/etc/inc/services.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/services.inc @ 06a45374

1	17f6eafa	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			services.inc
5	417fc5c4	Scott Ullrich	part of the pfSense project (http://www.pfsense.com)
6	a25183c5	Scott Ullrich
7	417fc5c4	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
8	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
9	88d3861f	Podilarius	Copyright (C) 2010 Ermal Lu�i
10	5b237745	Scott Ullrich	All rights reserved.
11	a25183c5	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	a25183c5	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	a25183c5	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	a25183c5	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34	523855b0	Scott Ullrich	/*
35	05c4bfa0	Ermal	pfSense_BUILDER_BINARIES: /usr/bin/killall /bin/pgrep /bin/sh /usr/local/sbin/dhcpd /usr/local/sbin/igmpproxy
36	523855b0	Scott Ullrich	pfSense_BUILDER_BINARIES: /sbin/ifconfig /usr/sbin/arp /sbin/ifconfig /usr/local/sbin/dnsmasq
37	76231e63	Ermal	pfSense_BUILDER_BINARIES: /usr/sbin/bsnmpd /sbin/route
38	3f9cc8e4	smos	pfSense_BUILDER_BINARIES: /usr/local/sbin/miniupnpd /usr/sbin/radvd /usr/local/sbin/unbound
39	d48ed103	smos	pfSense_BUILDER_BINARIES: /usr/local/sbin/dhcleases6
40	523855b0	Scott Ullrich	pfSense_MODULE: utils
41			*/
42
43	d57293a4	Seth Mos	/* implement ipv6 route advertising deamon */
44	3f9cc8e4	smos	function services_radvd_configure() {
45	d57293a4	Seth Mos	global $config, $g;
46	3f9cc8e4	smos
47			if ($g['platform'] == 'jail')
48	7734aea6	Andrew Thompson	return;
49
50	d57293a4	Seth Mos	if(isset($config['system']['developerspew'])) {
51			$mt = microtime();
52	3f9cc8e4	smos	echo "services_radvd_configure() being called $mt\n";
53	d57293a4	Seth Mos	}
54
55			if (!is_array($config['dhcpdv6']))
56			$config['dhcpdv6'] = array();
57
58			$dhcpdv6cfg = $config['dhcpdv6'];
59			$Iflist = get_configured_interface_list();
60
61	3f9cc8e4	smos	$radvdconf = "# Automatically Generated, do not edit\n";
62	4a3ff493	Seth Mos
63	753bd64d	Seth Mos	/* Process all links which need the router advertise daemon */
64	3f9cc8e4	smos	$radvdnum = 0;
65			$radvdifs = array();
66	668e8961	smos
67	3f9cc8e4	smos	/* handle manually configured DHCP6 server settings first */
68	d57293a4	Seth Mos	foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) {
69	d7d2dc52	smos	if(!isset($config['interfaces'][$dhcpv6if]['enable']))
70			continue;
71	5078cd76	smos
72	cceb3e6f	smos	if(!isset($dhcpv6ifconf['ramode']))
73	8ca73e85	smos	$dhcpv6ifconf['ramode'] = $dhcpv6ifconf['mode'];
74
75	3f9cc8e4	smos	/* are router advertisements enabled? */
76	fe838158	smos	if($dhcpv6ifconf['ramode'] == "disabled")
77	361bb4a9	smos	continue;
78	d57293a4	Seth Mos
79	8ca73e85	smos	if(!isset($dhcpv6ifconf['rapriority']))
80			$dhcpv6ifconf['rapriority'] = "medium";
81
82	25d1c6b2	smos	/* always start with the real parent, we override with the carp if later */
83			$realif = get_real_interface($dhcpv6if);
84	83973bfb	smos	$carpif = false;
85	fe838158	smos	/* check if we need to listen on a CARP interface */
86			$carplist = get_configured_carp_interface_list();
87			if($dhcpv6ifconf['rainterface'] <> "") {
88			if($carplist[$dhcpv6ifconf['rainterface']] <> "") {
89			$realif = $dhcpv6ifconf['rainterface'];
90	83973bfb	smos	$carpif = true;
91	fe838158	smos	}
92			}
93	5078cd76	smos
94	d57293a4	Seth Mos	$ifcfgipv6 = get_interface_ipv6($dhcpv6if);
95	c18a10cc	smos	if(!is_ipaddrv6($ifcfgipv6))
96			continue;
97
98	5078cd76	smos	if(in_array($realif, $radvdifs))
99			continue;
100
101	d57293a4	Seth Mos	$ifcfgsnv6 = get_interface_subnetv6($dhcpv6if);
102			$subnetv6 = gen_subnetv6($ifcfgipv6, $ifcfgsnv6);
103			$subnetmaskv6 = gen_subnet_mask($ifcfgsnv6);
104
105	e1f6761d	smos	$radvdifs[] = $realif;
106	5078cd76	smos	$radvdifs[] = get_real_interface($realif);
107	20a7cb15	smos
108	3f9cc8e4	smos	$radvdconf .= "# Generated for DHCPv6 Server $dhcpv6if\n";
109			$radvdconf .= "interface {$realif} {\n";
110			$radvdconf .= "\tAdvSendAdvert on;\n";
111	8859c0a6	smos	$radvdconf .= "\tMinRtrAdvInterval 5;\n";
112			$radvdconf .= "\tMaxRtrAdvInterval 20;\n";
113	3f9cc8e4	smos	$radvdconf .= "\tAdvLinkMTU 1280;\n";
114			// $radvdconf .= "\tDeprecatePrefix on;\n";
115	fe838158	smos	switch($dhcpv6ifconf['rapriority']) {
116			case "low":
117			$radvdconf .= "\tAdvDefaultPreference low;\n";
118			break;
119			case "high":
120			$radvdconf .= "\tAdvDefaultPreference high;\n";
121	838a1ecb	smos	break;
122			default:
123			$radvdconf .= "\tAdvDefaultPreference medium;\n";
124			break;
125	fe838158	smos	}
126			switch($dhcpv6ifconf['ramode']) {
127	656f1763	Seth Mos	case "managed":
128	3f9cc8e4	smos	$radvdconf .= "\tAdvManagedFlag on;\n";
129			break;
130			case "assist":
131			$radvdconf .= "\tAdvOtherConfigFlag on;\n";
132			break;
133			}
134			$radvdconf .= "\tprefix {$subnetv6}/{$ifcfgsnv6} {\n";
135	a99b2b08	smos	if($carpif == true) {
136	83973bfb	smos	$radvdconf .= "\t\tDeprecatePrefix off;\n";
137	a99b2b08	smos	} else {
138	83973bfb	smos	$radvdconf .= "\t\tDeprecatePrefix on;\n";
139	a99b2b08	smos	}
140	fe838158	smos	switch($dhcpv6ifconf['ramode']) {
141	3f9cc8e4	smos	case "managed":
142			$radvdconf .= "\t\tAdvOnLink on;\n";
143			$radvdconf .= "\t\tAdvAutonomous off;\n";
144			$radvdconf .= "\t\tAdvRouterAddr on;\n";
145	826ac52c	smos	break;
146			case "router":
147	3f9cc8e4	smos	$radvdconf .= "\t\tAdvOnLink off;\n";
148			$radvdconf .= "\t\tAdvAutonomous off;\n";
149			$radvdconf .= "\t\tAdvRouterAddr on;\n";
150	656f1763	Seth Mos	break;
151			case "assist":
152	3f9cc8e4	smos	$radvdconf .= "\t\tAdvOnLink on;\n";
153			$radvdconf .= "\t\tAdvAutonomous on;\n";
154			$radvdconf .= "\t\tAdvRouterAddr on;\n";
155	107e8acc	Ovidiu Predescu	break;
156	3f9cc8e4	smos	case "unmanaged":
157			$radvdconf .= "\t\tAdvOnLink on;\n";
158			$radvdconf .= "\t\tAdvAutonomous on;\n";
159			$radvdconf .= "\t\tAdvRouterAddr on;\n";
160			break;
161	656f1763	Seth Mos	}
162	3f9cc8e4	smos	$radvdconf .= "\t};\n";
163
164	8859c0a6	smos	if($carpif == true) {
165	dc131dfe	smos	$radvdconf .= "\troute ::/0 {\n";
166	8859c0a6	smos	$radvdconf .= "\t\tRemoveRoute off;\n";
167			$radvdconf .= "\t};\n";
168			} else {
169	dc131dfe	smos	$radvdconf .= "\troute ::/0 {\n";
170			$radvdconf .= "\t\tRemoveRoute on;\n";
171	8859c0a6	smos	$radvdconf .= "\t};\n";
172			}
173
174	f535d5a0	Seth Mos	/* add DNS servers */
175	3aa114d5	Seth Mos	$dnslist = array();
176	f535d5a0	Seth Mos	if(!empty($dhcpv6ifconf['dnsserver'][0])) {
177	3aa114d5	Seth Mos	foreach($dhcpv6ifconf['dnsserver'] as $server) {
178			if(is_ipaddrv6($server))
179			$dnslist[] = $server;
180			}
181	f535d5a0	Seth Mos	} elseif (isset($config['dnsmasq']['enable'])) {
182	9a933304	smos	$dnslist[] = get_interface_ipv6($realif);
183	f535d5a0	Seth Mos	} elseif (!empty($config['system']['dnsserver'][0])) {
184	3aa114d5	Seth Mos	foreach($config['system']['dnsserver'] as $server) {
185			if(is_ipaddrv6($server))
186			$dnslist[] = $server;
187			}
188			}
189	3f9cc8e4	smos	if(count($dnslist) > 0) {
190			$dnsstring = implode(" ", $dnslist);
191			if($dnsstring <> "")
192	6c582308	smos	$radvdconf .= "\tRDNSS {$dnsstring} { };\n";
193	f535d5a0	Seth Mos	}
194			if($dhcpv6ifconf['domain'] <> "") {
195	6c582308	smos	$radvdconf .= "\tDNSSL {$dhcpv6ifconf['domain']} { };\n";
196	f535d5a0	Seth Mos	} elseif ($config['system']['domain'] <> "") {
197	6c582308	smos	$radvdconf .= "\tDNSSL {$config['system']['domain']} { };\n";
198	f535d5a0	Seth Mos	}
199	3f9cc8e4	smos	$radvdconf .= "};\n";
200			$radvdnum++;
201	ed395640	Seth Mos	}
202
203	3f9cc8e4	smos	/* handle DHCP-PD prefixes and 6RD dynamic interfaces */
204	ed395640	Seth Mos	foreach ($Iflist as $if => $ifdescr) {
205	20a7cb15	smos	if(!isset($config['interfaces'][$if]['track6-interface']))
206	ed395640	Seth Mos	continue;
207	d7d2dc52	smos	if(!isset($config['interfaces'][$if]['enable']))
208			continue;
209	3f9cc8e4	smos
210	ed395640	Seth Mos	$realif = get_real_interface($if);
211	3f9cc8e4	smos	/* prevent duplicate entries, manual overrides */
212			if(in_array($realif, $radvdifs))
213	7492f21d	smos	continue;
214
215	ed395640	Seth Mos	$ifcfgipv6 = get_interface_ipv6($if);
216	c18a10cc	smos	if(!is_ipaddrv6($ifcfgipv6))
217			continue;
218
219	ed395640	Seth Mos	$ifcfgsnv6 = get_interface_subnetv6($if);
220			$subnetv6 = gen_subnetv6($ifcfgipv6, $ifcfgsnv6);
221			$subnetmaskv6 = gen_subnet_mask($ifcfgsnv6);
222	20a7cb15	smos	$trackif = $config['interfaces'][$if]['track6-interface'];
223	c18a10cc	smos	$radvdifs[] = $realif;
224
225	20a7cb15	smos	$autotype = $config['interfaces'][$trackif]['ipaddrv6'];
226
227			log_error("configuring RA on {$if} for type {$autotype} radvd subnet {$subnetv6}/{$ifcfgsnv6}");
228	668e8961	smos
229			$dnslist = array();
230			if(is_ipaddrv6($subnetv6)) {
231	20a7cb15	smos	$radvdconf .= "# Generated config for {$autotype} delegation from {$trackif} on {$if}\n";
232	3f9cc8e4	smos	$radvdconf .= "interface {$realif} {\n";
233			$radvdconf .= "\tAdvSendAdvert on;\n";
234			$radvdconf .= "\tMinRtrAdvInterval 3;\n";
235			$radvdconf .= "\tMaxRtrAdvInterval 10;\n";
236			$radvdconf .= "\tAdvLinkMTU 1280;\n";
237			$radvdconf .= "\tAdvOtherConfigFlag on;\n";
238			$radvdconf .= "\t\tprefix {$subnetv6}/{$ifcfgsnv6} {\n";
239			$radvdconf .= "\t\tAdvOnLink on;\n";
240			$radvdconf .= "\t\tAdvAutonomous on;\n";
241			$radvdconf .= "\t\tAdvRouterAddr on;\n";
242			$radvdconf .= "\t};\n";
243
244			/* add DNS servers */
245			$dnslist = array();
246			if (isset($config['dnsmasq']['enable'])) {
247			$dnslist[] = $ifcfgipv6;
248			} elseif (!empty($config['system']['dnsserver'][0])) {
249			foreach($config['system']['dnsserver'] as $server) {
250			if(is_ipaddrv6($server))
251			$dnslist[] = $server;
252			}
253	668e8961	smos	}
254	3f9cc8e4	smos	if(count($dnslist) > 0) {
255			$dnsstring = implode(" ", $dnslist);
256			if($dnsstring <> "")
257	380cd810	smos	$radvdconf .= "\tRDNSS {$dnsstring} { };\n";
258	3f9cc8e4	smos	}
259			if ($config['system']['domain'] <> "") {
260			$radvdconf .= "\tDNSSL {$config['system']['domain']} { };\n";
261			}
262			$radvdconf .= "};\n";
263			$radvdnum++;
264	668e8961	smos	}
265			}
266
267	928d4416	Ermal	/* write radvd.conf */
268			if (!@file_put_contents("{$g['varetc_path']}/radvd.conf", $radvdconf))
269			printf("Error: cannot open radvd.conf in services_radvd_configure().\n");
270			unset($radvdconf);
271	d57293a4	Seth Mos
272	3f9cc8e4	smos	if(count($radvdifs) > 0) {
273	6afeb202	smos	if(is_process_running("radvd")) {
274			mwexec("killall -1 radvd");
275			} else {
276			mwexec("/usr/local/sbin/radvd -C {$g['varetc_path']}/radvd.conf -m syslog");
277			}
278			} else {
279			/* we need to shut down the radvd cleanly, it will send out the prefix
280			* information with a lifetime of 0 to notify clients of a (possible) new prefix */
281			if(is_process_running("radvd")) {
282			log_error("Shutting down Router Advertisment daemon cleanly");
283			mwexec("killall radvd");
284			}
285	d57293a4	Seth Mos	}
286			return 0;
287			}
288
289	5b237745	Scott Ullrich	function services_dhcpd_configure() {
290	f19d3b7a	Scott Ullrich	global $config, $g;
291	2fb056d8	Seth Mos
292			/* configure DHCPD chroot once */
293			$fd = fopen("{$g['tmp_path']}/dhcpd.sh","w");
294			$status = `mount \| grep "{$g['dhcpd_chroot_path']}/dev"`;
295			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n");
296			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n");
