get 2>&-) != "" ]]; then
 	apt_install libapache2-mod-php
 	apt_install php-xml
 	apt_install curl
-fi
-if [[ $(which yum 2>&-) != "" ]]; then
+elif [[ $(which yum 2>&-) != "" ]]; then
 	yum_install mod_ssl
 	yum_install php
 	yum_install php-xml

diff --git a/base/NetSUSInstaller.sh b/base/NetSUSInstaller.sh
@@ -144,11 +144,11 @@ if grep -q 'net.ipv6.conf.lo.disable_ipv6' /etc/sysctl.conf; then
   sed -i '/net.ipv6.conf.default.disable_ipv6/d' /etc/sysctl.conf
   sed -i '/net.ipv6.conf.lo.disable_ipv6/d' /etc/sysctl.conf
 fi
-echo "
-# Disable IPv6
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.default.disable_ipv6 = 1
-" >> /etc/sysctl.conf
+#echo "
+## Disable IPv6
+#net.ipv6.conf.all.disable_ipv6 = 1
+#net.ipv6.conf.default.disable_ipv6 = 1
+#" >> /etc/sysctl.conf
 
 log ""
 log "The NetSUSLP has been installed."
@@ -175,22 +175,21 @@ if [[ $(which update-rc.d 2>&-) != "" ]]; then
   if [[ $(which systemctl 2>&-) != "" ]]; then
     update-rc.d smbd disable >> $logFile 2>&1
     update-rc.d tftpd-hpa disable >> $logFile 2>&1
-    #systemctl disable nfs-server >> $logFile 2>&1
+    systemctl disable nfs-server >> $logFile 2>&1
     # systemctl disable openbsd-inetd >> $logFile 2>&1
-    #service nfs-server stop >> $logFile 2>&1
+    service nfs-server stop >> $logFile 2>&1
   else
     echo manual > /etc/init/smbd.override
     echo manual > /etc/init/tftpd-hpa.override
-    #update-rc.d nfs-kernel-server disable >> $logFile 2>&1
+    update-rc.d nfs-kernel-server disable >> $logFile 2>&1
     # update-rc.d openbsd-inetd disable >> $logFile 2>&1
-    #service nfs-kernel-server stop >> $logFile 2>&1
+    service nfs-kernel-server stop >> $logFile 2>&1
   fi
   log "If you are installing NetSUSLP for the first time, please follow the documentation for setup instructions."
-fi
-if [[ $(which chkconfig 2>&-) != "" ]]; then
+elif [[ $(which chkconfig 2>&-) != "" ]]; then
   service httpd restart >> $logFile 2>&1
   chkconfig tftp off >> $logFile 2>&1
-  #chkconfig nfs off > /dev/null 2>&1
+  chkconfig nfs off > /dev/null 2>&1
   #if [ -f "/etc/sysconfig/xinetd" ]; then
   #  service xinetd restart >> $logFile 2>&1
   #fi

diff --git a/webadmin/var/www/webadmin/SUS.php b/webadmin/var/www/webadmin/SUS.php
@@ -105,14 +105,14 @@ function enableButton(id, enable)
 
 function validateBaseURL()
 {
-	var validBaseURL = /^(http|https):\/\/[^ "]+$/.test(document.getElementById("baseurl").value);
+	var validBaseURL = /^http:\/\/(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][\/]|[1-9][0-9]|[1-9][0-9][\/]|1[0-9]{2}|1[0-9]{2}[\/]|2[0-4][0-9]|2[0-4][0-9][\/]|25[0-5]|25[0-5][\/])$|^http:\/\/(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][\/]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9][\/])$/.test(document.getElementById("baseurl").value);
 	showErr("baseurl", validBaseURL);
 	enableButton("setbaseurl", validBaseURL);
 }
 
 function validateBranch()
 {
-	var validBranch = /^[A-Za-z0-9._+\-]{1,256}$/.test(document.getElementById("branchname").value);
+	var validBranch = /^[A-Za-z0-9._+\-]{1,128}$/.test(document.getElementById("branchname").value);
 	showErr("branchname", validBranch);
 	enableButton("addbranch", validBranch);
 }
@@ -131,7 +131,7 @@ function toggleProxyAuth()
 function validateProxy()
 {
 	var validHttpProxy = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$|^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])$/.test(document.getElementById("proxy_host").value) || !document.getElementById('http_proxy').checked;
-	var validHttpPort = document.getElementById("proxy_port").value != "" && !(parseInt(document.getElementById("proxy_port").value) < 0) && !(parseInt(document.getElementById("proxy_port").value) > 65535) || !document.getElementById('http_proxy').checked;
+	var validHttpPort = /^\d+$/.test(document.getElementById("proxy_port").value) && document.getElementById("proxy_port").value != "" && !(parseInt(document.getElementById("proxy_port").value) < 0) && !(parseInt(document.getElementById("proxy_port").value) > 65535) || !document.getElementById('http_proxy').checked;
 	var validProxyUser = document.getElementById('http_proxy').checked && document.getElementById("proxy_user").value != "" || !document.getElementById('proxy_auth').checked || document.getElementById('proxy_auth').disabled;
 	var validProxyPass = document.getElementById("proxy_user").value != "" && document.getElementById("proxy_pass").value != "" || !document.getElementById('proxy_auth').checked || document.getElementById('proxy_auth').disabled;
 	showErr("proxy_host", validHttpProxy);
@@ -165,7 +165,7 @@ function validateProxy()
 			<span class ="description">Base URL for the software update server (e.g. "http://sus.mycompany.corp")</span>
 
 			<div class="input-group">
-				<input type="text" name="baseurl" id="baseurl" class="form-control input-sm long-text-input" value="<?php echo $conf->getSetting("susbaseurl")?>" onKeyUp="validateBaseURL();" onChange="validateBaseURL();"/>
+				<input type="text" name="baseurl" id="baseurl" class="form-control input-sm long-text-input" value="<?php echo $conf->getSetting("susbaseurl")?>" onClick="validateBaseURL();" onKeyUp="validateBaseURL();" onChange="validateBaseURL();"/>
 				<span class="input-group-btn">
 					<input type="submit" name="setbaseurl" id="setbaseurl" class="btn btn-primary btn-sm" value="Change URL" disabled="disabled" />
 				</span>
@@ -284,7 +284,7 @@ function validateProxy()
 
 					<div class="input-group">
 						<div class="input-group-addon no-background">Port</div>
-						<input type="text" name="proxy_port" id="proxy_port" class="form-control input-sm" value="<?php echo $susProxyPort; ?>" onClick="validateProxy();" onKeyUp="validateProxy();" onChange="validateProxy();" onKeyPress="return event.charCode >= 48 && event.charCode <= 57" />
+						<input type="text" name="proxy_port" id="proxy_port" class="form-control input-sm" value="<?php echo $susProxyPort; ?>" onClick="validateProxy();" onKeyUp="validateProxy();" onChange="validateProxy();" />
 					</div>
 
 					<br>