|
1
|
<?php
|
|
2
|
/* $Id$ */
|
|
3
|
/* Run various commands and collect their output into HTML tables.
|
|
4
|
* Jim McBeath <jimmc@macrovision.com> Nov 2003
|
|
5
|
*
|
|
6
|
* (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)
|
|
7
|
* (modified for pfSense by Scott Ullrich geekgod@pfsense.com)
|
|
8
|
*
|
|
9
|
*/
|
|
10
|
/*
|
|
11
|
Copyright (C) 2013-2015 Electric Sheep Fencing, LP
|
|
12
|
All rights reserved.
|
|
13
|
|
|
14
|
Redistribution and use in source and binary forms, with or without
|
|
15
|
modification, are permitted provided that the following conditions are met:
|
|
16
|
|
|
17
|
1. Redistributions of source code must retain the above copyright notice,
|
|
18
|
this list of conditions and the following disclaimer.
|
|
19
|
|
|
20
|
2. Redistributions in binary form must reproduce the above copyright
|
|
21
|
notice, this list of conditions and the following disclaimer in the
|
|
22
|
documentation and/or other materials provided with the distribution.
|
|
23
|
|
|
24
|
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
|
25
|
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
|
26
|
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
27
|
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
|
28
|
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
29
|
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
30
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
31
|
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
32
|
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
33
|
POSSIBILITY OF SUCH DAMAGE.
|
|
34
|
*/
|
|
35
|
/*
|
|
36
|
pfSense_BUILDER_BINARIES: /usr/bin/vmstat /usr/bin/netstat /sbin/dmesg /sbin/mount /sbin/setkey /usr/local/sbin/pftop
|
|
37
|
pfSense_BUILDER_BINARIES: /sbin/pfctl /sbin/sysctl /usr/bin/top /usr/bin/netstat /sbin/pfctl /sbin/ifconfig
|
|
38
|
pfSense_MODULE: support
|
|
39
|
*/
|
|
40
|
|
|
41
|
##|+PRIV
|
|
42
|
##|*IDENT=page-hidden-detailedstatus
|
|
43
|
##|*NAME=Hidden: Detailed Status page
|
|
44
|
##|*DESCR=Allow access to the 'Hidden: Detailed Status' page.
|
|
45
|
##|*MATCH=status.php*
|
|
46
|
##|-PRIV
|
|
47
|
|
|
48
|
/* Execute a command, with a title, and generate an HTML table
|
|
49
|
* showing the results.
|
|
50
|
*/
|
|
51
|
|
|
52
|
/* include all configuration functions */
|
|
53
|
require_once("guiconfig.inc");
|
|
54
|
require_once("functions.inc");
|
|
55
|
$output_path = "/tmp/status_output/";
|
|
56
|
$output_file = "/tmp/status_output.tgz";
|
|
57
|
|
|
58
|
function doCmdT($title, $command) {
|
|
59
|
global $output_path, $output_file;
|
|
60
|
/* Fixup output directory */
|
|
61
|
|
|
62
|
$rubbish = array('|', '-', '/', '.', ' '); /* fixes the <a> tag to be W3C compliant */
|
|
63
|
echo "\n<a name=\"" . str_replace($rubbish, '', $title) . "\" id=\"" . str_replace($rubbish, '', $title) . "\"></a>\n";