297			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n");
298			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n");
299			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n");
300			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n");
301			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n");
302			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n");
303			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n");
304			fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n");
305			fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n");
306			fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n");
307			fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n");
308	092462dc	smos
309	2fb056d8	Seth Mos	if(!trim($status))
310			fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n");
311			fclose($fd);
312			mwexec("/bin/sh {$g['tmp_path']}/dhcpd.sh");
313
314			services_dhcpdv4_configure();
315			services_dhcpdv6_configure();
316	3f9cc8e4	smos	services_radvd_configure();
317	2fb056d8	Seth Mos	return;
318
319			}
320			function services_dhcpdv4_configure() {
321			global $config, $g;
322	107e8acc	Ovidiu Predescu
323			if($g['services_dhcp_server_enable'] == false)
324	e3a13b00	Scott Ullrich	return;
325
326	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
327	acd910bf	Scott Ullrich	$mt = microtime();
328	2fb056d8	Seth Mos	echo "services_dhcpdv4_configure($if) being called $mt\n";
329	acd910bf	Scott Ullrich	}
330	107e8acc	Ovidiu Predescu
331	af25d415	Chris Buechler	/* kill any running dhcpd */
332	2a1bd027	Seth Mos	if(is_process_running("dhcpd")) {
333	ed395640	Seth Mos	killbypid("{$g['dhcpd_chroot_path']}{$g['varrun_path']}/dhcpd.pid");
334	2a1bd027	Seth Mos	}
335	a25183c5	Scott Ullrich
336	15be1722	Ermal Luçi	/* DHCP enabled on any interfaces? */
337			if (!is_dhcp_server_enabled())
338			return 0;
339
340	48ab0cd2	Scott Ullrich	/* if OLSRD is enabled, allow WAN to house DHCP. */
341	c7f44ae0	Scott Ullrich	if($config['installedpackages']['olsrd'])
342			foreach($config['installedpackages']['olsrd']['config'] as $olsrd)
343			if($olsrd['enable'])
344	48ab0cd2	Scott Ullrich	$is_olsr_enabled = true;
345
346	381e43e0	jim-p	if ($g['booting']) {
347			if ($g['platform'] != "pfSense") {
348			/* restore the leases, if we have them */
349			if (file_exists("{$g['cf_conf_path']}/dhcpleases.tgz")) {
350			$dhcprestore = "";
351			$dhcpreturn = "";
352			exec("cd /;LANG=C /usr/bin/tar -xzf {$g['cf_conf_path']}/dhcpleases.tgz 2>&1", $dhcprestore, $dhcpreturn);
353			$dhcprestore = implode(" ", $dhcprestore);
354			if($dhcpreturn <> 0) {
355	addc0439	Renato Botelho	log_error(sprintf(gettext('DHCP leases restore failed exited with %1$s, the error is: %2$s%3$s'), $dhcpreturn, $dhcprestore, "\n"));
356	381e43e0	jim-p	}
357			}
358			}
359			}
360
361	5b237745	Scott Ullrich	$syscfg = $config['system'];
362	a8a98fb4	Seth Mos	if (!is_array($config['dhcpd']))
363			$config['dhcpd'] = array();
364	d57293a4	Seth Mos	$dhcpdcfg = $config['dhcpd'];
365	6f9b8073	Ermal Luçi	$Iflist = get_configured_interface_list();
366	107e8acc	Ovidiu Predescu
367	5b237745	Scott Ullrich	if ($g['booting'])
368	f1a44a3a	Carlos Eduardo Ramos	echo gettext("Starting DHCP service...");
369	5b237745	Scott Ullrich	else
370			sleep(1);
371	a25183c5	Scott Ullrich
372	5b237745	Scott Ullrich	/* write dhcpd.conf */
373	1d023e00	Scott Ullrich	$fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w");
374	2fb056d8	Seth Mos	if (!$fd) {
375	8b6313a4	jim-p	printf(gettext("Error: cannot open dhcpd.conf in services_dhcpdv4_configure().%s"), "\n");
376	5b237745	Scott Ullrich	return 1;
377			}
378	a25183c5	Scott Ullrich
379	518030b3	Scott Ullrich	$custoptions = "";
380	107e8acc	Ovidiu Predescu	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
381	c71f5fcd	Ermal	if(is_array($dhcpifconf['numberoptions']) && is_array($dhcpifconf['numberoptions']['item'])) {
382	5ac2f583	Ermal	foreach($dhcpifconf['numberoptions']['item'] as $itemidx => $item) {
383	678dfd0f	Erik Fonnesbeck	if(!empty($item['type']))
384			$itemtype = $item['type'];
385			else
386			$itemtype = "text";
387			$custoptions .= "option custom-{$dhcpif}-{$itemidx} code {$item['number']} = {$itemtype};\n";
388	518030b3	Scott Ullrich	}
389			}
390			}
391	4cab31d0	Scott Ullrich
392	5b237745	Scott Ullrich	$dhcpdconf = <<<EOD
393	107e8acc	Ovidiu Predescu
394	5b237745	Scott Ullrich	option domain-name "{$syscfg['domain']}";
395	6c23757b	Martin Fuchs	option ldap-server code 95 = text;
396	9be23653	Martin Fuchs	option domain-search-list code 119 = text;
397	518030b3	Scott Ullrich	{$custoptions}
398	5b237745	Scott Ullrich	default-lease-time 7200;
399			max-lease-time 86400;
400			log-facility local7;
401			ddns-update-style none;
402	175fe82b	Scott Ullrich	one-lease-per-client true;
403	436a0f50	Scott Ullrich	deny duplicates;
404	9c88328f	Scott Ullrich	ping-check true;
405	5b237745	Scott Ullrich
406			EOD;
407	a25183c5	Scott Ullrich
408	d8912c6b	Chris Buechler	if(!isset($dhcpifconf['disableauthoritative']))
409			$dhcpdconf .= "authoritative;\n";
410
411	107e8acc	Ovidiu Predescu	if(isset($dhcpifconf['alwaysbroadcast']))
412	5252b98d	Scott Ullrich	$dhcpdconf .= "always-broadcast on\n";
413
414	5b237745	Scott Ullrich	$dhcpdifs = array();
415	c08a5659	smos	$add_routers = false;
416			$gateways_arr = return_gateways_array();
417			/* only add a routers line if the system has any IPv4 gateway at all */
418			/* a static route has a gateway, manually overriding this field always works */
419			foreach($gateways_arr as $gwitem) {
420			if($gwitem['ipprotocol'] == "inet") {
421			$add_routers = true;
422			break;
423			}
424			}
425	c7f44ae0	Scott Ullrich
426	4494cf6a	Chris Buechler	/* loop through and determine if we need to setup
427	8fa56d1f	Scott Ullrich	* failover peer "bleh" entries
428			*/
429			$dhcpnum = 0;
430			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
431	53f32329	Scott Ullrich
432	09f11c71	jim-p	interfaces_staticarp_configure($dhcpif);
433
434	6f9b8073	Ermal Luçi	if (!isset($dhcpifconf['enable']))
435			continue;
436
437	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
438	85b13495	jim-p	$int = guess_interface_from_ip($dhcpifconf['failover_peerip']);
439			$intip = find_interface_ip($int);
440			$real_dhcpif = convert_friendly_interface_to_real_interface_name($dhcpif);
441	8fa56d1f	Scott Ullrich	/*
442			* yep, failover peer is defined.
443			* does it match up to a defined vip?
444			*/
445	d2edbd8a	Scott Ullrich	$skew = 110;
446	2d314e69	Scott Ullrich	$a_vip = &$config['virtualip']['vip'];
447	6181b36f	Scott Ullrich	if(is_array($a_vip)) {
448			foreach ($a_vip as $vipent) {
449			if($int == $real_dhcpif) {
450			/* this is the interface! */
451	ad487c48	jim-p	if(is_numeric($vipent['advskew']) && ($vipent['advskew'] < "20"))
452	6181b36f	Scott Ullrich	$skew = 0;
453			}
454	8fa56d1f	Scott Ullrich	}
455	25066204	Scott Ullrich	} else {
456	f1a44a3a	Carlos Eduardo Ramos	log_error(gettext("Warning! DHCP Failover setup and no CARP virtual IP's defined!"));
457	8fa56d1f	Scott Ullrich	}
458	5e390f54	Scott Ullrich	if($skew > 10) {
459	8fa56d1f	Scott Ullrich	$type = "secondary";
460	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "mclt 600;\n";
461	0e93097a	Scott Ullrich	$my_port = "520";
462			$peer_port = "519";
463	8fa56d1f	Scott Ullrich	} else {
464	0e93097a	Scott Ullrich	$my_port = "519";
465			$peer_port = "520";
466	8fa56d1f	Scott Ullrich	$type = "primary";
467	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "split 128;\n";
468	1a0bb737	Scott Ullrich	$dhcpdconf_pri .= " mclt 600;\n";
469	8fa56d1f	Scott Ullrich	}
470			$dhcpdconf .= <<<EOPP
471	c7f44ae0	Scott Ullrich	failover peer "dhcp{$dhcpnum}" {
472	8fa56d1f	Scott Ullrich	{$type};
473			address {$intip};
474	0e93097a	Scott Ullrich	port {$my_port};
475	8fa56d1f	Scott Ullrich	peer address {$dhcpifconf['failover_peerip']};
476	0e93097a	Scott Ullrich	peer port {$peer_port};
477	2cd5ce14	Scott Ullrich	max-response-delay 10;
478	b865d178	Scott Ullrich	max-unacked-updates 10;
479			{$dhcpdconf_pri}
480	b259d1c6	Scott Ullrich	load balance max seconds 3;
481	8fa56d1f	Scott Ullrich	}
482	c286d395	Scott Ullrich
483	8fa56d1f	Scott Ullrich	EOPP;
484			$dhcpnum++;
485			}
486			}
487
488			$dhcpnum = 0;
489
490	5b237745	Scott Ullrich	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
491	a25183c5	Scott Ullrich
492	5b237745	Scott Ullrich	$ifcfg = $config['interfaces'][$dhcpif];
493	a25183c5	Scott Ullrich
494	6f9b8073	Ermal Luçi	if (!isset($dhcpifconf['enable']) \|\| !isset($Iflist[$dhcpif]))
495	5b237745	Scott Ullrich	continue;
496	a55e9c70	Ermal Lu?i	$ifcfgip = get_interface_ip($dhcpif);
497			$ifcfgsn = get_interface_subnet($dhcpif);
498			$subnet = gen_subnet($ifcfgip, $ifcfgsn);
499			$subnetmask = gen_subnet_mask($ifcfgsn);
500	a25183c5	Scott Ullrich
501	85e3f445	Ermal	if (!is_ipaddr($subnet))
502			continue;
503
504	48ab0cd2	Scott Ullrich	if($is_olsr_enabled == true)
505	c7f44ae0	Scott Ullrich	if($dhcpifconf['netmask'])
506	9a537862	Scott Ullrich	$subnetmask = gen_subnet_mask($dhcpifconf['netmask']);
507	48ab0cd2	Scott Ullrich
508	cba980f6	jim-p	$all_pools = array();
509			$all_pools[] = $dhcpifconf;
510			if (is_array($dhcpifconf['pool'])) {
511			$all_pools = array_merge($all_pools, $dhcpifconf['pool']);
512			}
513
514	5b237745	Scott Ullrich	$dnscfg = "";
515	a25183c5	Scott Ullrich
516	5b237745	Scott Ullrich	if ($dhcpifconf['domain']) {
517			$dnscfg .= " option domain-name \"{$dhcpifconf['domain']}\";\n";
518			}
519	107e8acc	Ovidiu Predescu
520	84931046	jim-p	if($dhcpifconf['domainsearchlist'] <> "") {
521	a3de8b9e	Pierre POMES	$dnscfg .= " option domain-search \"" . join("\",\"", preg_split("/[ ;]+/", $dhcpifconf['domainsearchlist'])) . "\";\n";
522	84931046	jim-p	}
523	9be23653	Martin Fuchs
524	4e9cd828	Seth Mos	if (isset($dhcpifconf['ddnsupdate'])) {
525			if($dhcpifconf['ddnsdomain'] <> "") {
526			$dnscfg .= " ddns-domainname \"{$dhcpifconf['ddnsdomain']}\";\n";
527			}
528			$dnscfg .= " ddns-update-style interim;\n";
529			}
530
531	aff9d6ab	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && ($dhcpifconf['dnsserver'][0])) {
532	8ee01642	Scott Ullrich	$dnscfg .= " option domain-name-servers " . join(",", $dhcpifconf['dnsserver']) . ";";
533	aff9d6ab	Scott Ullrich	} else if (isset($config['dnsmasq']['enable'])) {
534	a55e9c70	Ermal Lu?i	$dnscfg .= " option domain-name-servers {$ifcfgip};";
535	aff9d6ab	Scott Ullrich	} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
536			$dnscfg .= " option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";";
537			}
538
539	cba980f6	jim-p	/* Create classes - These all contain comma separated lists. Join them into one
540			big comma separated string then split them all up. */
541			$all_mac_strings = array();
542			if (is_array($dhcpifconf['pool'])) {
543			foreach($all_pools as $poolconf) {
544			$all_mac_strings[] = $poolconf['mac_allow'];
545			$all_mac_strings[] = $poolconf['mac_deny'];
546			}
547			}
548			$all_mac_strings[] = $dhcpifconf['mac_allow'];
549			$all_mac_strings[] = $dhcpifconf['mac_deny'];
550			$all_mac_list = array_unique(explode(',', implode(',', $all_mac_strings)));
551	1f1a08c8	jim-p	foreach ($all_mac_list as $mac) {
552	80d30a83	jim-p	if (empty($mac))
553			continue;
554	1f1a08c8	jim-p	$dhcpdconf .= 'class "' . str_replace(':', '', $mac) . '" {' . "\n";
555	140f30ea	jim-p	// Skip the first octet of the MAC address - for media type, typically Ethernet ("01") and match the rest.
556	1f1a08c8	jim-p	$dhcpdconf .= ' match if substring (hardware, 1, ' . (substr_count($mac, ':') + 1) . ') = ' . $mac . ';' . "\n";
557			$dhcpdconf .= '}' . "\n";
558			}
559
560	85e3f445	Ermal	$dhcpdconf .= "subnet {$subnet} netmask {$subnetmask} {\n";
561	c7f44ae0	Scott Ullrich
562	cba980f6	jim-p	// Setup pool options
563			foreach($all_pools as $poolconf) {
564			$dhcpdconf .= " pool {\n";
565			/* is failover dns setup? */
566			if (is_array($poolconf['dnsserver']) && $poolconf['dnsserver'][0] <> "") {
567			$dhcpdconf .= " option domain-name-servers {$poolconf['dnsserver'][0]}";
568			if($poolconf['dnsserver'][1] <> "")
569			$dhcpdconf .= ",{$poolconf['dnsserver'][1]}";
570			$dhcpdconf .= ";\n";
571			}
572
573			/* allow/deny MACs */
574			$mac_allow_list = array_unique(explode(',', $poolconf['mac_allow']));
575			foreach ($mac_allow_list as $mac) {
576			if (empty($mac))
577			continue;
578			$dhcpdconf .= " allow members of \"" . str_replace(':', '', $mac) . "\";\n";
579			}
580			$mac_deny_list = array_unique(explode(',', $poolconf['mac_deny']));
581			foreach ($mac_deny_list as $mac) {
582			if (empty($mac))
583			continue;
584			$dhcpdconf .= " deny members of \"" . str_replace(':', '', $mac) . "\";\n";
585			}
586
587			if($poolconf['failover_peerip'] <> "")
588			$dhcpdconf .= " deny dynamic bootp clients;\n";
589
590			if (isset($poolconf['denyunknown']))
591			$dhcpdconf .= " deny unknown-clients;\n";
592
593			if ($poolconf['gateway'] && ($poolconf['gateway'] != $dhcpifconf['gateway']))
594	f9f6f7d4	jim-p	$dhcpdconf .= " option routers {$poolconf['gateway']};\n";
595	cba980f6	jim-p
596			if($dhcpifconf['failover_peerip'] <> "") {
597			$dhcpdconf .= " failover peer \"dhcp{$dhcpnum}\";\n";
598			$dhcpnum++;
599			}
600
601			$pdnscfg = "";
602
603			if ($poolconf['domain'] && ($poolconf['domain'] != $dhcpifconf['domain'])) {
604			$pdnscfg .= " option domain-name \"{$poolconf['domain']}\";\n";
605			}
606
607			if(!empty($poolconf['domainsearchlist']) && ($poolconf['domainsearchlist'] != $dhcpifconf['domainsearchlist'])) {
608			$pdnscfg .= " option domain-search \"" . join("\",\"", preg_split("/[ ;]+/", $poolconf['domainsearchlist'])) . "\";\n";
609			}
610
611			if (isset($poolconf['ddnsupdate']) && ($poolconf['domainsearchlist'] != $dhcpifconf['domainsearchlist'])) {
612			if($poolconf['ddnsdomain'] <> "") {
613			$pdnscfg .= " ddns-domainname \"{$poolconf['ddnsdomain']}\";\n";
614			}
615			$pdnscfg .= " ddns-update-style interim;\n";
616			}
617
618			if (is_array($poolconf['dnsserver']) && ($poolconf['dnsserver'][0]) && ($poolconf['dnsserver'][0] != $poolconf['dnsserver'][0])) {
619			$pdnscfg .= " option domain-name-servers " . join(",", $poolconf['dnsserver']) . ";\n";
620			}
621			$dhcpdconf .= "{$pdnscfg}";
622	1f1a08c8	jim-p
623	cba980f6	jim-p	// default-lease-time
624			if ($poolconf['defaultleasetime'] && ($poolconf['defaultleasetime'] != $dhcpifconf['defaultleasetime']))
625			$dhcpdconf .= " default-lease-time {$poolconf['defaultleasetime']};\n";
626
627			// max-lease-time
628			if ($poolconf['maxleasetime'] && ($poolconf['maxleasetime'] != $dhcpifconf['maxleasetime']))
629			$dhcpdconf .= " max-lease-time {$poolconf['maxleasetime']};\n";
630
631			// netbios-name*
632			if (is_array($poolconf['winsserver']) && $poolconf['winsserver'][0] && ($poolconf['winsserver'][0] != $poolconf['winsserver'][0])) {
633			$dhcpdconf .= " option netbios-name-servers " . join(",", $poolconf['winsserver']) . ";\n";
634			$dhcpdconf .= " option netbios-node-type 8;\n";
635			}
636	c7f44ae0	Scott Ullrich
637	cba980f6	jim-p	// ntp-servers
638			if (is_array($poolconf['ntpserver']) && $poolconf['ntpserver'][0] && ($poolconf['ntpserver'][0] != $poolconf['ntpserver'][0]))
639			$dhcpdconf .= " option ntp-servers " . join(",", $poolconf['ntpserver']) . ";\n";
640
641			// tftp-server-name
642			if (!empty($poolconf['tftp']) && ($poolconf['tftp'] != $dhcpifconf['tftp']))
643			$dhcpdconf .= " option tftp-server-name \"{$poolconf['tftp']}\";\n";
644
645			// ldap-server
646			if (!empty($poolconf['ldap']) && ($poolconf['ldap'] != $dhcpifconf['ldap']))
647			$dhcpdconf .= " option ldap-server \"{$poolconf['ldap']}\";\n";
648
649			// net boot information
650			if(isset($poolconf['netboot'])) {
651			if (!empty($poolconf['nextserver']) && ($poolconf['nextserver'] != $dhcpifconf['nextserver'])) {
652			$dhcpdconf .= " next-server {$poolconf['nextserver']};\n";
653			}
654			if (!empty($poolconf['filename']) && ($poolconf['filename'] != $dhcpifconf['filename'])) {
655			$dhcpdconf .= " filename \"{$poolconf['filename']}\";\n";
656			}
657			if (!empty($poolconf['rootpath']) && ($poolconf['rootpath'] != $dhcpifconf['rootpath'])) {
658			$dhcpdconf .= " option root-path \"{$poolconf['rootpath']}\";\n";
659			}
660			}
661			$dhcpdconf .= " range {$poolconf['range']['from']} {$poolconf['range']['to']};\n";
662			$dhcpdconf .= " }\n\n";
663			}
664			// End of settings inside pools
665	a25183c5	Scott Ullrich
666	c08a5659	smos	if ($dhcpifconf['gateway']) {
667	5b237745	Scott Ullrich	$routers = $dhcpifconf['gateway'];
668	c08a5659	smos	$add_routers = true;
669			} else {
670	a55e9c70	Ermal Lu?i	$routers = $ifcfgip;
671	c08a5659	smos	}
672			if($add_routers)
673			$dhcpdconf .= " option routers {$routers};\n";
674	cba980f6	jim-p
675	c08a5659	smos	$dhcpdconf .= <<<EOD
676	5b237745	Scott Ullrich	$dnscfg
677
678			EOD;
679	693833cb	Seth Mos	// default-lease-time
680	518030b3	Scott Ullrich	if ($dhcpifconf['defaultleasetime'])
681	5b237745	Scott Ullrich	$dhcpdconf .= " default-lease-time {$dhcpifconf['defaultleasetime']};\n";
682	518030b3	Scott Ullrich
683			// max-lease-time
684	5b237745	Scott Ullrich	if ($dhcpifconf['maxleasetime'])
685			$dhcpdconf .= " max-lease-time {$dhcpifconf['maxleasetime']};\n";
686	a25183c5	Scott Ullrich
687	518030b3	Scott Ullrich	// netbios-name*
688	5b237745	Scott Ullrich	if (is_array($dhcpifconf['winsserver']) && $dhcpifconf['winsserver'][0]) {
689			$dhcpdconf .= " option netbios-name-servers " . join(",", $dhcpifconf['winsserver']) . ";\n";
690			$dhcpdconf .= " option netbios-node-type 8;\n";
691			}
692	a25183c5	Scott Ullrich
693	518030b3	Scott Ullrich	// ntp-servers
694	ad171999	Seth Mos	if (is_array($dhcpifconf['ntpserver']) && $dhcpifconf['ntpserver'][0])
695			$dhcpdconf .= " option ntp-servers " . join(",", $dhcpifconf['ntpserver']) . ";\n";
696
697	518030b3	Scott Ullrich	// tftp-server-name
698	ee1b024e	Martin Fuchs	if ($dhcpifconf['tftp'] <> "")
699	6c23757b	Martin Fuchs	$dhcpdconf .= " option tftp-server-name \"{$dhcpifconf['tftp']}\";\n";
700
701	518030b3	Scott Ullrich	// Handle option, number rowhelper values
702			$dhcpdconf .= "\n";
703			if($dhcpifconf['numberoptions']['item']) {
704	5ac2f583	Ermal	foreach($dhcpifconf['numberoptions']['item'] as $itemidx => $item) {
705	678dfd0f	Erik Fonnesbeck	if(empty($item['type']) \|\| $item['type'] == "text")
706			$dhcpdconf .= " option custom-{$dhcpif}-{$itemidx} \"{$item['value']}\";\n";
707			else
708			$dhcpdconf .= " option custom-{$dhcpif}-{$itemidx} {$item['value']};\n";
709	518030b3	Scott Ullrich	}
710			}
711
712			// ldap-server
713			if ($dhcpifconf['ldap'] <> "")
714	6c23757b	Martin Fuchs	$dhcpdconf .= " option ldap-server \"{$dhcpifconf['ldap']}\";\n";
715
716	518030b3	Scott Ullrich	// net boot information
717	4e9cd828	Seth Mos	if(isset($dhcpifconf['netboot'])) {
718	a2578c27	Anthony Wrather	if ($dhcpifconf['nextserver'] <> "") {
719			$dhcpdconf .= " next-server {$dhcpifconf['nextserver']};\n";
720			}
721			if ($dhcpifconf['filename'] <> "") {
722	4e9cd828	Seth Mos	$dhcpdconf .= " filename \"{$dhcpifconf['filename']}\";\n";
723			}
724	ca126e03	Martin Fuchs	if ($dhcpifconf['rootpath'] <> "") {
725			$dhcpdconf .= " option root-path \"{$dhcpifconf['rootpath']}\";\n";
726	cba980f6	jim-p	}
727	4e9cd828	Seth Mos	}
728	107e8acc	Ovidiu Predescu
729	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
730			}
731
732			EOD;
733
734			/* add static mappings */
735			if (is_array($dhcpifconf['staticmap'])) {
736	a25183c5	Scott Ullrich
737	5b237745	Scott Ullrich	$i = 0;
738			foreach ($dhcpifconf['staticmap'] as $sm) {
739			$dhcpdconf .= <<<EOD
740			host s_{$dhcpif}_{$i} {
741			hardware ethernet {$sm['mac']};
742
743			EOD;
744			if ($sm['ipaddr'])
745			$dhcpdconf .= " fixed-address {$sm['ipaddr']};\n";
746	a25183c5	Scott Ullrich
747	ad30055f	Ermal Lu?i	if ($sm['hostname']) {
748			$dhhostname = str_replace(" ", "_", $sm['hostname']);
749	46c5b763	pierrepomes	$dhhostname = str_replace(".", "_", $dhhostname);
750	2f590513	smos	$dhcpdconf .= " option host-name \"{$dhhostname}\";\n";
751	ad30055f	Ermal Lu?i	}
752	a2578c27	Anthony Wrather	if ($sm['filename'])
753			$dhcpdconf .= " filename \"{$sm['filename']}\";\n";
754
755			if ($sm['rootpath'])
756			$dhcpdconf .= " option root-path \"{$sm['rootpath']}\";\n";
757	80717709	Martin Fuchs
758	5b237745	Scott Ullrich	$dhcpdconf .= "}\n";
759			$i++;
760			}
761			}
762	a25183c5	Scott Ullrich
763	6f9b8073	Ermal Luçi	$dhcpdifs[] = get_real_interface($dhcpif);
764	5b237745	Scott Ullrich	}
765
766	2fb056d8	Seth Mos	fwrite($fd, $dhcpdconf);
767			fclose($fd);
768	928d4416	Ermal	unset($dhcpdconf);
769	2fb056d8	Seth Mos
770			/* create an empty leases database */
771			touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
772	107e8acc	Ovidiu Predescu
773	2fb056d8	Seth Mos
774			/* fire up dhcpd in a chroot */
775			if(count($dhcpdifs) > 0) {
776			mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf -pf {$g['varrun_path']}/dhcpd.pid " .