|
|
64
|
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" summary=\"" . $title . "\">\n";
|
|
65
|
echo "\t<tr><td class=\"listtopic\">" . $title . "</td></tr>\n";
|
|
66
|
echo "\t<tr>\n\t\t<td class=\"listlr\">\n\t\t\t<pre>"; /* no newline after pre */
|
|
67
|
|
|
68
|
print('<div class="panel panel-default">');
|
|
69
|
print( '<div class="panel-heading">' . $title . '</div>');
|
|
70
|
print( '<div class="panel-body">');
|
|
71
|
print( '<pre>');
|
|
72
|
|
|
73
|
if ($command == "dumpconfigxml") {
|
|
74
|
$ofd = @fopen("{$output_path}/config-sanitized.xml", "w");
|
|
75
|
$fd = @fopen("/conf/config.xml", "r");
|
|
76
|
if ($fd) {
|
|
77
|
while (!feof($fd)) {
|
|
78
|
$line = fgets($fd);
|
|
79
|
/* remove sensitive contents */
|
|
80
|
$line = preg_replace("/<password>.*?<\\/password>/", "<password>xxxxx</password>", $line);
|
|
81
|
$line = preg_replace("/<pre-shared-key>.*?<\\/pre-shared-key>/", "<pre-shared-key>xxxxx</pre-shared-key>", $line);
|
|
82
|
$line = preg_replace("/<rocommunity>.*?<\\/rocommunity>/", "<rocommunity>xxxxx</rocommunity>", $line);
|
|
83
|
$line = preg_replace("/<prv>.*?<\\/prv>/", "<prv>xxxxx</prv>", $line);
|
|
84
|
$line = preg_replace("/<shared_key>.*?<\\/shared_key>/", "<shared_key>xxxxx</shared_key>", $line);
|
|
85
|
$line = preg_replace("/<tls>.*?<\\/tls>/", "<tls>xxxxx</tls>", $line);
|
|
86
|
$line = preg_replace("/<ipsecpsk>.*?<\\/ipsecpsk>/", "<ipsecpsk>xxxxx</ipsecpsk>", $line);
|
|
87
|
$line = preg_replace("/<md5-hash>.*?<\\/md5-hash>/", "<md5-hash>xxxxx</md5-hash>", $line);
|
|
88
|
$line = preg_replace("/<md5password>.*?<\\/md5password>/", "<md5password>xxxxx</md5password>", $line);
|
|
89
|
$line = preg_replace("/<nt-hash>.*?<\\/nt-hash>/", "<nt-hash>xxxxx</nt-hash>", $line);
|
|
90
|
$line = preg_replace("/<radius_secret>.*?<\\/radius_secret>/", "<radius_secret>xxxxx</radius_secret>", $line);
|
|
91
|
$line = preg_replace("/<ldap_bindpw>.*?<\\/ldap_bindpw>/", "<ldap_bindpw>xxxxx</ldap_bindpw>", $line);
|
|
92
|
$line = preg_replace("/<passwordagain>.*?<\\/passwordagain>/", "<passwordagain>xxxxx</passwordagain>", $line);
|
|
93
|
$line = preg_replace("/<crypto_password>.*?<\\/crypto_password>/", "<crypto_password>xxxxx</crypto_password>", $line);
|
|
94
|
$line = preg_replace("/<crypto_password2>.*?<\\/crypto_password2>/", "<crypto_password2>xxxxx</crypto_password2>", $line);
|
|
95
|
$line = str_replace("\t", " ", $line);
|
|
96
|
echo htmlspecialchars($line, ENT_NOQUOTES);
|
|
97
|
fwrite($ofd, $line);
|
|
98
|
}
|
|
99
|
}
|
|
100
|
fclose($fd);
|
|
101
|
fclose($ofd);
|
|
102
|
} else {
|
|
103
|
$ofd = @fopen("{$output_path}/{$title}.txt", "w");
|
|
104
|
$execOutput = "";
|
|
105
|
$execStatus = "";
|
|
106
|
exec ($command . " 2>&1", $execOutput, $execStatus);
|
|
107
|
for ($i = 0; isset($execOutput[$i]); $i++) {