777			join(" ", $dhcpdifs));
778			}
779
780			if ($g['booting']) {
781			print "done.\n";
782			}
783
784			return 0;
785			}
786
787			function services_dhcpdv6_configure() {
788			global $config, $g;
789	107e8acc	Ovidiu Predescu
790			if($g['services_dhcp_server_enable'] == false)
791	2fb056d8	Seth Mos	return;
792
793			if(isset($config['system']['developerspew'])) {
794			$mt = microtime();
795			echo "services_dhcpd_configure($if) being called $mt\n";
796			}
797	107e8acc	Ovidiu Predescu
798	2fb056d8	Seth Mos	/* kill any running dhcpd */
799			if(is_process_running("dhcpd")) {
800	bfb3e717	Seth Mos	killbypid("{$g['dhcpd_chroot_path']}{$g['varrun_path']}/dhcpdv6.pid");
801	f7cd5647	smos	killbypid("{$g['varrun_path']}/dhcpleases6.pid");
802	2fb056d8	Seth Mos	}
803
804			/* DHCP enabled on any interfaces? */
805	a6610d82	smos	if (!is_dhcpv6_server_enabled())
806	2fb056d8	Seth Mos	return 0;
807
808			if ($g['booting']) {
809			if ($g['platform'] != "pfSense") {
810			/* restore the leases, if we have them */
811			if (file_exists("{$g['cf_conf_path']}/dhcp6leases.tgz")) {
812			$dhcprestore = "";
813			$dhcpreturn = "";
814			exec("cd /;LANG=C /usr/bin/tar -xzf {$g['cf_conf_path']}/dhcp6leases.tgz 2>&1", $dhcprestore, $dhcpreturn);
815			$dhcprestore = implode(" ", $dhcprestore);
816			if($dhcpreturn <> 0) {
817			log_error("DHCP leases v6 restore failed exited with $dhcpreturn, the error is: $dhcprestore\n");
818			}
819			}
820			}
821			}
822
823			$syscfg = $config['system'];
824			if (!is_array($config['dhcpdv6']))
825			$config['dhcpdv6'] = array();
826			$dhcpdv6cfg = $config['dhcpdv6'];
827			$Iflist = get_configured_interface_list();
828	107e8acc	Ovidiu Predescu
829	2fb056d8	Seth Mos	if ($g['booting'])
830			echo "Starting DHCPv6 service...";
831			else
832			sleep(1);
833
834	a6610d82	smos	/* we add a fake entry for interfaces that are set to track6 another WAN */
835			foreach($Iflist as $ifname) {
836			$realif = get_real_interface($ifname);
837	4a41dff7	smos	$ifcfgipv6 = find_interface_ipv6($realif);
838	a6610d82	smos	if(!is_ipaddrv6($ifcfgipv6))
839			continue;
840	4a41dff7	smos	$ifcfgipv6 = Net_IPv6::getNetmask($ifcfgipv6, 64);
841	a6610d82	smos	if($config['interfaces'][$ifname]['track6-interface'] <> "") {
842			$trackifname = $config['interfaces'][$ifname]['track6-interface'];
843			$trackcfg = $config['interfaces'][$trackifname];
844	319c2bfd	smos	$pdlen = calculate_ipv6_delegation_length($trackifname);
845	a6610d82	smos	$ifcfgipv6arr =explode(":", $ifcfgipv6);
846			$dhcpdv6cfg[$ifname] = array();
847			$dhcpdv6cfg[$ifname]['enable'] = true;
848			/* range */
849			$ifcfgipv6arr[7] = "1000";
850			$dhcpdv6cfg[$ifname]['range']['from'] = Net_IPv6::compress(implode(":", $ifcfgipv6arr));
851			$ifcfgipv6arr[7] = "2000";
852			$dhcpdv6cfg[$ifname]['range']['to'] = Net_IPv6::compress(implode(":", $ifcfgipv6arr));;
853			/* prefix length > 0? We can add dhcp6 prefix delegation server */
854			if($pdlen > 2) {
855	c45b079d	smos	$pdlenmax = $pdlen;
856	4aab9c6c	smos	$pdlenhalf = $pdlenmax -1;
857			$pdlenmin = (64 - ceil($pdlenhalf / 4));
858			$dhcpdv6cfg[$ifname]['prefixrange']['prefixlength'] = $pdlenmin;
859
860			/* set the delegation start to half the current address block */
861	c45b079d	smos	$range = Net_IPv6::parseAddress($ifcfgipv6, (64 - $pdlenmax));
862	4aab9c6c	smos	$range['start'] = Net_IPv6::getNetmask($range['end'], (64 - $pdlenhalf));
863
864			/* set the end range to a multiple of the prefix delegation size, required by dhcpd */
865	c45b079d	smos	$range = Net_IPv6::parseAddress($range['end'], (64 - $pdlenhalf));
866	4aab9c6c	smos	$range['end'] = Net_IPv6::getNetmask($range['end'], (64 - round($pdlen / 2)));
867
868	a6610d82	smos	$dhcpdv6cfg[$ifname]['prefixrange']['from'] = Net_IPv6::compress($range['start']);
869			$dhcpdv6cfg[$ifname]['prefixrange']['to'] = Net_IPv6::compress($range['end']);
870			}
871			}
872			}
873
874	2fb056d8	Seth Mos	/* write dhcpdv6.conf */
875			$fdv6 = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpdv6.conf", "w");
876			if (! $fdv6) {
877			printf("Error: cannot open dhcpdv6.conf in services_dhcpdv6_configure().\n");
878			return 1;
879			}
880
881			$custoptionsv6 = "";
882	107e8acc	Ovidiu Predescu	foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) {
883	2fb056d8	Seth Mos	if(is_array($dhcpv6ifconf['numberoptions']) && is_array($dhcpv6ifconf['numberoptions']['item'])) {
884			foreach($dhcpv6ifconf['numberoptions']['item'] as $itemv6idx => $itemv6) {
885			$custoptionsv6 .= "option custom-{$dhcpv6if}-{$itemv6idx} code {$itemv6['number']} = text;\n";
886			}
887			}
888			}
889
890			$dhcpdv6conf = <<<EOD
891	107e8acc	Ovidiu Predescu
892	2fb056d8	Seth Mos	option domain-name "{$syscfg['domain']}";
893			option ldap-server code 95 = text;
894			option domain-search-list code 119 = text;
895			{$custoptions}
896			default-lease-time 7200;
897			max-lease-time 86400;
898			log-facility local7;
899			ddns-update-style none;
900			one-lease-per-client true;
901			deny duplicates;
902			ping-check true;
903
904			EOD;
905
906			if(!isset($dhcpv6ifconf['disableauthoritative']))
907			$dhcpdv6conf .= "authoritative;\n";
908
909	107e8acc	Ovidiu Predescu	if(isset($dhcpv6ifconf['alwaysbroadcast']))
910	2fb056d8	Seth Mos	$dhcpdv6conf .= "always-broadcast on\n";
911
912			$dhcpdv6ifs = array();
913
914			/* loop through and determine if we need to setup
915			* failover peer "bleh" entries
916			*/
917			$dhcpv6num = 0;
918			foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) {
919
920			if (!isset($dhcpv6ifconf['enable']))
921			continue;
922
923			if($dhcpv6ifconf['failover_peerip'] <> "") {
924			$intv6 = guess_interface_from_ip($dhcpv6ifconf['failover_peerip']);
925			$intipv6 = find_interface_ipv6($intv6);
926			$real_dhcpv6if = convert_friendly_interface_to_real_interface_name($dhcpv6if);
927			/*
928			* yep, failover peer is defined.
929			* does it match up to a defined vip?
930			*/
931			$skew = 110;
932			$a_vip = &$config['virtualip']['vip'];
933			if(is_array($a_vip)) {
934			foreach ($a_vip as $vipent) {
935			if($intv6 == $real_dhcpv6if) {
936			/* this is the interface! */
937			if(is_numeric($vipent['advskew']) && ($vipent['advskew'] < "20"))
938			$skew = 0;
939			}
940			}
941			} else {
942			log_error("Warning! DHCPv6 Failover setup and no CARP virtual IPv6's defined!");
943			}
944			if($skew > 10) {
945			$typev6 = "secondary";
946			$dhcpdv6conf_pri = "mclt 600;\n";
947			$my_portv6 = "520";
948			$peer_portv6 = "519";
949			} else {
950			$my_portv6 = "519";
951			$peer_portv6 = "520";
952			$typev6 = "primary";
953			$dhcpdv6conf_pri = "split 128;\n";
954			$dhcpdv6conf_pri .= " mclt 600;\n";
955			}
956			$dhcpdv6conf .= <<<EOPP
957			failover peer "dhcpv6{$dhcpv6num}" {
958			{$typev6};
959			address {$intipv6};
960			port {$my_portv6};
961			peer address {$dhcpv6ifconf['failover_peerip']};
962			peer port {$peer_portv6};
963			max-response-delay 10;
964			max-unacked-updates 10;
965			{$dhcpdv6conf_pri}
966			load balance max seconds 3;
967			}
968
969			EOPP;
970			$dhcpv6num++;
971			}
972			}
973
974	693833cb	Seth Mos	$dhcpv6num = 0;
975			foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) {
976
977			$ifcfgv6 = $config['interfaces'][$dhcpv6if];
978
979			if (!isset($dhcpv6ifconf['enable']) \|\| !isset($Iflist[$dhcpv6if]))
980			continue;
981			$ifcfgipv6 = get_interface_ipv6($dhcpv6if);
982			$ifcfgsnv6 = get_interface_subnetv6($dhcpv6if);
983	d57293a4	Seth Mos	$subnetv6 = gen_subnetv6($ifcfgipv6, $ifcfgsnv6);
984			$subnetmaskv6 = gen_subnet_mask($ifcfgsnv6);
985	693833cb	Seth Mos
986			if($is_olsr_enabled == true)
987			if($dhcpv6ifconf['netmask'])
988	bfb3e717	Seth Mos	$subnetmask = gen_subnet_maskv6($dhcpv6ifconf['netmask']);
989	693833cb	Seth Mos
990			$dnscfgv6 = "";
991
992			if ($dhcpv6ifconf['domain']) {
993	3c009080	Seth Mos	$dnscfgv6 .= " option domain-name \"{$dhcpv6ifconf['domain']}\";\n";
994	693833cb	Seth Mos	}
995	107e8acc	Ovidiu Predescu
996	693833cb	Seth Mos	if($dhcpv6ifconf['domainsearchlist'] <> "") {
997	a3de8b9e	Pierre POMES	$dnscfgv6 .= " option domain-search \"" . join("\",\"", preg_split("/[ ;]+/", $dhcpv6ifconf['domainsearchlist'])) . "\";\n";
998	693833cb	Seth Mos	}
999
1000			if (isset($dhcpv6ifconf['ddnsupdate'])) {
1001			if($dhcpv6ifconf['ddnsdomain'] <> "") {
1002	3c009080	Seth Mos	$dnscfgv6 .= " ddns-domainname \"{$dhcpv6ifconf['ddnsdomain']}\";\n";
1003	693833cb	Seth Mos	}
1004	3c009080	Seth Mos	$dnscfgv6 .= " ddns-update-style interim;\n";
1005	693833cb	Seth Mos	}
1006
1007			if (is_array($dhcpv6ifconf['dnsserver']) && ($dhcpv6ifconf['dnsserver'][0])) {
1008			$dnscfgv6 .= " option dhcp6.name-servers " . join(",", $dhcpv6ifconf['dnsserver']) . ";";
1009			} else if (isset($config['dnsmasq']['enable'])) {
1010			$dnscfgv6 .= " option dhcp6.name-servers {$ifcfgipv6};";
1011			} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
1012	2521266a	Seth Mos	$dns_arrv6 = array();
1013			foreach($syscfg['dnsserver'] as $dnsserver) {
1014			if(is_ipaddrv6($dnsserver)) {
1015			$dns_arrv6[] = $dnsserver;
1016			}
1017			}
1018			if(!empty($dns_arrv6))
1019	2816c5a1	Seth Mos	$dnscfgv6 .= " option dhcp6.name-servers " . join(",", $dns_arrv6) . ";";
1020	693833cb	Seth Mos	}
1021
1022			$subnet6 = Net_IPv6::compress(gen_subnetv6($ifcfgipv6, $ifcfgsnv6));
1023			$dhcpdv6conf .= "subnet6 {$subnet6}/{$ifcfgsnv6} {\n";
1024
1025			if($dhcpv6ifconf['failover_peerip'] <> "")
1026			$dhcpdv6conf .= " deny dynamic bootp clients;\n";
1027
1028			if (isset($dhcpv6ifconf['denyunknown']))
1029	d5bff5e4	Chris Buechler	$dhcpdv6conf .= " deny unknown-clients;\n";
1030	693833cb	Seth Mos
1031			if($dhcpv6ifconf['failover_peerip'] <> "") {
1032			$dhcpdv6conf .= " failover peer \"dhcpv6{$dhcpv6num}\";\n";
1033			$dhcpv6num++;
1034			}
1035
1036			$dhcpdv6conf .= <<<EOD
1037			range6 {$dhcpv6ifconf['range']['from']} {$dhcpv6ifconf['range']['to']};
1038			$dnscfgv6
1039
1040			EOD;
1041	bfb3e717	Seth Mos
1042			if(is_ipaddrv6($dhcpv6ifconf['prefixrange']['from']) && is_ipaddrv6($dhcpv6ifconf['prefixrange']['to'])) {
1043	3f9492a7	Seth Mos	$dhcpdv6conf .= " prefix6 {$dhcpv6ifconf['prefixrange']['from']} {$dhcpv6ifconf['prefixrange']['to']}/{$dhcpv6ifconf['prefixrange']['prefixlength']};\n";
1044	bfb3e717	Seth Mos
1045			}
1046	693833cb	Seth Mos	// default-lease-time
1047			if ($dhcpv6ifconf['defaultleasetime'])
1048			$dhcpdv6conf .= " default-lease-time {$dhcpv6ifconf['defaultleasetime']};\n";
1049
1050			// max-lease-time
1051			if ($dhcpv6ifconf['maxleasetime'])
1052			$dhcpdv6conf .= " max-lease-time {$dhcpv6ifconf['maxleasetime']};\n";
1053
1054			// ntp-servers
1055	4096fe5d	smos	if (is_array($dhcpv6ifconf['ntpserver']) && $dhcpv6ifconf['ntpserver'][0]) {
1056			$ntpservers = array();
1057			foreach($dhcpv6ifconf['ntpserver'] as $ntpserver) {
1058			if(is_ipaddrv6($ntpserver))
1059			$ntpservers[] = $ntpserver;
1060			}
1061			if(count($ntpservers) > 0 )
1062			$dhcpdv6conf .= " option dhcp6.sntp-servers " . join(",", $dhcpv6ifconf['ntpserver']) . ";\n";
1063			}
1064	693833cb	Seth Mos	// tftp-server-name
1065	7d504365	smos	/* Needs ISC DHCPD support
1066			if ($dhcpv6ifconf['tftp'] <> "")
1067	693833cb	Seth Mos	$dhcpdv6conf .= " option tftp-server-name \"{$dhcpv6ifconf['tftp']}\";\n";
1068	7d504365	smos	*/
1069	693833cb	Seth Mos
1070			// Handle option, number rowhelper values
1071			$dhcpdv6conf .= "\n";
1072			if($dhcpv6ifconf['numberoptions']['item']) {
1073			foreach($dhcpv6ifconf['numberoptions']['item'] as $itemv6idx => $itemv6) {
1074			$dhcpdv6conf .= " option custom-{$dhcpv6if}-{$itemv6idx} \"{$itemv6['value']}\";\n";
1075			}
1076			}
1077
1078			// ldap-server
1079			if ($dhcpv6ifconf['ldap'] <> "")
1080			$dhcpdv6conf .= " option ldap-server \"{$dhcpv6ifconf['ldap']}\";\n";
1081
1082			// net boot information
1083			if(isset($dhcpv6ifconf['netboot'])) {
1084	a2578c27	Anthony Wrather	if ($dhcpv6ifconf['nextserver'] <> "") {
1085			$dhcpdv6conf .= " next-server {$dhcpv6ifconf['nextserver']};\n";
1086			}
1087			if ($dhcpv6ifconf['filename'] <> "") {
1088	693833cb	Seth Mos	$dhcpdv6conf .= " filename \"{$dhcpv6ifconf['filename']}\";\n";
1089			}
1090			if ($dhcpv6ifconf['rootpath'] <> "") {
1091			$dhcpdv6conf .= " option root-path \"{$dhcpv6ifconf['rootpath']}\";\n";
1092			}
1093			}
1094	107e8acc	Ovidiu Predescu
1095	693833cb	Seth Mos	$dhcpdv6conf .= <<<EOD
1096			}
1097	a2578c27	Anthony Wrather
1098	693833cb	Seth Mos	EOD;
1099
1100			/* add static mappings */
1101	2fb056d8	Seth Mos	/* Needs to use DUID */
1102	693833cb	Seth Mos	if (is_array($dhcpv6ifconf['staticmap'])) {
1103
1104			$i = 0;
1105			foreach ($dhcpv6ifconf['staticmap'] as $sm) {
1106			$dhcpdv6conf .= <<<EOD
1107			host s_{$dhcpv6if}_{$i} {
1108	2fb056d8	Seth Mos	host-identifier option dhcp6.client-id {$sm['duid']};
1109	693833cb	Seth Mos
1110			EOD;
1111	2fb056d8	Seth Mos	if ($sm['ipaddrv6'])
1112			$dhcpdv6conf .= " fixed-address6 {$sm['ipaddrv6']};\n";
1113	693833cb	Seth Mos
1114			if ($sm['hostname']) {
1115			$dhhostname = str_replace(" ", "_", $sm['hostname']);
1116			$dhhostname = str_replace(".", "_", $dhhostname);
1117			$dhcpdv6conf .= " option host-name {$dhhostname};\n";
1118			}
1119	a2578c27	Anthony Wrather	if ($sm['filename'])
1120			$dhcpdv6conf .= " filename \"{$sm['filename']}\";\n";
1121
1122			if ($sm['rootpath'])
1123			$dhcpdv6conf .= " option root-path \"{$sm['rootpath']}\";\n";
1124	693833cb	Seth Mos
1125			$dhcpdv6conf .= "}\n";
1126			$i++;
1127			}
1128			}
1129	107e8acc	Ovidiu Predescu
1130	fe838158	smos	if($config['dhcpdv6'][$dhcpv6if]['ramode'] <> "unmanaged") {
1131	656f1763	Seth Mos	$realif = escapeshellcmd(get_real_interface($dhcpv6if));
1132			$dhcpdv6ifs[] = $realif;
1133	d7bccf3c	Seth Mos	exec("/sbin/ifconfig {$realif} \|awk '/ether/ {print $2}'", $mac);
1134			$v6address = generate_ipv6_from_mac($mac[0]);
1135	656f1763	Seth Mos	/* Create link local address for bridges */
1136			if(stristr("$realif", "bridge")) {
1137	d7bccf3c	Seth Mos	mwexec("/sbin/ifconfig {$realif} inet6 {$v6address}");
1138	656f1763	Seth Mos	}
1139	de140730	Seth Mos	}
1140	693833cb	Seth Mos	}
1141
1142			fwrite($fdv6, $dhcpdv6conf);
1143			fclose($fdv6);
1144	928d4416	Ermal	unset($dhcpdv6conf);
1145
1146	693833cb	Seth Mos	/* create an empty leases v6 database */
1147			touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases");
1148	107e8acc	Ovidiu Predescu
1149	68a0e4fc	Scott Ullrich	/* fire up dhcpd in a chroot */
1150	2a1bd027	Seth Mos	if(count($dhcpdv6ifs) > 0) {
1151	2fb056d8	Seth Mos	mwexec("/usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpdv6.conf -pf {$g['varrun_path']}/dhcpdv6.pid " .
1152	2a1bd027	Seth Mos	join(" ", $dhcpdv6ifs));
1153	d48ed103	smos	mwexec("/usr/local/sbin/dhcpleases6 -c \"/usr/local/bin/php -f /usr/local/sbin/prefixes.php\|/bin/sh\" -l {$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases");
1154	2a1bd027	Seth Mos	}
1155	d57293a4	Seth Mos
1156	fc6b5a4d	Scott Ullrich	if ($g['booting']) {
1157	f1a44a3a	Carlos Eduardo Ramos	print gettext("done.") . "\n";
1158	5c6d0f65	Colin Smith	}
1159	a25183c5	Scott Ullrich
1160	5b237745	Scott Ullrich	return 0;
1161			}
1162
1163	41997fbb	Ermal Luci	function services_igmpproxy_configure() {
1164			global $config, $g;
1165
1166			/* kill any running igmpproxy */
1167			killbyname("igmpproxy");
1168
1169	f86f6fb2	bcyrill	if (!is_array($config['igmpproxy']['igmpentry']) \|\| (count($config['igmpproxy']['igmpentry']) == 0))
1170	41997fbb	Ermal Luci	return 1;
1171
1172	f206afb5	Ermal	$iflist = get_configured_interface_list();
1173
1174	41997fbb	Ermal Luci	$igmpconf = <<<EOD
1175
1176			##------------------------------------------------------
1177			## Enable Quickleave mode (Sends Leave instantly)
1178			##------------------------------------------------------
1179			quickleave
1180
1181			EOD;
1182
1183			foreach ($config['igmpproxy']['igmpentry'] as $igmpcf) {
1184			unset($iflist[$igmpcf['ifname']]);
1185			$realif = get_real_interface($igmpcf['ifname']);
1186			if (empty($igmpcf['threshold']))
1187			$threshld = 1;
1188			else
1189			$threshld = $igmpcf['threshold'];
1190			$igmpconf .= "phyint {$realif} {$igmpcf['type']} ratelimit 0 threshold {$threshld}\n";
1191
1192			if ($igmpcf['address'] <> "") {
1193			$item = explode(" ", $igmpcf['address']);
1194			foreach($item as $iww)
1195			$igmpconf .= "altnet {$iww}\n";
1196			}
1197			$igmpconf .= "\n";
1198			}
1199			foreach ($iflist as $ifn) {
1200			$realif = get_real_interface($ifn);
1201			$igmpconf .= "phyint {$realif} disabled\n";
1202			}
1203	3bae60be	Ermal	$igmpconf .= "\n";
1204	41997fbb	Ermal Luci
1205			$igmpfl = fopen($g['tmp_path'] . "/igmpproxy.conf", "w");
1206			if (!$igmpfl) {
1207	f1a44a3a	Carlos Eduardo Ramos	log_error(gettext("Could not write Igmpproxy configuration file!"));
1208	41997fbb	Ermal Luci	return;
1209			}
1210			fwrite($igmpfl, $igmpconf);
1211			fclose($igmpfl);
1212	928d4416	Ermal	unset($igmpconf);
1213	41997fbb	Ermal Luci
1214	928d4416	Ermal	mwexec("/usr/local/sbin/igmpproxy -c {$g['tmp_path']}/igmpproxy.conf");
1215	d372a32d	Chris Buechler	log_error(gettext("Started IGMP proxy service."));
1216	41997fbb	Ermal Luci
1217			return 0;
1218			}
1219
1220	5b237745	Scott Ullrich	function services_dhcrelay_configure() {
1221	f19d3b7a	Scott Ullrich	global $config, $g;
1222	7734aea6	Andrew Thompson	if ($g['platform'] == 'jail')
1223			return;
1224	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1225	acd910bf	Scott Ullrich	$mt = microtime();
1226	f19d3b7a	Scott Ullrich	echo "services_dhcrelay_configure() being called $mt\n";
1227	acd910bf	Scott Ullrich	}
1228	a25183c5	Scott Ullrich
1229	5b237745	Scott Ullrich	/* kill any running dhcrelay */
1230			killbypid("{$g['varrun_path']}/dhcrelay.pid");
1231	a25183c5	Scott Ullrich
1232	2f06cc3f	Ermal	$dhcrelaycfg =& $config['dhcrelay'];
1233	a25183c5	Scott Ullrich
1234	5b237745	Scott Ullrich	/* DHCPRelay enabled on any interfaces? */
1235	2f06cc3f	Ermal	if (!isset($dhcrelaycfg['enable']))
1236	5b237745	Scott Ullrich	return 0;
1237	a25183c5	Scott Ullrich
1238	5b237745	Scott Ullrich	if ($g['booting'])
1239	f1a44a3a	Carlos Eduardo Ramos	echo gettext("Starting DHCP relay service...");
1240	5b237745	Scott Ullrich	else
1241			sleep(1);
1242	a25183c5	Scott Ullrich
1243	2f06cc3f	Ermal	$iflist = get_configured_interface_list();
1244	a25183c5	Scott Ullrich
1245	2f06cc3f	Ermal	$dhcifaces = explode(",", $dhcrelaycfg['interface']);
1246			foreach ($dhcifaces as $dhcrelayif) {
1247			if (!isset($iflist[$dhcrelayif]) \|\|
1248			link_interface_to_bridge($dhcrelayif))
1249	5b237745	Scott Ullrich	continue;
1250	a25183c5	Scott Ullrich
1251	2f06cc3f	Ermal	if (is_ipaddr(get_interface_ip($dhcrelayif)))
1252			$dhcrelayifs[] = get_real_interface($dhcrelayif);
1253	5b237745	Scott Ullrich	}
1254
1255	107e8acc	Ovidiu Predescu	/*
1256	2f06cc3f	Ermal	* In order for the relay to work, it needs to be active
1257			* on the interface in which the destination server sits.