|
|
108
|
if ($i > 0) {
|
|
109
|
echo "\n";
|
|
110
|
}
|
|
111
|
echo htmlspecialchars($execOutput[$i], ENT_NOQUOTES);
|
|
112
|
fwrite($ofd, $execOutput[$i] . "\n");
|
|
113
|
}
|
|
114
|
fclose($ofd);
|
|
115
|
}
|
|
116
|
|
|
117
|
print( '</pre>');
|
|
118
|
print( '</div>');
|
|
119
|
print('</div>');
|
|
120
|
}
|
|
121
|
|
|
122
|
/* Define a command, with a title, to be executed later. */
|
|
123
|
function defCmdT($title, $command) {
|
|
124
|
global $commands;
|
|
125
|
$title = htmlspecialchars($title, ENT_NOQUOTES);
|
|
126
|
$commands[] = array($title, $command);
|
|
127
|
}
|
|
128
|
|
|
129
|
/* List all of the commands as an index. */
|
|
130
|
function listCmds() {
|
|
131
|
global $currentDate;
|
|
132
|
global $commands;
|
|
133
|
|
|
134
|
$rubbish = array('|', '-', '/', '.', ' '); /* fixes the <a> tag to be W3C compliant */
|
|
135
|
|
|
136
|
print('<div class="panel panel-default">');
|
|
137
|
print( '<div class="panel-heading">' . gettext("System status on ") . $currentDate . '</div>');
|
|
138
|
print( '<div class="panel-body">');
|
|
139
|
|
|
140
|
print("\n<p>" . gettext("This status page includes the following information") . ":\n");
|
|
141
|
print("<ul>\n");
|
|
142
|
for ($i = 0; isset($commands[$i]); $i++ ) {
|
|
143
|
print("\t<li><strong><a href=\"#" . str_replace($rubbish,'',$commands[$i][0]) . "\">" . $commands[$i][0] . "</a></strong></li>\n");
|
|
144
|
}
|
|
145
|
|
|
146
|
print("</ul>\n");
|
|
147
|
print(' </div>');
|
|
148
|
print('</div>');
|
|
149
|
}
|
|
150
|
|
|
151
|
/* Execute all of the commands which were defined by a call to defCmd. */
|
|
152
|
function execCmds() {
|
|
153
|
global $commands;
|
|
154
|
for ($i = 0; isset($commands[$i]); $i++) {
|
|
155
|
doCmdT($commands[$i][0], $commands[$i][1]);
|
|
156
|
}
|
|
157
|
}
|
|
158
|
|
|
159
|
global $g, $config;
|
|
160
|
|
|
161
|
/* Set up all of the commands we want to execute. */
|
|
162
|
defCmdT("System uptime","uptime");
|
|
163
|
defCmdT("Interfaces","/sbin/ifconfig -a");
|
|
164
|
defCmdT("PF Info","/sbin/pfctl -s info");
|
|
165
|
defCmdT("Routing tables","netstat -nr");
|
|
166
|
defCmdT("top | head -n5", "/usr/bin/top | /usr/bin/head -n5");
|
|
167
|
defCmdT("sysctl hw.physmem","/sbin/sysctl hw.physmem");
|
|
168
|
|
|
169
|
if (isset($config['captiveportal']) && is_array($config['captiveportal'])) {
|
|
170
|
foreach ($config['captiveportal'] as $cpZone => $cpdata) {
|
|
171
|
if (isset($cpdata['enable'])) {
|
|
172
|
defCmdT("IPFW rules for {$cpdata['zoneid']}", "/sbin/ipfw -x " . escapeshellarg($cpdata['zoneid']) . " show");
|
|
173
|
}
|
|
174
|
}
|
|
175
|
}
|
|
176
|
|
|
177
|
/* Configuration Files */
|
|
178
|
defCmdT("Contents of /var/run", "/bin/ls /var/run");
|
|
179
|
defCmdT("Contents of /conf", "/bin/ls /conf");
|
|
180
|
defCmdT("config.xml", "dumpconfigxml");