1258			*/
1259			$srvips = explode(",", $dhcrelaycfg['server']);
1260			foreach ($srvips as $srcidx => $srvip) {
1261			unset($destif);
1262			foreach ($iflist as $ifname) {
1263			$subnet = get_interface_ip($ifname);
1264			if (!is_ipaddr($subnet))
1265			continue;
1266			$subnet .= "/" . get_interface_subnet($ifname);
1267			if (ip_in_subnet($srvip, $subnet)) {
1268			$destif = get_real_interface($ifname);
1269			break;
1270			}
1271	6f9b154b	Ermal	}
1272	2f06cc3f	Ermal	if (!isset($destif)) {
1273	f898c1a9	jim-p	foreach (get_staticroutes() as $rtent) {
1274			if (ip_in_subnet($srvip, $rtent['network'])) {
1275			$a_gateways = return_gateways_array(true);
1276			$destif = $a_gateways[$rtent['gateway']]['interface'];
1277			break;
1278	6f9b154b	Ermal	}
1279			}
1280			}
1281	a25183c5	Scott Ullrich
1282	2f06cc3f	Ermal	if (!isset($destif)) {
1283			/* Create a array from the existing route table */
1284			exec("/usr/bin/netstat -rnWf inet", $route_str);
1285			array_shift($route_str);
1286			array_shift($route_str);
1287			array_shift($route_str);
1288			array_shift($route_str);
1289			$route_arr = array();
1290			foreach($route_str as $routeline) {
1291			$items = preg_split("/[ ]+/i", $routeline);
1292			if (ip_in_subnet($srvip, $items[0])) {
1293	5e80046a	Ermal	$destif = trim($items[6]);
1294	c935eb77	Ermal	break;
1295	2f06cc3f	Ermal	}
1296			}
1297			}
1298	107e8acc	Ovidiu Predescu
1299	2f06cc3f	Ermal	if (!isset($destif)) {
1300			if (is_array($config['gateways']['gateway_item'])) {
1301			foreach ($config['gateways']['gateway_item'] as $gateway) {
1302			if (isset($gateway['defaultgw'])) {
1303			$a_gateways = return_gateways_array(true);
1304			$destif = $a_gateways[$rtent['gateway']]['interface'];
1305			break;
1306	107e8acc	Ovidiu Predescu	}
1307	2f06cc3f	Ermal	}
1308			} else
1309			$destif = get_real_interface("wan");
1310			}
1311	a25183c5	Scott Ullrich
1312	24997966	Ermal	if (!empty($destif))
1313			$dhcrelayifs[] = $destif;
1314	2f06cc3f	Ermal	}
1315	5b237745	Scott Ullrich	$dhcrelayifs = array_unique($dhcrelayifs);
1316
1317			/* fire up dhcrelay */
1318	24997966	Ermal	if (empty($dhcrelayifs)) {
1319	5a171fb7	Warren Baker	log_error("No suitable interface found for running dhcrelay!");
1320	24997966	Ermal	return; /* XXX */
1321			}
1322
1323			$cmd = "/usr/local/sbin/dhcrelay -i " . implode(" -i ", $dhcrelayifs);
1324	5b237745	Scott Ullrich
1325	a25183c5	Scott Ullrich	if (isset($dhcrelaycfg['agentoption']))
1326	5b237745	Scott Ullrich	$cmd .= " -a -m replace";
1327
1328	2f06cc3f	Ermal	$cmd .= " " . implode(" ", $srvips);
1329	5b237745	Scott Ullrich	mwexec($cmd);
1330	928d4416	Ermal	unset($cmd);
1331	a25183c5	Scott Ullrich
1332	5b237745	Scott Ullrich	return 0;
1333			}
1334
1335	b7a15cf8	Seth Mos	function services_dhcrelay6_configure() {
1336			global $config, $g;
1337			if ($g['platform'] == 'jail')
1338			return;
1339			if(isset($config['system']['developerspew'])) {
1340			$mt = microtime();
1341			echo "services_dhcrelay_configure() being called $mt\n";
1342			}
1343
1344			/* kill any running dhcrelay */
1345			killbypid("{$g['varrun_path']}/dhcrelay6.pid");
1346
1347			$dhcrelaycfg =& $config['dhcrelay6'];
1348
1349			/* DHCPv6 Relay enabled on any interfaces? */
1350			if (!isset($dhcrelaycfg['enable']))
1351			return 0;
1352
1353			if ($g['booting'])
1354			echo gettext("Starting DHCPv6 relay service...");
1355			else
1356			sleep(1);
1357
1358			$iflist = get_configured_interface_list();
1359
1360			$dhcifaces = explode(",", $dhcrelaycfg['interface']);
1361			foreach ($dhcifaces as $dhcrelayif) {
1362			if (!isset($iflist[$dhcrelayif]) \|\|
1363			link_interface_to_bridge($dhcrelayif))
1364			continue;
1365
1366			if (is_ipaddrv6(get_interface_ipv6($dhcrelayif)))
1367			$dhcrelayifs[] = get_real_interface($dhcrelayif);
1368			}
1369	69dd7088	Michael Tharp	$dhcrelayifs = array_unique($dhcrelayifs);
1370	b7a15cf8	Seth Mos
1371	107e8acc	Ovidiu Predescu	/*
1372	b7a15cf8	Seth Mos	* In order for the relay to work, it needs to be active
1373			* on the interface in which the destination server sits.
1374			*/
1375			$srvips = explode(",", $dhcrelaycfg['server']);
1376	69dd7088	Michael Tharp	$srvifaces = array();
1377	b7a15cf8	Seth Mos	foreach ($srvips as $srcidx => $srvip) {
1378			unset($destif);
1379			foreach ($iflist as $ifname) {
1380			$subnet = get_interface_ipv6($ifname);
1381			if (!is_ipaddrv6($subnet))
1382			continue;
1383			$subnet .= "/" . get_interface_subnetv6($ifname);
1384			if (ip_in_subnet($srvip, $subnet)) {
1385			$destif = get_real_interface($ifname);
1386			break;
1387			}
1388			}
1389			if (!isset($destif)) {
1390			if (is_array($config['staticroutes']['route'])) {
1391			foreach ($config['staticroutes']['route'] as $rtent) {
1392			if (ip_in_subnet($srvip, $rtent['network'])) {
1393			$a_gateways = return_gateways_array(true);
1394			$destif = $a_gateways[$rtent['gateway']]['interface'];
1395			break;
1396			}
1397			}
1398			}
1399			}
1400
1401			if (!isset($destif)) {
1402			/* Create a array from the existing route table */
1403			exec("/usr/bin/netstat -rnWf inet6", $route_str);
1404			array_shift($route_str);
1405			array_shift($route_str);
1406			array_shift($route_str);
1407			array_shift($route_str);
1408			$route_arr = array();
1409			foreach($route_str as $routeline) {
1410			$items = preg_split("/[ ]+/i", $routeline);
1411			if (ip_in_subnet($srvip, $items[0])) {
1412			$destif = trim($items[6]);
1413			break;
1414			}
1415			}
1416			}
1417	107e8acc	Ovidiu Predescu
1418	b7a15cf8	Seth Mos	if (!isset($destif)) {
1419			if (is_array($config['gateways']['gateway_item'])) {
1420			foreach ($config['gateways']['gateway_item'] as $gateway) {
1421			if (isset($gateway['defaultgw'])) {
1422			$a_gateways = return_gateways_array(true);
1423			$destif = $a_gateways[$rtent['gateway']]['interface'];
1424			break;
1425	107e8acc	Ovidiu Predescu	}
1426	b7a15cf8	Seth Mos	}
1427			} else
1428			$destif = get_real_interface("wan");
1429			}
1430
1431	69dd7088	Michael Tharp	if (!empty($destif)) {
1432			$srvifaces[] = "{$srvip}%{$destif}";
1433			}
1434	b7a15cf8	Seth Mos	}
1435
1436			/* fire up dhcrelay */
1437	69dd7088	Michael Tharp	if (empty($dhcrelayifs) \|\| empty($srvifaces) ) {
1438	b7a15cf8	Seth Mos	log_error("No suitable interface found for running dhcrelay -6!");
1439			return; /* XXX */
1440			}
1441
1442	69dd7088	Michael Tharp	$cmd = "/usr/local/sbin/dhcrelay -6 -pf \"{$g['varetc_path']}/dhcrelay6.pid\"";
1443			foreach ($dhcrelayifs as $dhcrelayif) {
1444			$cmd .= " -l {$dhcrelayif}";
1445			}
1446			foreach ($srvifaces as $srviface) {
1447			$cmd .= " -u \"{$srviface}\"";
1448			}
1449	b7a15cf8	Seth Mos	mwexec($cmd);
1450	928d4416	Ermal	unset($cmd);
1451	b7a15cf8	Seth Mos
1452			return 0;
1453			}
1454
1455	181d7c95	Ermal Luçi	function services_dyndns_configure_client($conf) {
1456
1457	d2946062	Ermal	if (!isset($conf['enable']))
1458	65996399	Ermal	return;
1459	d2946062	Ermal
1460	181d7c95	Ermal Luçi	/* load up the dyndns.class */
1461			require_once("dyndns.class");
1462
1463			$dns = new updatedns($dnsService = $conf['type'],
1464			$dnsHost = $conf['host'],
1465			$dnsUser = $conf['username'],
1466			$dnsPass = $conf['password'],
1467			$dnsWilcard = $conf['wildcard'],
1468	107e8acc	Ovidiu Predescu	$dnsMX = $conf['mx'],
1469	f3b2b2a4	Yehuda Katz	$dnsIf = "{$conf['interface']}",
1470			$dnsBackMX = NULL,
1471			$dnsServer = NULL,
1472			$dnsPort = NULL,
1473	37f3e704	Matt Corallo	$dnsUpdateURL = "{$conf['updateurl']}",
1474	cd132e86	Edson Brandi	$forceUpdate = $conf['force'],
1475			$dnsZoneID=$conf['zoneid'],
1476	37f3e704	Matt Corallo	$dnsTTL=$conf['ttl'],
1477			$dnsResultMatch = "{$conf['resultmatch']}",
1478			$dnsRequestIf = "{$conf['requestif']}",
1479			$dnsID = "{$conf['id']}");
1480	181d7c95	Ermal Luçi	}
1481
1482	0be93267	Ermal Lu?i	function services_dyndns_configure($int = "") {
1483	f19d3b7a	Scott Ullrich	global $config, $g;
1484	59a63553	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1485			$mt = microtime();
1486			echo "services_dyndns_configure() being called $mt\n";
1487			}
1488
1489	67ee1ec5	Ermal Luçi	$dyndnscfg = $config['dyndnses']['dyndns'];
1490	017817c2	smos	$gwgroups = return_gateway_groups_array();
1491	67ee1ec5	Ermal Luçi	if (is_array($dyndnscfg)) {
1492	107e8acc	Ovidiu Predescu	if ($g['booting'])
1493	f1a44a3a	Carlos Eduardo Ramos	echo gettext("Starting DynDNS clients...");
1494	181d7c95	Ermal Luçi
1495	67ee1ec5	Ermal Luçi	foreach ($dyndnscfg as $dyndns) {
1496	768eb89c	smos	$failovergroup = interface_gateway_group_member($int);
1497	017817c2	smos	if (!empty($int) && $int == $dyndns['interface']) {
1498	768eb89c	smos	services_dyndns_configure_client($dyndns);
1499			sleep(1);
1500	017817c2	smos	} elseif (is_array($gwgroups[$dyndns['interface']])){
1501			services_dyndns_configure_client($dyndns);
1502			sleep(1);
1503	768eb89c	smos	} else {
1504	0be93267	Ermal Lu?i	continue;
1505	768eb89c	smos	}
1506	67ee1ec5	Ermal Luçi	}
1507	59a63553	Scott Ullrich
1508			if ($g['booting'])
1509	f1a44a3a	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1510	59a63553	Scott Ullrich	}
1511
1512			return 0;
1513			}
1514
1515	5b237745	Scott Ullrich	function services_dnsmasq_configure() {
1516	f19d3b7a	Scott Ullrich	global $config, $g;
1517	6a01ea44	Bill Marquette	$return = 0;
1518	107e8acc	Ovidiu Predescu
1519	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1520	acd910bf	Scott Ullrich	$mt = microtime();
1521	f19d3b7a	Scott Ullrich	echo "services_dnsmasq_configure() being called $mt\n";
1522	acd910bf	Scott Ullrich	}
1523
1524	5b237745	Scott Ullrich	/* kill any running dnsmasq */
1525	d224df18	Ermal	if (file_exists("{$g['varrun_path']}/dnsmasq.pid"))
1526			sigkillbypid("{$g['varrun_path']}/dnsmasq.pid", "TERM");
1527	5b237745	Scott Ullrich
1528			if (isset($config['dnsmasq']['enable'])) {
1529	a25183c5	Scott Ullrich
1530	5b237745	Scott Ullrich	if ($g['booting'])
1531	f1a44a3a	Carlos Eduardo Ramos	echo gettext("Starting DNS forwarder...");
1532	5b237745	Scott Ullrich	else
1533			sleep(1);
1534
1535			/* generate hosts file */
1536	6a01ea44	Bill Marquette	if(system_hosts_generate()!=0)
1537			$return = 1;
1538	a25183c5	Scott Ullrich
1539	5b237745	Scott Ullrich	$args = "";
1540	a25183c5	Scott Ullrich
1541	0261381a	Ermal	if (isset($config['dnsmasq']['regdhcp'])) {
1542			$args .= " --dhcp-hostsfile={$g['varetc_path']}/hosts ";
1543			}
1544	107e8acc	Ovidiu Predescu
1545	2c46f11f	Scott Ullrich	/* Setup forwarded domains */
1546	739b97d9	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
1547			foreach($config['dnsmasq']['domainoverrides'] as $override) {
1548			$args .= ' --server=/' . $override['domain'] . '/' . $override['ip'];
1549			}
1550			}
1551	0c2b5df7	Scott Ullrich
1552	2c46f11f	Scott Ullrich	/* Allow DNS Rebind for forwarded domains */
1553	29721fe6	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
1554	30d20e7d	Scott Ullrich	if(!isset($config['system']['webgui']['nodnsrebindcheck'])) {
1555			foreach($config['dnsmasq']['domainoverrides'] as $override) {
1556			$args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ ';
1557			}
1558	2c46f11f	Scott Ullrich	}
1559			}
1560	91adc5c1	Scott Ullrich
1561	30d20e7d	Scott Ullrich	if(!isset($config['system']['webgui']['nodnsrebindcheck']))
1562			$dns_rebind = "--rebind-localhost-ok --stop-dns-rebind";
1563
1564	8f9bffbc	Andrew Thompson	if ($config['dnsmasq']['custom_options']) {
1565			foreach (preg_split('/\s+/', $config['dnsmasq']['custom_options']) as $c)
1566	3d749ab3	Andrew Thompson	$args .= " --$c";
1567	8f9bffbc	Andrew Thompson	}
1568
1569	5b237745	Scott Ullrich	/* run dnsmasq */
1570	923d15bf	Warren Baker	mwexec_bg("/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}");
1571	928d4416	Ermal	unset($args);
1572	5b237745	Scott Ullrich
1573			if ($g['booting'])
1574	f1a44a3a	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1575	5b237745	Scott Ullrich	}
1576	a25183c5	Scott Ullrich
1577	5b237745	Scott Ullrich	if (!$g['booting']) {
1578	6a01ea44	Bill Marquette	if(services_dhcpd_configure()!=0)
1579			$return = 1;
1580	5b237745	Scott Ullrich	}
1581
1582	6a01ea44	Bill Marquette	return $return;
1583	5b237745	Scott Ullrich	}
1584
1585	8ff4e4d4	Warren Baker	function services_unbound_configure() {
1586			global $config, $g;
1587			$return = 0;
1588
1589			if(isset($config['system']['developerspew'])) {
1590			$mt = microtime();
1591			echo "services_unbound_configure() being called $mt\n";
1592			}
1593
1594			/* kill any running unbound */
1595			sigkillbypid("{$g['varrun_path']}/unbound.pid", "TERM");
1596
1597			if (isset($config['unbound']['enable'])) {
1598
1599			if ($g['booting'])
1600			echo "Starting Unbound DNS...";
1601			else
1602			sleep(1);
1603
1604	27bb6557	Warren Baker	/* Setup Unbound DHCP Chroot environment */
1605			$fd = fopen("{$g['tmp_path']}/unbound.sh","w");
1606			$status = `/sbin/mount \| /usr/bin/grep "{$g['unbound_chroot_path']}/dev"`;
1607			fwrite($fd, "mkdir -p {$g['unbound_chroot_path']}\n");
1608			fwrite($fd, "mkdir -p {$g['unbound_chroot_path']}/dev\n");
1609			fwrite($fd, "mkdir -p {$g['unbound_chroot_path']}/etc\n");
1610			if(!trim($status))
1611			fwrite($fd, "mount -t devfs devfs {$g['unbound_chroot_path']}/dev\n");
1612			fclose($fd);
1613			mwexec("/bin/sh {$g['tmp_path']}/unbound.sh");
1614
1615	8ff4e4d4	Warren Baker	/* generate Unbound config file */
1616			if(unbound_generate_config()!=0) {
1617			log_error("Problem generating Unbound configuration.");
1618			$return = 1;
1619			}
1620
1621			/* run Unbound */
1622	3f2e3bcf	Warren Baker	mwexec("/usr/local/sbin/unbound -c {$g['unbound_chroot_path']}/etc/unbound.conf");
1623	8ff4e4d4	Warren Baker
1624			if ($g['booting'])
1625			echo "done.\n";
1626			}
1627
1628			return $return;
1629			}
1630
1631	5b237745	Scott Ullrich	function services_snmpd_configure() {
1632	f19d3b7a	Scott Ullrich	global $config, $g;
1633	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1634	acd910bf	Scott Ullrich	$mt = microtime();
1635	f19d3b7a	Scott Ullrich	echo "services_snmpd_configure() being called $mt\n";
1636			}
1637	5b237745	Scott Ullrich
1638			/* kill any running snmpd */
1639			sigkillbypid("{$g['varrun_path']}/snmpd.pid", "TERM");
1640	dd18038e	Ermal	sleep(2);
1641	107e8acc	Ovidiu Predescu	if(is_process_running("bsnmpd"))
1642	a976fa82	Scott Ullrich	mwexec("/usr/bin/killall bsnmpd", true);
1643	5b237745	Scott Ullrich
1644			if (isset($config['snmpd']['enable'])) {
1645	a25183c5	Scott Ullrich
1646	5b237745	Scott Ullrich	if ($g['booting'])
1647	f1a44a3a	Carlos Eduardo Ramos	echo gettext("Starting SNMP daemon... ");
1648	5b237745	Scott Ullrich
1649			/* generate snmpd.conf */
1650			$fd = fopen("{$g['varetc_path']}/snmpd.conf", "w");
1651			if (!$fd) {
1652	f1a44a3a	Carlos Eduardo Ramos	printf(gettext("Error: cannot open snmpd.conf in services_snmpd_configure().%s"),"\n");
1653	5b237745	Scott Ullrich	return 1;
1654			}
1655	a25183c5	Scott Ullrich
1656	142da8f7	John Fleming
1657	5b237745	Scott Ullrich	$snmpdconf = <<<EOD
1658	d47a8a69	Scott Ullrich	location := "{$config['snmpd']['syslocation']}"
1659			contact := "{$config['snmpd']['syscontact']}"
1660			read := "{$config['snmpd']['rocommunity']}"
1661	142da8f7	John Fleming
1662			EOD;
1663
1664			/* No docs on what write strings do there for disable for now.
1665			if(isset($config['snmpd']['rwenable']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
1666			$snmpdconf .= <<<EOD
1667			# write string
1668			write := "{$config['snmpd']['rwcommunity']}"
1669
1670			EOD;
1671			}
1672			*/
1673
1674
1675			if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
1676			$snmpdconf .= <<<EOD
1677			# SNMP Trap support.
1678	dbeeb008	John Fleming	traphost := {$config['snmpd']['trapserver']}
1679			trapport := {$config['snmpd']['trapserverport']}
1680			trap := "{$config['snmpd']['trapstring']}"
1681	142da8f7	John Fleming
1682
1683			EOD;
1684			}
1685
1686
1687			$snmpdconf .= <<<EOD
1688	d47a8a69	Scott Ullrich	system := 1 # pfSense
1689			%snmpd
1690			begemotSnmpdDebugDumpPdus = 2
1691			begemotSnmpdDebugSyslogPri = 7
1692			begemotSnmpdCommunityString.0.1 = $(read)
1693	142da8f7	John Fleming
1694			EOD;
1695
1696			/* No docs on what write strings do there for disable for now.
1697			if(isset($config['snmpd']['rwcommunity']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
1698			$snmpdconf .= <<<EOD
1699			begemotSnmpdCommunityString.0.2 = $(write)
1700
1701			EOD;
1702			}
1703			*/
1704
1705	c7f44ae0	Scott Ullrich
1706	142da8f7	John Fleming	if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
1707			$snmpdconf .= <<<EOD
1708			begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
1709			begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
1710			begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
1711
1712			EOD;
1713			}
1714
1715
1716			$snmpdconf .= <<<EOD
1717	d47a8a69	Scott Ullrich	begemotSnmpdCommunityDisable = 1
1718	03ba7a0f	John Fleming
1719			EOD;
1720
1721	de5aec97	jim-p	if (isset($config['snmpd']['bindlan'])) {
1722			$config['snmpd']['bindip'] = 'lan';
1723			unset($config['snmpd']['bindlan']);
1724			}
1725	c82b2c3f	jim-p	$bind_to_ip = "0.0.0.0";
1726			if(isset($config['snmpd']['bindip'])) {
1727			if (is_ipaddr($config['snmpd']['bindip'])) {
1728			$bind_to_ip = $config['snmpd']['bindip'];
1729			} else {
1730			$if = get_real_interface($config['snmpd']['bindip']);
1731			if (does_interface_exist($if))
1732			$bind_to_ip = find_interface_ip($if);
1733			}
1734	7cbad422	Scott Ullrich	}
1735
1736	03ba7a0f	John Fleming	if(is_port( $config['snmpd']['pollport'] )) {
1737			$snmpdconf .= <<<EOD
1738	7cbad422	Scott Ullrich	begemotSnmpdPortStatus.{$bind_to_ip}.{$config['snmpd']['pollport']} = 1
1739	03ba7a0f	John Fleming
1740			EOD;
1741
1742			}
1743
1744			$snmpdconf .= <<<EOD
1745	d47a8a69	Scott Ullrich	begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
1746			begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4
1747	142da8f7	John Fleming
1748	03ba7a0f	John Fleming	# These are bsnmp macros not php vars.