|
|
181
|
defCmdT("resolv.conf", "/bin/cat /etc/resolv.conf");
|
|
182
|
defCmdT("DHCP Configuration", "/bin/cat /var/dhcpd/etc/dhcpd.conf");
|
|
183
|
defCmdT("DHCPv6 Configuration", "/bin/cat /var/dhcpd/etc/dhcpdv6.conf");
|
|
184
|
defCmdT("strongSwan config", "/bin/cat /var/etc/ipsec/strongswan.conf");
|
|
185
|
defCmdT("IPsec config", "/bin/cat /var/etc/ipsec/ipsec.conf");
|
|
186
|
defCmdT("SPD", "/sbin/setkey -DP");
|
|
187
|
defCmdT("SAD", "/sbin/setkey -D");
|
|
188
|
if (file_exists("/cf/conf/upgrade_log.txt")) {
|
|
189
|
defCmdT("Upgrade Log", "/bin/cat /cf/conf/upgrade_log.txt");
|
|
190
|
}
|
|
191
|
if (file_exists("/boot/loader.conf")) {
|
|
192
|
defCmdT("Loader Configuration", "/bin/cat /boot/loader.conf");
|
|
193
|
}
|
|
194
|
if (file_exists("/boot/loader.conf.local")) {
|
|
195
|
defCmdT("Loader Configuration (Local)", "/bin/cat /boot/loader.conf.local");
|
|
196
|
}
|
|
197
|
if (file_exists("/var/run/apinger.status")) {
|
|
198
|
defCmdT("Gateway Status", "/bin/cat /var/run/apinger.status");
|
|
199
|
}
|
|
200
|
if (file_exists("/var/etc/apinger.conf")) {
|
|
201
|
defCmdT("Gateway Monitoring Config", "/bin/cat /var/etc/apinger.conf");
|
|
202
|
}
|
|
203
|
if (file_exists("/var/etc/filterdns.conf")) {
|
|
204
|
defCmdT("Filter DNS Daemon Config", "/bin/cat /var/etc/filterdns.conf");
|
|
205
|
}
|
|
206
|
if (isset($config['system']['usefifolog'])) {
|
|
207
|
defCmdT("last 200 system log entries", "/usr/sbin/fifolog_reader /var/log/system.log 2>&1 | tail -n 200");
|
|
208
|
defCmdT("last 50 filter log entries", "/usr/sbin/fifolog_reader /var/log/filter.log 2>&1 | tail -n 50");
|
|
209
|
} else {
|
|
210
|
defCmdT("last 200 system log entries", "/usr/local/sbin/clog /var/log/system.log 2>&1 | tail -n 200");
|
|
211
|
defCmdT("last 50 filter log entries", "/usr/local/sbin/clog /var/log/filter.log 2>&1 | tail -n 50");
|
|
212
|
}
|
|
213
|
if (file_exists("/tmp/PHP_errors.log")) {
|
|
214
|
defCmdT("PHP Error Log", "/bin/cat /tmp/PHP_errors.log");
|
|
215
|
}
|
|
216
|
defCmdT("System Message Buffer", "/sbin/dmesg -a");
|
|
217
|
defCmdT("System Message Buffer (Boot)", "/bin/cat /var/log/dmesg.boot");
|
|
218
|
defCmdT("sysctl values", "/sbin/sysctl -a");
|
|
219
|
|
|
220
|
exec("/bin/date", $dateOutput, $dateStatus);
|
|
221
|
$currentDate = $dateOutput[0];
|
|
222
|
|
|
223
|
$pgtitle = array("{$g['product_name']}", "status");
|
|
224
|
include("head.inc");
|
|
225
|
|
|
226
|
print_info_box(gettext("Make sure all sensitive information is removed! (Passwords, maybe also IP addresses) before posting " .
|
|
227
|
"information from this page in public places (like mailing lists)") . '<br />' .
|
|
228
|
gettext("Passwords in config.xml have been automatically removed"));
|
|
229
|
|
|
230
|
listCmds();
|
|
231
|
execCmds();
|
|
232
|
|
|
233
|
include("foot.inc");
|