1749	9cc8c59e	Scott Ullrich	sysContact = $(contact)
1750			sysLocation = $(location)
1751			sysObjectId = 1.3.6.1.4.1.12325.1.1.2.1.$(system)
1752	142da8f7	John Fleming
1753	d47a8a69	Scott Ullrich	snmpEnableAuthenTraps = 2
1754	03ba7a0f	John Fleming
1755			EOD;
1756
1757			if (is_array( $config['snmpd']['modules'] )) {
1758			if(isset($config['snmpd']['modules']['mibii'])) {
1759			$snmpdconf .= <<<EOD
1760	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."mibII" = "/usr/lib/snmp_mibII.so"
1761	03ba7a0f	John Fleming
1762			EOD;
1763			}
1764
1765			if(isset($config['snmpd']['modules']['netgraph'])) {
1766			$snmpdconf .= <<<EOD
1767	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
1768			%netgraph
1769			begemotNgControlNodeName = "snmpd"
1770	03ba7a0f	John Fleming
1771			EOD;
1772			}
1773
1774			if(isset($config['snmpd']['modules']['pf'])) {
1775			$snmpdconf .= <<<EOD
1776	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"
1777	95fb49e8	Seth Mos
1778			EOD;
1779			}
1780
1781			if(isset($config['snmpd']['modules']['hostres'])) {
1782			$snmpdconf .= <<<EOD
1783			begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
1784
1785			EOD;
1786			}
1787			if(isset($config['snmpd']['modules']['bridge'])) {
1788			$snmpdconf .= <<<EOD
1789			begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"
1790	d47a8a69	Scott Ullrich	# config must end with blank line
1791	5b237745	Scott Ullrich
1792			EOD;
1793	03ba7a0f	John Fleming	}
1794	671914b2	jim-p	if(isset($config['snmpd']['modules']['ucd'])) {
1795			$snmpdconf .= <<<EOD
1796			begemotSnmpdModulePath."ucd" = "/usr/local/lib/snmp_ucd.so"
1797
1798			EOD;
1799			}
1800			if(isset($config['snmpd']['modules']['regex'])) {
1801			$snmpdconf .= <<<EOD
1802			begemotSnmpdModulePath."regex" = "/usr/local/lib/snmp_regex.so"
1803
1804			EOD;
1805			}
1806	03ba7a0f	John Fleming	}
1807	5b237745	Scott Ullrich
1808			fwrite($fd, $snmpdconf);
1809			fclose($fd);
1810	928d4416	Ermal	unset($snmpdconf);
1811	5b237745	Scott Ullrich
1812	7cbad422	Scott Ullrich	if (isset($config['snmpd']['bindlan'])) {
1813			$bindlan = "";
1814			}
1815
1816	853e003a	Scott Ullrich	/* run bsnmpd */
1817			mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" .
1818	7cbad422	Scott Ullrich	"{$bindlan} -p {$g['varrun_path']}/snmpd.pid");
1819	5b237745	Scott Ullrich
1820			if ($g['booting'])
1821	f1a44a3a	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1822	5b237745	Scott Ullrich	}
1823
1824			return 0;
1825			}
1826
1827	2ec2a374	Ermal Lu?i	function services_dnsupdate_process($int = "") {
1828	f19d3b7a	Scott Ullrich	global $config, $g;
1829	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1830	acd910bf	Scott Ullrich	$mt = microtime();
1831	f19d3b7a	Scott Ullrich	echo "services_dnsupdate_process() being called $mt\n";
1832	acd910bf	Scott Ullrich	}
1833	f19d3b7a	Scott Ullrich
1834	a23d7248	Scott Ullrich	/* Dynamic DNS updating active? */
1835	67ee1ec5	Ermal Luçi	if (is_array($config['dnsupdates']['dnsupdate'])) {
1836			foreach ($config['dnsupdates']['dnsupdate'] as $i => $dnsupdate) {
1837	26586f7a	Ermal Lu?i	if (!isset($dnsupdate['enable']))
1838	2ec2a374	Ermal Lu?i	continue;
1839	26586f7a	Ermal Lu?i	if (!empty($int) && $int != $dnsupdate['interface'])
1840	67ee1ec5	Ermal Luçi	continue;
1841
1842	2ec2a374	Ermal Lu?i	/* determine interface name */
1843	26586f7a	Ermal Lu?i	$if = get_real_interface($dnsupdate['interface']);
1844			$wanip = get_interface_ip($dnsupdate['interface']);
1845	67ee1ec5	Ermal Luçi	if ($wanip) {
1846
1847			$keyname = $dnsupdate['keyname'];
1848			/* trailing dot */
1849			if (substr($keyname, -1) != ".")
1850			$keyname .= ".";
1851
1852			$hostname = $dnsupdate['host'];
1853			/* trailing dot */
1854			if (substr($hostname, -1) != ".")
1855			$hostname .= ".";
1856
1857			/* write private key file
1858			this is dumb - public and private keys are the same for HMAC-MD5,
1859			but nsupdate insists on having both */
1860			$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.private", "w");
1861	8ec0a8bc	jim-p	$privkey = <<<EOD
1862	a23d7248	Scott Ullrich	Private-key-format: v1.2
1863			Algorithm: 157 (HMAC)
1864	67ee1ec5	Ermal Luçi	Key: {$dnsupdate['keydata']}
1865	a23d7248	Scott Ullrich
1866			EOD;
1867	67ee1ec5	Ermal Luçi	fwrite($fd, $privkey);
1868			fclose($fd);
1869
1870			/* write public key file */
1871			if ($dnsupdate['keytype'] == "zone") {
1872			$flags = 257;
1873			$proto = 3;
1874			} else if ($dnsupdate['keytype'] == "host") {
1875			$flags = 513;
1876			$proto = 3;
1877			} else if ($dnsupdate['keytype'] == "user") {
1878			$flags = 0;
1879			$proto = 2;
1880			}
1881	c7f44ae0	Scott Ullrich
1882	26586f7a	Ermal Lu?i	$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.key", "w");
1883	67ee1ec5	Ermal Luçi	fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$dnsupdate['keydata']}\n");
1884			fclose($fd);
1885
1886			/* generate update instructions */
1887			$upinst = "";
1888			if (!empty($dnsupdate['server']))
1889			$upinst .= "server {$dnsupdate['server']}\n";
1890			$upinst .= "update delete {$dnsupdate['host']} A\n";
1891			$upinst .= "update add {$dnsupdate['host']} {$dnsupdate['ttl']} A {$wanip}\n";
1892			$upinst .= "\n"; /* mind that trailing newline! */
1893
1894	928d4416	Ermal	@file_put_contents("{$g['varetc_path']}/nsupdatecmds{$i}", $upinst);
1895	d77696d3	Erik Fonnesbeck	unset($upinst);
1896	67ee1ec5	Ermal Luçi
1897			/* invoke nsupdate */
1898	f6d0ad0f	Chris Buechler	$cmd = "/usr/bin/nsupdate -k {$g['varetc_path']}/K{$i}{$keyname}+157+00000.key";
1899	67ee1ec5	Ermal Luçi	if (isset($dnsupdate['usetcp']))
1900			$cmd .= " -v";
1901			$cmd .= " {$g['varetc_path']}/nsupdatecmds{$i}";
1902	107e8acc	Ovidiu Predescu
1903	67ee1ec5	Ermal Luçi	mwexec_bg($cmd);
1904	928d4416	Ermal	unset($cmd);
1905	67ee1ec5	Ermal Luçi	}
1906	a23d7248	Scott Ullrich	}
1907			}
1908	c7f44ae0	Scott Ullrich
1909	a23d7248	Scott Ullrich	return 0;
1910	5b237745	Scott Ullrich	}
1911
1912	1071e028	Scott Ullrich	/* configure cron service */
1913			function configure_cron() {
1914			global $g, $config;
1915	e7d3fc15	Ermal
1916	251ca022	Scott Ullrich	conf_mount_rw();
1917	1071e028	Scott Ullrich	/* preserve existing crontab entries */
1918	e7d3fc15	Ermal	$crontab_contents = file("/etc/crontab", FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
1919	107e8acc	Ovidiu Predescu
1920	e7d3fc15	Ermal	for ($i = 0; $i < count($crontab_contents); $i++) {
1921			$cron_item =& $crontab_contents[$i];
1922			if (strpos($cron_item, "# pfSense specific crontab entries") !== false) {
1923			array_splice($crontab_contents, $i - 1);
1924	1071e028	Scott Ullrich	break;
1925			}
1926			}
1927	e7d3fc15	Ermal	$crontab_contents = implode("\n", $crontab_contents) . "\n";
1928	107e8acc	Ovidiu Predescu
1929
1930	1071e028	Scott Ullrich	if (is_array($config['cron']['item'])) {
1931			$crontab_contents .= "#\n";
1932	f1a44a3a	Carlos Eduardo Ramos	$crontab_contents .= "# " . gettext("pfSense specific crontab entries") . "\n";
1933			$crontab_contents .= "# " .gettext( "Created:") . " " . date("F j, Y, g:i a") . "\n";
1934	1071e028	Scott Ullrich	$crontab_contents .= "#\n";
1935
1936			foreach ($config['cron']['item'] as $item) {
1937			$crontab_contents .= "\n{$item['minute']}\t";
1938			$crontab_contents .= "{$item['hour']}\t";
1939			$crontab_contents .= "{$item['mday']}\t";
1940			$crontab_contents .= "{$item['month']}\t";
1941			$crontab_contents .= "{$item['wday']}\t";
1942			$crontab_contents .= "{$item['who']}\t";
1943			$crontab_contents .= "{$item['command']}";
1944			}
1945	107e8acc	Ovidiu Predescu
1946	1071e028	Scott Ullrich	$crontab_contents .= "\n#\n";
1947	f1a44a3a	Carlos Eduardo Ramos	$crontab_contents .= "# " . gettext("If possible do not add items to this file manually.") . "\n";
1948			$crontab_contents .= "# " . gettext("If you do so, this file must be terminated with a blank line (e.g. new line)") . "\n";
1949	1071e028	Scott Ullrich	$crontab_contents .= "#\n\n";
1950			}
1951	107e8acc	Ovidiu Predescu
1952	1071e028	Scott Ullrich	/* please maintain the newline at the end of file */
1953			file_put_contents("/etc/crontab", $crontab_contents);
1954	c2d97111	Ermal	unset($crontab_contents);
1955	41d507a5	Scott Ullrich
1956			/* do a HUP kill to force sync changes */
1957	a147b1e0	jim-p	exec('/bin/pkill -HUP cron');
1958	41d507a5	Scott Ullrich
1959	6d6bca27	Ermal Lu?i	conf_mount_ro();
1960	1071e028	Scott Ullrich	}
1961
1962	431484c8	Ryan Wagoner	function upnp_action ($action) {
1963	aa6798c0	Scott Ullrich	global $g, $config;
1964	431484c8	Ryan Wagoner	switch($action) {
1965			case "start":
1966	c1ac2424	Ermal	if (file_exists('/var/etc/miniupnpd.conf')) {
1967			@unlink("{$g['varrun_path']}/miniupnpd.pid");
1968			mwexec_bg("/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf -P {$g['varrun_path']}/miniupnpd.pid");
1969			}
1970	431484c8	Ryan Wagoner	break;
1971			case "stop":
1972	c1ac2424	Ermal	killbypid("{$g['varrun_path']}/miniupnpd.pid");
1973	05c4bfa0	Ermal	while((int)exec("/bin/pgrep -a miniupnpd \| wc -l") > 0)
1974	73239086	Seth Mos	mwexec('killall miniupnpd 2>/dev/null', true);
1975	431484c8	Ryan Wagoner	mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null');
1976			mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null');
1977			break;
1978			case "restart":
1979			upnp_action('stop');
1980			upnp_action('start');
1981			break;
1982			}
1983			}
1984
1985	6f20377b	Scott Ullrich	function upnp_start() {
1986	dcc897e5	Ermal	global $config;
1987	0c331f1e	Ermal Lu?i
1988			if(!isset($config['installedpackages']['miniupnpd']['config']))
1989			return;
1990
1991	431484c8	Ryan Wagoner	if($config['installedpackages']['miniupnpd']['config'][0]['enable']) {
1992	54bdff75	Vinicius Coque	echo gettext("Starting UPnP service... ");
1993	dcc897e5	Ermal	require_once('/usr/local/pkg/miniupnpd.inc');
1994			sync_package_miniupnpd();
1995			echo "done.\n";
1996	6f20377b	Scott Ullrich	}
1997			}
1998
1999	85405c11	jim-p	function install_cron_job($command, $active=false, $minute="0", $hour="", $monthday="", $month="", $weekday="", $who="root") {
2000			global $config, $g;
2001
2002			$is_installed = false;
2003
2004	c2d97111	Ermal	if (!is_array($config['cron']))
2005			$config['cron'] = array();
2006			if (!is_array($config['cron']['item']))
2007			$config['cron']['item'] = array();
2008	85405c11	jim-p
2009			$x=0;
2010			foreach($config['cron']['item'] as $item) {
2011			if(strstr($item['command'], $command)) {
2012			$is_installed = true;
2013			break;
2014			}
2015			$x++;
2016			}
2017
2018			if($active) {
2019			$cron_item = array();
2020			$cron_item['minute'] = $minute;
2021			$cron_item['hour'] = $hour;
2022			$cron_item['mday'] = $monthday;
2023			$cron_item['month'] = $month;
2024			$cron_item['wday'] = $weekday;
2025			$cron_item['who'] = $who;
2026			$cron_item['command'] = $command;
2027			if(!$is_installed) {
2028			$config['cron']['item'][] = $cron_item;
2029	f1a44a3a	Carlos Eduardo Ramos	write_config(sprintf(gettext("Installed cron job for %s"), $command));
2030	85405c11	jim-p	} else {
2031			$config['cron']['item'][$x] = $cron_item;
2032	f1a44a3a	Carlos Eduardo Ramos	write_config(sprintf(gettext("Updated cron job for %s"), $command));
2033	85405c11	jim-p	}
2034			} else {
2035			if(($is_installed == true) && ($x > 0)) {
2036			unset($config['cron']['item'][$x]);
2037	f1a44a3a	Carlos Eduardo Ramos	write_config(sprintf(gettext("Remvoed cron job for %s"), $command));
2038	85405c11	jim-p	}
2039			}
2040			configure_cron();
2041			}
2042
2043	693833cb	Seth Mos	?>

Project

General

Profile

pfSense